Re: Stegdetect 0.4 released and results from USENET search available
I download all of alt.anonymous.messages from the same news server that large numbers of people post and download child porn on. It might be that child porn posted to these lists is the most attractive vehicle as it is illegal everywhere, it will not be downloaded at random, those who do download it will be damned careful in where they keep it and how they use it, those who do not want it won't touch it, and the endlessly repetitious nature of the imagery makes it unlikely that those not looking for the special version with the embedded hidden message would bother taking down yet another copy. --dan - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Stegdetect 0.4 released and results from USENET search available
-- On 28 Dec 2001, at 14:47, Bill Stewart wrote: Reader anonymity depends a lot on how many people actually read A.A.M, and on how many sites keep NNTP logs - it probably a lot fewer readers than the largest binary porn spam groups, but a lot also depends on how many small ISPs around the world still spool their own news rather than buying access from news services. It's certainly harder to trace than senders. So tracing a single transmission may be hard, but tracing an ongoing pattern is easier I download all of alt.anonymous.messages from the same news server that large numbers of people post and download child porn on. My software always downloads all new messages in alt.anonymous.messages irrespective of whether I am looking for a particular message. (Hey, I do not read anything in alt.anonymous messages, I am just generating cover traffic out of pure public spirit.) Thus there is no ongoing pattern. This system was first described a very long time ago in true names --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG WaGBISA1ObM2v9DUT5dgMhF7a8QfnHz1GwISf94v 4eKunzkdsCm+yDzSimzsw5nvwZctZg3NdD5VDl8v0 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Stegdetect 0.4 released and results from USENET search available
At 02:47 PM 12/28/01 -0800, Bill Stewart wrote: At 01:59 PM 12/28/2001 -0800, David Honig wrote: A.A.M + PGP = covert radio transmitter which sends coded messages. Obviously interesting, so you direction-find to defeat the anonymity. And Perry replied: [Moderator's note: And how would you possibly do that? --Perry] Anonymity, like much of crypto or security, is an arms race. A radio TX would try bursty sending. So the DXer must keep his receivers going all the time. So the TXer has to move to a different place each time he sends. So the DXer needs a larger mesh of receiver stations and faster response; recording travel (license plate cams, requiring ID on busses) helps too. Ultimately the DXer can do a physical search on everyone. So the TXer has to embed the transmitter in his body. So the DXer has to X-ray everyone, etc. Faster foxes lead to faster rabbits which lead to faster foxes. Similarly with anonymous IP broadcast. Place enough surveillance cameras, subvert enough ISPs/remailers, deploy enough trojans, do enough traffic analysis, and strong anonymity takes much more effort. At that point the extra effort for stego might have been a good tradeoff. The point of stego, it seems to me, is to not attract such attention in the first place. Although *if* you're already on someone's Watch List there may be little point. Another example: You could have an encrypted, deniable filesystem with duress passphrases, etc. But you still have to deal with Mr. Happy-Fun Customs Agent who wants to know what kind of naughty bits you're importing. A collection of baby pictures requires no explanation, no special flag in the records that track you. So tracing a single transmission may be hard, but tracing an ongoing pattern is easier, Exactly. unless there's a trusted Usenet site in some country where you don't have jurisdiction problems. And is out of range of the guided missile which was accidentally mistargeted due to out of date maps. And which doesn't need to interact with the US financial tentacles. Which can maybe survive a physical embargo. Whose sysop is immune from coercion or bribery. That means that A.A.M + PGP is fine for an occasional Attack at Dawn message, but not necessarily for routine traffic. Yes --much like a covert radio transmitter. Love work, hate domination, and do not let your name come to the attention of the ruling powers. -Talmud/Sayings of the Fathers - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Stegdetect 0.4 released and results from USENET search available
