On Nov 9, 7:52=A0am, Baal <B...@[EMAIL PROTECTED]
> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> ThePsyko wrote in alt.hackers.malicious on November 6, 2008 19:32 in
> Message-ID: <Xns9B4EA7D4610D1LifeIsGood@[EMAIL PROTECTED]
>:
>
>
>
>
>
> > On 05 Nov 2008 I stormed the castle called alt.hackers.malicious and
> > heard Baal cry out in
> >news:20081106072546.5386BC2F17@[EMAIL PROTECTED]
>
> >> <Xns9B4C9FE0CCD12LifeIsG...@[EMAIL PROTECTED]
>
> >> Nym-Commands: -signsend -acksend
>
> >> -----BEGIN PGP SIGNED MESSAGE-----
> >> Hash: SHA512
>
> >> ThePsyko wrote in alt.hackers.malicious on November 4, 2008 18:45 in
> >> Message-ID: <Xns9B4C9FE0CCD12LifeIsG...@[EMAIL PROTECTED]
>:
>
> >> [snip]
>
> >>>> So what U R saying is that pedo's can now with the click of a
> >>>> single button when johney law is at the door prevent the law from
> >>>> gaining proof of their dirty deeds
>
> >> This is errant nonsense. First off, you're assuming that the software
> >> actually /works/ -- that is not yet in evidence.
>
> >> Second, there is no evidence (that I am aware of, at any rate) that
> >> steganographic software has been used by anyone accused of a child
> >> ****ography offence. Cryptography, yes--steganography, no.
>
> >> Third, and probably most im****tant, stego software is neither easy to
> >> use, nor terribly practical--for one thing, for each illegal image
> >> you wish to hide, you require a considerably larger legal image to
> >> hide it in.
>
> >> Fourth, many steg'd images can be detected with appropriate image
> >> analysis software, which is available to police.
>
> >> Finally, by the time the police knock on an alleged perp's door, they
> >> usually /already/ have more than sufficient evidence with with to
> >> convict them.
>
> >>> Which would be why he released it to the pedo groups first.
>
> >> Since when do demon.service, alt.sup****t.*****, rec.audio.opinion,
> >> alt.activism.children, and can.general qualify as pedo groups?
>
> >> Psyko, even if your statement were correct, based on the reactions
> >> I've seen, they're not touching it with a barge-pole (correctly,
> >> IMO).
>
> > I don't read any of those - but he "released" it in asbl on Oct 30th -
> > 4 days prior to posting about it here which was my reference
>
> If you read what I wrote above, you can see that while it /does/ have
its
> uses, for the most part, stego is not terribly practical particularly if
> one considers its possible use in hiding illegal images. If one goes by
> published accounts of pedophile apprehensions, the use of crypto is not
> always in evidence, much less steganography.
>
> The rationale underlying the use of stego is to hide even the
/existence/
> of communications between two or more parties. Given the limitations
I've
> listed above, it's use in hiding collections of illegal images is
complet=
ely
> and totally impractical--that's why there is no evidence of its being
use=
d
> in this manner. This software (assuming it works) is a solution to a
prob=
lem
> that simply doesn't exist on a scale anywhere /near/ what the author is
> claiming.
>
> Within the last 3-5 years there was an academic paper the authors of
whic=
h
> examined upwards of two million images as shown on EBay. The authors
> examined these for evidence of steganographically-hidden information,
and
> they found no evidence of this. =A0The author of AntiSteg appears to be
> operating under the assumption that the Internet is chock-a-block with
> stego'd images carrying illegal information payloads, when there is
> absolutely no evidence of this.
>
> Frankly, from all appearances, he's just another purveyor of s****-oil.
>
> Baal <B...@[EMAIL PROTECTED]
>
> PGP Key:http://pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0x1E92C0E8
> PGP Key Fingerprint: 40E4 E9BB D084 22D5 3DE9 =A066B8 08E3 638C 1E92
C0E8
> Retired Lecturer, Encryption and Data Security, Pedo U, Usenet Campus
> - --
>
> "Sed quis custodiet ipsos Custodes?" =A0-- =A0"Who will watch the
Watchme=
n?"
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 -- Juvenal,
S=
atires, VI, 347. circa 128 AD
>
> The state must declare the child to be the most precious treasure of the
> people. As long as the government is perceived as working for the
benefit
> of the children, the people will happily endure almost any curtailment
of
> liberty and almost any deprivation. =A0 =A0 =A0 =A0 =A0 -- Adolf Hitler,
=
Mein Kampf
>
> -----BEGIN PGP SIGNATURE-----
>
> iQEcBAEBCgAGBQJJFrbjAAoJEAjjY4weksDoxYcIAK5Yn8rbGVyFd5lJ/S/VzaTY
> 1K76F2RVqapZX3g/3pGv0fsYdqw1+0+zYYHf1Bp2zdwitvaip2ORJayDxFy/rZHj
> trYdjjewunwUsyQgRvqhgg6Onq0Hz++5w12I3E+GcScFJGLCPj47Y9sTOd+zZXGp
> Lw8E0035kKk060fx+GOV6yOmmd3y/nnUAo8X50PTS9NanUrTdSvjKLgpKz+SU3yQ
> QappPX3JQCZPfrsNz3zEL3sG9W0xoImTr+0qrLL/myP1JppPU0vy/VSz+ojTHhXJ
> hfaIaImIgW5Impdqa5F/rLfkchs08YaC7KNNLqyVBgz6lt4U4o6bfqsjSGEtc0M=3D
> =3DEPq4
> -----END PGP SIGNATURE------ Hide quoted text -
>
> - Show quoted text -
I saw nothing in the release about hiding one picture inside another
picture. What I read was how virus/trojan/malware and executables
were being hidden inside of graphics. There is nothing new about
hiding text and virus/trojan/malware and executables inside graphics.
Shoot even I with my limited programing powers wrote my "graphics
executer" which can hide inside BMP's any text that leads to an
executable including command com and when the graphic is viewed using
my program *only* and the text leads to an .exe my program will run
that program.
If there were such a program which with the click of a button
pedo images could be hidden inside of normal graphics it would be a
sad day for LE. I **was** trying to create just such a program so
that I would know how to detect graphics which had another graphic
hidden inside it so that I could create a tool for LE that would
unhide *any* graphic hidden inside another graphic; however because I
could not find such a program in the first place I saw no need to
create such a tool; because I was not and am not willing to take the
chance that if I were to create such a tool that my program could be
reverse engeinered to create just what I was tryhing to prevent.
Sug-
|
