Skip to content

Latest commit

 

History

History
89 lines (45 loc) · 8.11 KB

steganography.md

File metadata and controls

89 lines (45 loc) · 8.11 KB

Explain how to hide things in plain sight.

Steganography

Trithemius was an interesting character. Maybe we can make him a protagonist. Invocation of angels etc.

Speaking of magic, Fulcanelli with his Le Mystère des Cathédrales comes to mind as well.

And the chapter should definitely have a steganographic message hidden in it. A message that would result if you took only uppercase letters should be relatively easy to write.

Here's a real-life steganography story: "Today, The Intercept released documents on election tampering from an NSA leaker. Later, the arrest warrant request for an NSA contractor named "Reality Winner" was published, showing how they tracked her down because she had printed out the documents and sent them to The Intercept. The document posted by the Intercept isn't the original PDF file, but a PDF containing the pictures of the printed version that was then later scanned in. The problem is that most new printers print nearly invisibly yellow dots that track down exactly when and where documents, any document, is printed. Because the NSA logs all printing jobs on its printers, it can use this to match up precisely who printed the document."

One thing that should be pointed out: She was not 100% clueless as she scanned the documents to get rid of metadata. That makes a good basis for a story.

Source here: http://blog.erratasec.com/2017/06/how-intercept-outed-reality-winner.html#.WTZDd3WGNFQ

This can be stretched out to be a longer story. Let's say there's a leaker whow the authorities want to identify. First, when handing out secret documents, they add a number to doc's metadata (Explain what metadata are! There can even be a separate chapter about metadata.) The number identifies the employee the document was handed to. The leaker is smart though. She prints and scans the document thus making sure that there are no attached metadata. But the printer/scanner adds metadata of their own. Ouch! Game over. But let's say the leaker was smart enough to re-type the document. Well, it turns out that the authorities have handed a slightly different document to each employee. Few inconspicious words were replaced by synonyms. In such a case even re-typing doesn't work.

Another option: In Borges' Garden of Forking Paths the narrator, a German spy in England, kills a person to send a message to his superiors (the victim's name is the same as the name of the village where British artillery is located):

What remains is unreal and unimportant. Madden broke in and arrested me. I have been condemned to hang. Abominably, I have yet triumphed! The secret name of the city to be attacked got through to Berlin. Yesterday it was bombed. I read the news in the same English newspapers which were trying to solve the riddle of the murder of the learned Sinologist Stephen Albert by the unknown Yu Tsun. The Chief, however, had already solved this mystery. He knew that my problem was to shout, with my feeble voice, above the tumult of war, the name of the city called Albert, and that I had no other course open to me than to kill someone of that name. He does not know, for no one can, of my infinite penitence and sickness of the heart.

-- Jorge Luis Borges


I earned my keep until the war ended in 1945 as a writer and broadcaster of Nazi propaganda to the English-speaking world. ... When the war was ending I was high on the list of war criminals, largely because my offenses were so obscenely public. ... I did not hang. I committed high treason, crimes against humanity, and crimes against my own conscience, and I got away with them until now. I got away with them because I was an American agent all through the war. My broadcasts carried coded information out of Germany. The code was a matter of mannerisms, pauses, emphases, coughs, seeming stumbles in certain key sentences. Persons I never saw gave me my instructions, told me in which sentences of a broadcast the mannerisms were to appear. I do not know to this day what information went out through me. From the simplicity of most of my instructions, I gather that I was usually giving yes or no answers to questions that have been put to the spy aparatus. Occasionally, as during the build-up for the Normandy invasion, my instructions were more complicated, and my phrasing and diction sounded like the last stages of double pneumonia.

-- Kurt Vonnegut, Mother Night


When you listen to Bach's The art of Fugue, it abruptly stops in a middle of a piece.

If you look at the manuscript of the fugue, it has only partially written measure 239 and that's where it stops. There's a note written by Bach's son: "At the point where the composer introduces the name BACH in the countersubject to this fugue, the composer died."

(Note that german notation uses H where English would use B and B where they would use B flat.)


http://www.openlettersmonthly.com/likefire/steganography-knowledge-is-powe

[[[name:powe section:38

  • TWO ROWS, NOT THREE
  • RECALL BACON
  • ONE GOT IT WRONG

Last letter of the message is missing. There haven't been enough people. Take the missing letter, take its numeric value, multiply it by seven, continue reading at that section.

]]]


In 2017, there was a fear that Russian intelligence will try to effect French presidential elections. And, unsurprisingly, a day before the vote, a trove of documents was leaked that harmed Emmanuel Macron, the candidate who, as a president, was expected to take hard stance towards Russia.

When the experts looked at the leaked documents they've found out that some of the metadata was in cyrilic, which means that the document was at some point opened on a computer with Russian language settings. Metadata of nine documents even contained a particular name: Georgiy Petrovich Roshka, who was tracked to be an employee of a company which seemed to be a Russian intelligence contractor.

If you asked the Russians they would either say nothing (the company denied that it has an employee of that name) or maybe claim that it was a "false flag" operation aimed at hurting Russia's reputation.

Now, the interesting question is whether one should believe them or not.

An instinctive reaction is to say: "Come on, Russia. Stop pretending that dog ate your homework."

But let's think about it a little more. The job of FSB, the Russian intelligence agancy, is advancing the interests of Russia. Telling truth is definitely not their job. Therefore they will lie if it advances Russian interests. But, in exactly the same way, they will tell truth if it advances Russian interests.

But wait! That means they are sometimes telling truth, right? Does that mean we should give them at least some credibility?

...

And it gets weirder. Actually, Russian spies do want to tell truth sometimes. Why so? Because if they've lied in every case, whatever they said would give their oponents an useful information: "Russians are claiming X? Great, we can rule X out. How nice of them that they provide us with hints."

...

Anyway. If you asked a French intelligence expert in private they would probably say something like: "If I wanted to leak Macron's emails I would definitely add some Russian metadata to it."

Seen from this point of view, the claim about the false flag operation that orginally looked like a blatant excuse, is not that improbable at all. There were already allegations of Russia meddling with US elections before so for anyone trying to leak Macron's emails Russians would make a great scapegoat and planting hints pointing to Russian intelligence would be a natural thing to do.

So, in the end, we can't infer anything from what the players of the Game are saying.

However, we still have the "cui bono" principle. "Cui bono" is Latin for for "Who profits?" The idea is to look at who would profit from the action and assume that those who profited were the perpetrators. In this case, the leak caused damage to Macron. We can thus assume that the culprit was either someone who wanted to hurt Macron or, alternatively, someone who haven't cared about Macron's victory at all but wanted to make bad reputation for Russians.

Well, it's not exactly saying who's the culprit but it at least rules out some people, like Macron himself.