Summoning Angels in the Modern Age: Digitizing the Methods of Steganographia

whoa [Laughter] all right I lied to Adrian I don't know anything about steganography this is an hour of hacker karaoke uh no this is actually a bit of a history on steganography if you guys aren't familiar uh so we'll do like some intro information about that and also I want to talk to you guys about this weird book I found on the internet and all of the weird secrets that it has in it that the Catholic Church really hates and doesn't want you to know that's not a joke we'll get to that oh dang it yellow if I talk into it is it better or worse but yeah like an eye exam number one better two

[Laughter] I can just put like four of them on me

there is a power button should I hit this yellow button all right yeah I know

I was actually oh there we go make sure when it's in your pocket hmm yeah I was actually raised Catholic so when they baptize you they microchip you and whenever you try to talk ill about them everything stops working that'll be fine so here's a quick overview of what I'm going to talk about uh me and my dead co-presenter what is steganography I'm going to give you guys a background some things that you've probably seen before and maybe some things that you haven't in the historical view of steganography and then talk about some of the modern versions as well uh and that's kind of a setup to get into how I'm going to modernize this and it's a pretty simple

workaround we're going to talk about steganographia which is a 500 year old book that it took people almost 500 years to solve uh what can we do with it now is just going to look at how it still works if it still works and evaluate some of the analysis I can get out of that and draw some conclusions from it so who am I uh I am a technical professional from Oak Ridge National Lab that is a super vague title because I can do anything depending on the contracts that I'm on I work in embedded system security but that wouldn't be anything the contract wants so I don't always do embedded system security uh we

mix it up a lot so I get involved in projects that do uh virtualization um software and firmware uh networking protocols all kinds of random stuff I just tend to write a lot of python in a hurry um I got my compsi undergrad and masters from Tennessee Tech I am a certified red team operator if you guys are interested in that it was a pretty cool experience and I can talk about that but not on stage and I like to read a lot of weird occult books I have a very small collection of some interesting books that talk about uh religious history and especially some of the things that um were hidden or disagreed on by

the main organizations the mainstream organizations throughout history so that's kind of where I found out about this there are a lot of people who if you get like a full in-depth talk on steganography will cover this book but basically none of them have ever read it in English and we'll get to why that happens as well so who is my co-presenter Johannes tritemius I cannot speak German so I'm sure I'm pronouncing that wrong in some way uh he was a Benedictine Abbott AKA a German monk in the 15th century he's the founder of both modern cryptography and the library Sciences more specifically he invented bibliographies largely because he had more books than anyone else in Germany at the time and he

didn't really know what to do with them or like how to get people to go read them so he just started compiling lists based on certain topics and that kind of became the standard for what we do when we write papers today uh he wrote two books mainly on cryptography the one we're going to be talking about today and also one called polygraphia or many languages um many writings I guess technically but uh that one was a little bit better received because he didn't try to make it sound like he was doing witchcraft uh he is weirdly both a substantial influence in the fields of cryptography and Library sciences and an Occult Philosophy so if you ever heard the

names uh Agrippa paracelsis paracelsus is the dude who basically invented Alchemy or is like well known for being The Alchemist um Agrippa is a dude who wrote some really weird books on like Old School hermeticism uh also John D and Aleister Crowley were big names in like the English Revival of uh Witchcraft and like underground really questionable dark magic stuff they're very weird people and a whole talk to themselves for some other conference that isn't you guys and he is my unwilling co-author in this particular talk uh but he never published this book so Somebody's gotta what is steganography the term means covered writing I'm pretty sure in Greek uh it's coined by tritemius in 1499 not

technically in the book itself he actually wrote a bunch of letters where he was asking his friends for feedback on this book and kind of trying to get some editorial reviews and all of the editorial views said hey don't publish this he actually didn't it was published posthumously but that's something we'll talk about uh steganography differs from cryptography because the cover text is something that is legible human readable or understandable in some way so you'll see a lot of different forms of it but every kind of steganography will have something that you would look at and think is totally fine because the intended goal is if I have a messenger between me and you I need to give the

