DMCA has pushed me to my limit.

[Ray Dillinger]

I keep looking at the whole stego thing.  But the basic problem 
remains the same.  Stego relies on the *method* being secret, 
which stands in stark contrast to kerchoff's principle.  I mean, 
sure, you can stego encrypted stuff so nobody who recovers it 
can read it, but if you use any of the "available" programs, 
there will always be utilities that can detect your encrypted 
stuff and, usually, extract it.

In a proper stego system, the stegotext must be *undetectable* by 
people who don't have the key -- even if they have the stego program 
used.  I don't know of any which meet that criteria.  For one thing 
they mostly work on lowest-significant-bits and leave the rest of the 
carrier text alone.  It's pretty simple to detect that the LSB's 
have increased entropy, or represent inconsistent gradients of color 
on the smallest scales. 

One thing that is an absolute dead giveaway, and I see a lot of 
stegograms out there that have this built in, is that in graphic 
files, the number of pixels is increased by interpolation, either 
in the digital camera/scanner, or after the image is made by a 
graphics editor, before the steganography is done.  The problem 
with this is that interpolation is done by highly predictable 
algorithms which dictate the relationships of each pixel (including 
the LSB) to its neighbors.  When you take this regular system of 
linear-equations-with-a-simultaneous-solution and then impose 
your stegotext on it, it stands out like a sore thumb.

*sigh*.  I will not use a stego system unless I write it first and 
my recipient has the only other copy.   Because it's a matter of 
keeping the *method* secret, that's really the only way.

				Bear