PaulDotCom mailing list archives

Usable Stego

From: joel.folkerts at gmail.com (Joel Folkerts)
Date: Sat, 8 Aug 2009 21:13:29 -0500

Adrian,

 While I certainly cannot speak as an authority on the subject, it's been my
experience that stego is an over-hyped technology that just isn't being
incorporated as widely as we may believe. I believe the primary reason for
this may be the lack of an agreed industry standard, protocol, or
application that implements steg. Contrarily, steg detection tools are still
very premature and relatively expensive so it may be a case that we just
can't find it. When I was a little more active in the forensic industry,
WetStone Technologies created a Stego Suite that was about the only
compelling product in the market.

 The best stego implementation that I have seen was hiding data in JPEG
quantization tables, which made detection very difficult. The most basic was
hiding the data in the least significant bit (LSB) - impossible to detect
with the naked eye but may be easily detected by recognizing the pattern.

-Joel


"The path to hell is paved with good intentions."


On Sat, Aug 8, 2009 at 7:52 PM, Adrian Crenshaw <irongeek at irongeek.com>wrote:

Ok, I'm prepping up for my Anti-Forensics class, and I'm looking into
steganography. All the tools I've looked at seem to be too much of a pain in
the butt for me to see folks using them to hide their pr0n stash or illicit
business practices. Passing messages, maybe. Anything out there that you
would see as useful? Maybe something that lets you mound a large AVI or
something as a drive and lets you randomly add and remove files?

On a side note, can you think of a time when stego is used as something
more than a parlor trick?

Adrian

_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090808/c2e21a2a/attachment.htm

Current thread:

Usable Stego Adrian Crenshaw (Aug 08)
- Usable Stego infolookup at gmail.com (Aug 08)
  - Usable Stego John Navarro (Aug 08)
    - Usable Stego Karl Schuttler (Aug 08)
- Usable Stego Joel Folkerts (Aug 08)
  - Usable Stego John Navarro (Aug 08)
- Usable Stego Jim Halfpenny (Aug 09)
- Usable Stego Ali Emirlioglu (Aug 09)
  - Usable Stego Jim Halfpenny (Aug 10)
  - Usable Stego Shane Kelly (Aug 10)
  - Usable Stego Michael Miller (Aug 10)
    - Usable Stego Chris Biettchert (Aug 12)
- <Possible follow-ups>
- Usable Stego Grymoire (Aug 10)
  - Usable Stego Joel Folkerts (Aug 10)
    - Usable Stego Michael Miller (Aug 10)

(Thread continues...)