Shadow on Fri, 14 Feb 2020 16:42:09 -0300 typed in
alt.windows7.general the following:
On Fri, 14 Feb 2020 10:10:51 +0100, "R.Wieser"
wrote:
Shadow,
Since almost all image formats are compressed, do you know a
tool that can un-compress the data to look for "hidden" text or files?
There's a lot of apps that do steganography,
What makes you think that steganography is limited to the uncompressed data
? :-p
One form of it might make use of a slightly altered compression engine,
which returns the same uncompresed (short) byte sequences for two input
values, and regard those two input sequences as being a Zero and One.
As for your question, a standard Windows installation comes with a few DLLs
(GDI, GDI+) that will uncompress images (into memory) and allow you to
inspect their contents (using "GetPixel" style calls).

But don't assume that that is all you need to do. The data itself might
have been encrypted and strewn around the image in a non-lineair pattern
(possibly even using a seeded random generator). It will make it rather
hard to find the bits themselves, and the order in which they should be
read.

In other words, steganography normally doesn't stop at layer #1. :-)

I'm beginning to get that. But *bad guys* would tend to hide
terrifying messages like "don't kill the president" using
freeware/open-source programs which don't leave a money trail.
I doubt many of them are expert programmers or into crypto.

They don't have to be. That's what the Schmart Guys in the Back
office are for. They are the ones who have come up with the
app/program which takes the plan text and hides it in the picture.
(and decrypts the picture for the message.)

Sometimes the picture is the message.

Whatever, it was just a passing curiosity.
[]'s

steganography, like so much, works best if nobody suspects
anything. "Oh look, a picture of a kitten." Yes, but the code for
every tenth pixel is actually the message "embedded" in the data.
(Goes back to some of the earliest examples: drawings of the patterns
on butterfly wings which "just happen" to match the layout of the
defenses.)
Crypto, like camouflage, is all about giving Them something to see
which is not out of place, in the time they have to look. I recall
reading of encrypted messages which when decrypted, were little more
than revolutionary rants. But those rants had the encoded "secret"
message concealed within.
[technical aside: encrypted is what you do to the message which
makes it unreadable. Rot-13 for example. "Jr unir gjragl svir
pvtnef.", Wbua'f Hapyr unf n Zbhfgnpur.
"Codes" are where words or phrases are substituted, and while the
result may be grammatical and make sense, the meaning is not on the
face of it. "We have twenty five cigars.", John's Uncle has a
Moustache. The Chair is against the wall. Les sanglots longs des
violons de l’automne ["the long sobs of the violins of autumn"], "The
word Gullible is not in the dictionary." Etc, etc, etc.]

As I said, I email a picture of a cat, and a flower. The position
of the cat and the flower carry the message.
I am remembering a story of a bunch of men recruited for a
project. They decided to go, promising that they would send a photo
when they got there. If they were standing, all was good, come and
join us. If they were sitting, don't. Comes the letter, there is the
photograph, all of them are laying on the grass.

--
pyotr filipivich
Next month's Panel: Graft - Boon or blessing?