On Thu, 30 Oct 2008 17:11:22 GMT, nesScitur@husShmail.com (Ronin)
wrote:
>X-No-Archive: yes
>
>On Thu, 30 Oct 2008 07:40:00 -0700 (PDT), seconserv <seconserv@yahoo.com> wrote:
>
>> Announcing the release of Anti-Steganography (AntiSteg v1.00):
>
>> antisteg100.zip AntiSteg 1.00: Anti-Steganography
>
>> AntiSteg is a command line tool for cleaning images of
>> potentially harmful steganographical content. Many popular
>> image formats (especially those used on the Web) are handled
>> by the tool.
>
>> Steganography is a means by which information is hidden
>> inside of images (often via high-encryption algorithms),
>> making them completely invisible to all standard image
>> viewers. Stegged images can carry extremely harmful
>> payloads, which include, but are not limited to:
>
>> Child pornography
>> Viruses, Trojans, Spyware, Spamware, and other Malware
>> Sensitive personal/corporate Data
>
>> AntiSteg does not attempt to extract the actual hidden data,
>> but simply antistegs the content, making it impossible to
>> be retrieved at a later point in time. This approach allows
>> it to quickly clean a computer, even if 100,000s of images
>> are stored on it. In contrast, trying to desteg just one
>> image which uses a high encryption encoding (256 bit or
>> higher), and a properly selected password is computationally
>> nearly infeasible.
>
>> Since the amount of images stored on the Web approaches
>> staggering numbers (anywhere from 100s of billions to
>> trillions), the possibility to successfully store and
>> trade/sell child pornography, distribute viruses, or
>> exchange sensitive information is very high. Even worse,
>> anybody who operates a web site (personal or corporate)
>> that contains images, may unwittingly be helping
>> pedophiles, black-hat hackers, or data spies in their
>> operations. Of course, the same holds true for any
>> e-mail attachment, or MMS being sent!
>
>> Currently available antivirus, antispyware, and antimalware
>> tools do NOT address this problem! Companies that allow
>> image specific searches - like Google - do NOTHING to prevent
>> stegged images from being spread via their services!
>
>> Special requirements: None.
>
>> Freeware. Uploaded by the author.
>
>> Security Online Services
>
>> E-Mail:
>> seconserv@yahoo.com
>
>> Web:
>> http://seconserv.freewebsitehosting.com
>> http://geocities.com/seconserv
>
>> NewsGroups:
>> http://groups.google.com/group/antisteg
>
>For a general discussion of steganography, google
>
> steganography wiki
>
>In practical terms, digital-file steganography takes, as its
>base, a reference file and encodes its covert information --
>which need not even be encrypted -- by altering specific bits
>in specific bytes of the file according to some prearranged
>scheme; the information is recovered by comparing the altered
>file with the base file. Digital files containing music and
>photographic images are well-suited to steganography because
>changes in the low-order bits of their audels and pixels are,
>for all practical purposes, inaudible and invisible.
>
>As the steganographic data are contained in the *differences*
>between the altered and the base files, it is rather difficult
>to conceive of how the presence of steganographic data in a
>file can be detected without comparing it with another file;
>and thus it is difficult to conceive of how a general-purpose
>program could "detect", much less "remove", steganographic
>information.
>
>Whilst it is possible that the developer of this program has
>confused *appending* a second file to a .jpg or .mp3 -- which
>most JPEG or MP3 players will silently ignore, but a quite
>simple program can easily detect -- with *altering* a file
>to contain steganographic data, a reasonable suspicion here
>is that this program may, itself, be *malware*. Unless you
>have read and understood all its source code, and compiled
>an executable from that source code on your own system, how
>can you know that this "tool" does what it claims to do?
>
>
>Ronin
>>>>>>>>>
Snake oil or worse would be my best guess in balance of probability
for this offering when one considers the launch pad for downloading
the progies!
Cosmos
|
|