Steganography and the
Al Qaeda porn video

Previous section: Government restrictions on encryption

Most of this chapter has looked at how messages are encrypted with the aim of making them indecipherable to eavesdroppers. In many situations, however, communicating parties also wish to conceal the fact that a message exists in the first place. Most people have been faced with the dilemma that they have to be sure they will not forget their credit card personal identification number (PIN) but that they have been warned against writing it down anywhere. A common solution is to disguise it somewhere in one’s household. The number 2839, for example, could be captured as “Outstanding grocery bill: $28.39” written on a piece of paper stuck to the refrigerator with a magnet, or as “Bedside cabinet: 28cm x 39cm” noted in the back of an interior design book. Anyone who has instinctively used such techniques has taken his first steps in the science of message concealment, or steganography. In the context of the internet, steganography refers to techniques for hiding messages in files where they would not normally be expected, like pictures or videos.

Each pixel of a digitised photograph is stored as three numbers, perhaps between 0 and 255, that specify the amounts of red, blue and green that make up its colour. One of the simplest steganographic techniques allows a piece of text or other information to be hidden in a photograph as follows. Remember that any data, encrypted or otherwise, is ultimately representable as a string of bits. Each bit in the message to be hidden is assigned to a pixel in the photograph. If the bit is a 0 and the red value for the pixel is an odd number, the red value is altered to the next lowest even number. If the bit is a 1 and the red value for the pixel is an even number, the red value is altered to the next highest odd number.

Somebody who wishes to retrieve the message reconstructs the string of bits that make it up by examining the red value for each pixel in the photograph. Each pixel that has an even red value represents a 0 in the message, while each pixel that has an odd red value represents a 1 in the message. However, because the distinctions in hue caused by such tiny changes in redness are much too subtle to be discernible by the human eye, nobody viewing the photograph would guess that it actually contained a secret message.

It is important to understand that this is only an effective method of making the message in the photograph inconspicuous, not of preventing it from being found by somebody who knows to look. Because genuine colour tones do not change backwards and forwards from one pixel to the next, someone who suspects that the photograph might contain a secret message will be able to find where it is hidden without too much difficulty.

Cybertwists book cover
Publication of Cybertwists is planned for 2017.

In May 2011 in Berlin, a memory card was confiscated from alleged Al-Qaeda member Maqsood Lodin. It was found to contain a folder named SexyTanja. The folder was protected by a simple password mechanism that is trivial to circumvent. It contained a pornographic film called KickAss which turned out to be a goldmine for the intelligence services fighting the terror network. Hidden within it were no fewer than 141 unencrypted files with names such as Future Works and Report on Operations. The investigators had found top secret documents giving them a direct insight into the strategy and tactics of the organisation’s inner command circle.

The precise details of the steganography Al-Qaeda had employed are not in the public domain. There are other methods more complex than the one described above that make the hidden information more challenging to recover. Luckily for the rest of us, any memory card belonging to a suspected terrorist is likely to be subject to meticulous investigations, so that the German police would probably have found the documents however they had been concealed. There are general techniques that can be applied to discover and retrieve information hidden within files.

Tweet about steganography and the Al Qaeda porn video

Next section: The Navajo code talkers and Bernardo Provenzano again