[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Random character stereograms and stego




Here's an application which is well suited for steganography.  This is
a random-character stereogram.  Look at it with a monospace font and
unfocus your eyes so the two blocks of text merge, and you will see
the message HI displayed:

VGhpcyBpcyBhIHRlc3Qg  VGhpcyBpcyBhIHRlc3Qg
bWVzc2FnZSB3aGljaCBp  bWVc2AFnZB3xaGljaCBp
cyBiZWluZyBzZW50IHZp  cyBZWmluZBzvZW50IHZp
YSBzdGVnYW5vZ3JhcGh5  YSBdGVnYW5v9Z3JhcGh5
LgpIYWQgdGhpcyBiZWVu  LgpYW1QgdhpBcyBiZWVu
IGFuIGFjdHVhbCBtZXNz  IGFIGoFjdVhXbCBtZXNz
YWdlLCBpdCB3b3VsZCBo  YWdlLCBpdCB3b3VsZCBo
YXZlIGJlZW4gZW5jcnlw  YXZIGJlZW4vgZW5jcnlw
dGVkCnVzaW5nIGEgbWV0  dGVkCVzaUW5nIGEgbWV0
aG9kIHdoaWNoIHByb2R1  aG9kIdoa4WNoIHByb2R1
Y2VzIG91dHB1dCB3aGlj  Y2VzI91dAHB1dCB3aGlj
aCBpcyBpbmRpc3Rpbmd1  aCBcyBpbmRnpc3Rpbmd1
aXNoYWJsZQpmcm9tIHJh  aXNoYWJsZQpmcm9tIHJh
bmRvbSBieXRlcy4K      bmRvbSBieXRlcy4K

This was just done manually, so it's pretty crude.  It would be easy
to write a program to display any message desired.  People could get
in the habit of sending long vertical stereograms saying "GO GIANTS"
or "MICROSOFT SUX" or whatever they felt like at the moment.  The
program could either generate its own random numbers or else suck
in random data from a disk file.

In this case, if you take the left block and reformat it so that it can
be base64 decoded, you will see a short message.  (Unix users can
pass the left block through "mimencode -u".)  In a real stego
application the message would be encrypted in 'stealth' form so it
was indistinguishable from random bits to anyone who did not hold
the decryption key.

This could even catch on as a legal "thumb your nose at the spooks" fad,
people adding random sterograms at the end of their messages.  You
could even have an active .sig which had a constant message but used
different random characters each time.  They wouldn't actually be sending
anything but there would be no way to be sure.

Some people say they'll just forbid transmitting data that looks random,
but realistically, that would be very unlikely to happen.