RE: "Camera/Shy the Steganographical Browser"

From: the Pull (osioniusx@yahoo.com)
Date: 10/15/02 

Date: Tue, 15 Oct 2002 14:05:45 -0700 (PDT)
From: the Pull <osioniusx@yahoo.com>
To: bugtraq@securityfocus.com

>Software may be written to operate with a modified
"ExtractSteganography" that can examine the resultant string as such:
> + IF several printable bytes are followed by 0x00
> + THEN flag image and store extracted data
>
>Knowing this, it is TRIVIAL to write an automated
>application which could quickly examine a set of
>suspect images,
>locally or online, determine whether they are
>"Camera/Shy" and
>act according to its findings.
>ie: notify administration, block host/s, etc

Three points.

One, Camera/Shy is clearly marked as Beta. In fact, the
current version is 0.2.23.1. We totally want help on this application.
We have used SourceForge because we want developers to be able to help
on this.

Two, the FAQ - which has been carefully translated - very specifically
notes already that the gifs may be easily detected by using software
analysis. It notes we understand we will have to manually change the
protocol used on a regular basis. Workarounds have already been stated
within the FAQ at the top of the list. It notes that the strength of
the application is in hiding images on pro-"Communist" sites and in
planting fake images through out the web. In this way the "Communist"
regime must expend a great deal of time and resources and follow
bad leads.

So, on one hand, this is a high priority known bug... on the other
hand it is stated that we realize there is not a fool proof method
to hide content in gif images at all -- excepting a few methods which
forego usability completely allowing only very short messages. This
said, this particular signature bug will be munged.

That said, the bug in the implementation of the encryption, a popular
library used in Camera/Shy... is simply a new bug entirely which will
be
fixed as high priority.

Third, you have total right to email the author and actually submit
bugs, submit code, submit translations.

Cheers,

 the Pull

__________________________________________________
Do you Yahoo!?
Faith Hill - Exclusive Performances, Videos & More
http://faith.yahoo.com

Relevant Pages

  • Re: Shortage of Fortran Programmers
    ... On Sun, 25 Jun 2006, Sue wrote: ... mini-computers and then Sun and SGI workstations, ... In my field Fortran is rarely for graphics anymore, mostly due to the lack of portable support for the data types used for images, but also because there is a wealth of excellent tools. ... Each time someone came to me with a problem I had to determine whether the user code was correct, look for a workaround, and if a bug fix was required, prepare test cases and run diagnostics. ...
    (comp.lang.fortran)
  • Re: often cannot insert images into Word document
    ... It is no longer a universal bug & I've seen no reports of the problem not ... Other file types should insert correctly with no problem.] ... Drag-and-drop of images works fine ... always do a repair permissions after installing any software. ...
    (microsoft.public.mac.office.word)
  • Re: Best 35mm film scanner for max £500ish
    ... The software scans the photo and saves it as a TIF or JPG file, ... Also, I scan in 16-bit, and my editor has a known bug on this latest ... "Full support of 16-bit images allows professional photographers to work ... the 8-bit limit of 256 shades per color set by previous versions of the ...
    (comp.periphs.scanners)
  • Re: Confirming EOG bug
    ... |>On Tue, 2004-03-09 at 08:14, Dexter Ang wrote: ... |>>Would just like to confirm a bug I've found with EOG. ... Open 2 or more images using Eye of Gnome. ... |>>On my computer, all the images disappear, leaving just the windows open. ...
    (Fedora)
Quantcast