[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: standard for stegonography?????!!!!??
On Mon, 28 Feb 1994, Arsen Ray Arachelian wrote:
> Guys, I thought the whole point of stego was to hide the fact that
> you're hiding data in a file. Having a "standard" for this is
> a bad idea i the sense that if you have a standard, you make it
> that much easier for the bad guys to intercept and find what
> you are trying to hide!
>
That is correct. The standard should be to have no standard! :)
But, if you must have a standard, some variability would help. I outlined
a "variable standard" in another recent message in this thread.
A fictional example of a legitimate need for standardization and a possible
solution follows:
Feb. 1998
Jack and Jill are both readers of cypherpunks and long-time users of PGP.
"Stealth PGP" and "Stego+" have become very popular. Unfortunately,
Clipper is a legal necessity for all computer communication.
Jack wants to send Jill a _truely_ private message. Using only Clipper is
not an option; neither is "Stealth PGP", on its own; as, meerly owning
non-Clipper encrypted files has recently been successfully used as grounds
for search warrants, equipment confiscations, and miscellaneous court
sanctions.
Luckily, it has become particularly popular to use "Stealth
PGP" in combination with "Stego+" to hide messages in PictureCD files.
Knowledgeable users regularly scan alt.videos.binaries.misc for messages.
Although Jack would like additional security that he would obtain from
using a non-standard stegonagraphy program, this is his first message to
Jill. He can not simply send plain-text email to Jill telling her to use
the new "SuperStego", for obvious reasons.
Jack therefore uses the standard, relatively secure, method and
sends the message via "Stealth PGP" & "Stego+" in TEST.CD on
alt.videos.binaries.misc; thereby evading the ClipperCops.
Sergey