
Snow – Conceal messages in ASCII text (2013) - vinnyglennon
http://www.darkside.com.au/snow/
======
alexslobodnik
I made something similar that uses zero width Unicode characters to encode a
message.

[https://secretsigner.com](https://secretsigner.com)

~~~
3pt14159
Since I published my article on ZWC [1] I've been scanning different parts of
the net for their use after hearing about their use in Eve Online.

I've found them being used for quite some time, even here on HN. I think
spammers are using them to get around spam filters because the context that
they're using them for doesn't usually seem like they've been inadvertently
fingerprinted. It seems like they're sending the same message over and over
again on things like hiring threads for HN. I wish I had more time to dig into
it, but there are too many more important things going on right now.

[1] zachaysan.com/zero

------
superkuh
I like how the recent changes section has bug fixes from 1998.

------
codesections
The manual page mentions that the program has a command that will calculate
the "approximate storage capacity of a file", but doesn't really say what that
would be. I'm guessing that would turn out to be the limiting factor here—it
seems like you'd either need a _really_ long text file, or a _really_ short
encrypted message to be able to use this method reliably.

~~~
ballenf
I'd guess the idea would be to pass around a copy of Hamlet, the Odyssey,
Canterbury Tales, KJV Bible[1], or a similar public domain lengthy and popular
work that would, in itself, draw no attention to itself.

For me, the reason I always hesitated to use widespread encryption ahead of
mainstream adoption was that standing out as an oddity seemed to pose a
greater threat than taking no extraordinary efforts. That is, if I engaged in
behavior similar to someone with good reason to hide then I might become a
target for scrutiny. My "opsec" wouldn't have been effective for anything
beyond casual scrutiny, so my security efforts would have been demonstrably
counter-productive[1]. At least that was my logic. A couple examples: as soon
as full disk encryption started shipping with Windows, I used it. When
choosing between SMS, Hangouts, and iMessage, I'd choose iMessage.

Not saying my logic was sound, but feel confident that it contains at least a
degree of truth.

[1] Sort of an all-or-nothing choice. Taking _some_ steps arguably makes you a
higher profile requiring consistent security measures taken at every turn.

~~~
kardos
> I'd guess the idea would be to pass around a copy of <snip>

Diffing your copy of Hamlet.txt against a clean copy would reveal the pattern
of spaces (ie, the cyphertext), so the security by obscurity (if any) would be
easily defeated.

~~~
crpatino
First, let me say that encoding bits in whitespace is to Steganography what
ROT13 is to Cryptography. Neither has a chance of success against any non-
incompetent attacker, but they serve well as simple proofs of concept.

Second, you assume there's one canonical Hamlet.txt to compare against (which
there's, if Alice was dumb enough to pick whatever is the first available
option in Guthenberg.org as her cover message). For a more sophisticated
attack, you must consider how many different editions, reprints, etc, have
there been of that work over the centuries. For each of those, you must
consider how many possible digitalizations can be obtained for different
brands and configurations of scanners.

Then, there's the issue that you must do all of this for every large message
that Internet users send to each other...

------
chungy
Cool in concept, but if you're trying to hide messages in documents that are
saved/edited by others, it'll be a crapshoot. Quite a few editors will trim
trailing whitespace after saving (Emacs, Vim, and Atom all have the option).

------
mauriciolange
I have just tested it with the following procedure: \- Extract some text from
a facebook post. \- Put that text in a file (resulting size 1869 bytes) \-
Encode a message of 8 bytes on it. Resulting output file size of 1956 bytes.
\- Copy the output to a new FB post. \- Extract the text from the new FB post.
\- Found that FB removes all added whitespace and the size of the copied text
is exactly the initial one: 1869 bytes

So I cannot use it :D

~~~
superkuh
It's easy. Just don't use Facebook.

------
jrockway
I like the logo, which is a polar bear in a snowstorm.

~~~
fouc
where's the polar bear's nose then?

~~~
kardos
He's looking away from the camera so it's obscured by his head

------
jwilk
There's a text watermarking program with a suspiciously similar name:

[http://lcamtuf.coredump.cx/soft/snowdrop.tgz](http://lcamtuf.coredump.cx/soft/snowdrop.tgz)

~~~
JonathonW
Whitespace (as in the SNOW technique) is one of the channels Snowdrop uses to
conceal its watermark, but not the only one-- for English text, it also
introduces typos, changes punctuation marks, and replaces some words with
synonyms.

------
beardog
I made a simple web app similar to this a while back:
[https://www.chaoswebs.net/snow10/](https://www.chaoswebs.net/snow10/)

------
forgot-my-pw
Any tracking solution works best for parts of PDF that often gets
screenshotted and reposted?

