Entries Tagged "steganography"

Page 3 of 6

New Report on Teens, Social Media, and Privacy

Interesting report from the From the Pew Internet and American Life Project:

Teens are sharing more information about themselves on their social media profiles than they did when we last surveyed in 2006:

  • 91% post a photo of themselves, up from 79% in 2006.
  • 71% post their school name, up from 49%.
  • 71% post the city or town where they live, up from 61%.
  • 53% post their email address, up from 29%.
  • 20% post their cell phone number, up from 2%.

60% of teen Facebook users set their Facebook profiles to private (friends only), and most report high levels of confidence in their ability to manage their settings.

danah boyd points out something interesting in the data:

My favorite finding of Pew’s is that 58% of teens cloak their messages either through inside jokes or other obscure references, with more older teens (62%) engaging in this practice than younger teens (46%)….

While adults are often anxious about shared data that might be used by government agencies, advertisers, or evil older men, teens are much more attentive to those who hold immediate power over them—parents, teachers, college admissions officers, army recruiters, etc. To adults, services like Facebook that may seem “private” because you can use privacy tools, but they don’t feel that way to youth who feel like their privacy is invaded on a daily basis. (This, btw, is part of why teens feel like Twitter is more intimate than Facebook. And why you see data like Pew’s that show that teens on Facebook have, on average 300 friends while, on Twitter, they have 79 friends.) Most teens aren’t worried about strangers; they’re worried about getting in trouble.

Over the last few years, I’ve watched as teens have given up on controlling access to content. It’s too hard, too frustrating, and technology simply can’t fix the power issues. Instead, what they’ve been doing is focusing on controlling access to meaning. A comment might look like it means one thing, when in fact it means something quite different. By cloaking their accessible content, teens reclaim power over those who they know who are surveilling them. This practice is still only really emerging en masse, so I was delighted that Pew could put numbers to it. I should note that, as Instagram grows, I’m seeing more and more of this. A picture of a donut may not be about a donut. While adults worry about how teens’ demographic data might be used, teens are becoming much more savvy at finding ways to encode their content and achieve privacy in public.

Posted on May 24, 2013 at 8:40 AMView Comments

Al Qaeda Steganography

The reports are still early, but it seems that a bunch of terrorist planning documents were found embedded in a digital file of a porn movie.

Several weeks later, after laborious efforts to crack a password and software to make the file almost invisible, German investigators discovered encoded inside the actual video a treasure trove of intelligence—more than 100 al Qaeda documents that included an inside track on some of the terror group’s most audacious plots and a road map for future operations.

Posted on May 2, 2012 at 12:41 PMView Comments

Disguising Tor Traffic as Skype Video Calls

One of the problems with Tor traffic is that it can de detected and blocked. Here’s SkypeMorph, a clever system that disguises Tor traffic as Skype video traffic.

To prevent the Tor traffic from being recognized by anyone analyzing the network flow, SkypeMorph uses what’s known as traffic shaping to convert Tor packets into User Datagram Protocol packets, as used by Skype. The traffic shaping also mimics the sizes and timings of packets produced by normal Skype video conversations. As a result, outsiders observing the traffic between the end user and the bridge see data that looks identical to a Skype video conversation.

The SkypeMorph developers chose Skype because the software is widely used throughout the world, making it hard for governments to block it without arousing widespread criticism. The developers picked the VoIP client’s video functions because its flow of packets more closely resembles Tor traffic. Voice communications, by contrast, show long pauses in transmissions, as one party speaks and the other listens.

Posted on April 13, 2012 at 7:08 AMView Comments

Secret Codes in Bacteria

Neat:

Researchers have invented a new form of secret messaging using bacteria that make glowing proteins only under certain conditions. In addition to being useful to spies, the new technique could also allow companies to encode secret identifiers into crops, seeds, or other living commodities.

