-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/27/2016 08:07 PM, Sampo Syreeni wrote:
On 2016-05-27, jim bell wrote:
If state-level actors are /caught/ using these methods against the NSA, that would tend to demonstrate that the methods in question do not work against State actors.
Perhaps it would be more correct to say that they don't ALWAYS work.
Thus, when do they work and when do they not? Isn't that the question?
Seems a simple question: The more data you are hiding, and the more capable one's adversary, the less likely that steganography will work. I think "code book" steganography, where pre-determined messages from a list of messages known only to the sender and receiver are transmitted via fully visible message timing, content, etc. is very likely to work until or unless a copy of the code book falls into hostile hands. Example: "Any forum post from me, transmitted during an even numbered hour, is an emergency distress call. Any forum post from you transmitted during an even numbered hour means "help is on the way," odd numbered hour means "sorry, you're on your own." Hiding arbitrary data inside media files by flipping bits is likely to fool a human observer, but unlikely to pass through a stego detection filter without tripping an alarm. :o) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBAgAGBQJXSw7dAAoJEECU6c5Xzmuqh1QH/A2SZjdk6XCFddjHZ3N2tL69 rPLWtkaxPzfsrVmu5yXcfl9vvPpuaXYP8OVdCCvFiBHGZP3mt4ce98u2Q4H4pnLb Qkoc1FN3X0XtCEMJKufAl+yUy6TmoxTchePhDY4aEt+0gYHnMWsn+qlkTYcSy6mT 51e7MKIr20AKc/f5ItiP4tfYs0KAVezMt7vxxzElq4b9bHDffZJ+Z08N4o4P2bhL eTwS8H5cn3jTuyKe4cmwhLB2HFWjYgZdrVZXaiciFFEzBWkgKmvhgIswX7HGO6Dy 6l3FE6cmB6Rr97M3uexUaAi/JhNGOttMRoN2unf6S8vlhdrzG7XbyVIGss4zJz4= =z/dJ -----END PGP SIGNATURE-----