2/2/2024 0 Comments Cnet outguessAs Edward Snowden said, you really can defeat the NSA.Īcademics have been hurling attacks at Outguess for many years – using every type of statistical analysis: Huffman, DCT, double compression, neural networks, histograms, and key exhaustion to name a few. Even if the NSA has the ability to crack all Tutanota e-mails, and they read yours, they still don’t know who you are or where you are (because you work from coffee-shop wifi and use a VPN). Given the use of massive-charsets for your passwords (say 6,000 character charsets), the chance of the hidden data being successfully extracted is close to zero. On Tutanota two people can set up anonymous e-mail accounts and send each other kitten pictures generated by Outguess which contain data which is itself encrypted before injection (GPG or whatever). You must read all this discussion – sorry to sound like a schoolmaster, but it’s essential.Ĭlosed e-mail systems like Tutanota which offer end-to-end encryption will usually defeat the NSA. Your data will be compromised – I guarantee that. NEVER run any steganography software in Windows, Mac, Android or iPhone, unless it’s strictly for light-hearted play. You must only use the version (0.2 – usually referred to as “0.2-7”) that is contained in Ubuntu repositories and available inside Ubuntu’s closed software repository system. It’s a command line program best run in Linux (for security reasons) avoid using any later/homespun versions that operate it via a GUI. What does Outguess do? It allows you to embed text files and other data in jpeg images the resulting image appears to be visually identical to the original. A 6,000 character charset and long (50+) password at both stages put the payload beyond the reach of the NSA. Collecting an Outguess jpeg encrypted with the methods I demonstrate on this blog, with a data payload pre-encrypted in GPG before injection, is futile. But Outguess jpegs (and many other types of steganographically-generated jpegs) can sometimes be collected in the wild by the NSA/GCHQ if they are looking systematically. Why on earth would I recommend using a teenaged application for data security of all things? Surely it’s full of holes and backdoors, and has been cracked countless times? By cracked, I mean the hidden payload revealed without brute forcing the password used by Outguess to hide it. Outguess is a classic steganography application, by now very old. Monostatos – a masonic embodiment of the NSA – unleashes his attack dogs against Pamina, symbol of freedom, privacy, justice and virtue, in Die Zauberflöte.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |