First Steganographic Image in the Wild

This week, the first steganographic image in the wild was found due to an ABC coverage of steganography. During the ABC coverage, an image called "sovereigntime.jpg" was shown. It was supposed to have an image of a B-52 bomber plane as steganographic content.

Using the Steganographic Detection Framework developed by Niels Provos, it is very easy to retrieve the hidden message from the ABC image.

It takes only a second to identify the image as likely carrier of steganographic information and to find the secret key that is required to extract thie hidden message. It is not too much of a suprise that the secret key turns out to be abc.

Cover Image		Original Image from ABC During the broadcast, an internet security consultant displayed a jpeg image, shown on the left. He asserts that it contains a hidden image of a B52. The broadcast showed fabricated images that were suggesting terrorist use of steganography. In fact, it was just a demonstration. Read about it in a posting on the Politech list or in an article by Duncan Campbell in Telepolis.
Hidden Message		Steganographic Detection Framework in Action The following demonstrates the use of the Steganography Detection Framework: $ stegdetect sovereigntime.jpg sovereigntime.jpg : jsteg(***) $ stegbreak -tj -f wordlist sovereigntime.jpg Loaded 1 files... sovereigntime.jpg : jsteg(abc) Processed 1 files, found 1 embeddings. Time: 1 seconds: Cracks: 1156, 1156.0 c/s Stegdetect shows that there might be hidden information inserted by the JSteg tool. Stegbreak verifies that a hidden message exists. The secret key to extract the hidden message is "abc." The hidden message turns out to be an image. It is displayed on the left. The image shows an aerial view of the "B-52 graveyard" at Davis-Monthan Air Force Base. Available via Terraserver.