Talk:Steganography

Archive: /Archive 1

Fact Checking - Ancient Wax Tablets

Several facts about the wax tablets sent after the battle of Thermopylae were wrong in the article. The tablets were not sent to Xerxes but from Demaratus to Greece. In fact Xerxes was King of the Persians, the very person Demaratus didn't want to learn about the hidden message. Also according to Herodotus, nothing was written in the wax poured on top of the hidden message. I think this fact is often ignored to make the story a more convenient example of early steganography. I had to go to the original source, Polymnia by Herodotus, to scrounge up what really happened. Wikipidia wasn't the only place I looked with the wrong facts on this point. I have a book on cryptography in front of me right now that states the tablets were sent to King Leonidas. Leonidas was dead when the tablets were sent! Here's a link to the appropriate page in Polymnia.

--Takaitra 01:01, 5 March 2006 (UTC)

Removed sentence

Effective detection of steganographically encoded materials in communications intercepts between suspected terrorists is therefore extremely important, but very complicated, as we will see below.

I removed this sentence as it appeared completely out of place following a lengthy tract on showing that there is no actual evidience for Al Quaeda use of steganography. Refdoc 23:38, 8 March 2006 (UTC)

Evening Courier

The article mentions Il Corriere della Sera as an Italian tabloid newspaper. The paper is in fact a somewhat high-brow broadsheet.

Also, the article states that an item of news reported in this newspaper was not confirmed by any reputable Italian newspaper. There is a debatable implication there to the effect that Il Corriere della Sera is not reputable. Given that Il Corriere della Sera is generally considered one of Italy's more serious and less biassed newspapers, and given that it has the second-highest distribution of all newspapers in Italy, it might be worth considering an adjustment to the paragraph in question.

(More info on the paper here: http://en.wikipedia.org/wiki/Il_Corriere_della_sera )

--Croc996 00:25, 26 March 2006 (UTC)

GA failed

For these reasons:

• See WP:LEAD as the present lead section doesn't summarize the article but gives insight into etymology.
• 2 references is not enough.
• This section would be better if transformed into prose.
• The external links through the text should be transformed into inline citations. See WP:FOOT.

Lincher 00:23, 11 June 2006 (UTC)

No better photos?

The picture for Pike's Peak is poor. Doesn't anyone have any better shots?

Steganography + Crypto

Is it worth adding a discussion of how to do encrypted steganography? In particular, this ought to escape detection. In the case of the photo, with the cat/trees, what you do instead is:

1)Take your plaintext (cat). 2)Add error-checking 3)Compress it (to make the data look random) - and to save space 4)Encrypt it. (the resulting data should now look very-nearly like random noise) 5)Replace the least-significant 2 bits of the tree image.

At this point, we should have a steganographic file, which will not draw attention to itself, which will probably (depending on randomness of step 4) escape detection even if it is suspected, and which even if it is discovered to be steganographic, cannot (hopefully) be unencrypted.

1. Encrypting can certainly be an additional useful step, in that it prevents total disaster if the message is detected. But it is not necessarily true that the near-random distribution of bits found in modern digital ciphertexts will be harder to detect. Your step 5) can be generalised to "map the hidden message to the covertext in such a way as to minimise changes in its statistical properties". If the LSBs of the image are not as random as a ciphertext -- as is usually the case -- then it is not impossible that encrypting first will actually increase detectability. The continued study of steganography of course looks at mapping methods which minimise these changes for various types of input texts, and for some combinations of methods and covertexts it might happen that a very random stegotext is optimal. But probably not for this method.
2. In general, if you are going to add ECC you need to do them after encryption. Most encryption methods, and all compression methods of which I am aware, expand errors; so if an error occurs in transmission, the message will decrypt with a lot of junk, decompress with even more (if it decompresses at all) and then there will be too much garbage for the ECC to be able to salvage anything. Of course if you do ECC after encryption that then adds structure to the message which might make steganography harder; but there doesn't seem to be much point doing it the other way. -- Securiger 06:17, 2 August 2006 (UTC)

The above proposed technique is incredibly weak against statistical analysis and can be blindly detected on single image. You've replaced the least significant bits with uniform random data, yet the original LSB were not uniform random data (if they were, we might as well not store and transmit them as they'd be conveying nothing useful). There are more complicated techniques which attempt to preserve the overall statistical properties by flipping even more bits, but these too are highly vulnerable to simple *linear* analysis through tools like Stegdetect. The current state of the art in undetectable digital steganography is the technique of Perturbed Quantization of J. Fridrich (a free software implementation exists [1]).--Gmaxwell (talk) 02:46, 11 April 2009 (UTC)

Keyboards that talk IP!