On Fri, 28 Dec 2001 [EMAIL PROTECTED] wrote: I download all of alt.anonymous.messages from the same news server that large numbers of people post and download child porn on. So the traffic analysis software has your link the first couple of days. Now all they've got to do is black bag your computers text editors and news readers...assuming they've got a motivation to expend the effort. The next step is to compare messages you submit with messages others submit, with respect to time not source/destination, once they've a correlation they can then move to 'other' techniques (eg trap mail, phone taps, etc.). (Hey, I do not read anything in alt.anonymous messages, I am just generating cover traffic out of pure public spirit.) Thus there is no ongoing pattern. Only because your 'cover traffic' isn't. If you wanted to help with cover traffic then you'd be sending large quantities of bogus traffic to the group daily.w But that would take a concerted commitment. Cover traffic requires an interesting characteristic to be effective, one that most don't 'get'; it must be full on all the time. The vast majority of your expended effort is bogus. The most effective cover traffic model is to send nothing but cover traffic at your full bandwidth 24x365. Then randomly inject/replace cover traffic with real traffic as it comes in. ps I'm still working on your Chomsky claims... -- Day by day the Penguins are making me lose my mind. Bumper Sticker The Armadillo Group ,::;::-. James Choate Austin, Tx /:'/ ``::/|/ [EMAIL PROTECTED] www.ssz.com.', `/( e\ 512-451-7087 -~~mm-'`-```-mm --'- - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Stegdetect 0.4 released and results from USENET search available
From: Jim Choate [EMAIL PROTECTED] I snipped several Cc:s. I download all of alt.anonymous.messages from the same news server that large numbers of people post and download child porn on. So the traffic analysis software has your link the first couple of days. Now all they've got to do is black bag your computers text editors and news readers...assuming they've got a motivation to expend the effort. The The effort to black bag computers of a few hundred people reading AAM is much more than the effort they spend getting their computers to read it regularly. Or post to it if they chose. next step is to compare messages you submit with messages others submit, So the TLAs also have to figure out which other ISP accounts and phone lines are also used by the guy they saw reading AAM. More work for them just to rule out AAM robots equipped with a few free ISP accounts. Cover traffic requires an interesting characteristic to be effective, one that most don't 'get'; it must be full on all the time. The vast majority of your expended effort is bogus. It must be independent of the true traffic volume but full on all the time is overkill. If an AAM robot posts exactly 50 messages a day that's plenty to cover as much anonymous communication as I could organise in my head. -- ## # Antonomasia ant notatla.demon.co.uk # # See http://www.notatla.demon.co.uk/# ## - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Stegdetect 0.4 released and results from USENET search available
There's a much simpler reason why few or no stego'ed messages are present in usenet images: They form an inefficient and unneeded distribution mechanism. Try taking a peek at the Usenet newsgroup alt.anonymous.messages. Dozens for PGP'd messages a day, from our old friends Secret Squirrel, Nomen Nescio, and Anonymous. Usenet has some very good properties for those wishing to maintain privacy: multiple entry points, including from mail2news gateways, flooding distribution independent of message content, and knowledge of who reads what is restricted to the server from which the news is read (and there are 1000's of news servers, as well as web based systems such as groups.google.com). But you already know this. Posting PGP to aam also avoids the bandwidth bloat imposed by stego, and the extra complication of having to stego and destego images, as well as generate the images used for cover. Why would anyone bother hide tiny messages in ebay images or alt.binaries.erotica.bestiality.hamster when they can just post to aam? Peter Trei -- From: Niels Provos[SMTP:[EMAIL PROTECTED]] Sent: Friday, December 28, 2001 4:33 AM To: Arnold G. Reinhold Cc: [EMAIL PROTECTED] Subject: Re: Stegdetect 0.4 released and results from USENET search available In message v04210101b84eca7963ad@[192.168.0.3], Arnold G. Reinhold writes: I don't think you can conclude much from the failure of your dictionary attack to decrypt any messages. We are offering various explanations. One of them is that there is no significant use of steganography. If you read the recent article in the New York Times [1], you will find claims that about 0.6 percent of millions of pictures on auction and pornography sites had hidden messages. 2. The signature graphs you presented for several of the stego methods seemed very strong. I wonder if there is more pattern recognition possible to determine highly likely candidates. I would be interested in seeing what the graphs look like for the putative false alarms you found. It also might be interesting to run the detection program on a corpus of JPEGs known NOT to contain stego, such as a clip art CD. The following slides contain examples of false-positives http://www.citi.umich.edu/u/provos/papers/detecting-csl/mgp00023.html http://www.citi.umich.edu/u/provos/papers/detecting-csl/mgp00024.html In my experience, eliminating false-positives is not quite that easy. Some graphs look like they should have steganographic content even though they do not. Any test will have a false-positive rate, the goal is to keep it very low. 3. If you did succeed in decrypting one of Osama Bin Laden's missives, wouldn't he have a case against you under DMCA? Good question. The panel about the DMCA at the USENIX Security Symposium seemed to indicate that the exceptions built into the DMCA have no real meaning. In my understanding of the American legal and judicial system, it is not possible to know what is right or wrong according to some law until one has been taking to court about it. Niels. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] This e-mail, its content and any files transmitted with it are intended solely for the addressee(s) and are PRIVILEGED and CONFIDENTIAL. Access by any other party is unauthorized without the express prior written permission of the sender. If you have received this e-mail in error you may not copy, disclose to any third party or use the contents, attachments or information in any way, Please delete all copies of the e-mail and the attachment(s), if any and notify the sender. Thank You. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Stegdetect 0.4 released and results from USENET search available
At 02:40 PM 12/28/01 -0500, Trei, Peter wrote: Posting PGP to aam also avoids the bandwidth bloat imposed by stego, and the extra complication of having to stego and destego images, as well as generate the images used for cover. Why would anyone bother hide tiny messages in ebay images or alt.binaries.erotica.bestiality.hamster when they can just post to aam? Peter Trei A.A.M + PGP = covert radio transmitter which sends coded messages. Obviously interesting, so you direction-find to defeat the anonymity. [Moderator's note: And how would you possibly do that? --Perry] Stego = signalling via called-in requests to a commercial music radio station. Not interesting. Sure its extra work but high risk requires high effort. Strong-anonymous broadcasting takes work too. dh - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Stegdetect 0.4 released and results from USENET search available
At 02:40 PM 12/28/01 -0500, Trei, Peter wrote: There's a much simpler reason why few or no stego'ed messages are present in usenet images: They form an inefficient and unneeded distribution mechanism. On the subject of stego, this showed up earlier this week: To: [EMAIL PROTECTED] Subject: P2P Stego Treasure Hunt We've put into Morpheus a song, Grayson_Shoot_The_Piano_Player.mp3 which has a stego'd message in it. The tool is mp3stego v 1.1.15 (source available; see http://www.cl.cam.ac.uk/~fapp2/steganography/mp3stego/ ) and the (3DES) passphrase is writecode Another file DrDidg_RaveOn.mp3 has another message under the same passphrase. We are curious how readily the Morpheus search engine can be used for transport purposes. In this instance we give unique names to files not otherwise found in the system. Another experiment in P2P percolation would be to add similar 'watermarks' (microdots) to files which are abundantly replicated. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Stegdetect 0.4 released and results from USENET search available
At 01:59 PM 12/28/2001 -0800, David Honig wrote: A.A.M + PGP = covert radio transmitter which sends coded messages. Obviously interesting, so you direction-find to defeat the anonymity. And Perry replied: [Moderator's note: And how would you possibly do that? --Perry] Back in the old days, it was easy - Usenet messages carried a bang-path route to the original sender. You could forge parts of it easily enough, as the Kremvax hoax demonstrated, but the only real untraceability was because there were lots of pre-Honey-Danber UUCP sites which would accept incoming messages from unknown senders. These days, most of them are gone - you're really depending on how long sites keep logfiles. [Moderator's note: That's not the point. You can post without any authentication via many web sites, or over the net via accounts you can get with little or no identification in a dozen countries, which you can log in to anonymously from web cafes, airport kiosks, etc. around the world. If you decide not to be found, you won't be found. --Perry] Reader anonymity depends a lot on how many people actually read A.A.M, and on how many sites keep NNTP logs - it probably a lot fewer readers than the largest binary porn spam groups, but a lot also depends on how many small ISPs around the world still spool their own news rather than buying access from news services. It's certainly harder to trace than senders. So tracing a single transmission may be hard, but tracing an ongoing pattern is easier, unless there's a trusted Usenet site in some country where you don't have jurisdiction problems. That means that A.A.M + PGP is fine for an occasional Attack at Dawn message, but not necessarily for routine traffic. So it helps to add an extra step - posting the anonymous message through a web2news gateway through an anonymizer, or a mail2news gateway from a webmail account from a cybercafe, or mail2news through an open relay somewhere in the world (since open relays are usually people who haven't bothered configuring their mail systems, and are less likely to keep logs unless that's the default, plus you can spread your messages among lots of different relays.) - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Stegdetect 0.4 released and results from USENET search available
