

Inconvenient Message Detection: A way to hide communication metadata - DickingAround
http://topchicksdigengineeringguys.blogspot.com/2015/03/the-inconvenient-message-detection-imd.html

======
danbruc
The author has absolutely no clue what he is doing - don't even touch this
with a stick. You can spot high entropy data hidden in the least significant
bits of an image from a mile away unless you work hard to not disturb
statistical properties. And the code is a mess, too.

~~~
DickingAround
I wouldn't say I have no clue. But I'm certainty not an expert. Can you cite a
source that shows that if I randomly twiddle some of the lower bits in an
image, it is detectable? If any (even random) change to an image is
detectable, then it would be true that this doesn't work.

~~~
danbruc
First, I really don't want to discourage you. I have myself reinvented a lot
of stuff from a raytracer over a database to a kernel and a lot more. A simple
steganographic tool, too. I think this is a great way to learn things, because
it really makes you realize the complexity involved, how much effort other
people have put into figuring things out and why some things look so quirky
and make you think you can do it way better. But don't be fooled, chances are
pretty close to zero that you will come up with an idea that has not been
tried and dismissed long ago. There are a lot of people out there much smarter
than you and me. So reinventing stuff is good for learning, but improving on
the state of art and coming up with something useful for others is really
pretty unlikely.

Now having no clue may sound a bit insulting but it was really not meant as a
personal attack. But just by searching for »detecting steganography in images«
you will easily find a lot of papers and even software dealing with this and
they also deal with your idea of a randomized embedding in the least
significant bit. You obviously did not research what other people have tried
and what works and what not and that is why I called it clueless. The abstract
of »Reliable Detection of LSB Steganography in Color and Grayscale Images« [1]
from 2001 and one of the top search results for me starts with the following
abstract.

 _We describe a reliable and accurate method for detecting least significant
bit (LSB) nonsequential embedding in digital images. The secret message length
is derived by inspecting the lossless capacity in the LSB and shifted LSB
plane. An upper bound of 0.005 bits /pixel was experimentally determined for
safe LSB embedding. _

So this idea has been rendered obsolete at least a decade and a half ago
unless you only want to embed tiny messages in huge images. Hiding only a
single tweet requires a uncompressed image of 0.64 MiB to remain safe. And I
did not search for it, but there may be other algorithms making the situation
even worse. And using lossless compression is a nonstarter to begin with
because you will stick out of the sea of JPEG images. But there are of course
ways to embed hidden information in JPEG images, but again there are also ways
to detect this.

[1]
[http://www.ws.binghamton.edu/fridrich/Research/acm_2001_03.p...](http://www.ws.binghamton.edu/fridrich/Research/acm_2001_03.pdf)

------
MatthewWilkes
I shouldn't judge a book by its cover, but
"topchicksdigengineeringguys.blogspot.com"?

~~~
DickingAround
It's an old name. I was single back then.

------
benmmurphy
Reading the description I was wondering how it was working because it says
during encoding it hashes the image to create a key and during decoding it
hashes the image to create a key. But if it is hashing the whole image these
keys cannot be the same. But when you look at the code it is not hashing the
whole image. It is only hashing a subset of the bits. :)

------
dvh
Sounds stupid. Steganography + Vernam cipher makes it impossible to detect and
decrypt. Why would you artificially weaken it?

~~~
DickingAround
The difference is you'd have to transmit the one time pad; which is a big
secret. In this case, it's like everyone is using the same pad but you have to
do a bunch of work to find out where to start.

------
froh42
ObXKCD: [http://xkcd.com/538/](http://xkcd.com/538/)

~~~
DickingAround
Exactly the kind of thing I'm trying to solve.

EDIT: Ok, not exactly. But it was one inspiration.

------
gnoway
Note, the submitter is the author.

