Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror
Censorship Technology News

Collage, and the Challenge of "Deniability" 94

Posted by samzenpus
from the on-the-down-low dept.
Slashdot regular Bennett Haselton has written a piece on a new program called Collage that can circumvent censorship by embedding messages in user-generated content on sites like Flickr. The program demonstrates that a long-standing theoretical concept can be reduced to practice but Bennett wonders if anybody would actually need it, as long as they can exchange encrypted messages over Gmail and AIM. He begins "In a presentation delivered at USENIX, Georgia Tech grad student Sam Burnett and his colleagues described how their new program, "Collage," could circumvent Internet censorship by embedding messages in user-generated content on sites like Flickr. The short version is that a publisher uses the Collage system to break a message into pieces that are small enough to embed into a photograph using standard steganography, the photos are published according to some protocol (e.g. "all photos in the photostream of user xyz" or "all photos tagged with the 'xyz' tag"), and receivers who know the protocol for identifying the photos, can retrieve them and decode the message. According to the authors' paper, the system is general enough that it could be adapted to almost any site where user-generated content is published. (All of this can be done by hand using existing tools, but Collage automates the process to hide the individual steps from the user.)"
From this short description, you can see the two salient facts about Collage: (1) it's robust, in the sense that in order to shut it down completely, the censor would have to block every site containing user-generated content; and (2) it's efficient only for small text messages (which is what the authors used to test it), and not for high-bandwidth communications such as video. The authors have also highlighted the claim that Collage is (3) deniable, in the sense that in using it, you won't attract the attention of the censors for browsing "innocent" sites like Flickr. On this point, I'm not so sure; I think it's highly dependent on the kinds of publication system that the sender and the recipient agree on. For example, if the sender publishes their messages in photos all in one user's photostream, and that photostream is used primarily by recipients in censored countries to receive encoded messages, and if virtually nobody ever visits that photostream for any other reason, then if the censor ever finds out about that photostream, they could flag any user who ever visits it. It doesn't matter if the "site" as a whole is "innocent", if that one user's photostream is not.

But there's a more fundamental issue: Currently, in all censored countries, there is at least one way to receive prohibited text messages more efficiently (and with greater deniability) than with Collage. So Collage may work perfectly, but even when it gets released, I'd be very surprised to see large numbers of people using it unless all the simpler alternatives get blocked.

Most tools that people use to circumvent Internet censorship, are not "deniable" in the sense described above. If you visit a proxy site like VTunnel, any censor who is monitoring your Internet connection can see that you connected to a known proxy site. If you connect to the proxy site using "https://" instead of "http://", then a censor eavesdropping on your connection, won't be able to tell what you looked at through the proxy site (unless they confiscate your computer and look through your browser history), but they'll still be able to tell that you visited a proxy site. Similarly, if you use a tool like UltraSurf or Tor, those tools can circumvent the censor's filters by re-routing your Internet connection through a server outside the censored country -- but a censor monitoring your traffic, can still see that you connected to an UltraSurf or Tor server outside the country, even if they can't tell what Web sites you were visiting.

But if all you want is to receive short text messages, then there are many options that are completely "deniable." The simplest is probably to use Gmail and to choose the option to always read messages over https://. (If you sign in to Gmail, under "Settings" you can choose between "Always use https" and "Don't always use https".) If you read your inbox contents using https, then a censor eavesdropping on your connection can't see anything at all -- not the contents of messages that people send you, not the email addresses of people who are writing to you, not even the username that you use to sign in to read your Gmail messages. This gives you more or less perfectly deniability. As long as many Gmail users are using Gmail over https://, then doing this by itself would not attract undue attention from censors monitoring your Internet traffic. Using Gmail, you could also exchange higher-bandwidth content like images and video (up to Gmail's attachment size limit, currently 25 megabytes), something not possible with Collage.

