BitTorrent's Bram Cohen Unveils New Steganography Tool DissidentX 124
Sparrowvsrevolution writes "For the last year Bram Cohen, who created the breakthrough file-sharing protocol BitTorrent a decade ago, has been working on a tool he calls DissidentX, a steganography tool that's available now but is still being improved with the help of a group of researchers at Stanford. Like any stego tool, DissidentX can camouflage users' secrets in an inconspicuous website, a corporate document, or any other, pre-existing file from a Rick Astley video to a digital copy of Crime and Punishment. But it uses a new form of steganography based on cryptographic hashes to make the presence of a hidden message far harder for an eavesdropper to detect than in traditional stego. And it also makes it possible to encode multiple encrypted messages to different keys in the same cover text."
tool? (Score:3, Interesting)
This does not even have tests. Barely any project-like organization. Just a bunch of python scripts hobbled together. Seriously, this is barely v0.1 material.
Call it a proof-of-concept, an experiment, anything. But not a tool.
Re:The problem... (Score:3, Interesting)
Stego is a useful tool for transporting provided the de-stegoed document never, ever winds up on the Internet
Just make sure vast numbers of multiple "similar but not exactly the same" pictures like that one you're using are already on the internet. What did you think all those funny cat meme pictures were for?
Re:Leak Tracking (Score:4, Interesting)
I think steganography is far more likely to be used to track the people who leak information.
You've got the right idea, but you're not connecting all the pieces of the puzzle to answer how. Allow me: You know that massive data center the NSA is building to basically "download the internet"? Well, as it turns out, the overwhelming amount of traffic on the internet is just a copy of something else. Translation: If you compressed it you'd get some amazing compression rates. Here's the thing about steganography that is going to fuck most people who try to use it: If they ever find the original file that you used pre-stego, a simple binary comparison will reveal the alteration. In other words, if you use any publicly available image, document, etc., and then "stego" it... an adversary like the NSA can programically detect this. Plausible deniability goes right out the window.
The increased availability of the technology will likely mean smaller companies or government agencies will use it to suppress leaks.
This is something separate from steganography. What you're talking about is watermarking, and it's something color printers already do -- the serial number, username, time, etc., is encoded in yellow microdots on all pages. It was originally implimented to assist in anti-counterfeiting measures, but has since expanded to cover "national security" interests. And by that, I mean tracking down political undesireables and neutralizing them.