Information Security News
mailing list archives
Massive search reveals no secret code in web images
From: InfoSec News <isn () c4i org>
Date: Wed, 26 Sep 2001 03:50:26 -0500 (CDT)
15:56 25 September 2001
New research indicates that terrorists are not using advanced computer
tools to hide messages in innocuous-looking web images.
In February 2001, US agents suggested that terror groups, including
Osama Bin Laden's al-Qaida organisation, were hiding messages in web
images. The FBI has suggested that recent terrorist atrocities in the
US could even have been co-ordinated using images uploaded to ordinary
internet sites such as eBay.
Now Niels Provos and Peter Honeyman of the University of Michigan have
found strong evidence suggesting such steganography - the science of
obfuscating communications - is not used. They used detection software
and brute force computing power to scan millions of images posted to
the internet and found no hidden messages.
"We have analysed over two million images downloaded from eBay but
have not been able to find a single hidden message," they write in
their paper, Detecting Steganographic Content on the Internet.
Messages can be hidden within redundant parts of the digital
information used to generate images in formats such as JPEG. This
offers advantages over encryption, which only hides the meaning of a
message, because the message itself disappears.
Provos and Honeyman ran computer programs to analyse the digital
information behind images and identify any portions that might have
been altered. They further checked these portions to see if any
changes could be explained by normal copying errors.
The pair employed a bank of distributed computers to check through
millions of images. After weeks of analysis, however, they found no
The technique may not be infallible. The methods used by Provos and
Honeyman were particularly aimed at uncovering use of steganographic
tools already released on the internet.
There are more advanced methods of hiding communications within images
that involve using active, as well as redundant parts, of the
underlying code. Sushil Jajodia of the Centre for Secure Information
Systems at George Mason University in Virginia, US, says that this
could have evaded detection but would require considerable technical
Jajodia says that a message might also be encrypted before hiding.
"This would add an extra layer of security," he says. But he also
stresses that there are far simpler methods for hiding communications.
Using a code word in a telephone conversation or a radio broadcast
would provide a far easier way to communicate in secret, he says.
Magnus Ranstorp, of the Centre for the Study of Terrorism and
Political Violence at the University of St Andrews in the UK, agrees.
He told New Scientist: "These groups do use encryption, but some of
the most important information is relayed non-technologically, it is
often carried by human couriers."
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
- Massive search reveals no secret code in web images InfoSec News (Sep 26)