Feeds

Al-Qaeda said to be using stegged porn

More .jpg terror

  • alert
  • submit to reddit

The essential guide to IT transformation

From time to time a rumour that international terrorists are trading Net porn embedded with secret blueprints for some dastardly deed resurfaces. It has returned this week, in a New York Post article claiming that Italian members of al-Qaeda have been caught with stegged terror .jpg's.

"Chilling details of al-Qaeda's secret communications system - and the possibility of widespread knowledge that the devastating attacks on New York and Washington were in the works - were unveiled in a courtroom in Milan, where a group of Islamic militants are on trial for supporting al-Qaeda's terrorist activities," the Post explains.

"Photographs of President Bush, Secretary of State Colin Powell and Palestinian leader Yasser Arafat were also being passed around on the Internet by members of the group, along with hundreds of pornographic photos."

We'll forget for the moment that the likelihood of Islamic fundamentalists hiding messages in porn is roughly the same as their likelihood of hiding them in pig carcasses.

This hardy steg rumour began before 9/11 with an alarmist article from USA Today claiming that bin Laden's people were communicating via stegged porn files, though no evidence was ever produced. These were the days when Clinton-Administration FBI Director Louis Freeh became obsessed with the Internet's potential to spawn terror through encryption, and his boss, US Attorney General Janet Reno, became obsessed with its potential to corrupt children.

Shortly after the 9/11 atrocity, the ABC News show Primetime dutifully revived the rumor, claiming, essentially, that it had been substantiated, though no evidence was ever produced. A stegged photo was produced, but it was a demo, not in any way associated with terrorism.

Days later crypto researchers Peter Honeyman and Niels Provos debunked the story, cracking the example image ABC had cobbled up with the password 'abc'. "The broadcast showed fabricated images that were suggesting terrorist use of steganography. In fact, it was just a demonstration," the researchers noted. Honeyman and Provos had actually put a good deal of time into searching for stegged images in the wild, and came up with nothing.

They ran a cluster of workstations against two million images on eBay and one million on USENET, and attacked the candidates with a dictionary of 1.8 million words.

During the recent liberty operation in Iraq, I cataloged over 300 war-related images gathered from around the Web, hoping to find a stegged map to the weapons of mass destruction we used to hear so much about. I checked them with Stegdetect, a tool written by Provos (which is temporarily unavailable for download due to a wacky Michigan law).

When 30 of them tested positive for stegging technique JP-Hide I became suspicious; I would have thought it a miracle if one file actually contained stegged content, so I contacted Provos who explained that the tool does not do well against JP-Hide and false-positives are a problem. Nevertheless I ran all the candidates with Stegbreak, attacking them with several dictionaries, including one over 300MB in size, an exercise which took well over a week on my P4 box.

Nothing turned up, which was hardly a surprise, but this doesn't necessarily mean nothing's there. It just means it's extremely likely that nothing's there - which, when you get to thinking about it, is a good way of looking at the stego/terror rumor. ®

5 things you didn’t know about cloud backup

More from The Register

next story
Ice cream headache as black hat hacks sack Dairy Queen
I scream, you scream, we all scream 'DATA BREACH'!
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
KER-CHING! CryptoWall ransomware scam rakes in $1 MEEELLION
Anatomy of the net's most destructive ransomware threat
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
prev story

Whitepapers

Gartner critical capabilities for enterprise endpoint backup
Learn why inSync received the highest overall rating from Druva and is the top choice for the mobile workforce.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.