PaulDotCom mailing list archives
Usable Stego
From: jim.halfpenny at gmail.com (Jim Halfpenny)
Date: Sun, 9 Aug 2009 13:24:42 +0100
One use for stego is to hide encryption keys. Even passphrase protected keys are vulnerable if compromised if enough brute force is applied. Using stego to hide a key, given that the key is generally much shorter than the encrypted payload, would seem to make a lot of sense given the limitations of stego. I believe truecrypt offers a container format where a second 'fake' passphrase unlocks an extra area of the container for use if you are forced under duress to reveal the passphrase. While this isn't technically stego the trick bears a passing resemblance and I applaud it's sneekiness. Jim On 8/9/09, Adrian Crenshaw <irongeek at irongeek.com> wrote:
Ok, I'm prepping up for my Anti-Forensics class, and I'm looking into steganography. All the tools I've looked at seem to be too much of a pain in the butt for me to see folks using them to hide their pr0n stash or illicit business practices. Passing messages, maybe. Anything out there that you would see as useful? Maybe something that lets you mound a large AVI or something as a drive and lets you randomly add and remove files? On a side note, can you think of a time when stego is used as something more than a parlor trick? Adrian
-- Sent from my mobile device
Current thread:
- Usable Stego Adrian Crenshaw (Aug 08)
- Usable Stego infolookup at gmail.com (Aug 08)
- Usable Stego John Navarro (Aug 08)
- Usable Stego Karl Schuttler (Aug 08)
- Usable Stego John Navarro (Aug 08)
- Usable Stego Joel Folkerts (Aug 08)
- Usable Stego John Navarro (Aug 08)
- Usable Stego Jim Halfpenny (Aug 09)
- Usable Stego Ali Emirlioglu (Aug 09)
- Usable Stego Jim Halfpenny (Aug 10)
- Usable Stego Shane Kelly (Aug 10)
- Usable Stego Michael Miller (Aug 10)
- Usable Stego Chris Biettchert (Aug 12)
- <Possible follow-ups>
- Usable Stego Grymoire (Aug 10)
- Usable Stego Joel Folkerts (Aug 10)
- Usable Stego Michael Miller (Aug 10)
- Usable Stego bytes abit (Aug 13)
- Usable Stego Joel Folkerts (Aug 10)
- Usable Stego infolookup at gmail.com (Aug 08)