Feeds

Al-Qaeda said to be using stegged porn

More .jpg terror

  • alert
  • submit to reddit

Choosing a cloud hosting partner with confidence

From time to time a rumour that international terrorists are trading Net porn embedded with secret blueprints for some dastardly deed resurfaces. It has returned this week, in a New York Post article claiming that Italian members of al-Qaeda have been caught with stegged terror .jpg's.

"Chilling details of al-Qaeda's secret communications system - and the possibility of widespread knowledge that the devastating attacks on New York and Washington were in the works - were unveiled in a courtroom in Milan, where a group of Islamic militants are on trial for supporting al-Qaeda's terrorist activities," the Post explains.

"Photographs of President Bush, Secretary of State Colin Powell and Palestinian leader Yasser Arafat were also being passed around on the Internet by members of the group, along with hundreds of pornographic photos."

We'll forget for the moment that the likelihood of Islamic fundamentalists hiding messages in porn is roughly the same as their likelihood of hiding them in pig carcasses.

This hardy steg rumour began before 9/11 with an alarmist article from USA Today claiming that bin Laden's people were communicating via stegged porn files, though no evidence was ever produced. These were the days when Clinton-Administration FBI Director Louis Freeh became obsessed with the Internet's potential to spawn terror through encryption, and his boss, US Attorney General Janet Reno, became obsessed with its potential to corrupt children.

Shortly after the 9/11 atrocity, the ABC News show Primetime dutifully revived the rumor, claiming, essentially, that it had been substantiated, though no evidence was ever produced. A stegged photo was produced, but it was a demo, not in any way associated with terrorism.

Days later crypto researchers Peter Honeyman and Niels Provos debunked the story, cracking the example image ABC had cobbled up with the password 'abc'. "The broadcast showed fabricated images that were suggesting terrorist use of steganography. In fact, it was just a demonstration," the researchers noted. Honeyman and Provos had actually put a good deal of time into searching for stegged images in the wild, and came up with nothing.

They ran a cluster of workstations against two million images on eBay and one million on USENET, and attacked the candidates with a dictionary of 1.8 million words.

During the recent liberty operation in Iraq, I cataloged over 300 war-related images gathered from around the Web, hoping to find a stegged map to the weapons of mass destruction we used to hear so much about. I checked them with Stegdetect, a tool written by Provos (which is temporarily unavailable for download due to a wacky Michigan law).

When 30 of them tested positive for stegging technique JP-Hide I became suspicious; I would have thought it a miracle if one file actually contained stegged content, so I contacted Provos who explained that the tool does not do well against JP-Hide and false-positives are a problem. Nevertheless I ran all the candidates with Stegbreak, attacking them with several dictionaries, including one over 300MB in size, an exercise which took well over a week on my P4 box.

Nothing turned up, which was hardly a surprise, but this doesn't necessarily mean nothing's there. It just means it's extremely likely that nothing's there - which, when you get to thinking about it, is a good way of looking at the stego/terror rumor. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?