Of course, if you remember the case in which Yahoo turned over information about one of its Chinese account-holders to the Chinese government (who subsequently arrested the user and sentenced them to 10 years in prison), you may be wary of trusting any Western corporation with your privacy. But in this case, you wouldn't have to. Because even if the Chinese government found out that some Gmail users were using Gmail to receive anti-government messages from the U.S., the censors wouldn't be able to eavesdrop on https-protected connections to find out which users were receiving the messages or what they said, so there would be no information for them to demand that Google turn over to them.

Or if you want to exchange encrypted text messages in real time, you can use any instant messaging client that supports encryption. Whether or not this is "deniable", in the sense of not attracting undue attention for "suspicious activity", depends on what proportion of other users are using the chat program in encrypted mode as well. The current version of AOL Instant Messenger, for example, apparently encrypts all instant messages by default. (Although you should take care to understand exactly what is "encrypted" when using an instant messaging client. In my experiments, when using AOL Instant Messenger, the contents of messages were encrypted, but the specific screen names that you're sending and receiving messages from, are not. In other words, a censor eavesdropping on your traffic, can see which screen names you exchanged messages with, but not the message contents. So if there were an AOL user account in a non-censored country that was a dummy account used primarily for passing banned information to users in censored countries, then if the censors ever found out about that account, they could flag and investigate any user in their country who exchanged messages with that screen name.)

The bottom line is that as long as at least one of these alternatives remains unblocked in your country, they would serve as an easier way to achieve the same goals that Collage achieves. They're generally faster, more convenient, and most of the time, more "deniable", in the sense that the traffic they generate won't look as suspicious as, say, browsing a Flickr feed that later becomes widely known as source of banned encoded messages. Collage does demonstrate that an interesting idea can be reduced to practice, and is robust in the sense that the general scheme cannot be blocked unless a regime blocks access to every site hosting user-submitted content. But there doesn't seem to be a compelling reason to use it unless and until all of the simpler methods get blocked.

I write all of this as someone who also wrote a program a few years ago that was meant to serve as a more robust back-up, in case a more popular method of circumventing censorship ever got shut down by the censors. In my case, I thought that most censoring regimes would start blocking all popular Web proxy sites, so I wrote an install script called "Circumventor" that would let you set up a Web server and James Marshall's CGIProxy script on your home computer, turning it into a mini-Web-proxy site. I assumed that eventually, most people in censored countries would have to rely on someone in a non-censored country to set up a private Web proxy like this and e-mail them the URL, once China and Iran got their act together and started blocking most publicly known Web proxy sites. But that never happened, partly because Web proxy sites are now springing up faster than most censors' databases can keep up with. So the web proxy install script fell by the wayside -- but that's good news, because it means that nobody really needed it, since the simpler, more straightforward methods continued to work. Why pester your cousin in the U.S. to set up a Web proxy for you, when most Web proxies you can find in Google are not even blocked yet?

And so it goes for Collage. It sounds like a perfectly fine idea, and it will be great news all around if nobody ever actually has to use it, because the censors never get around to blocking all of the simpler alternatives.
This discussion has been archived. No new comments can be posted.

Collage, and the Challenge of "Deniability"

Comments Filter:
  • by oldspewey (1303305) on Wednesday August 25, 2010 @12:24PM (#33371196)
    From TFS:

    if the Chinese government found out that some Gmail users were using Gmail to receive anti-government messages from the U.S., the censors wouldn't be able to eavesdrop on https-protected connections to find out which users were receiving the messages or what they said, so there would be no information for them to demand that Google turn over to them.

    In this case, I'd say the Chinese government would already have the IP address of the party in question, and the time span(s) during which they connected to Yahoo (or Yawhoever) via https. Seems to me that's plenty of information for them to go knocking on Yahoo's door and demand full session details.

    • by wvmarle (1070040)

      More likely in such situations, a government finds out that someone using the e-mail address dissident1989@yahoo.com is publishing stuff they don't like - on a blog, communicating with other users, whatever. With that information they could go to Yahoo and ask for the further details that belong to that account - such as the IP address(es) used to access it, or even complete access to all e-mail stored on Yahoo's servers.