messenger something that they won't look twice at so you can actually layer this with cryptography if you want to be actually secure but the goal of steganography is not security the goal of steganography is obscurity historically any steganographical message was probably text based which we'll look at or physically hidden which I think are some of the cooler examples and we'll have some uh some views on that as well so this is the most classical historical example it actually is covered in steganographia but it's much more commonly known from other people Reinventing it because it's like the super obvious thing to do when you're writing a covered message the null Cipher is something that's been used

throughout history but is especially well known for this particular quote here um and you can see I've highlighted the letters here they say apparently neutral's protest is Thoroughly discounted and ignored Eastman hard hit blockade issue affects pretext for embargo on byproducts ejecting suets and vegetable oils I have no idea what that means and no one on earth knows what that means because it's not supposed to mean anything it's a reasonable sentence you can read it it makes sense you kind of your eyes glaze over and you don't care about it anymore however the message inside of it is when you read the second letter of every word when you read Pershing sales from New York on

June 1st what that actually meant was that it was a message from a Nazi spy in World War II who was informing their superiors about troop movements another really cool historical example is actually kind of under hot debate uh people have talked back and forth about this during the antebellum era and the Civil War when the Underground Railroad was kind of at its height there were people who supposedly put quilts outside of their doors uh and the quilts would look perfectly normal but each of these squares might have a hidden meaning and when you first started going down the railroad as they would say I'm sure they didn't say it that way when you first

started going along the trail someone would inform you if you see a quilt outside of someone's door and it has a stylistic Bearpaw as one of the squares that means that if you go down any nearby animal Trails you will find food and a tent laid out so that you can spend the night there or if you find like a bow quilted into this then that means that if you want to visit this stop you need to be able to acquire some suitable dress to look like you're not on the run because people will be watching different men messages and hints like that this is actually an unconfirmed Legend no one ever really saw recorded records of it until 1999

when Jacqueline Tobin and Raymond dobard both published a book together where they talk about this whole history and they lay out those examples that I just gave you as well as some others uh people took that at their word for a long time until just recently like five years ago people started saying how come we never saw examples of this before 1999. so you can actually go into yet another Rabbit Hole I have a lot of those of just finding out more information about this particular example of steganography my last historical example is one that was used throughout the 20th century actually starting at the very beginning of it reaching its height really in World War II but still frequently used

throughout the Cold War um I couldn't give photo examples because I didn't have the picture rights a lot of these are pictures where I like was able to find out that they were Creative Commons I couldn't find one for this but there were like letters that people would send uh people would send package toys or dolls or things like that a very particular example from the FBI's archive website shows a doll that has what's called a micro dot embedded into the clothing and a micro dot is being able to take a photograph and shrink it down really small I'm surprised that shrinky dinks were invented before the 80s because I remember playing with them but

apparently if you work for the FBI you get the super Shrinky Dink machine that you can put into a message the size of a typewriter's period or like the dot over an eye and they would take those tiny photographs and slip them not into the letter anywhere but into the envelope that they were sending it with or like I said they were sewn into clothes of dolls um and these were able to easily pass checkpoints that were searching through mail and then the intended recipient would receive it instantly throw out the letter that was inside and start searching the edges of the envelope or start searching the hems of the clothing to pull out these micro dots and then

they can only be read through a microscope uh so basically you would like write out a letter take a picture of it and shrink it down and it worked really well for a long time because you just kind of have to know where in the letter you're looking or else you're not going to find them switching over to Modern uses instead of those physical or text-based categories that we've had in the past now that we've digitized near everything we can break out uh five common categories that we use for steganography and that's text image video audio and network I don't have a slide for the network example because it would get complicated to do another live demo for that where I could

bring up Wireshark but uh if you've ever seen an icmp tunnel or a ping tunnel it's very easy to send messages back and forth that have what looks like a trace route or just trying to connect to a server and do diagnostic testing you can actually use that as a tunnel for information and you kind of have to layer that's another example where you kind of have to layer your encryption on that so that someone doesn't look too close at it because if you look at that kind of example at all then if it's in plain text people are able to read your channel I do think I've never seen like a fantastic example of network

steganography because a lot of people just choose to use networking to do things like image steganography which we're going to look at now the most common example you see for image technography is least significant bit encoding it's very easily seen in images there's actually a JPEG library for it now but the early ones were in bitmaps because the actual name for it comes from having a bitmapped image and taking the least significant bit originally I think in the earliest examples they took specifically red pixels of a bitmap and took the lowest red value and flipped that literally no one can ever notice the binary difference between like one RGB value in an image so if anyone can tell me what

these two images are I'll give you five dollars if you can tell me which one actually don't guess because it's 50 50. but uh yeah I'd be stunned if anyone could with accuracy go through a list of these and Define which one has a second image inside of it so there is a hidden flag in this quite literally it was the one on the left and that is actually a photo that has this photo data embedded in it the problem with this method is that you actually lose a lot of space that's a 4K wallpaper on the left my 4K wallpaper because it's amazing uh and on the right it's like a JPEG that has

uh it's not even 400 by 600 it's like tiny it's like 200 by 300 or something you cannot fit a lot of information in this space which makes it kind of difficult to work with uh an example that I do like talking about is everybody likes to talk about Mr Robot For Better or Worse in security stuff and in in the show he uses deep sound uh I can't actually tell you whether it's a form of least significant bit because the code is proprietary they have it available on GitHub but it's one of those terrible terrible repos where you go into the repo and it's all like compile binaries that you can get clone uh so I don't know the exact methods

behind it but this is one of the most famous examples that people commonly use for audio steginography there's a neat little video where we get to watch Elliot put in a DVD because everyone has DVD drives on their computers these days and load information I believe what he used was he had like biographies of everyone he ever talked to where he pulled way too much personal information about them and then loaded it into different albums sorry about that load them into different albums and then he would just write like a Sharpie on them well the name that he remembered of a band that they liked or something like that uh and each of them is just like a really

terrible home rip audio and this is another example where it doesn't really look any different like if you play that music it sounds totally the same to the human ear audio files will fight me on this but they'd be wrong and you can encode more data in this case than you can in the images usually because you're going over a pretty large space when you're doing like an entire DVD worth of music but a common problem in steganography is finding space to fit your data if you have to have like a very valid cover when you're taking up a lot of media like a photo or audio that needs to have its own High Fidelity to

not get compromised so passing all the classical examples I'm going to talk about steganographia which I guess is backwards because this is the oldest example it was written by tritemius who we've talked about he never managed to complete it because I mentioned those letters in 1499 all of his friends said to give up and he actually took their advice it was published posthumously in 1606 which is almost 100 years after he died I believe and all of his friends were totally right because in like 1607 the Catholic Church put it on their ban list like I said that was not a joke for 300 years the Catholic church was convinced that this was a very real occult text on how

you could summon angels and demons who would teach you the secret ways to talk to your friends over extremely long distances because the full title of the book is about bringing angels and Spirits into the world so that you can communicate with other people tritemius thought he was being very clever when he wrote this he was really excited to come up with like a unique way to communicate this cool math problem that he could come up with to his friends and he very explicitly talks in a forward about how he loves God and he thinks the church is totally right and they shouldn't ban his book because it is very clearly a math book but I don't want to lay out into

using first person for him I don't want to lay out all of the secrets of this book because I want people to figure it out for themselves I don't want someone who can't figure this out to use it he essentially really hated script kitties uh there are some problems with using this book today as a script Kitty one of them is that I am terrible at Latin and it is almost impossible to get a copy of this book in English I say almost because I fact I've actually found one um I had to go through an antiquarian in Maine who exclusively trafficks in occult manuscripts this is not a joke this sounds like a Quest from the Holy

Grail or something but uh I actually bought the only English translation that I know of um that includes volumes one and three because volume two I don't think has ever been translated to English properly uh you will find online partial English translations that do not include volume 3 or most of volume one but I I had to go buy this physical copy of this book that was hand Bound by a guy in Scotland it continues to sound like I'm searching for the Holy Grail so they've made 500 copies of this book hand Bound in Scotland in the 1980s it is the only English translation and if you guys are interested you can come talk to me at some other point I'm at

the fox pick Booth shout out to Fox pick you can come talk to me I actually brought the copy with me uh I will not let it leave my site because they're very hard to find but I will let you look at it a little bit uh and yeah there are three total volumes in the Original Latin and the first two were pretty well understood people argued with the church for a long time in the 1600s because there were mathematicians at the time who demonstrated the methods inside of steganographia one and two and talked about how it made sense and how it was very clearly not anything demonic or evil because these are the exact methods

and this is how it works they basically posted the translation but no one could figure out volume three so the church would not give up on this because they said ah volume three still definitely about Witchcraft and people really still thought that there was like a book in or there was an article in 1950 where someone was continuing to argue that volume 3 was about summoning actual demons or rather angels for volume three so volume three one reason that it was never completed is that it was or never published as it was never completed never cracked sorry uh so there's only about 20 pages to volume three and before he gave up after all of

his friends told him this book wasn't gonna fly and people have been reading over it ever since it came out even while it was banned people were finding underground copies and their motivations varied some people were mathematicians in the later years some people were computer scientists and some of them were actual quote unquote magicians um who were still trying to actually do the rituals written in this book uh the first person who ever claimed to solve volume three was William Heidel and he said so in 1676 but he was an absolute jerk because he published his findings in his own ciphertext based on the original volume 3 Cipher with slight variations so that no one else could

read it until they had solved it but he just really wanted them to know that they were not the first the the first people who actually published their findings in English well actually one of them was in English uh were Thomas Ernst and Jim reads and those were 1996 and 98 respectively the reason there were two separate Publications are that Thomas Ernst uh mainly speaks German and he published it in a Dutch magazine that no one tried to translate or even really took notice of in the us at the time so Jim Reeves gets to the end of his uh research and then finds this article coincidentally like as he's writing his paper so he actually

makes a reference to Thomas Ernst at the end but says that he did this without his help on accident so let's talk a little bit about what actually happens in volume three the reason that it took so long to crack other than the fact that it was incomplete when I say incomplete there is one complete Cipher in it as opposed to the other volumes having uh dozens of different variations on each of the ciphers so people had a lot more ciphertext to work with where they could figure out like what alphabet is he using what is he trying to do here what is the method there was a lot more Brute Force potential space in this case there were I believe four

messages throughout the 20 Pages uh and they use what's called a pseudo-poly alphabetic substitution Cipher which is a phrase I love to drop because it's so long and it sounds so neat and all it is is he multiplies his alphabet over numbers um so he creates and if you know an at-bash Cipher a is z b is y and so on uh he flips his Alpha well he first of all has a 25 letter alphabet um and he takes out some letters that he thinks are unnecessary and he throws in some extra letters because he's German and he doesn't want to type out stch every time uh and then he uses the 25 letter alphabet as an inverted

conversion to numerics so zero is z except for It's s t c h whatever weird German thing that he uses and 25 is a uh basically like that except he never uses the numbers 0 to 25. he multiplies by C seemingly random intervals and creates this Infinite Space of numbers that he can project his message across and then he puts this into the archaic 1500s version of an Excel sheet and it just looks like he's got uh astronomical star chart data so and I think that was on the last slide I should show that so this is an example of his Cipher that does not look like he's talking about any secret message here um he's talking so this is actually like

in the code of talking about rituals he's saying like oh yeah so the angel or ifiel is uh over the Dominion of Saturn and has these subset angels and can be called when the moon is in this Zenith uh and he throws out some random numbers and everyone's studying these for hundreds of years trying to figure out what does this mean what do all these things come together to be and as Jim Reeves explains it because I can't read German either um this literally all of this can be thrown away what this actually is is that pseudo-poly alphabetic Cipher these numbers are multiples of 25 if you do this mod 25 you bring it back down to the

original alphabet and then you do the inverted at bash and you convert it back to his alphabet and you get meaningful text out of it all of them are super boring because he was a monk they're like the beginning of the Lord's Prayer um it's just like a generic things where it's basically Capture the Flag if you find the message like if you get a prayer out of these then you're like oh yeah that's probably how he did it then like that's probably the plain text um he did that for all of his books where it was just you get to the end and it's like so exciting that you crack this code and then it's like oh the Ave

Maria sick like so what can we do to look at this now uh honestly I I took the simplest route possible instead of having a 25 letter alphabet I took 90 because base 85 is superior to base 64. now the audio files and the weird encoding nerds can fight me uh base so a 90 letter alphabet's a little bit bigger than base 85 but this is super easy to use because I just subtract 33 off of ASCII encoding and I get numbers that convert like pretty much straight to upper and lower case letters and punctuation so I can use like pretty much any plain text message or a base 85 encoding for binary data if you want to go a little

bit more programmatic you can actually put header data on the front of this I often choose not to put header data on this because anything that is predictable as the Germans learned in World War II can end up being used to crack your Cipher in the end uh you can start to write Yara rules for like figuring out Header information if you have some predictable beginning to your message so yeah let's switch over from this real quick I have a live demo of using this to run a Metasploit payload and get a shell back when I have a file on disk that is my encoded version of a python executable uh and I can with just like a

really short snippet of python execute that uh without ever putting the actual python script in uh on disk so this is going to show you what the actual text of the executable is in a minute I only have three Imports for this and only two on the other side uh if you don't want to use open Pixel you can use CSV and as long as they have python that counts as living off the land because CSV comes with the python install um open Pixel you do need to install with Pip but if you don't want to use that then it works pretty well not necessarily it's like gtf open but uh pretty close to ground level

so I import base64 random and open Pixel I open my python malware file which we're going to be able to see the actual text of in a second uh this is just something that I pre-generated out of the msf Venom executable and we can see here it's a pretty straightforward like it's just going to do a staged payload uh grabbing some more information off of my Target or my uh Cali machine and sending it to the victim so after I run that through this code this part I'll break down a little bit more but it's still pretty simple um I generate a message by ASCII 85 encoding it which is just that uh that base language that I was talking about

earlier um this is inside of my 90 character space is what we're getting at and then this line is pretty much doing all of the required math to like at bash it uh I'm like I said bringing it down to my alphabet and then doing some modular arithmetic to reduce that from the 33rd character in ASCII down to zero and then the other part of the 123 is flipping it so I'm doing a negative number of what the original 90 would be modular 90 is going to do the at bash part after that I can put a random space on this so this is that pseudo-poly alphabetic thing that I was talking about any multiple of 90 will still

convert to the original text of my message but this makes it much less reliable for someone to look at this and assume that it's encoded data and I choose random numbers here because this is a really quick example but I can make this actually more reliable uh another thing that we're going to see in a minute is that I put this into a single row of an Excel sheet but if you're trying to be more under the radar you can write code that will put these into columns and make the columns be in some way correlated with each other so for example I could do a random in from one to two in the X column and then

have a second column of data that has a random int from four to five and people would be able to look at this Excel data and say oh yeah that's two columns that have correlated numbers between them like that looks like graphical information that has some meaning to it and it's always going to reduce back down to my original alphabet this last step is just using open Pixel or Open PI XL to create an Excel sheet out of that data called payroll.xlsx because this is definitely a payroll file that you should open on your machine uh I have a pre-opened one that I have over here there's no reason for me to be too worried about it because first of

all it's directly pointed at a fake Cali instance that I'm not afraid of and this is pretty benign it's not like I'm using Excel macros this is completely inert until it's passed back through the original python but I will say for a proof of concept like this is not something I would use realistically because who sends a single column of like 700 random binary or uh like decimal values in a column please please do not answer that if your accounting firm does that I am so afraid someone's probably done it when I come over here so I've got a vagrant machine spun up a Debian 10 instance that has my pre-written code that we'll take this in so this is just

some short python that looks pretty inane that you can drop onto a machine or just type into a rapple instance if you don't want anything suspicious on disk but we can see here that it does can you guys read that I should probably make it a little bigger um oh yes great so we can see here this is just doing the same Imports as before although I actually do CIS because I want to take the first argument and I load in that workbook that same file uh I take the active worksheet in an Excel workbook because Excel is weird and has too much stuff going on and then I do that same inverted thing in a python

one-liner because I like python one-liners this is all just bringing my alphabet back down to that original 90 character space and then the minus 90 mod 90 is doing that flip to get it back to the original numbers and then I'm adding 33 to bring it back back up to its ASCII space where it should be and that just creates that as a list and then the list gets joined into a string and then the string gets converted by the a85d code straight into an exact path so what this is going to do is run my Excel sheet as a payload in Python I've got Metasploit already running over here where you can see that I've got the

Handler set up so I've got my options open to run the python interpreter reverse https Handler uh I should let me come back to make sure that this payload has the same port 8443 we should be good live demos always go well in talks right so I'm going to run my Handler and in another tab I have my payroll file here and Iowa in a more practical case which probably shouldn't ever exist because this is just for fun I would say this should be sent as an email with some kind of justification so that no one would look twice at it but for this short example I'm going to run the HTTP server module and I'm going to pull this file down on

my Debian machine

all right that's enough bytes that it seems realistic now if I run this should immediately exit all right that's good and in Tab 3 here starting reverse Handler handling requests stage are sent me interpreter session opened so this successfully went from an Excel sheet or went from a payload to an Excel sheet was received by a Target and then executed and returned to Handler and the only thing that was ever dropped on disk was that Excel sheet that still just looks like normal data all the conversions are done in memory this is just one example that I thought up as a thing that would be neat some other stuff that I thought about looking at was doing like a diffie-hellman key

exchange by sending an email to one person and saying hey can you look over these uh numbers for me I think these are right and then the other person's saying hey I corrected your data and sends it back and you have a theoretically covert channel in which you have done some kind of data exchange between two parties huh back to my slides another thing that I thought would be cool let me make sure I hit the right button to continue from this current slide so an idea I had that I thought was cool at the time was to graph the data and then be able to send someone just an image and say hey look at this graph

that I generally to quote everyone's favorite band Nickelback look at this graph uh I I thought that I was going to be able to send that to somebody and they would be able to extract the data back out of it there are ways to make that happen but it turns out to be fairly difficult um mostly just because you'd have to be like pixel accurate on this and any amount of uh Distortion or compression noise might throw off the encoding and if you're working on base64 or base 85 and you throw one of those off your whole byte stream is ruined well a large chunk of your byte stream is ruined and when you're working with binaries that

could be pretty fatal I will say this can still function for text messages uh it's not very easy to read though especially when you've reached that large space if you're multiplying over multiple alphabets and you're creating uh an alphabet space of like thousands of characters that's it's not super readable so you kind of have to lose some of that flexibility of the pseudopoly alphabet but if if you wanted to you could do graft readable data and send that to someone it's just not the most practical method one thing I did want to look at is how this works for detection uh between using text and possibly uh binary data so one thing is that you could I picked

a 90 letter alphabet you don't have to uh and your 90 letter or your alphabet size is essentially the key to this because if you do the modular math wrong then you're never going to get the right data so if you choose to do an 89 letter alphabet then if someone has written uh rules in their firewall to detect that human readable text has been encoded this way it's not going to look like that to them but it does work fairly well if you get the right alphabet and they're sending human readable text and you intercept it and assume a lot of things about it uh so of course I used B movie as my

example of human readable text and when I've put it through the encoding I will say these are scsvs because I wanted to give the system the benefit of the doubt uh all Excel files always look insane because Excel is compressed so you get like 7.5 on this entropy scale no matter what um if you guys aren't familiar with the Shannon entropy scale it's in very short terms a number that determines the randomness or pattern-ness of information that is fed through it so you see this bar in the middle here you might not be able to read says English text B-movie is in English and random numbers are not in English this bar over here is where an Excel sheet would fall

