Blocking Steganosonic Data In Phone Calls

psyced writes "Steganography is a technique to encode secret messages in the background noise of an audio recording or photograph. There have been attempts at steganalysis in the past, but scientists at FH St. Pölten are developing strategies to block out secret data in VoIP and even GSM phone calls by preemptively modifying background noise (link is to a Google translation of the German original) on a level that stays inaudible or invisible, yet destroys any message encoded within. I wonder if this method could be applied to hiding messages in executables, too."

Not going to work....

[dgatwood]

That's completely pointless. All it does is create an arms race. Any amount of noise you add can simply be dealt with by including the stego data more than once or using checksums or whatever. Any amount of damage sufficient to prevent any possibility of hidden messages would result in significant audible alteration of the sound to the point of unusability....

Re:Not going to work....

[Brian Gordon]

Obviously if they modify the background noise then no amount of ECCs could recover anything from it since they're modifying all of the ECCs too.. unless you knew exactly what shifting frequencies they were using or something, but that's just reversing the damage, not working through it.

bad pre-emptive move

[Anonymous Coward]

I can only see bad things coming from this.

Imagine the worst-case scenario; Congress forces all telcos to install this sort of technology on all phone lines. Why not? If you don't put up with hissing on your phone line, you're helping a terrorist, no?

Re:Not going to work....

[jd]

You're probably right. Block-length FEC and Turbo Codes allow you to fix errors assuming bursty data corruption of exactly this kind, which is why NASA uses them for deep space missions. You can't exactly ask a probe on the edge of the solar system or skimming geysers to repeat itself. With sound, there's also the fact that you've multiple parameters - delay, amplitude and frequency. Unless they plan to randomize all three, you can use any of the others for covert data. Data compression isolates anything either side, so whatever they are "protecting" is limited to that one side. Shouldn't be hard to use the other.

Re:Can I add random noise to a .exe file...?

[yoris]

Yes you can. Some examples: - replace "add 1024" with "substract -1024" - replace "if greater then 100" with "if greater then or equal to 99" - replace "copy a to b, copy c to d" by "copy c to d, copy a to b" Just have a look at any assembly language and use your imagination. To make matters even simpler, there are operators which completely ignore certain parameters (e.g. a JUMP operator which only takes 1 parameter leaves room for hidden data in the 2nd and 3rd operator field). There are plenty of instructions or combinations of instructions which leave room to such minor changes without any difference in execution. So for the steganographers, the goal would be to look for all of such instances in an executable, then agree on some kind of code (for example "add n" is a 1, "substract -n" is a 0). Semantically there is no difference, both codes will result in the exact same execution, but you found some wiggle room to leave a message. It was reported on Slashdot a few years ago.

Arrogant bastards!

[pla]

scientists at FH St. Polten are developing strategies to block out secret data in VoIP and even GSM phone calls by preemptively modifying background noise

...And once again, they treat all of us like criminals for the sake of annoying (not even preventing or catching) the 0.0001% that really pose a threat.

Good work, guys - Even a classic BOFH has higher efficacy and useability standards than anything related to the War on Non-Western, Non-Irish, Non-Russian (and "non-former-Soviet") Terror. At least the BOFH's systems work for him, you asshats can't even manage that despite taking all that daaaaaaangerous toothpaste away from us.

However, even I overstate the case here - Encoding data in background noise doesn't break any laws!

We all have every right to send hidden data, or even to use hard encryption right in plain sight. However, exercising that right may lead to some undue scrutiny, and thus we expose the real reason for techniques like this... Erosion of plausible deniability, which The Powers That Be loathe far, far more than any actual threat. It looks bad to just deport and torture someone with no evidence. But if you can demonstrate that he had (gasp!) something he didn't want the whole world to know about (because only criminals have secrets, of course), well then the sheep will approve of going all Jack Bauer on him.

Wow, more money spent on foolishness

[kurt555gs]

This could be better spent on more cell towers, or not allowing bastard fone companies to charge $200.00 termination fees.

Stopping secret messages? , puleeese.

"John has a long mustache"
"The chair is against the wall"

Stop that!

