Roland Piquepaille's Technology Trends
How new technologies are modifying our way of life

samedi 12 avril 2003

Steganography, or "stego," as it's also known, is a way to hide messages like text or images into larger files. Security Focus recently published an excellent and very well-documented article on this subject. Here is the introduction.

Over the past couple of years, steganography has been the source of a lot of discussion, particularly as it was suspected that terrorists connected with the September 11 attacks might have used it for covert communications. While no such connection has been proven, the concern points out the effectiveness of steganography as a means of obscuring data. Indeed, along with encryption, steganography is one of the fundamental ways by which data can be kept confidential. This article will offer a brief introductory discussion of steganography: what it is, how it can be used, and the true implications it can have on information security.

Kristy Westphal, the author, answers these questions. She also tried several steganography tools. You can see the results of her tests in her article, in two JPEG images, one without an embedded message and one with embedded text. The modified image shows less luminosity, but if you don't know the original one, it is very hard to guess that the second one contains a hidden message.

So is steganography a *good* or a *bad* technology? Like other security tools, as encryption, it depends on the purpose.

Unfortunately, steganography can also be used for illegitimate reasons. For instance, if someone was trying to steal data, they could conceal it in another file or files and send it out in an innocent looking email or file transfer. Furthermore, a person with a hobby of saving pornography, or worse, to their hard drive, may choose to hide the evidence through the use of steganography. And, as was pointed out in the concern for terroristic purposes, it can be used as a means of covert communication. Of course, this can be both a legitimate and an illegitimate application.

Here are Westphal's conclusions to this highly recommended article.

Steganography is a fascinating and effective method of hiding data that has been used throughout history. Methods that can be employed to uncover such devious tactics, but the first step are awareness that such methods even exist. There are many good reasons as well to use this type of data hiding, including watermarking or a more secure central storage method for such things as passwords, or key processes. Regardless, the technology is easy to use and difficult to detect. The more that you know about its features and functionality, the more ahead you will be in the game.

For more information about this technology, you can visit the exhaustive Steganography & Digital Watermarking web page from Neil F. Johnson of George Mason University.

Source: Kristy Westphal, for Security Focus, April 9, 2003

10:44:24 AM  Permalink  Comments []  Trackback []

Click here to visit the Radio UserLand website. © Copyright 2004 Roland Piquepaille.
Last update: 01/11/2004; 11:45:33.

April 2003
Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30      
Mar   May

Search this blog for

Courtesy of PicoSearch

Personal Links

Other Links

Ars Technica
Daily Rotation News
Microdoc News
Smart Mobs


Dave Barry
Paul Boutin
Dan Bricklin
Dan Gillmor
Mitch Kapor
Lawrence Lessig
Jenny Levine
Karlin Lillington
Jean-Luc Raymond
Ray Ozzie
John Robb
Jean-Yves Stervinou
Dolores Tam
Dylan Tweney
Jon Udell
Dave Winer
Amy Wohl

Drop me a note via Radio
Click here to send an email to the editor of this weblog.

E-mail me directly at

Subscribe to this weblog
Subscribe to "Roland Piquepaille's Technology Trends" in Radio UserLand.

XML Version of this page
Click to see the XML version of this web page.

Technorati Profile

Listed on BlogShares