So, the blogster decided to come back to a different favorite: how to hide data and some psychological aspects that can improve hiding data.
No, the topic is not new at all. This is just one of many articles that says it: Data hiding has been with us as long as there have been digital computers and networks. The author of the 2007 article considers the practice as a threat, saying In a sense, we've been living in a fool's paradise because today's crooks and criminals seldom take extraordinary measures to conceal data. Most of the forensics work in law enforcement that I'm aware of involves very basic data recovery techniques with a few popular forensics tools.
Others have a different view and study the subject with the aim of improving network processing and security, for example this one from the University of Toronto.
This post describes practical ways and tools to hide data at rest, in other words, data that sit on a device. Things like banking details, passwords, or files you want to keep private.
It is called steganography, and is literally the oldest trick in the book. Here is a list of great free tools. They hide data in image files or audio files, some tools come with added encryption.
They are all you need if you are a normal computer user.
For the more adventurous among you, another tool out of the basement of the K-Landnews is available here as an executable package and with the full source code. It supports the standard image file storage as well as homemade .wav audio.
More interesting, though, are other formats. Some are "beta" or somewhat experimental, others stable. See the section of supported output file formats at the end of the post.
Psychological aspects of hiding data:
1) Playing with cultural stereotypes and taboos, a light hearted description is in the older post Staganography -- hiding text in nudie pics
On a more serious note, childrens' drawings are likely to score high on the "not interesting" index, unless your kid is a prodigy.
2) Scare a snooper
The output file list at the end of the post has an entry "Java .jar file". To a snooper, this looks like an executable file, a program. Our implementation is simplistic, it merely replaces the content of a standard main.class file of Java executable jar with the scrambled message. But, to a snooper, a Java executable won't look as interesting as a text file and he or she will initially treat it as an unknown executable. Other executable formats would even be more formidable, say you wrote a C/C++ program with pernicious code to crash the operating system and hide your message somewhere in the executable.
3) Use formats from your work or something related to your hobbies. Yes, Item 1 can be a hobby, but that's not what we mean.
The sample formats "DNA sequence" and "empty xml file" are meant as examples for work/hobby related steganography. If you are a biologist, some "DNA txt files" on your device will look perfectly natural.
If you are an English teacher, put the data into the "empty xml" and add a public domain book or poem from Project Gutenberg. Again, a folder with "nothing" but Mark Twain books or some random English romantic poet's deeds provide good cover.
Suggestions for other professions:
If you are an engineer, extend the tool, write some output files based on standard formats from your daily work. How about a fake electronics component wiring diagram or some ChemDoodle Web drawings with a custom reader?
If you are a musician, use "note xml" or use standard musical notation with a customized optical character recognition module - similar to but more elaborate than the sample "hieroglyphs .png" implementation of the K-Landnews stego tool.
Computer games should be a fun container, too. You can make people play a game in order to reassemble data.