lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <4D2F5184.9090903@yahoo.de> Date: Thu, 13 Jan 2011 20:24:52 +0100 From: stormrider <strmrdr42@...oo.de> To: Tomás Touceda <chiiph@...too.org> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: ESFS - The encrypted steganography filesystem Hey Tomás, Am 13.01.2011 19:21, schrieb Tomás Touceda: > Hi stormrider, > > > What I meant with hide is that, since it uses the LSBs, you can pick > any image, and "find data" in them, so it makes it a little bit harder > to know where you actually have data, and if you really do. > in the document I mentioned (Attacks on Steganographic Systems by Andreas Pfitzmann - which you can find here: http://www.ece.cmu.edu/~adrian/487-s06/westfeld-pfitzmann-ihw99.pdf) there is a very good example especially about using the LSB when trying to hide data. What it says about the LSB thing is, that it's a "myth that least significant bits are completely random and therefore might be replaced". Take a look at the windmill image in chapter 3.3 ;-) I advice you to take a look at that document anyway, which was *the* deathblow for steganography in late 90s. It also covers many other stego techniques, not only the LSB thing. It is a good starting point if you want to get deeper into that topic. But please, don't be discouraged by my humble opinion. Your project is nonetheless interesting and a good thing to learn. And there may be other findings about steganography around that I missed. happy coding, stormrider _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists