Hiding Packets in VoIP Chat 90
holy_calamity writes "Two Polish researchers say they have developed a system to hide secret steganographic messages in the packets of a VOIP connection. It exploits the fact that VoIP uses UDP, not TCP; it is designed to tolerate some packets going missing -- so hijacking a few to transmit a hidden message is not a problem." You may also be interested in reading the original paper.
Pay for 388 words? (Score:5, Insightful)
Thanks Slashdot, because I really want to go to Slashdot to get links to a story that I have to pay to read.
Well... (Score:4, Insightful)
Re:UDP Only... (Score:4, Insightful)
Re:UDP Only... (Score:3, Insightful)
If someone is using an encrypted connection/transfer, then its obvious they are doing something, and also trying to keep it hidden, whereas, if they were to carry out a normal transmition, but have the "secret" part of it hidden in this, someone looking, would see a normal interaction and possibly skip over the noise.
You could also have an encrypted message, that also requires data from the steganographic 'noise' and vice versa to become usable data, that way if one is "caught" its still useless data unless both are "caught"...
Re:Well... (Score:3, Insightful)
You would have to know all my accounts, on all forums, plus know the method to decipher the data.
Muahaha.
"VoIP" is not exclusively UDP (Score:3, Insightful)
VoIP doesn't "use UDP instead of TCP". VoIP (which is usually SIP+RTP, but there are other protocols out there used to carry voice over IP networks) can use UDP over TCP, and that configuration is the most common one. But not the only one possible as the article suggests.
Also, the article in the /. article kind of suggests that VoIP (which is a concept, not a protocol) can use only UDP, which is not true. It's like saying Internet is used only for HTTP.
Viruses will be the next safe transmitters (Score:3, Insightful)
Forget just VoIP. In the future we'll hide communications networks under multiple layers of encryption inside trojan'd everything that is awfully hard to tell innocent user data from something else. We'll probably also host websites and files that way in a coalescence and then expansion of BT/P2P and anonymous remailer methods but not so much with identifiable clients but instead viral ware that people choose to allow on their machines so as to prevent privacy invasion by government and business.
Re:Well... (Score:1, Insightful)
That's crude. There are other schemes that encode the identity of a document in the microspacing between the letters.