Return-Path: <sentto-279987-2312-1001362356-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 24 Sep 2001 13:14:15 -0700 (PDT) Received: (qmail 2597 invoked by uid 510); 24 Sep 2001 20:13:31 -0000 Received: from n11.groups.yahoo.com (216.115.96.61) by 204.181.12.215 with SMTP; 24 Sep 2001 20:13:31 -0000 X-eGroups-Return: sentto-279987-2312-1001362356-fc=all.net@returns.onelist.com Received: from [10.1.1.223] by c3.egroups.com with NNFMP; 24 Sep 2001 20:13:10 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_3_2_2); 24 Sep 2001 20:12:35 -0000 Received: (qmail 79277 invoked from network); 24 Sep 2001 20:08:58 -0000 Received: from unknown (10.1.10.26) by 10.1.1.223 with QMQP; 24 Sep 2001 20:08:58 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta1 with SMTP; 24 Sep 2001 20:09:32 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id NAA07154 for iwar@onelist.com; Mon, 24 Sep 2001 13:09:32 -0700 Message-Id: <200109242009.NAA07154@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Mon, 24 Sep 2001 13:09:32 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Coded.Communications] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Coded Communications By Peter McGrath, NEWSWEEK WEB EXCLUSIVE, 9/24/01 http://www.msnbc.com/news/632358.asp?0si=- Did the hijackers hide their messages in harmless-looking images on the Internet? In his history of the Persian Wars, Herodotus tells of a messenger who shaved his head and allowed a secret message to be tattooed on his scalp. He waited until his hair grew back. Then he journeyed to where the recipient awaited him and shaved his head again. The message was revealed. It was history's first use of steganography. IN TODAY'S digital world, steganography-from the Greek for "covered writing"-has become a popular form of encryption. Traditional ciphers give themselves away because they appear to be gibberish, and anyone who intercepts them will at least have reason to suspect the sender's motives. But steganography hides the message inside an ordinary-looking objects such as a digitized photo or sound file. It is "visible" only to someone who knows it's there. Thus, photo agencies use it to create digital "watermarks" for their pictures. The U.S. Customs Service has warned that some Web sites use it to mask pornographic images. And now, many federal investigators believe, some of the terrorists used it to coordinate their attacks on New York and Washington. "Since I'm in the [computer-] security field and therefore a paranoid sort," says Neil F. Johnson, a steganography specialist at George Mason University in northern Virginia, "I'd expect it to have been used." Digital images are good vehicles for steganography. All images contain redundant data: information as to color, for example, that is present but unnecessary for the picture to be seen and understood. This enables the senders of a secret message to substitute digitized text for some of the redundant pixels in a photo, for example. Or it could be a verbal message; when transmitting information, computers treat sound, image and text files all the same. They are all parts of bitstreams. The senders can then post the result on a public Web site, with only the intended recipients knowing of its existence. A message about which California-bound plane to board in Boston could, for example, be inserted into a picture of a football game at Ohio State. Who would suspect? The technology will appeal to terrorists because it's both low cost and relatively easy to use. "You don't have to be sophisticated," says Johnson, "and there are tools readily available on the Internet. It's just download and run." Browsing any of the well-known download sites like CNET.com will turn up a number of "stego" files for less than $50. The well-reviewed program called Cloak is shareware priced at $30. The U.S. government is worried enough about terrorists' use of steganography to have commissioned research on countermeasures. Under contract from the Air Force, for example, WetStone Technologies in Corning, N.Y., is developing algorithms for detecting the existence of embedded messages in digital files. Another-though more primitive-method is to monitor closely Internet images that might match a terrorist's interests, such as photos of the White House or the New York Stock Exchange. Some steganographic compression techniques, for example, produce noticeable shifts in the color palette. "All existing stego tools and technologies require some modification of the medium," says Johnson. "The changes made may create anomalies." Just as if the ancient runner's hair had grown back white instead of black. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Pinpoint the right security solution for your company- Learn how to add 128- bit encryption and to authenticate your web site with VeriSign's FREE guide! http://us.click.yahoo.com/JNm9_D/33_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:49 PDT