Dave Howe wrote: > Oh - before I forget, I was thinking about covert channels and cds a few > days > ago and realised there is already one - CDs support a special mode called > "CD+G" > - this is used making "karaoke" cds to support the video data stream; the vast > majority of pc drives cannot read this data - there are exceptions of course. > however, karaoke players (and many low-end dvd players) CAN, and by design > display them on the screen of the playback device. This is pretty much STO, > but > could conceal a message trivially that normal examination of the cd would not > reveal, but which the recipient could display (again, trivially) using nothing > more than a tv set and cheap mass-produced DVD player.
I used to write CD device drivers (ancient history, I wrote, with my brother, one of the first CD rippers ever: CD-GRAB). As I remember it, most drives _can_ read this extra data, but drivers often don't support it. In fact, mixed in to the CD data stream are 8 extra single-bit streams, known as A, B, C... H. CD+G probably (I forget) used the G stream, hence the name. One of the other streams was normally used for timestamps, IIRC, and the rest are free. Hopefully someone will remember better than me so I don't have to dig out my old documentation (I still have several yards of SCSI manuals for CD-ROM drives as well as the CD standards, somewhere). > Needless to say, you could always write or read data from the low bits of > the > audio too, provided you got a reliable read of that data... the software to do > that could be considered suspicous though, while a cd that has a short text > message imbedded in track #12 of a 20 track audio collection would be harder > to > detect (but of course for even vague security would have to be treated as a > steg > channel and encrypted in addition, with something decodable by hand like a > book > code) Note that CD data is actually unreliable when used for audio - I definitely saw the same CD show bitwise differences on successive reads, much to my surprise, so if you want to do this, remember to include error correction :-) Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