      I have to look up the situation where Yahoo was asked to turn over information to the

  • by AvitarX (172628) <me@@@brandywinehundred...org> on Wednesday August 25, 2010 @12:26PM (#33371226) Journal

    The summary says "...as long as they can exchange encrypted messages over Gmail and AIM."

    That's a pretty tall order if you are in the type of situation where you need to do that because of censorship. Even in the US (which I would call average good in regards to exchanging ideas freely there were efforts to block/slow down encrypted communications (DES, http://en.wikipedia.org/wiki/Data_Encryption_Standard [wikipedia.org]). If you are somewhere where the protection of encryption for "legitimate" concerns (like discussing why your brother whom held up a sign disappeared), I am willing to bet use of crypto is not safe. It makes far more sense to put crypto messages into stenography such as this. I know I would if I was sending encrypted messages out of fear of the content of my conversation.

    • by CarpetShark (865376) on Wednesday August 25, 2010 @01:09PM (#33371830)

      I don't think it's a tall order, but it's a crazy order. Exchanging messages, encrypted or not, via email generally leaves a pretty serious log of information: how much was sent, from which computer, on which date, which computers it went through (each of which will all have their own logging), which computer it was delivered to, which IP and client downloaded/read it, and when...

      Combine a few emails like that with a few known details about a suspect and their activities, and you could quickly find yourself screwed just for asking a terrorist if he'd be willing to interview for a newspaper.

    • Re: (Score:3, Informative)

      So you're taking the stance that DES was crippled on purpose? Or what? The reality is that DES was simply held up on too high a pedestal for too long because it had government endorsement. NSA's involvement in DES isn't unusual or abnormal; developing good, usable encryption technology is part of NSA's charter as

      Bear in mind history. DES was developed in in the late 1970s. Computers were far, far slower back then. The then-popular Apple II series were running a 1 MHz 8-bit CPU. They came standard wit

      • by AvitarX (172628)

        The link was stronger evidence anyway.

        • Read the article again. The subject is entirely controversial. Most of the controversy revolves around the design of the S-boxes, but they were proven to be very resistant to direct cryptanalysis:

          Some of the suspicions about hidden weaknesses in the S-boxes were allayed in 1990, with the independent discovery and open publication by Eli Biham and Adi Shamir of differential cryptanalysis, a general method for breaking block ciphers. The S-boxes of DES were much more resistant to the attack than if they had

  • by trybywrench (584843) on Wednesday August 25, 2010 @12:28PM (#33371270)
    Ok but how to do you communicate the "protocol" to your audience which may be scattered around the globe? And how do you guarantee communicating the "protocol" hasn't been compromised? As soon as the "protocol" is discovered it becomes easy to begin censoring again. I suppose it could work if you could be face to face with the person you're trying to communicate with and manually give them the "protocol" but if you can do that then you can just exchange public keys too and use the standard public key cryptography setup.
    • The important difference is that with encryption, they know you're sending messages that you want to keep secret, while with steganography, they don't know you're sending the messages to begin with -- not the critical ones.

      • by wvmarle (1070040)

        You and AC poster obviously do not get what OP is talking about.

        It is the key on how to retrieve the messages. E.g. you want to use those Flickr images. Then how do your recipients know which images to download? That there is a message in the first place? How to recover the message from those images? That information is your steganographic key. You may or may not put encryption on top of that: encrypt the message, then hide it steganographic.

        That is the steganographic key that has to be transmitted one wa

  • by Bookwyrm (3535) on Wednesday August 25, 2010 @12:31PM (#33371322)

    Obviously, what they need to do is apply this technique to embed the message in spam messages, in the random dictionary garbage or images in the spam. The recipient then just has to know which spam messages to check for the hidden messages.

    Now, we just need someone to do this to show how to smuggle information in/out of the major spam-email-producing countries, and perhaps there will suddenly be more interest in shutting down spammers.

