Anti-Steganography (AntiSteg)
Wednesday, December 24, 2008 at 15:01 AntiSteg is a command line tool for cleaning images and widely used Windows AVI files of potentially harmful steganographical content. Many popular image formats (especially those spread via the Web), as well as AVI movie formats are handled by the tool.
Steganography is a means by which information is hidden inside of images/movies (often via high-encryption algorithms), making them completely invisible to all standard image viewers/movie players. Stegged images/movies can carry extremely harmful payloads, which include, but are not limited to:
- Child pornography/snuff movies
- Viruses, Trojans, Spyware, Spamware, and other Malware
- Sensitive personal/corporate Data
AntiSteg does not attempt to extract the actual hidden data, but simply antistegs the content, making it impossible to be retrieved at a later point in time. This approach allows it to quickly clean a computer, even if 100,000s of images or dozens of AVI movies are stored on it. In contrast, trying to desteg just one image which uses a high encryption encoding (256 bit or higher), and a properly selected password is computationally nearly infeasible. To attempt the same on an AVI movie, is not even worth mentioning!
Since the amount of images/movies stored on the Web approaches staggering numbers (anywhere from 100s of billions to trillions for images alone), the possibility to successfully store and trade/sell child pornography, snuff movies, distribute viruses, or exchange sensitive information is very high. Even worse, anybody who operates a web site (personal or corporate) that contains images, may unwittingly be helping pedophiles, black-hat hackers, or data spies in their operations. Of course, the same holds true for any e-mail attachment, or MMS being sent!
The next time you view an AVI file download from the Web, or a DVD, which is showing Bambi, or the Little Mermaid consider this:
Somebody else on the Globe may be viewing the same movie, but instead of Bambi, or Ariel this person is looking at a privately produced and distributed child porn, or even snuff movie! Hidding short movies within feature length AVIs is trivial, ignoring and/or trivialising the very same, is at best SHAMEFUL!
Currently available antivirus, antispyware, and antimalware tools do NOT address this problem!
Firewalls provide no security with respect to asynchronous, bi-directional steganographical communication via 2 web sites (spy site and infected site) and simple web monitoring software augmented with steganographical support for modifying images (hosted on spy site). Neither heuristic, nor behavior-based antivirus and antispyware applications will detect anything unusal since all software operations are identical to those performed by 1000s of image editing, image viewing, and web site monitoring sofware currently in circulation.
Companies that allow image/movie specific searches - like Google - do NOTHING to prevent stegged images from being spread via their services!
Supported Platforms
AntiSteg operates on most Windows platforms (9x/ME/NT/2000/XP/Vista) and many Linux distributions which have Wine installed on them.
Newest Release v1.20
The newest version includes support for antistegging images and AVI files packed within archives. Several popular archive formats are supported.
Release v1.10
This version includes anti-stegging of AVI movie files. AVI files are widely spread (P2P networks, EDonkey, BitTorrent, i.e.) and represent an ideal environment for hiding complete movies: like child porn, or snuff! Destroying the content, is not readily accomplished, especially if the hidden movie represents only a fragment of the original AVI file, is frame encrypted, and/or redundancy encoded. AntiSteg is the first and ONLY such tool to deal with this problem, and best of all it's FREE!
View Printer Friendly Version
Email Article to Friend