

Stegospam lets you hide your data in spam to avoid NSA/GCHQ spying. - ciderpunx
http://charlieharvey.org.uk/page/stegospam_steganography_with_perl_and_spam

======
chaetodon
I would be highly surprised if mails (even spam) wouldn't be scanned for
steganographically hidden messages (no insider knowledge though). Hell, I
would even want this for my own antivirus functionality.

I would be surprised if your stegospam wouldn't have a red flag raised by any
scanner which utilizes advanced heuristics. Especially since your stegospam
utilizes a form of steganography which is already described into great detail
by e.g. David Kahn in The Code Breakers (nice crypto history book).

~~~
ciderpunx
Yes, I think you might be correct and I do note that my approach is not to be
trusted prominently ;-)

I am interested to know what attacks would be possible.

My guess is that you'd look for known sentences -- which you can mitigate by
using a custom corpus.

Or you do some sort of statistical analysis on the length of sentences, which
is mitigated by distributing the sentence lengths along a standard
distribution.

Or you do a statistical analysis for word lengths themselves. But if the data
you are hiding is GPGed then this information is not obviously vulnerable to
statistical analysis of this type because the character distribution ought to
be even (ish).

I suppose you would mitigate against attacks on the length of the messages by
splitting your message and sending from multiple accounts.

Are there other attacks that I've missed? I'd love to know.

And I'll check out Kahn's book, thanks for the suggestion.

------
e3pi
After stegospam pass, have you not some html redundancy free room to utilize?

Are you aware of deogol, perl, stego?

Not much gained, but there is a scanner how much free space per html file
size.

..........................

Deogol

an HTML steganography tool

What is Deogol?

Deogol is a commandline Perl program implementing basic steganography on HTML
files

[http://hord.ca/projects/deogol/](http://hord.ca/projects/deogol/)

~~~
ciderpunx
No wasn't aware of it. I've just downloaded and having a play. Very
interesting approach, using tags as the carrying medium.

~~~
ciderpunx
And for the sake of completeness, I've also found spammimic
[http://spammimic.com/](http://spammimic.com/). There is a paper at:
[http://www.nic.funet.fi/pub/crypt/old/mimic/mimic.text](http://www.nic.funet.fi/pub/crypt/old/mimic/mimic.text)