    • See http://it.slashdot.org/story/04/04/08/1224205/Hidden-Messages-in-Spam [slashdot.org] (note the end of the last sentence)
      Actually I was searching for another Slashdot story about hiding messages in spam, but I cannot find it.

    • by nullchar (446050) on Wednesday August 25, 2010 @01:24PM (#33371976)

      You can try Spam Mimic. It has been around for years (since around 2000).
      http://www.spammimic.com/explain.shtml [spammimic.com]

      Decode this:

      Dear Friend , Thank-you for your interest in our publication
      . We will comply with all removal requests . This mail
      is being sent in compliance with Senate bill 1623 ;
      Title 1 , Section 301 . This is different than anything
      else you've seen . Why work for somebody else when
      you can become rich as few as 58 weeks ! Have you ever
      noticed more people than ever are surfing the web plus
      nobody is getting any younger . Well, now is your chance
      to capitalize on this ! We will help you increase customer
      response by 110% & deliver goods right to the customer's
      doorstep ! You are guaranteed to succeed because we
      take all the risk . But don't believe us ! Mr Simpson
      of Washington tried us and says "Now I'm rich, Rich,
      RICH" ! We are a BBB member in good standing . We beseech
      you - act now . Sign up a friend and you'll get a discount
      of 30% . God Bless ! Dear Sir or Madam , Thank-you
      for your interest in our publication . If you no longer
      wish to receive our publications simply reply with
      a Subject: of "REMOVE" and you will immediately be
      removed from our mailing list . This mail is being
      sent in compliance with Senate bill 1621 , Title 4
      ; Section 308 . This is different than anything else
      you've seen ! Why work for somebody else when you can
      become rich as few as 18 weeks ! Have you ever noticed
      nearly every commercial on television has a .com on
      in it plus people love convenience ! Well, now is your
      chance to capitalize on this . We will help you sell
      more and deliver goods right to the customer's doorstep
      ! The best thing about our system is that it is absolutely
      risk free for you ! But don't believe us . Mrs Simpson
      of Mississippi tried us and says "Now I'm rich many
      more things are possible" . This offer is 100% legal
      ! We beseech you - act now ! Sign up a friend and you
      get half off ! Best regards ! Dear Cybercitizen , Your
      email address has been submitted to us indicating your
      interest in our letter . If you no longer wish to receive
      our publications simply reply with a Subject: of "REMOVE"
      and you will immediately be removed from our mailing
      list . This mail is being sent in compliance with Senate
      bill 1625 ; Title 4 ; Section 301 . This is a ligitimate
      business proposal . Why work for somebody else when
      you can become rich as few as 93 days ! Have you ever
      noticed how many people you know are on the Internet
      & society seems to be moving faster and faster . Well,
      now is your chance to capitalize on this . We will
      help you process your orders within seconds plus process
      your orders within seconds . You can begin at absolutely
      no cost to you . But don't believe us ! Mr Ames who
      resides in Montana tried us and says "I was skeptical
      but it worked for me" ! We are a BBB member in good
      standing ! We beseech you - act now ! Sign up a friend
      and you'll get a discount of 60% . Warmest regards
      !

      Unfortunately, the punctuation has whitespace around it, which is pretty obvious to look for. But you could create your own algorithm, in addition to the other versions on the site.

  • by Nadaka (224565) on Wednesday August 25, 2010 @12:31PM (#33371328)

    The false assertion is that because gmail and other email can be fully encrypted that the CCCP/"surveillance state of choice" will have no information upon which to demand information. This is false as long as gmail and others track IP addresses, and they do for data-mining and advertising purposes.

    • It is also false because with most HTTPS connections, it is very easy via a proxy server to stage a man in the middle attack and you'll never know. The only way to prevent it is to use a real certificate instead of the anonymous one generated by your browser.
      • by Pla123 (855814)

        This is not true. Server certificate verification would fail and the user WOULD know. This is the whole point of using Certificates - verifying their chain of trust.

    • by tehcyder (746570)

      the CCCP/"surveillance state of choice" The USSR (in English characters, CCCP in Cyrilic) no longer exists.

  • by Anonymous Coward

    You can also use spam to send your coded message, most people never see it or delete it immediately, while the targets get their info while not being singled out for having visited a particular site etc.

    • Yes, but how does the receiver find out which spam contains the hidden message?

      • It could be date based. Ie, the message changes every week, or month, or some other unit. If it's that secure and hidden, why not include it in every spam message sent? I'm sure there's some string of words and/or numbers that would/could allow you to isolate the stego'd spam with the normal bot spam.
  • by Anonymous Coward

    how the hell is having encrypted messages in your email account "deniable"? It seems like the whole premise of this article is that "Tha Goog won't give you up, man!". If the "censors" can get yahoo to hand it over, google will too.

    The whole point of collage is that nobody knows if there is data hidden in the images or if they're regular old images. i.e. the only person that can "hand over" the data is the sender or receiver, none of the middle-men.

    People who have no idea about what they're talking about sh

    • Re: (Score:2, Informative)

      by maxwell demon (590494)

      Of course you could combine both: Use a mail provider with https access to communicate messages hidden in images. That way you'll have the best of both worlds: Your mail traffic by itself will not draw any suspicion, but if the government gets suspicious and gets your account data, you have plausible deniability, because all you got are holiday photos. Of course, this assumes that it's not easy to check if there are messages hidden in a photo, and also that you can effectively hide the steganography program

      • by Arimus (198136)

        Think the problem with all these schemes is a lot of the countries where these schemes are aimed at are not the kind of countries that require beyond reasonable doubt before finding you guilty....

      • by Zerth (26112)

        It is possible to check for the presence of steganographic messages in images, although not necessarily read them. For example, if you store it in the least significant bit, it will have the wrong amount of randomness(too much if you encrypted, too little if you did not).

        And if they suspect you, they'll run your images through it, plus ask you if the pictures themselves contain hidden meaning(e.g. beach scene=safe, mountains=danger).

  • by Itninja (937614)
    Would it not be easier to just use a simple replace/exchange code? Like replace 'overthrow' with 'support', 'government' with 'recovery', and 'nation' with 'sickness': "I will completely support the recovery of this sickness.".

    Or a message where someone only read every 8th word to form a secret message. Or do both and combine with an acrostic. There are much easier ways to hide a message.
    • Re: (Score:3, Informative)

      I hate to break the news, but this sort of thing is more easily recovered than you might think. It's one of the basic, elemental things that people in the business of reading some one else's mail have done for years. All it takes is a few messages to build a statistical base, and away it goes.
      • by Itninja (937614)
        Really? Let's see... watch the next, say, ten comments I make over the next days. I will use the methods described. Let me know if you (or anyone) can discern what I am actually saying. Reply to this comment if/when you have it figured out.
  • I'm thinking (Score:3, Insightful)

    by richardkelleher (1184251) on Wednesday August 25, 2010 @01:03PM (#33371784) Homepage
    a Blackberry version would be useful for people living in Saudi Arabia, UAE, India and most importantly, the US.
  • by Openstandards.net (614258) <slashdot&openstandards,net> on Wednesday August 25, 2010 @01:07PM (#33371816) Homepage
    How about a web based client interface for browsing encrypted content that is dispersed throughout the web to increased readership of closed circle content and a trust system for automatically sharing access to friends?
    • by Abstrackt (609015)

      How about a web based client interface for browsing encrypted content that is dispersed throughout the web to increased readership of closed circle content and a trust system for automatically sharing access to friends?

      Something like Freenet or some other darknet combined with a web of trust? Maybe a PGP-based model where you can decide how many marginal signatures a person's key needs before they get access would work.

      The biggest threat in that implementation would be users being too trusting and making the web of trust unreliable as a result.

    • by Mathinker (909784) *

      Given your Slashdot user ID, I'm surprised that you didn't ask first for an open standard for steganographic exchange of information in the modern era. After there is a standard, there will be implementations. Of course, often the standard is based on a pioneering implementation, and maybe that's what is important about Collage.

      Or maybe not. Sometimes it's just a matter of the luck of being in the right place at the right time.

      • I removed the "open standard" part from the subject because of width limitations and then, like your thoughts, in this field pioneering implementations would likely be first. :)
  • A Problem (Score:2, Informative)

    by MrTripps (1306469)
    The problem with steno is that the program has to leave footprints in the image file so it can extract the encoded text. If the BBG (Big Bad Government) knows what those footprints look like they can search the web for images that contain them. After 9/11 there was a lot of interest in terrorists using steno to communicate, so someone decided to search the whole Internet for images with known steno identifiers. Now where did I read about that...oh yeah: http://slashdot.org/yro/01/09/26/1418252.shtml [slashdot.org]
    • One should probably trust a random steganoraphy program even less than a random encryption program, and I am not sure if there ever was a commonly accepted *good" steno program (on par with, say, PGP).

      One possible difficulty in, say, hiding messages in low-weight bits ("noise") of digital pictures that I recently thought of (combination of my work and reading that particular thread you referenced) is that they are produced by a physical object (digital camera sensor), with noise likely to Boltzmann-distribu

      • by godel_56 (1287256)

        One possible difficulty in, say, hiding messages in low-weight bits ("noise") of digital pictures that I recently thought of (combination of my work and reading that particular thread you referenced) is that they are produced by a physical object (digital camera sensor), with noise likely to Boltzmann-distributed at, say, 300K. If a program sees just white noise there, or some much higher or much lower effective T, well, immediate red flag!

        Now, it is probably possible to take effects like this into account when designing your program, but it would take someone well-versed both in math of crypto AND physics of sensors, which is obviously somewhat higher threshold, and it might end up not being "universal" for different image sources.

        That may apply to the RAW photo but I wonder how much of that is left after the photo has been converted to JPEG, contrast adjusted, unsharp masked, resized etc?

        • by PaulBu (473180)

          And that is the question that needs to be asked in this context, together with "how much do I want to bet my life (for dissidents) or, in addition, well-being of my country (for spies) on the fact that none can be extracted".

          I am sure that latter user might have much better tools made by people who actually answered questions like this, and, for communications with his handlers having a single camera and steganography program tuned to specifically to *that* sensor; while the former one might want to do some

    • by LanMan04 (790429)

      Well yeah, shitty steno programs will leave traces of themselves. Not all will.

    • Re: (Score:3, Insightful)

      by adonoman (624929)
      If you have a good enough encryption algorithm, the encrypted data should come out indistinguishable from random. Then the next step is to find a readily available source of randomness and replace the encrypted data. If you replace what should be random data with non-encrypted, or insufficiently encrypted data, it will stand out. If you replace what shouldn't be random data with well encrypted data, it will also stand out. We can assume that the steganography examples being detected are poorly done. On
    • by Mathinker (909784) *

      > the program has to leave footprints in the image file so it can extract the encoded text.

      A good stenagographic system has the property that as the ratio of concealed information to the amount of information it's concealed in is decreased (to zero), the probability of reliably identifying a message as containing concealed information also decreases (to zero).

      I find it hard to believe that one cannot hide hundreds of bits in megabytes of real-world images without fear of detection.

      That's theory, of cours

      • by cdrguru (88047)

        There is a company that goes to the same conferences we do ... BackBone Security. The sell products that detect steganography. The commercial and freeware products today do most certainly leave traces. Now, if the message encoded into a photograph or executable file is encrypted these tools will not be able to tell you want the original message was, but will certainly tell you there is something there.

        Then it is just a matter of extracting the message and seeing what you can do with it, possibly using a

        • > The commercial and freeware products today do most certainly leave traces.

