Talk Root - PC Hardware, Software and Web Development forums - View Single Post - Saudi Arrests Five After Seizing Bomb-Making CDs

12-26-2003, 10:10 AM

"Tracker" <"snailmail222000(valid)"@yahoo.com> wrote in message
news:3FEB954B.1C2078E7@yahoo.com...
> Joe King wrote:
>
> >
http://story.news.yahoo.com/news?tmp...=1&u=/nm/20031
> > 225/tc_nm/security_saudi_disks_dc
> >
> > How did they hide the files?
>
> Something called "Stenography" and malicious hackers have known about this
for
> ages.

And exactly how would /you/ know about the method used?

From the story text, the file could simply have the hidden attribute set
(something that non-malicious-hackers have known about for probably longer
than some less-informed people have been stealing oxygen from the rest of
us).

Other blatantly obvious things include "hiding" it in a subdirectory,
"hiding" it in a /hidden/ subdirectory, placing it as a randomly-named
document, chopping it into pieces and using a tool/binary copy to put it
back together, placing it on a different session on the CD, renaming the
extension, ZIPping/similar with a password and renaming the extension,
placing it as an OLE attachment into something else, binary-formatting as
text (e.g. base 64 with no header/footer), encoding into specific blocks,
encoding into an executable (e.g. using Windows Resources or simply
selecting a given block-boundary) and so on (I got bored of typing.. ;o)

Then, of course, there's stenography. The most famous technique is, I'd say,
Pitman Shorthand (which fell out of common use not long after the invention
of the Word Processor).

/Steganography/, OTOH, is not only a completely different word but also an
encryption technique, where one hides a message inside something else
(famously as noise in an image).

So, let's see.. given the subject, I'd say that the minimum useful amount of
information would be two images, 800x600/256-greyscale, about 1:6 GIF
compression and about 10k of text. Which would come to around 170kB.
Assuming no more than 1% noise (which, TBH, sounds a bit high to me), we
need a 17MB image.

Hmm. Sounds a bit like trying to hide an elephant in an ashtray.

--

Hairy One Kenobi

Disclaimer: the opinions expressed in this opinion do not necessarily
reflect the opinions of the highly-opinionated person expressing the opinion
in the first place. So there!

12-26-2003, 10:10 AM	#6
Hairy One Kenobi Posts: n/a	Re: Saudi Arrests Five After Seizing Bomb-Making CDs "Tracker" <"snailmail222000(valid)"@yahoo.com> wrote in message news:3FEB954B.1C2078E7@yahoo.com... > Joe King wrote: > > > http://story.news.yahoo.com/news?tmp...=1&u=/nm/20031 > > 225/tc_nm/security_saudi_disks_dc > > > > How did they hide the files? > > Something called "Stenography" and malicious hackers have known about this for > ages. And exactly how would /you/ know about the method used? From the story text, the file could simply have the hidden attribute set (something that non-malicious-hackers have known about for probably longer than some less-informed people have been stealing oxygen from the rest of us). Other blatantly obvious things include "hiding" it in a subdirectory, "hiding" it in a /hidden/ subdirectory, placing it as a randomly-named document, chopping it into pieces and using a tool/binary copy to put it back together, placing it on a different session on the CD, renaming the extension, ZIPping/similar with a password and renaming the extension, placing it as an OLE attachment into something else, binary-formatting as text (e.g. base 64 with no header/footer), encoding into specific blocks, encoding into an executable (e.g. using Windows Resources or simply selecting a given block-boundary) and so on (I got bored of typing.. ;o) Then, of course, there's stenography. The most famous technique is, I'd say, Pitman Shorthand (which fell out of common use not long after the invention of the Word Processor). /Steganography/, OTOH, is not only a completely different word but also an encryption technique, where one hides a message inside something else (famously as noise in an image). So, let's see.. given the subject, I'd say that the minimum useful amount of information would be two images, 800x600/256-greyscale, about 1:6 GIF compression and about 10k of text. Which would come to around 170kB. Assuming no more than 1% noise (which, TBH, sounds a bit high to me), we need a 17MB image. Hmm. Sounds a bit like trying to hide an elephant in an ashtray. -- Hairy One Kenobi Disclaimer: the opinions expressed in this opinion do not necessarily reflect the opinions of the highly-opinionated person expressing the opinion in the first place. So there!