The real question is..

[lakiw]

How often do people hide data in the background noise of their phones? Is this a big enough problem that we should care about solving it? I mean, first of all you need a program to do the stego, (short of having someone talk really softly in the background). Then you would need to play back the recording during your conversation. Wouldn't it be easier for the criminal to send an encrypted e-mail instead? Given a choice, I'll pick strong crypto over stegonography any day. The only good thing about stego is it's useful if whatever authority in charge blocks all unauthorized messages.

It's along the lines of "How do you tell if there are stego images on someone's computer?"

Answer:You find the stego converter tool on their harddrive.

Snoops

[Detritus]

How about not monitoring my calls in the first place? I am at a loss to understand the mindset of a person who thought that this was a problem that needed a solution.

I want end-to-end encryption on all my calls. This could be added to cell phones with some modest changes. Not having it on VOIP is just inexcusable. If the FBI wants to tap my phone, why don't they get off their lazy asses, obtain a warrant, and do some actual work, rather than expecting everything to be handed to them on a silver platter, complete with booze and hookers. I'm under no obligation to make it easy for them.

Sounds impossibly

[MobyDisk]

If you could detect and modify the background noise, then you could simply eliminate it. But I don't think that is possible, since what makes something "background noise" is the fact that it can't really be removed without damaging the foreground signal. If it could, you would have a perfect signal-to-noise ratio. Such a technology could be used to improve the bandwidth, compression ratios, etc. - which is something far more useful than fearmongering.

Unfortunately, I don't real have anything to go on other than a Google translated abstract, a Slashdot headline, and armchair knowledge of electronics. Anyone care to correct me?

Re:Not going to work....

[CastrTroy]

But by completely removing the ability for them to transmit the data, they've also lost the ability to catch people who want to transmit data this way. If you know how to break their codes, don't tell them, because they will find some other way of transmitting the data more securely.

Re:The real question is..

[smellsofbikes]

I don't know how often people have done this with phones. I've done stego in noise in pictures, when I was exchanging email with a friend who was living in China; we used a Matlab function. (It relied on her getting pictures from me and comparing them to the originals posted on a US-based website.)
The nice thing was precisely that it wasn't encrypted so the messages didn't just disappear, as so many others we sent did. (We started serializing our messages so we could tell when ones were going missing.)
So while it's unclear that this particular setup is useful, I can say that homebrew implementations of stego exist and are being used, particularly if a lame amateur coder like me has made one.

And yes, someone looking on her computer could've found the deconverter, but unless you know what you're looking for, you probably don't know that you've found a deconverter, when it's one of dozens of big complicated programs. Security through obscurity isn't reliable, but it can work.

A background noise jammer... how quaint

[Anonymous Coward]

It is slightly amusing that state is so far behind in this one area of surveillance. The method proposed here to futz with the voice content aspect of the call would have been effective up to, say, 1988, after which point it became easier to encode and retrieve the juicy bits in some other aspects of the call.

Without giving away too may secrets (from the 1990s, even though the state of the art is now significantly more advanced), think about the temporal and spatial information is transmitted by the act and protocol of initiating one phone call (from or to a cellular or landline endpoint). Think about the possibilities with initiating and (optionally not) terminating a series of phone calls. Any Asterisk admins lurking here will be familiar with the type of instrumentation required to execute this technique, putting as much or as little in the clear as desired. Now recall that some organizations using these techniques also use particular codebooks which need not be hidden and carry very specific meanings in context understood only by members of a specific group.

And remember: sometimes the most important part of a message is that which is not said.

Re:Not going to work....

[ColoradoAuthor]

The jamming will also easily be defeated by an entirely new branch of coding theory using the BBC algorithm (http://crisp.cs.du.edu/frisc/baird.pdf [du.edu]). Error correction is distributed throughout the data stream, so even if the jammer completely obliterates parts of the signal--to the point that the original signal is unintelligible--the coded message will still get through.

This coding theory is handy for all sorts of stuff, from military comms to cell phones to MIMO access points. And unlike most crypto stuff, it's rather simple to understand and implement.