Peter Hendrickson writes: [...]
Get a warrant, search my system, find nothing but a bunch of applications and a collection of risque (but definitely legal) pictures which I exchange with a few friends. You may suspect that when the images are concatenated in a particular way the low-order bits form a stego filesystem but no one will be able to prove it in court.
Are you concatenating these images by hand? If so, the level of entropy is probably low enough to recover the information through brute force methods or you are hiding a very small amount of information.
I hide the relatively small amount of data within a very large amount of data which makes it impossible to find. Data from analog sources, like the "real world" (images, sounds, etc) is noisy. This is a fact of life. Because this data is noisy I can hide information in the noise. As long as the information I am hiding maintains the same statistical properties of noise it is impossible to pull the information out of the data file unless you have the key. If I am paranoid enough I can make this key impossible to discover without a breakthrough in factoring. This is the essence of steganography and the nature of signal and noise are fundemental principles of information theory. No legislative action or administrative decision can change the laws of mathematics, this fact alone is why the crypto genie is forever out of the bottle.
If you are not doing it by hand, you own terrorist software and will pay the price.
Ah yes, terrorist programs like cat and perl and operating systems like Linux which contain a loopback filesystem that I can hook a perl interpreter into at compile-time (which is enough for me to rewrite the program from scratch each time if necessary, unless things like math libraries are also outlawed on computers :) I think that the crypto concentration camps are going to be very crowded places. jim, who answers to a higher law: the laws of mathematics...