Friday Squid Blogging: Steganography in the Longfin Inshore Squid

Really:

While the notion that a few animals produce polarization signals and use them in communication is not new, Mäthger and Hanlon’s findings present the first anatomical evidence for a “hidden communication channel” that can remain masked by typical camouflage patterns. Their results suggest that it might be possible for squid to send concealed polarized signals to one another while staying camouflaged to fish or mammalian predators, most of which do not have polarization vision.

Mäthger notes that these messages could contain information regarding the whereabouts of other squid, for example. “Whether signals could also contain information regarding the presence of predators (i.e., a warning signal) is speculation, but it may be possible,” she adds.

Posted on October 22, 2010 at 4:31 PM • 13 Comments

Comments

atisOctober 22, 2010 5:11 PM

I don't quite understand if this article is about Security or it's part of Friday Squid Blogging :)

TimOctober 22, 2010 5:14 PM

atis - I am not sure, but I am glad that Friday Squid Blogging is back from a week's hiatus.

edOctober 22, 2010 5:49 PM

It wasn't on hiatus. Last week's article was about invisible squid, which was, alas, invisible.

jgrecoOctober 22, 2010 6:33 PM

I wonder what a squid would think of a showing of a 3d movie that used polarization to keep the two images separate.

Probably not much I guess, unless it was about fish.

frostbeardOctober 22, 2010 6:46 PM

I recall reading something along these lines pertaining to cuttlefish a while back. Gotta love cephalopods.

Davi OttenheimerOctober 22, 2010 7:54 PM

Surprised the scientists were so speculative.

Why not speculate about secret signals that show a map -- hidden pirate treasure? I once heard about a pirate who trained squid...

Does the channel work only among species or also by each squid school -- can squid schools develop uniqueness such that they hide messages from each other?

mcbOctober 23, 2010 9:49 AM

@ Davi Ottenheimer

"Does the channel work only among species or also by each squid school -- can squid schools develop uniqueness such that they hide messages from each other?"

I'd save that question in case you ever need a topic for some postdoc work...

BTW Excellent blog http://www.flyingpenguin.com/ "the poetry of information security" Very nice, indeed.

Clive RobinsonOctober 23, 2010 9:40 PM

OFF Topic.

It apears there is a new method for attackers to bypass Network Intrusion Detectors and other packet content detectors.

http://www.cert.fi/en/reports/2010/...

From the little information available it appears to exploit a failing in TCP/IP packet formation and gets past a number of current security products.

The technique used appears to be related to the fact that you can send packets that apear to be short whilst the intended host allows for long packets to be read in. It will be interesting to see what the actual "packet crafting" method is.

Nick POctober 24, 2010 8:51 AM

@ Clive Robinson

I don't really think this is new. It getting press is new, but haven't hackers been using sophisticated evasion techniques for years? We already know how to deal with that. Both proactive and reactive methods.

I did find the article interesting for one reason, though. Stonesoft's press release read like FUD: very little substance and a lot of hand-waving and name-dropping (theirs, actually). Another news bit I dug up made a nice observation. NSS's test of IPS products showed Stonesoft failed to stop evasion techniques, while "Cisco, IBM, Sourcefire and McAffee" passed. Oh, the irony! If only the IPS developers were as good as the marketing team... ;)

Should you panic? Advanced evasion techniques overview
http://www.thetechherald.com/article.php/201042/...

ModeratorOctober 26, 2010 11:11 AM

Rajesh, come on now. Just because Bruce mentions a subject doesn't mean we need a ton of links and excerpts about it dropped on us. You made seven consecutive posts in this thread, with almost nothing in your own words; even the post that appeared to be in your own words was mostly a copy-and-paste from Wikipedia. That's excessive. And changing your name while making repeated posts just makes it worse.

Please try commenting only in your own words for a while. No more copy-and-pasting, and no posts that are just links. If you, yourself, have something on-topic to say I'd like to hear it, but I'm not going to let the quotespam stand.

BamaNovember 3, 2010 6:48 PM

Just a brief clarification on the comment about the last NSS Labs report and the evasion results. 70% of the vendors failed the test so it's a little un-fair to make it seem as if Stonesoft was the only one with areas of improvement. Among others were other "market leaders" such as Cisco, Sourcefire, Juniper and TippingPoint. Plus it tested only a small sample of evasions. Every vendor would have done differently depending upon what evasions were tested. Either way, it goes to show there is a problem.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..