| Tools of Terror: The Art and Science of Steganography |
|
Even
the communication cognoscenti were unaware of the meaning and importance
of steganography until recently when the term made headlines, thanks to Al
Qaeda. It is a marvel how this ancient branch of knowledge has been
exploited for running a network of terror and a fail-proof system of
covert communications. The
word steganography is derived from the Greek word steganos,
which means secret or concealed, and graphy, which means writing or
drawing. State of art steganography is anchored on digitized
imagery and sound. It works on the principle that such files contain bits
and bytes that can be altered without affecting their function, quality or
meaning. These alterations are not easily discernable by human sensory
system and this is true of a 16-bit sound or 24-bit imagery. This
knowledge was effectively put to use by bin Laden’s outfit to send
photographs, maps and sketches of targets with orders and instructions to
the operatives spread over thirty countries around the globe. What could
be better than to hide imagery in pornography and what could be a more
suitable medium than the Internet? Besides pornographic sites, other
popular sites for posting terrorist instructions are sports and technology
chat rooms, and bulletin boards.
There
is no dearth of knowledge – historical, popular, or technical, on the
Internet. Volumes can be downloaded if one has the desire and inclination
to learn. Bin Laden has shown the world the merits of virtual learning. It
is widely known that steganography is more abused than used. It is
like watermarking, which has become a must for copywriting, particularly
in the case of music. In the commercial world, the main driving force for steganography
is protecting copyright, especially when audio, video and text have become
digital, facilitating the making of near-perfect illicit copies of music,
book or software. There is a sudden spurt of defence-related applications
also. Equally
significant is the usage of steganalysis, which is the art of
discovering and rendering steganos useless. WetStone’s
“Detection and Recovery Toolkit” which is being developed for the USAF
by the Air Force Research Laboratory in Steganodress
primarily shows up on hacker, hawala (money laundering), drug
trafficking and terrorist websites. But there are cases of it appearing on
commercial and news sites too, e.g. Amazon, eBay, Dow Jones, and
Technology News. Although a matter of conjecture, bin Laden’s broadcasts
over al Jazeera may contain “hidden messages”, “killer
codes” or “anonymizers”, indicative of the prolific
terminology that the art and science of steganography has spawned.
These broadcasts have raised a storm of indignant protests, “Can media
be a megaphone for anyone inciting murder and mayhem?” (Raja Menon in Economic
Times Plainspeak, Steganography is similar to cryptography, but not entirely. The former goes much beyond encryption by hiding a secret message within an ordinary message. An encrypted message is inserted into an innocuous file, like an image, by using a special algorithm. This obviates scanning and interception of the data. A code is needed to identify the secret message. There are several ways to communicate it e.g. timestamp on the message, an uncommon word in the subject or a phrase in the header. They call it a “dead drop.”
Many products are available online. S-Tools is one of the freeware spread-steganography variety which combines both crypto and stegano attributes. The encryption is done using one of the symmetric algorithms, e.g. Data Encryption Standard (DES), Triple DES or International Data Encryption Algorithm (IDEA). The all-nettools site describes the working with S-Tools. It states, “You just drag the carrier file into the programme window, then you drag the file you want to hide, choose an algorithm and a password, and here we go!” |