Steganography: is it a viable security option?

What are the practical uses of steganography? And how does it factor in when we’re dealing with malware? Or is it entirely limited to direct-access protection?

:o
it is an encryption tool so there are no “practical uses” ; no “dealing with malware” ; no “entirely limited to direct-access protection” …

Well…not quite. Encryption and steganography both fall under a more general term that is cryptography. But there are essential differences. On one hand, encryption makes data unreadable, but it makes little effort to hide the fact. Steganography, on the other hand hides data generally readable. Both may be used separately or in conjunction with each other.

I’m thinking well, since steganography essentially hides data by masking it with another file, it, like so many other things, leaves traces of itself. Is malware able to detect these things? Well, obviously of course, targeted attacks would mean yes, but suppose they’re not targeted at all, suppose a program were set to write its sensitive contents, say passwords, onto a masked file, should malware realize it’s writing its contents to that file, something like a worm for example, is it capable of identifying this and compromising the contents?

But ah well, I ran the tests anyway and it seems to work fine. Apparently some of the samples upload incrementally which may or may not break the contents. Plus, because of the size of the mask file, it fails to upload the entirety of it. Strangely enough, some of them were able to identify the file that was used to mask the hidden data, some of them ignored it altogether. I’d like to think that maybe they were attacking instead the communication between the program and the file, echoing perhaps the data, but I couldn’t find any proof of this. If this is the case, then it really would be pointless unless you were trying to protect it from direct-access attacks (which I meant to say is when someone has access to the device itself).

Well, I’m giving up on it and trying something else. Not much documentation and I don’t have the know-how for it.

thank you for your answer spinach _ 12

If you want to change the system, you need to learn how to break it. : no

Merke, I changed the font color from yellow to blue. The reason is that I cannot read yellow against a grey background.

;D
it is the reason why it was written in yellow

:smiley:

Appears to be useful in specific situations and today can also be a threat on many files circulating on the Internet.

I think the biggest challenge for security solutions is exactly the detection of threats that they can use these techniques.
It is known that there is a variant of the Zbot uses JPEG file and payloads to pass through the layers of system security.
Some scanners do not check jpeg files and there may be the big problem.

Question of point of view : is it a threat using it or is it a threat misusing it ; is it detect as a threat using it or is it detect as a threat misusing it (or damaging it - integrity -).
Anyway sound / pictures : pixel / underlayer - watermark can be used too.
i do not consider steno like a threat or usefull but only like a tool outdated , fun & useless.
full of tool are able to decrypt it and you cannot hide so much data that you can imagine but i like the idea to send a password hided with steno …

I mentioned the fact specific malware to mask its presence beyond using this technique.
To judge whether it is a threat or not, it depends on how you use the tool and for what purpose.
I think in some cases is obsolete, there are now specific software recognizes headers and file compression.

Perhaps the combination of more than one tool, as you mentioned could add an extra level of protection or also used for entertainment purposes. :wink:

some “expert” trust in this tool & work on its future ; you are right , it can be used for entertainment purposes …
not enough user-friendly , not enough confidential , not enough modern but the technique is marvelous … steno + sound is a good method ; if they could add a protection like " auto-destruct if open twice " ; i should agree using it often …

It’s not as outdated as one might think. Apparently it still has good use. At the moment I’m trying to figure out a way such that when a *.exe tries to do something to StegaFile A, a program will run to detect the program that does so, pipes to be terminated, and encrypted for quarantine. Sort of like an undercover cop trying to catch a thief red-handed. StegaFile A only pretends to be something malware would be interested in and when it tries to access it, it triggers another program to jail that malware.

Though there are a few problems with the concept. What happens if a safe program tries to access the file(s)? And what happens if a system file tries to access it? How do we fool malware to think it’s the file it wants? And what files are targeted by malware?

In theory, however, it actually works, and testing on Linux shows that it’s rather effective (though what I had done are just simple scripts rather than a full-fledge program just to see if it could work). Though like I said, I don’t have the know-how to continue this or if my concept is even practical.

i read you carefully spainach_12 since the beginning :

it is not a question of how-to or competence or help … and even not about hacking or team … it is about a concept.
all that you are testing has yet been done. So we know the limits & the posibilities , like i said ; it needs to be re-made ; re-conceptualized ; with new idea ; new protection etc.

i will not offense you answering at your questions - anyway all that is well-known since a longtime.

In fact you cannot compromise the integrity of a file - even if it is not hidden / encrypted - so you cannot access / covered like something else : and even not take a target … it is for that it is stegno.
With the time few problems appears and integrity, owner, receiver, hidden data visible comparing an original picture and its image/mirror were not anymore safe. So pgp was prefered.
Stegno is not a modern tool , safe , private …
all that you can do ; it is re-make a new tool which stegno procedure ; and you can find this modern stegno on the web but you will not be the owner of it so it is not a good idea to try it (these modern stegno tool).

create your own stegno tool ; that is the only way to resuscitate stegno and to be sure & certain that it is secure.
it is is in this step that you need a “how-to”_“know-how”.

you are on linux and a lot of things are possible but can i send a password with stegno ? no.
can i prove that you are testing ? no.
it is the reason why open source project exist.

