JonWeinke@aol.com writes:
-It can be applied by two routers which are in the middle of the connection.
[...]
You seem to be oblivious to the fact that this technique is only useful for ISP's, corporate networks, etc. that the average home computer user will never have access to.
I know that, I was just pointing out advantages you overlooked. I guess that the fact that I probably know more ISP operators and techs then non-geeks who use the net made this part more obvious to me. The original technique of doing stego on packets is still valid, and by adding it in to a WinSock lib or linux tcp/ip implementation the user can send hidden messages just by connecting to a friendly stego-enhanced web server out on the net and doing some casual browsing. The difference between the two methods is, as I said before, exactly the same as the difference between TCP/IP and UUCP. Hiding info in images or sound files works fine for "email" or file storage but has no chance of being an interactive protocol, sometimes you need to get things done in real-time.
If I want to send a WAV file of my 2 year old son saying "Hi, gramma" (or a 24-bit color TIFF of him practicing nose-picking techniques) to my relatives, that is not overtly suspicious behavior, even if it has a slight amount of background noise (or graininess).
But your relatives are not the people who you need to communicate secrets with securely. These gross stego hacks to sound and image files are best used to make postings to various binary Usenet newsgroups. Broadcast the message and then put it in a place where many people will download it but only a few will know that it contains the hidden info. Sending this stuff via email is just begging for traffic analysis at the very least...
As long as I don't stego too many bits in the file, and I strip out any overt "I'm crypto" headers, it will be impossible to prove that stego techniques were used on a file. Finding random bits where random bits normally live cannot be used to prove anything.
Provided the bits are random in the way that they should be... The low-order bits in such files were chosen by implementors of stego programs because modification would not be noticed by the person viewing or listening to the file, not necessarily because there was actually randomness at this level which could be replaced. Does anyone know of a survey of images or sound files which tested the statistical randomness of these bits? They may not be as random as people think they are. jim