          To convince you that undetectable steganography is possible, think about the following algorithm (which, I admit, has a very, very low ratio of information to carrier). While generating the images I want to use for my carrier data, I set my camera to snap 250 images each time rather than 1. If the scene and the camera are at all realistic, there will be enough entropy in the sets of 250 images so that I can always (for all practi

    • by PPH (736903)

      But I'm downloading the JPEGs for the porn. Honest! I didn't even know there were messages in there. I should go back and stare at them very intently to see if I can detect any secret codes.

  • by Seth Kriticos (1227934) on Wednesday August 25, 2010 @02:01PM (#33372334)

    Some cryptography 101:

    Plausible dependability [wikipedia.org] in cryptography means that even if someone suspects there is hidden encrypted data in a data set, they can't prove it, even if they have full knowledge of the protocol.

    What is presented here is automated steganography over image sites with many users (hiding the information). If the surveillance entity intercepts such messages and analyses them, they will know that *something* is there, though they won't be able to read it.

    Anyway, what it boils down is, that you can't just say there is no message if someone confronts you, and this might very well lay the foundations for your gravestone in countries where the governing entities have a somewhat undemocratic method of dealing with things.

    On the other hand, if they don't like you, and really suspect you are up to no good, they will probably shoot you anyway, evidence or not.

    • by corbettw (214229)

      It's worse than this. Hasselton assumes that the authorities in question have to prove someone is guilty of spreading malicious lies about their government by using steganography. But none of the countries he's writing about have a common law system, they have a civil law system. And one of the important differences between those two forms of law is the presumption of innocence. In that, it doesn't exist in civil law systems. If the authorities arrest you, it's up to you to prove yourself innocent. If you c

      • by Kjella (173770)

        But none of the countries he's writing about have a common law system, they have a civil law system. And one of the important differences between those two forms of law is the presumption of innocence. In that, it doesn't exist in civil law systems.

        What have you smoked? Do you honestly think that Europe, South America, most of Africa and Asia don't have a presumption of innocence?

        Obviously, the easiest way to prove that in a case where you're arrested for spreading damnable lies through hidden messages is to provide the key to read those messages. But, whoops!, you've just proven the state's case, off to the gallows with you! Or if you don't turn over the keys then you didn't prove yourself innocent, off to the gallows with you!

        Funny, the only country I know with laws like that is the UK - a common law system - with their Regulation of Investigatory Powers Act.

        • by corbettw (214229)

          What have you smoked? Do you honestly think that Europe, South America, most of Africa and Asia don't have a presumption of innocence?

          What have you smoked that you think I'm talking about Europe? And no, Africa and the Middle East (and much of South America for that matter) do not have presumption of innocence.

    • by Kjella (173770)

      On the other hand, if they don't like you, and really suspect you are up to no good, they will probably shoot you anyway, evidence or not.

      Yes, and one of those reasons would be that you keep running into images with embedded steganography at an abnormal rate. Maybe you're just a victim of coincidence, but regimes like that don't care. They just evaluate if the risk of you being a threat to them is bigger than the negative effects of having you disappear.

  • From TFS "it's robust, in the sense that in order to shut it down completely, the censor would have to block every site containing user-generated content"

    Well, not Collage is actually weak as hell - because it's Achilles's heel is the need to transmit the protocol between all users involved. If the authorities believe the people they are closing in on are using Flickr (to choose just one example), all they need to do is block Flickr to force them to communicate outside of that channel and potentia

  • So long as you can visit 4chan and the like without being innately suspicious, LOLCats = Evil pedophile terrorist secret messages?

  • by smellsofbikes (890263) on Wednesday August 25, 2010 @02:55PM (#33373030) Journal
    although it was pretty crude. The situation was: my ex-girlfriend was working with Peace Corps in rural China, teaching, and we were sending email back and forth. We noticed pretty quickly that email was disappearing: she'd send stuff that wouldn't show up and wouldn't generate a failure message. So we started numbering our email, making it obvious when a number was missing.

