1994-02-05 - Hughes’ “real-life use for steganography”

Header Data

From: Seth Morris <Seth.Morris@lambada.oit.unc.edu>
To: cypherpunks@toad.com
Message Hash: d00910a1c8f8dd49a25cb7579726d904fc10d27f0468686dd107bcfb175aed8f
Message ID: <9402050552.AA21327@lambada.oit.unc.edu>
Reply To: N/A
UTC Datetime: 1994-02-05 05:55:20 UTC
Raw Date: Fri, 4 Feb 94 21:55:20 PST

Raw message

From: Seth Morris <Seth.Morris@lambada.oit.unc.edu>
Date: Fri, 4 Feb 94 21:55:20 PST
To: cypherpunks@toad.com
Subject: Hughes' "real-life use for steganography"
Message-ID: <9402050552.AA21327@lambada.oit.unc.edu>
MIME-Version: 1.0
Content-Type: text


 [Eric Hughes described a situation where data smuggling is required,
and asks for discussion on practicle and practicable mechanisms (with
appropriate and far too rare here emphasis on practicable). This is
the sort of real-worldish issue I've been on this list for, so,
despite my opinion that this doesn't sound like a real case, I'd like
to add my thoughts.]

 What is needed here is not encryption, by steg, of course. Why worry
about key distribution at all? If the data is being sent in bulk, it
will find itself into the hands of the local Big Bro, and the transport
medium will be exposed and (presumable) confiscated. This will get the 
M industry into trouble, and lose the transport medium. 
 This seems more like a case for point-to-point transport to several
distribution sites withis the country, where more anonymous transport
must be arranged. At the very least, no industry should be placed at risk
without the means to protect itself.
 Maybe DAT tapes of "bootleg" recordings of music M? Like Grateful Dead
tapes, only edited to contain the data. This way, only certain tapes have
data, and the tapes can find their way into the hands of those who can 
decode and distribute.
 Is there, within the country, a suitable transport medium that is transient
and frequent? Someone suggested weather maps (sorry I forgot someone's name)
 but these don't seem perfect. What about scanned in art GIFs on a ntionally
available network? Hmmm....... Compuserve?

 The problem I have with using steg as the mass-transport (other than loss
of transport medium once it is discovered and loss of a cultural industry)
is that it only reaches those with CD-ROMs. This is generally a small
percentage of people. Some in-country transport to the technologically 
uneducated is necessary. This may be out of the scope of this discussion.

 For the initial transport, why be cross-platform? If MS-DOS machines
with CD-ROM or DAT readers are acailable (or PIC's can be brought in...
hmmm... anyone know how to encode a Photo-CD? "Tourist shots...
Grand Canyon, Yosemite Nat'l Prak..."), there is some program on
comp.binaries.ibm.pc that can encode some .com files as readable text
(Not uuencode, the text IS the .com file). A simple de-stegger could be
sent in this way written on a sheet of paper. Something similar could
be worked out for other platforms (maybe not this simle, though).


 They key problem I see is regular, bulk transport of data to be distributed
to a mass of people at random containing cantraband information is 
unlikely to sustain an information revolution. Distribution of the data
to a few people who can make use of it while remaining anonymous seems
more effective. Better still would be to find some way that anyone could
receive ALL the information easily and untraceably, which is what I think
the CD scheme was aimed at.  Unfortunately, it is risky and only gets data
to the privedledged few.

 Sorry if this rambled, I'm doing this off the top of my head and with
a fever.

 Seth Morris (Seth.Morris@LaUNChpad.unc.edu)




Thread