BOOT CAMP 474 (01/0/07)

Paranoia and Privacy part 3


The Internet is not private; it is a freely accessible, global public network with little or no security and few safeguards. Everything you do, see send or say can be monitored and intercepted by anyone with a will to do so. Once you accept that fact then you can get on with the job of making your involvement with it as secure as humanly possible.


The good news is that the chances of your emails being read by anyone other than the intended recipient is quite small. There are simply too many emails sloshing around the net for them to be effectively scrutinised, though if you routinely pepper messages sent to certain countries or recipients with keywords that might suggest involvement with terrorism or other illegal activities then your jottings may well be flagged up by one of a number of government agency’s computers, but the vast majority of messages will arrive at their destination unopened.


Nevertheless, it is wise to assume that whilst in transit your emails are about as private as a postcard. However, don’t forget that the emails you send and receive remain on your PC and that is a far greater threat to your privacy. A decent firewall should stop any external attempts to hack into your machine, but if you choose to leave them there, then anyone with access to your computer can read them, so it is up to you to protect or delete them if they contain sensitive information.


If for any reason you need to send a private or personal message by email then there ways and means to make sure it won’t be read or understood. Encryption would seem to be the obvious solution but it has one big disadvantage. Anyone intercepting the message will know straight away from the jumble of numbers and characters that it contains scrambled information and, depending on their level of expertise, resources and desire to know what you’ve been saying, they will attempt to decrypt it and only a tiny handful of powerful military-grade encryption systems can resist a determined attempt to crack them open.


It is far better, therefore, to hide or disguise your message inside an otherwise innocuous-looking email. Again there are various techniques, including ciphers and codes but these can be clumsy and time consuming, but there is another very effective method, an age-old trick known as Steganography.


Steganography stems from an ancient Greek word meaning hidden writing. The story goes that in 499 BC an exiled tyrant called Histiaeus needed to send a secret message about a revolt he was planning to his nephew Aristagoras. He shaved the head of a slave, tattooed the message on his head, waited for his hair to grow back then sent the slave to Aristagoras, with instructions to give him a haircut…


Things have moved on in the intervening 2,500 years and now it is possible to conceal documents and other types of files inside photographs, sent as email attachments. To the untrained eye the images look perfectly normal and the extra information makes relatively little difference to the size of the file, so even under very close scrutiny they shouldn’t raise any suspicion.


It sounds complicated but in practice it is very simple. All you need to is a small piece of software on the PCs used to send and receive the messages. There are several sophisticated Steganography programs on the market but if you just want to try it out then I suggest a small freeware utility called JPHS For Windows.


Download the program (it is the form of a ‘zip’ file), extract the contents to a folder on your PC and double-click on the file jphswin to install it. Double-click on the Jphswin file icon and you will be asked accept the terms and conditions and the program opens.


Step one is to choose the image you want to use to conceal the message or file. Use one that has plenty of fine detail as the hidden information will have a smaller impact on file size, though since anyone who sees it cannot know the size of the original picture file it is unlikely to attract attention. Click on ‘Open Jpeg’ and an Explorer type dialogue box is displayed. Navigate to the image, select the file and click OK; the window now shows the maximum and suggested size of the file you can hide inside it (see also this week’s Top Tip).


Next click Hide and you will be asked to enter and confirm a passphase, which the recipient will also need in order to extract the file. Click OK and another Explorer window opens and select the file you want to hide. If it is too large you will be warned. All that remains is to attach the modified image file to an email and send it.


The recipient receives the email and attachment as normal. To extract the hidden file they have to open their copy of Jpshwin, select the saved image file by clicking ‘open Jpeg’ then ‘Seek’ and they will be asked to enter the passphrase. A dialog box opens asking them where to save the extracted file and it can be opened and read as normal.


Next Week – Shareware and Freeware Top Tens





Data file – usually containing a photograph or text document sent with an email message



Encryption or scrambling renders files unreadable by any conventional means without the correct decryption software and a unique 'key' code, which is needed to unlock the data.



Type of compressed file, requires special program (Pkunzip, WinZip and a utility built into Windows XP etc.) to expand or decompress the file




Ideally your hidden files should be less than 10 percent of the size of the picture file otherwise it may degrade the image, or the process will not work. Since photo attachments are typically 300 to 500kb this means the hidden file can only be a few tens of kilobytes. In theory you can send any type of file but the size limit poses a particular problem with word processor documents. These contain a lot of extra formatting information that may well push it over the limit. However, if the document is saved as a plain text file it will be a fraction of the size of the original document; a text file containing 1000 words typically amounts to less than 10kb. 



© R. Maybury 2007, 1804

Search PCTopTips 



Boot Camp Index















Top Tips Index

Windows XP

Windows Vista

Internet & Email

Microsoft Word

Folders & Files

Desktop Mouse & Keyboard

Crash Bang Wallop!

Privacy & Security

Imaging Scanning & Printing

Power, Safety & Comfort

Tools & Utilities

Sound Advice

Display & screen

Fun & Games

Windows 95/98/SE/ME






 Copyright 2006-2009 PCTOPTIPS UK.

All information on this web site is provided as-is without warranty of any kind. Neither PCTOPTIPS nor its employees nor contributors are responsible for any loss, injury, or damage, direct or consequential, resulting from your choosing to use any of the information contained herein.