In message [EMAIL PROTECTED], Harald Koch writes: How many images are posted to usenet every *day*, never mind the sheer number of images stored on webservers everywhere. IANAS, but a mere one million messages is too small a sample set to be statistically significant. Herald, thank you for the kind consideration of our work. How many images are posted to Usenet every day? I'd say around 50,000 a day, including GIF images and other image file types that we did not look at [1]. Which USENET archive that stores a full feed from the time before steganography suddenly hit the limelight of the press would you use? We had access to a couple of Terra bytes accounting for a few months of Usenet activity. Thats what we looked at. You might have heard that Usenet traffic is mostly for binary data. That is correct but most of the binary traffic is not in images [2]. If you have any suggestions on how to increase the scope of our analysis, I would be glad to hear them. Alternatively, you might conduct a study yourself as I just released most of my tools. It would be interesting to see something more statistically significant ;) Regards, Niels Provos. [1] http://www.newsadmin.com/cgi-bin/msgsummary [2] http://www.newsadmin.com/top100bytes.htm - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Stegdetect 0.4 released and results from USENET search available
I just released Stegdetect 0.4. It contains the following changes: - Improved detection accuracy for JSteg and JPhide. - JPEG Header Analysis reduces false positives. - JPEG Header Analysis provides rudimentary detection of F5. - Stegbreak uses the file magic utility to improve dictionary attack against OutGuess 0.13b. You can download the UNIX source code or windows binary from http://www.outguess.org/download.php - The results from analyzing one million images from the Internet Archive's USENET archive are available at http://www.citi.umich.edu/u/provos/stego/usenet.php [...] After scanning two million images from eBay without finding any hidden messages, we extended the scope of our analysis. This page provides details about the analysis of one million images from the Internet Archive's USENET archive. Processing the one million images with stegdetect results in about 20,000 suspicious images. We launched a dictionary attack on the JSteg and JPHide positive images. The dictionary has a size of 1,800,000 words and phrases. The disconcert cluster used to distribute the dictionary attack has a peak performance of roughly 87 GFLOPS. However, we have not found a single hidden message. [...] Comments and feedback are welcome. We have an FAQ at http://www.citi.umich.edu/u/provos/stego/faq.html Regards and a merry Christmas, Niels Provos - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Stegdetect 0.4 released and results from USENET search available
Niels Peter, congratulations on finding no secret messages. This is why computers are getting faster -- so we can spend more and more time searching out the lack of any information being communicated. An obvious step is to extend your detector to handle other formats besides JPEG. That would involve more 'research' than merely running it on other collections of images (e.g. JPEGs pulled from the Web in the Internet Archive collection, or from your own crawler). [Other people can also do the work of running your publicly released software against other collections. It would take more talent to write something that processes other formats.] By the way, I'm interested in what steganographic messages you are finding in the plaintext tags in JPEG files. I've heard that some cameras mark each photo with the serial number of the camera, date, etc. You can probably also detect what model of camera produced the image (based on exactly what tags it puts in the image, whether there's a thumbnail, what the filename is, etc). (Jpegdump provides an easy way to see these tags.) Remember how Microsoft Word documents encode the Ethernet address of the PC on which they were created, and how this has been used in several high-profile cases to track documents to individuals? I am a lot more concerned about popular cameras that spy on their own users, than I am about the occasional subliminal message sent through the Usenet. It would be useful to have a tool that removes all the nonessential tags from a jpeg file, a 'stegremover' to delete any spyware that your camera has left behind, as well as a detector, and a hall of shame page for manufacturers who are building that spyware. John PS: Cypherpunks, where *are* you putting your secret messages? Give us a hint! Surely *somebody* in this crew must be leaving some bread-crumbs around for Niels and NSA to find... :-) - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Stegdetect 0.4 released and results from USENET search available
On Fri, 21 Dec 2001, John Gilmore wrote: . . . . PS: Cypherpunks, where *are* you putting your secret messages? Give us a hint! Surely *somebody* in this crew must be leaving some bread-crumbs around for Niels and NSA to find... :-) I always assumed newsgroups, like alt.images.binary.*, but perhaps websites that allow users to upload pictures are the preferred channels. Of course there is a big distiction between (intentionally) leaving something around for Niels to find and really trying to hide something -- pj - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
