The case of the missing code

    Date18 Jul 2002
    CategoryHacks/Cracks
    2713
    Posted ByAnthony Pell
    The frightful genius of steganography, though, is that, by design, you don't know when it's being used. Independent researchers have devised numerous methods to search for signs of its proliferation on the Web, and some have reported that they've found nothing, and there's consequently no reason to be afraid. But when you think about these studies, the results become about as comforting as homeland security advisor Tom Ridge's color-coded alert system.. . . The frightful genius of steganography, though, is that, by design, you don't know when it's being used. Independent researchers have devised numerous methods to search for signs of its proliferation on the Web, and some have reported that they've found nothing, and there's consequently no reason to be afraid. But when you think about these studies, the results become about as comforting as homeland security advisor Tom Ridge's color-coded alert system. After all, if you search for hidden messages on the Web and find nothing, what should you conclude -- that there are no messages, or that the terrorists are too sophisticated, and your tools don't work?

    The answer to this question turns out to be a highly personal one, a matter of individual psychology and interest rather than a reasoned decision based on collective safety and the immutable laws of math. Ask security types, or people who make software to aid security types, and they say that steganography is a grave threat to our safety. Defenders of steganography, and its cousin cryptography, take the opposite view. These are people who become easily exercised over the prospect of the government monitoring the Web, and they say that if researchers haven't found secret messages, the messages are likely not there. But amid this politicking, one important question tends to get left by the wayside: if steganography is, or eventually becomes, the preferred tool of terrorists, can we ever thwart it? According to many experts, the answer is probably no.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    12
    radio
    [{"id":"53","title":"Yes","votes":"8","type":"x","order":"1","pct":88.89,"resources":[]},{"id":"54","title":"No","votes":"1","type":"x","order":"2","pct":11.11,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.