Removed bogus "technique". This doesn't even sound plausible; removed for now. Viral keyboard firmware which can transmit data over a network? It's not even April 1st! Come on guys, let's sanity check out facts before making edits... If anyone would like to reinstate, please include suitable citations!

This was done at USENIX this year: https://db.usenix.org/events/sec06/tech/shah/shah_html/index.html

Lunkwill 21:29, 12 August 2006 (UTC)

Camera/Shy and Hacktivismo

Should Camera/Shy, a steganography program dedicated towards allowing users in censored countries to access censored material be added, or does this violate some WP policy? If I don't get a response soon I'll post up a bit on it.

Isn't that encouraging people not to reply? I've looked up Camera/Shy and you might want to use the following link: Camera/Shy Perhaps in the external links with a short blurp ("a <what is it> that <what makes it special>"). Shinobu 18:09, 31 August 2006 (UTC)

External Links deleted?

Why?

I don't know... perhaps Wikipedia is not a link farm? I can't be any more specific without the actual url that has been removed. Shinobu 01:48, 23 September 2006 (UTC)

Use of italics

Despite being dismissed by security experts [2][3], the story has been widely repeated and resurfaces frequently. It was noted that the story apparently originated with a press release from "iomart" [4], a vendor of steganalysis software. No corroborating evidence has been produced by any other source.

Moreover, a captured al-Qaeda training manual makes no mention of this method of steganography. The chapter on communications in the al-Qaeda manual acknowledges the technical superiority of US security services, and generally advocates low-technology forms of covert communication.

The italics in this section look very dodgy (and, specifically, not NPOV). The actual comments within the italics are fine, provided that they are true, but do not need to be italicised.

Unless the italics are some kind of steganographic signal pointing at hidden content, of course... :) --Sapphire Wyvern 07:10, 27 September 2006 (UTC)

I have removed the italics. I agree with Sapphire Wyvern's post. The italics immediately jumped out to me as potentially violating NPOV when I first read the article: not just offering the evidence contradicting the NYT article but 'trying to make a point' about just how wrong the article was. Rfrohardt 19:33, 22 February 2007 (UTC)

Thermal Noise is not 1/f Noise

This article states that "Any system with an analog (signal) amplification stage will also introduce so-called thermal or "1/f" noise, which can be exploited as a noise cover." This sentence makes it sound like thermal noise is 1/f noise. In fact, 1/f noise is Flicker Noise, which is a completely separate noise source from thermal. I suggest this error be corrected as soon as possible. Since this is considered a 'good article' I hesitate to make the changes myself. --Dirkbike 19:55, 30 October 2006 (UTC)

Well, it's been about a week so I decided to make the corrections anyway. Please let me know if there are any objections.--Dirkbike 23:58, 5 November 2006 (UTC)

Fujitsu system for hiding message in a printed picture

i have just read a bbc news item about a system that fujitsu are developing to hide messages. I them looked at this artical to see if I could find more info about it. maybe someone should add somthing to this artical about this. the url was http://news.bbc.co.uk/1/hi/technology/6361891.stm --82.12.52.135 17:43, 15 February 2007 (UTC)

Ah ha, darn, you beat me to it :[ I was just going to talk about that here. That Jason 23:47, 15 February 2007 (UTC)

Implementations section

Would anyone have any objections if I removed all of the software listed under the "Implementations" section which didn't have a Wikipedia entry/moved it under "See also"?

At present, it seems to fall foul of WP:NOT#LINK; those software systems which are notable should probably have Wikipedia article on them - otherwise it just seems like a linkspam-magnet? Nuwewsco 13:23, 6 July 2007 (UTC)

I wouldn't remove all of them since some are indeed valuable examples of steganography. Why not just remove the ones that can't be used quickly and easily (i.e. 2 of the 3 online ones are libraries, not complete steganography tools. I am sure the same is true of some of the downloadable ones.) 15:23, 9 July 2007 (UTC)

quotes

Several quotes on this page are both enclosed in quotation marks and italicized. Typical English usage is to quote only or italicize only. Is there a manual of style guideline for this? --ESP 14:50, 9 August 2007 (UTC)

Re: Terrorism Rumors

Ref 9, the Jamestown Group is an interesting summary, but is it supported by any other references or evidence? Is there any assertion or evidence of the Jameson Group's NPOV or objectivity?

