Bob La Quey wrote:
Stegonagraphy has always seemed really neat to me. Here are some tricks I just ran across.======================================== Command line - cat your gif and zip Finally, for those of you comfortable on the command line, reader Jason H. writes in with a nifty stego trick using built-in tools. The premise of this technique is to append a .zip file to the end of a .gif file, resulting in a file which is readable by both .gif programs and .zip programs. Jason explains why this works (with the help, he says, from a long-lost thread at Something Awful): It works because .gif files keep all of their information in the headers, while .zip files keep them in the footer. Since that's the case, .gif viewers read from the front of the file, while .zip readers read from the end. Here's how to combine your .gif and .zip. cat somefile.zip >> somefile.gif <boblq> It turns out that this works with .jpg files as well. Just cat somefile.zip >>somefile.jpg to retrieve the original somefile: unzip somefile.jpg I will leave it to the rest of you to find out what other image formats work this way. </boblq> The problem with this method is that not all zip programs can extract the resulting file. When I tried, both 7-Zip and Windows built-in extraction failed, but WinRAR handled it just fine. Still, that's something the intended recipient should know. For double super-duper security, password the zip file that you hide inside the image. ================================================================= I think this could be the start of a good web service. Have the service split an incoming image into several parts that are embedded in other images then return links to the images. Or offer other ways to get the links that are more obscure. It would be fun to design and implement this kind of thing as a secure messaging system. Maybe make it work with Flickr or some such. Is anyone offering a secure messaging service?
Didn't someone on the list mention something about the CIA offering a secure messaging service? ;-)
If they are they had better be offshore ;)
Several tentacles are. ;-) -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