Thx.
:smiley:

That’s alright, never said or implied you didn’t. Didn’t really occur to me at all whether you read it or not.
I’m a little confused about your statements so I’ll see if I can reply properly bit by bit. If I misunderstood anything, feel free to correct me.

it is not a question of how-to or competence or help ... and even not about hacking or team ... it is about a concept.
Of course developing a concept requires you to be familiar in the least bit and competent enough to create a concept. Otherwise it's a jumble, not a concept but somewhere along the lines of opinion, misinformed if anything. So it is a question of competence when it comes to a concept. Though I'm unsure what your use of "a question of" is here so if it's possible for you to reword this, I'd really appreciate it.
all that you are testing has yet been done. So we know the limits & the posibilities , like i said ; it needs to be re-made ; re-conceptualized ; with new idea ; new protection etc.
"Had been done" I presume? No, I'm not trying to correct you, just trying to understand. You meant to say it's already been done, right? Uhm, yeah sure, I guess. In a way. Honeypots. But that's not steganography. That's an actual system.
i will not offense you answering at your questions - anyway all that is well-known since a longtime.
That's ok. I never claimed to be an expert, never did and never will. I take no offense so long as we don't digress. Much. ;D Though admittedly, I was offended that you had to use my signature in order to advocate yours. To have to hide it in yellow to make it difficult to read made it even more apparent that you've been questioning my intelligence and political views. I'm used to it though, not that many share my views, but still...

Anyhow,

In fact you cannot compromise the integrity of a file - even if it is not hidden / encrypted - so you cannot access / covered like something else : and even not take a target ... it is for that it is stegno.
File integrity changes is one of the key "symptoms" of an infection. Making any change in the file will update its contents and properties and affects "file integrity." Which is why we have host intrusion detection systems calculating checksums or checking file properties. Or do you have a different understanding of file integrity here?
With the time few problems appears and integrity, owner, receiver, hidden data visible comparing an original picture and its image/mirror were not anymore safe. So pgp was prefered.
steganography is not limited to pictures/video/audio. It can be done in some .exe files, text files, archives even. If the file is available only to the user, provided the original was destroyed, there are no points of comparison and no reliable method of checking whether or not there is a file hidden.
Stegno is not a modern tool , safe , private ...
Modern? No. Agreed. Safe? Doubtful, yes. Private? Even more doubtful.
all that you can do ; it is re-make a new tool which stegno procedure ; and you can find this modern stegno on the web but you will not be the owner of it so it is not a good idea to try it (these modern stegno tool).

create your own stegno tool ; that is the only way to resuscitate stegno and to be sure & certain that it is secure.


That’s okay, I know the licensing issues. Never expressed any intention to copy from Project Something-Something. Although I got confused by what you meant with “modern” here which makes me doubtful if I understood your previous statement. I don’t know how they’re modern by my previous understanding if they employ the same technique.

it is is in this step that you need a "how-to"_"know-how".
Wasn't asking for one. No time. Still, I stand by what I said: a level of competence is necessary.
you are on linux and a lot of things are possible but can i send a password with stegno ? no. can i prove that you are testing ? no. it is the reason why open source project exist.
I'm sorry I don't understand. If it's a question of possibilities, how and why should windows be any different?

Sending a password through steganography? Yeah, sure, upload the file. That’s how I’ve been sending passwords and certain files. What with all the file attachment scanners going on. Not to mention company limitations.

Can you prove that I’m testing? No, of course you can’t, not unless you ask me to in which case, I’ll provide the scripts (Oh and to the mods, can I provide the scripts? They’re for linux though). Would you like to see them? Given your replies, I assume that you know something so it should be just fine.

If I misunderstood anything, feel free to correct me.
let’s go !
Of course developing a concept requires you to be familiar in the least bit and competent enough to create a concept.
NO
the world is like that ; you work with your hand (first level)- you work with a concept (third level).
a conception is a creation of a system from your brain & your dream/skill _ it is an intelligence level _ you confuse the level of competence with the other.
somewhere along the lines of opinion
NO
that , it is thinking freely not brain-storming _ you confuse the level of method : a concept is also an opinion but more a feeling , a personal point of view … that you built ; putting one rock on another rock … trying, testing, thinking _ i assume that "to think " in your world means using few words and have an opinion about the world _ here ’ to think ’ means “to think” so …
So it is a question of competence when it comes to a concept.
NO
it is an invention that is the real sens of concept.
Though I’m unsure what your use of “a question of” is here so if it’s possible for you to reword this, I’d really appreciate it.
you are right !
it is not a question of = it is not a problem of ‘know-how’
But that’s not steganography. That’s an actual system.
;D
I was offended that you had to use my signature in order to advocate yours.
seriously ? (it is in blue now !) :smiley:
Or do you have a different understanding of file integrity here?
it seems we are saying the same thing but we are not speaking about the same thing.
:slight_smile:
there are no points of comparison and no reliable method of checking whether or not there is a file hidden.
i disagree ; anyway you affirm it ; it is your opinion and you are free to have one.
Modern? No. Agreed. Safe? Doubtful, yes. Private? Even more doubtful.
same answer than above
Still, I stand by what I said: a level of competence is necessary.
well , it is your opinion and i disagree : a level of creativity is necessary and you are not level 3 ; you are maybe level 2.
:slight_smile:
If it’s a question of possibilities, how and why should windows be any different?
;D
Sending a password through steganography? Yeah, sure, upload the file.
stop ! you confuse using a tool and trust in a security method - you are wrong !
:P0l
That’s how I’ve been sending passwords and certain files.
stop ! you take your risks with your file ; it is your own business _ i said & repeat that it is not safe = untrust/dangerous.
:P0l
Can you prove that I’m testing?
i meant that only working with several teams in an open project could resolve your strange “way of thinking” ; this problem ; and you will find with them all the competence and all the help you should have needed.

“Had been done” I presume?
:smiley:
i do not know ; i write and i do not realize sometimes what i am doing !
88)

Thank you spinach_12 for your post
have a nice day

your signature :

no : you do need to break the system _ we need something else_ something different & new

Thx spinach_12 alias popeye !
;D