Ref 10, the Steganography Analysis and Research Center appears to be a commercial product rather than a resource. Can anyone confirm it's utility? Is there a freely available database, eg at Mitre?

Although Niels Provos' research is dated, his brute force analysis of eBay and Usenet in 2001 do help to debunk this pernicious rumor about terrorists. and if anyone is familiar with that work, perhaps they could stub out a page on it. Both statements apply equally to Elonka Dunin's work as well. Both are linked at the bottom of the article, but perhaps could be cited directly in the section on the rumors.

Politically, I'd like to see the rumor soundly debunked, as would many others. This sort of unproven rumor is used to justify restrictions on security software and decreased civil liberties the world over. Scientifically, I would love to see some proof or disproof, and surely this is not so hard to provide. My main motivation for commenting here is that the debunking in the main article doesn't seem very strong or clear.

Thanks, Adricnet 21:53, 2 October 2007 (UTC)

Braincopter

In case someone is interested, there is an esoteric programming language called "Braincopter", which is based on Brainloller which itself is based on Brainfuck.
It can be used to hide Brainfuck applications on png images. Some examples: Hello world and Lost kingdom. --83.34.126.69 (talk) 15:05, 13 April 2008 (UTC)

lossless

I'd like to see "lossless" defined, with a good hyperlink MargaretBartley (talk) 02:53, 5 June 2008 (UTC)

you are doing stegno —Preceding unsigned comment added by 220.225.6.32 (talk) 06:06, 30 July 2008 (UTC)

Lossless is just a common term which means that no data of the image is lost when you save in that format. When you save as a jpeg (lossy compression), the image you save will not be identical to the original image. Gazok (talk) 15:00, 24 May 2009 (UTC)

References/links

The references section was really a massive dump of external links. I've removed most of them, particularly those that provide programs that let you generate or read encrypted pictures or whatever. The DMOZ is a good place to find stuff like that (now an EL), but overall it's just begging to be stuffed with spammy links to programs and companies, and they're not informative. I've split the section into "Footnotes" for inline citations, and "References" for the, I assume, general reference citations. These would be more useful to readers if embedded as inline citations, but for now they are OK. I've also removed the lower-quality and value links, such as the links to large masses of other articles. If it's not a link to an actual article, it's not a reference. WLU (talk) 14:56, 2 September 2008 (UTC)

Alleged use by terrorists section removed

In that section, some of the referenced links did not work, however the remaining references were (common) journals, which are not exactly to be the source of Wikipedia. I agree on a section on "use by terrorists" - however the topic should be widened, e.g. "use by warez pages", "famous historical stories" maybe in world war II or during the cold war, etc. So I think, before putting the removed section on again, it is to be reedited. (I hope, you understand and accept my reasons, my english is probably not good enough to explain my reasons well enough.) —Preceding unsigned comment added by 80.98.218.173 (talk) 21:52, 4 January 2009 (UTC) Sorry, I forgot the artistic use in literature. Maybe it should be mentioned in a lexicon. —Preceding unsigned comment added by 80.98.218.173 (talk) 21:55, 4 January 2009 (UTC)

Sorry, I was total wrong, and inconsiderate, you're right. Good job. —Preceding unsigned comment added by 80.98.218.173 (talk) 20:28, 5 January 2009 (UTC)

Citation link broken

The link for Citation # 3 is no longer valid. I've never edited Wikipedia before, so I'm not sure how to go about resolving that. 24.31.231.26 (talk) 06:27, 17 April 2009 (UTC)

Trying the cat-in-the-tree example yourself

I suggest to add following somewhere near the image:

(We know that we need the 2 least significant bits, so i AND-mask the 8-bit channel values with 00000011 binary, or 0x03 hex, so the RGB bitmask is 0x030303) To recover the cat from the tree-image, you can do the following (note: the convert tool is part of ImageMagick)

 convert StenographyOriginal.png -evaluate And 0x030303 HiddenImage.png

This hidden image contains the cat, but it is very dark (since it only uses the 2 LSBs), so i left-shift the bit values by 6 places, so my maximum possible 00000011 bit value becomes 11000000.

 convert StenographyOriginal.png -evaluate And 0x030303 -evaluate LeftShift 6 HiddenImageEqualized.png

Now you can clearly see the cat.

what do you think? 84.59.115.163 (talk) 07:04, 24 April 2009 (UTC)