|
BOOT CAMP 182 (05/07//01)
SECRECY
This weeks Boot Camp contains highly sensitive information
and is issued to you strictly on an Eyes Only basis! We receive quite a lot of
emails and letters asking about the security of emails and PCs, so we'd better
start off by saying that your PC, the information contained on its hard drive
and the emails you send and receive can be read by almost anyone who has a mind
to. In short the average computer is about as secure as wet paper bag, and it's
one of the last places where you would want to hide valuable data or use to
communicate secret or sensitive information.
We all know that emails are as private as a seaside postcard;
in addition to the well-publicised abilities of Western intelligence agencies to
intercept electronic messaging, emails pass through many server computers, often
in several countries, with widely varying degrees levels of security. Data on PC
hard disc drives can be easily read if the computer in question has an Internet
connection (see Boot Camp 144, September 28th 2000 on Trojans) Even if the PC is
not connected to the Internet or a network there are still plenty of ways of
getting at it, moreover deleting data and wiping or formatting the disc won't
help. Data can still be retrieved even if it has been overwritten several times,
in fact the only way to ensure that data cannot be read from a hard disc drive
is to physically destroy it, which is precisely what the US military now does to
its PCs when they are scrapped or replaced.
Of course data can be encrypted and this does indeed provide
a degree of protection against all but the most determined and resourceful
hackers and crackers. Powerful encryption systems like PGP (Pretty Good Privacy,
http://www.pgpi.org/) are very secure and
files can only be decoded and read by seriously well-equipped spooks and
government agencies etc., but the very fact that you send or receive encrypted
files or have them stored on your PC immediately suggests that you have got
something to hide!
That brings us to this week's topic, Steganography sometimes
referred to as electronic watermarking. Steganography, from the Greek meaning
covered writing, is the science -- some say it's an art -- of hiding information
or communications inside something innocuous, so that no one suspects it is
there in the first place. It's certainly not a new idea and the Greek historian
Herodotus (474 BC) tells of secret messages hidden beneath wax tablets, tattooed
on the shaven head of a slave and secreted in the belly of an unskinned hare.
Steganography also covers such stealthy practices as sending secret messages
written in invisible ink, microdots and radio signals that resemble noise or
static. Modern computer steganography works in a similar fashion, hiding data,
be it text messages, images etc., inside other files -- and as a further
precaution the data can be encrypted -- from the outside and even when closely
examined by experts, everything looks perfectly innocent.
Steganography works on almost any type of host data but it
works best with large files containing a lot of redundant information, typically
image files (.jpg, .gif, .bmp, .tif, etc.) and sound and music files (mp3, .wav
etc.,), all of which exist in abundance on most PCs and are commonly sent as
email attachments so in the normal course of events their presence arouses
little or no suspicion. Messages can also be hidden inside web pages, .pdf
files, word processor documents and disguised as spam email messages. One very
clever technique is to add a little bit of white space to the end of each line
in an email, into which data can be invisibly embedded.
The real art of Stenography is to not arouse suspicion so
that even though an image file contains thousands of words of text, the size of
the file is not significantly larger than a normal, non-message bearing image
file. However, steganography, like all cryptographic techniques is not
infallible and equal, if not greater effort is applied to developing detection
and counter measures. Sophisticated programs are available in the intelligence
communities based on complex algorithms that carry out statistical tests on
suspect files, capable of identifying stenographic 'fingerprints' though, given
the massive volumes of emails now flying through cyberspace it is extremely
unlikely that anything more than a tiny fraction of messages can be routinely
analysed.
If you are wondering what all this cloak and dagger stuff has
to do with you just consider the basic privacy issues. Whilst emails that you
send may not contain any particularly secret or sensitive information, they are
undoubtedly private, possibly very personal and almost certainly not for public
consumption. The fact is that once an email has left your PC it can in theory be
read by hundreds of people, and that's not counting all the people who have
access to the recipients PC. Steganography is also extremely useful for business
users and travellers visiting countries where email communications can be
difficult or are known to be routinely intercepted. So how does it work in
practice?
More than 50 powerful steganography and encryption programs
are freely available for download from the Internet (see Links), most of them
are quite small and they are generally easy to use. The usual procedure is to
select the container file (image, document, music file etc.) then the secret
data file, create a password and two files are combined resulting in a new data
carrying file. This can then be treated in exactly the same way as a normal file
of that type and stored on the PC or sent as an email attachment etc. Retrieval
is a reversal of the encoding process, the same program is used to open the
file, the user is asked for a password and the hidden file is extracted.
This issue of Dotcom will now self-destruct in ten
seconds….
STEGANOGRAPHY & ENCRYPTION LINKS
http://www.spammimic.com/
http://members.tripod.com/steganography/stego/software.html
http://www.securityportal.com/research/
cryptodocs/basic-book/chapter-09.html
http://www.rhetoric.umn.edu/Rhetoric/misc/dfrank/stegsoft.html
Next week – 10 things to do with a dead (or old) PC
JARGON FILTER
.jpg/.jpeg
Joint Photographic Experts Group, compressed image file
.mp3
Moving Picture Expert Group 3, CD quality sound file used for
music on the Internet
.pdf
Portable Document Format, interactive text file with web-like
links
.tif
Tagged Image Format File, graphics file
.wav
Waveform, windows sound file
TROJAN
Hidden program on a PC, usually installed surreptitiously or
by an email attachment that allows an external 'client' PC to access files
stored on the hard disc drive when it is connected to the Internet or a
network
TOP TIP
Whilst we're on the subject of secrecy you might be
interested in this little utility, called Scramdisk, which ferrets away
information on your hard disc by creating a virtual encrypted drive. Files
stored in this 'container' can only be accessed with a password, or passwords
and to make doubly sure it stays safe the information in the file is encrypted
using one of several powerful algorithms, or hidden from view using
steganography. Scramdisc for Windows 95/98 is a very compact program and the
download zip file is just 187kb. It's freeware and available from: http://www.scramdisk.clara.net/
|