Spy case shines light on steganography

Alleged agents hid messages in plain sight in digital photos

One of the spy technologies that's come to light in the recently-exposed alleged Russian spy ring is steganography, a word that comes from the Greek for “covered writing.” It’s a way to hide information in plain sight, and has been around since ancient times, in one form or another.

In one example cited by NetworkWorld, a Greek named Histaiaeus shaved the head of a slave, tattooed a message on his scalp, and then waited until his hair grew back to send him on his way. The recipients of the message shaved the slave’s head again to see the message. Conspiracy theorists maintain that crop circles are a similar trick—an encoded message from aliens (or pranksters) that disappears once the barley grows back.


Related:

Were alleged Russian spies done in by technology problems?


Other low-tech steganography methods include knitting encoded messages into sweaters, or encoding messages in print so small that it takes a magnifying glass to read it. Even invisible ink, also used by the accused Russian spy ring, is a form of steganography.

But the digital age has opened up whole new avenues for the practice. The 11 people accused of being part of a Russian espionage ring reportedly inserted text into digital images. Investigators searched the suspects’ hard drives and found drafts of messages embedded in the images.

Former GCN reporter Patience Wait reported on steganography back in 2005. Wait talked with Chet Hosmer, CEO of software company WetStone Technologies, which makes software tools that agents can use to find the clues to these hidden messages.

Because image and audio files tend to be large, they make great hiding places for messages, Hosmer said. In an audio file, steganographic messages are often hidden in the brief silence at the beginning of a song. By comparing the wave signature of a suspected file to a clean copy of the song, you can tell if a message has been inserted.

A message could be hidden in a digital photo on an online auction site, where thousands of people would see it. Analysts could examine the color palette in a digital photo, looking for clues that the file had been manipulated. A photo with a hidden message will have a more limited palette, with blocks of color spaced more closely together.

In 2005, there were 300 steganography programs available to hide secret data within image, sound and text files; today there are more than 1,000. The one that the Russian espionage ring used, however, was not commercially available.

The Washington Post demonstrated steganography in an article that shows what looks like an ordinary photo of a tropical fish. Steganography expert Gary C. Kessler used steganography software to embed within the fish image a map of the Burlington, Vt., airport. The alteration is invisible to the naked eye.

About the Author

Trudy Walsh is a senior writer for GCN.

Reader Comments

Tue, Jul 6, 2010 Will

I Can Has Cheezburger (and missile codes)

Fri, Jul 2, 2010

I hope this technology from the small niche firms is given more exposure. Its clear that the threat is real, and we have the tools to catch spies intending to inflict harm on the US.

Fri, Jul 2, 2010

It would be interesting to know how many LOL-cat images are really secret messages ...

Fri, Jul 2, 2010

Really cool story! Amazing, and a bit scary, how readily available spying technology has become. I understand that there are companies out there who specialize in developing steganography detectors that essentially "raise a red flag" when a user comes across an image or other file type that contains embedded content. Not sure how sophisticated these tools are, though. Would be interesting to find out how prevalent steganography is on public domains like Google Images.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above