[…]

The new scheme replaces the fuse with seven colonies of Escherichia coli bacteria, each given a gene for a different fluorescent protein. When, and only when, these genes are turned on do the bacteria make these proteins and light up. The colors, including yellow, green, and red, vary based on which gene is expressed. All are clearly visibly different to the naked eye. With their colorful bacterial colonies in hand, the researchers then created a code using pairs of different colored bacteria. Having seven colors gave them 49 combinations, which they used to encode the 26 different letters and 23 alphanumeric symbols such as “@” and “$.” They wrote a message by simply blotting pairs of colored bacteria in rows. To “print” the message, the researchers transferred the bacteria onto a plate containing agar, a bacterial growth medium, into which they pressed a sheet of nitrocellulose “paper” that immobilizes the bacteria.

At this point, the bacteria on the nitrocellulose paper remain invisible. But the message receiver can turn on the key genes and make the colors light up by pressing the nitrocellulose paper into an agar plate containing a chemical trigger that activates expression of the fluorescent proteins. (The proteins chosen to light up are ones the bacteria don’t normally use, so unless the researchers activate them, they stay quiescent.) As long as the receiver knows which colors correspond to which characters, the message is revealed. But Walt and his colleagues added one more safeguard as well. Into some bacteria they inserted genes for resistance to particular antibiotics; the idea is that only the antibiotic-resistant bacteria are carrying the real message. If the message fell into the wrong hands, the receiver would see a mix of colors once the genes were activated and be unable to read it. But if the decoder added the right antibiotic, nonresistant bacteria and their colors die away, and the message becomes clear. The first example, reported in today’s issue of the Proceedings of the National Academy of Sciences reads “this is a bioencoded message from the walt lab @ tufts university 2010.”

Posted on October 27, 2011 at 12:01 PMView Comments

Telex Anti-Censorship System

This is really clever:

Many anticensorship systems work by making an encrypted connection (called a “tunnel”) from the user’s computer to a trusted proxy server located outside the censor’s network. This server relays requests to censored websites and returns the responses to the user over the encrypted tunnel. This approach leads to a cat-and-mouse game, where the censor attempts to discover and block the proxy servers. Users need to learn the address and login information for a proxy server somehow, and it’s very difficult to broadcast this information to a large number of users without the censor also learning it.

Telex turns this approach on its head to create what is essentially a proxy server without an IP address. In fact, users don’t need to know any secrets to connect. The user installs a Telex client app (perhaps by downloading it from an intermittently available website or by making a copy from a friend). When the user wants to visit a blacklisted site, the client establishes an encrypted HTTPS connection to a non-blacklisted web server outside the censor’s network, which could be a normal site that the user regularly visits. Since the connection looks normal, the censor allows it, but this connection is only a decoy.

The client secretly marks the connection as a Telex request by inserting a cryptographic tag into the headers. We construct this tag using a mechanism called public-key steganography. This means anyone can tag a connection using only publicly available information, but only the Telex service (using a private key) can recognize that a connection has been tagged.

As the connection travels over the Internet en route to the non-blacklisted site, it passes through routers at various ISPs in the core of the network. We envision that some of these ISPs would deploy equipment we call Telex stations. These devices hold a private key that lets them recognize tagged connections from Telex clients and decrypt these HTTPS connections. The stations then divert the connections to anti­censorship services, such as proxy servers or Tor entry points, which clients can use to access blocked sites. This creates an encrypted tunnel between the Telex user and Telex station at the ISP, redirecting connections to any site on the Internet.

EDITED TO ADD (8/1): Another article.

EDITED TO ADD (8/13): Another article.

Posted on July 19, 2011 at 9:59 AMView Comments

Hard-Drive Steganography through Fragmentation

Clever:

Khan and his colleagues have written software that ensures clusters of a file, rather than being positioned at the whim of the disc drive controller chip, as is usually the case, are positioned according to a code. All the person at the other end needs to know is which file’s cluster positions have been encoded.

The code depends on whether sequential clusters in a file are situated adjacent to each other on the hard disc or not. If they are adjacent, this corresponds to a binary 1 in the secret message.

Paper.

Posted on April 25, 2011 at 5:24 AMView Comments

1 2 3 4 5 6

Sidebar photo of Bruce Schneier by Joe MacInnis.