this is compressed data since Excel sheets are always just zip files really that's where they usually end up they also have a ton of like header data and overhead the reason I don't mind that is because this Excel sheet can be as long as I want as opposed to the image least significant bit stagnography that we were talking about earlier my image is already a set size I struggle to expand it in a meaningful way whereas this can always be expanded to fit my message set but yeah we see here if I'm assuming all the right things and I am only using human readable text uh this would be what the detection gets for a true

positive this would be what the detection gets for a true negative um because it's just garbage when this comes out so that does work but also if I'm sending binary data or a photo or something like that it's going to be a lot closer to this even when decoded out of Base 85 with all of the correct conversions done so this only works in very narrow use cases I'm sure that other smarter people or people who like to use AI because they're as smart as I am I could find out something that would detect on a better method but this was my first shot idea at how I would choose to detect it so as a conclusion it's kind of an

impractical method this was a toy example that I created in a couple of days because I read this book and thought Oh I want to see how this would hold up but it worked out pretty well I thought it was pretty neat and I think that the good takeaway here is that simple systems can be pretty difficult to detect if you throw enough Randomness into it it's kind of like that guy who played an AI That was supposed to be really good at go and he had never played go before so he just started doing the stupidest moves and he beat it that's how I plan to beat AI firewalls and steganography is largely obfuscation

over security that's something that I touched on earlier uh they operate on totally different threat models though so this is not necessarily A Bad Thing do not use steganography in your work environments technography is not an alternative to crypto well it's an alternative but not a safe alternative to cryptography uh the only use case really is when you are trying to absolutely hide the fact that you are even talking about a certain topic and once someone has figured it out either you fall back to crypto that you have done on top of it or you give up uh and lastly please do not ever use this in a production environment I did this for fun on a weekend like

it was a cool thing don't make tools out of it here's the sources that I use to gather some of the info on the historical subjects and the photographs that I took and if anybody has any questions I'm here all day

because the English translation was released in the 80s I believe the translation itself is still under copyright law I thought about it I really wanted to and then I looked that up and I thought I can't it's a horrible shame because it's one of those things like that happens a lot these days where a book goes out of print no one can find it but no one's allowed to Archive it so learn Latin skill issue

uh did you ever consider did you ever consider the border around creating a border around the image which is you know under your control and and it's wide as you wanted to and crypt and and embedding the data in there so I have never personally done that when you say that I immediately think the really cool thing to do would be use uh Google pixel to crop that image after I created the Border because Google Google apparently does terrible cropping I had a final fantasy moment there Google apparently does terrible cropping and leaves that data in the image but uses metadata to filter the crop so to add on to that I think it would be

really cool you could add a border and then you could crop the image in metadata and people would open it and say oh sure that's like that's what we're looking at and then you would have much more image space that would be entirely possible I think if you added enough border without doing that to add more like meaningful more data that would just become problematic because your border would be huge you get less than 1 8 of the amount of image space as cover space uh kind of intuitively on it being least significant bit and it's actually a lot less than that because there's a lot of overhead involved especially if you're converting jpeg from a bitmap so it gets pretty out of

hand pretty quickly yeah yeah just uh one of your favorite or preferred steganography programs that work on Mac windows or Linux do you have a preference oh I mean steg hide comes with Cali and it works pretty well like I said script kidding at heart that's where we start it works for you it's great otherwise um python bright Tools in Python again coming up with your own thing is the best way to beat someone else's like AI or statistically generated methods because no matter how dumb your new solution is it's a new solution and someone hasn't written the Yara rule for it [Laughter]

all right I think that's it thank you very much [Applause] that should be my new tagline it doesn't matter how dumb you are it matters how creative you are

you

it is hot hold on okay I should be muted now uh no it is a glider from Game of Life hahaha right anyway okay cool thank you [Laughter] sorry thank you how do I get this off there we go yeah doing something with you listening fit oh um so thank you oh yeah where'd it go it's on the thing yep

let's pull the speaker what's that let's put the speaker I'm not sure it hands it to me I don't know okay I don't know who the next speaker is