Steganography

Steganography (pronounced STEHG-uh-NAH-gruhf-ee, from Greek steganos, or “covered,” and graphie, or “writing”) is the hiding of a secret message within an ordinary message and the extraction of it at its destination. Steganography takes cryptography a step farther by hiding an encrypted message so that no one suspects it exists. Ideally, anyone scanning your data will fail to know it contains encrypted data.

In modern digital steganography, data is first encrypted by the usual means and then inserted, using a special algorithm, into redundant (that is, provided but unneeded) data that is part of a particular file format such as a JPEG image. Think of all the bits that represent the same color pixels repeated in a row. By applying the encrypted data to this redundant data in some random or nonconspicuous way, the result will be data that appears to have the “noise” patterns of regular, nonencrypted data. A trademark or other identifying symbol hidden in software code is sometimes known as a watermark.

 

How to hide a file using steganography

Link: QuickStego Download

Source:

Rouse, Margaret. “What is steganography?” TechTarget. Retrieved from http://searchsecurity.techtarget.com/definition/steganography

Advertisements

Cybersecurity as Realpolitik by Dan Geer presented at Black Hat USA 2014

Power exists to be used. Some wish for cyber safety, which they will not get. Others wish for cyber order, which they will not get. Some have the eye to discern cyber policies that are “the least worst thing;” may they fill the vacuum of wishful thinking.

Dissecting Stuxnet

The Stuxnet computer worm is perhaps the most complicated piece of malicious software ever built; roughly 50 times the size of the typical computer virus. It leveraged an array of new techniques to spread and conceal itself while attacking Iranian nuclear enrichment centrifuges. Symantec Chief Architect Carey Nachenberg explains how the Stuxnet worm spread, evaded detection and ultimately accomplished its mission.