    But I thought it'd be more fun to actually send steganographic stuff, so I coded up a little bit of stuff in matlab (what I was using at the time) that merged a jpeg and a stream of ascii, alternately adding and subtracting the bits of the ascii from the jpeg values. The resulting pictures looked just like pictures: it wasn't visually obvious.

    Then I'd post the unmodified pictures in an unlinked directory on my website (this was pre-flickr) so she could download the originals and subtract out the difference.

    This would have been easily defeated by the chinese firewall just re-encoding jpegs that passed through to a slightly different size or quality, but they never did so it worked fine. But it was a pain in the butt to actually *use*.

    But it'd be even more of a pain in the butt to detect.

  • Deniability isn't hard in US, if you're a politician that is. You only have to deny, deny, deny. Even when presented with proof of your wrong-doing or mis-speaking, you still need only deny it. The media won't call you on it and the people, not knowing who to believe, will give you the benefit-of-the-doubt and just let it go. I laugh when any politico/spy movie mentions "Plausible Deniablility", it's such an antiquated concept.
  • If you read your inbox contents using https, then a censor eavesdropping on your connection can't see anything at all -- not the contents of messages that people send you, not the email addresses of people who are writing to you, not even the username that you use to sign in to read your Gmail messages.

    Oh really? Are you sure? [slashdot.org]

  • First off, the trustworthiness of a group is inversely proportional to its size, so any protocol with "broadcast" in its description is certainly insecure. Collage will only work if it's a private channel between two or three people.

    Even then, it's relatively weak. Stego needs to be proof against a determined attack by an expert who suspects it's being used and knows the protocol. The standard safeguard, which is not in Collage, is to first encrypt and then hide.

  • Usenet spam and porn? The message recipient is indistinguishable from 10,000 horny teenage porn surfers while government authorities can only keep one hand on the keyboard at a time.

  • How is this different from steghide? Here's the summary from 'aptitude show steghide':

    Steghide is steganography program which hides bits of a data file in some of
    the least significant bits of another file in such a way that the existence of
    the data file is not visible and cannot be proven.

    Steghide is designed to be portable and configurable and features hiding data
    in bmp, wav and au files, blowfish encryption, MD5 hashing of passphrases to
    blowfish keys, and pseudo-random distribution of hidden bits in the container
    data.

    • by gringer (252588)

      in answer to my own question, it looks like they've developed a system that uses other tools. The image hiding tool used is 'outguess' rather than 'steghide', but there's probably no reason why they couldn't change that to some other program in the future. Steghide is older, but seems to support more file formats, and multiple encryption algorithms.

      • by gringer (252588)

        Steghide is older, but seems to support more file formats, and multiple encryption algorithms.

        Or maybe not... both websites seem to have fairly old "most recent versions" (i.e. >6 years). However, they still appear to be compiling on Debian systems (as there are packages for both), so I figure someone out there is at least updating them to compile on recent systems.

  • Anyone besides me wanting to know if the length of the original post had anything to do with whether or not there was a collage-hidden message in it?

    Then to have the post end with no mention....very disappointing, but I suppose the author wouldn't be able to maintain perfect deniability if they admitted to the message they just sent to their comrades...

  • Interesting topic, I had always assumed that gmail access over https was blocked in China, nice to know that it isn't.
    So yes, using it seems simpler than steganography, especially since you can encrypt your email before sending them so that not even Google can read them:
    remember that even if you trust Google as a corporation to do the right thing, spying|bribbing could still be used to access your messages stored in Google's servers.

    But the end of the topic is weird, it says basically that the simplest way

  • It strikes me that Gmail over https is actually a worse solution than steganography when deniability is the goal. Deniability doesn't simply mean making it impossible to read a hidden message; it also means hiding a message in a way that doesn't look like one is hiding anything. TOR, Freenet and proxy servers have the same problem. Collage seems to be a slightly Rube-Goldbergian but never the less right headed solution. How does a dissident exchange messages without appearing to do anything sneaky or out of

No user-servicable parts inside. Refer to qualified service personnel.

Working...