WEBVTT

00:00.420 --> 00:07.370
Steganography is the process the science of taking data and hiding it in other data.

00:07.410 --> 00:14.160
Now be careful with this because cryptography is the process of taking data and encoding it in some

00:14.160 --> 00:20.010
way so that other people can see that there is data there but they can't read it with steganography.

00:20.010 --> 00:22.350
The data itself may or may not be encoded.

00:22.410 --> 00:27.450
A lot of times it's not encoded but it's hidden in other data so that people don't even know to look

00:27.450 --> 00:30.120
there that that might be the data they're looking for.

00:30.120 --> 00:37.260
So when we talk about steganography the number one way we talk about it is that we take data and usually

00:37.290 --> 00:41.100
text and then we hide it within graphic images.

00:41.100 --> 00:45.290
So to help you see how this all works I've got this great picture of me right here.

00:45.330 --> 00:47.340
Hey thanks.

00:47.340 --> 00:50.310
Camera Guy for making such a great picture of me anyway.

00:50.430 --> 00:55.800
So what we're going to do is we're going to take this pian file and we're going to embed a little bit

00:55.800 --> 01:03.120
of text a little bit of secret text into the PMG itself so to do that well there's a lot of ways to

01:03.120 --> 01:09.060
do that but to start off we're going to go a little bit old school and by talking about old school what

01:09.060 --> 01:10.750
I mean is I'm going to open this up.

01:10.860 --> 01:16.620
In this case I'm going to use a word processing program word pad.

01:16.780 --> 01:18.600
So let's take a look at what we see here.

01:18.600 --> 01:24.270
Now this is interesting because what we're looking at is instead of looking at a P and g file through

01:24.270 --> 01:30.120
a graphics editor or through a image viewer or something like that we're just bringing out the raw text

01:30.120 --> 01:31.670
that's within that image.

01:31.680 --> 01:33.390
So there's a couple of things that are kind of handy here.

01:33.390 --> 01:39.060
For example you see the PMG up at the top almost every graphical format on earth starts off with a three

01:39.060 --> 01:43.580
letter combination of four letter combination identifying exactly what it is.

01:43.800 --> 01:49.680
Now pian Jeezy's a lot of headers and is as we scroll through here we can see there's all kinds of header

01:49.680 --> 01:55.270
information but there is a certain point where the actual data.

01:55.280 --> 01:57.660
That is the image begins to show up.

01:57.660 --> 02:00.920
So what we can do is give this a try.

02:01.170 --> 02:06.150
I can pick some arbitrary spot and now watch what I'm going to do.

02:11.240 --> 02:14.840
So you can see I type in this is secret text.

02:14.880 --> 02:16.910
Now there's a couple of downsides to this.

02:16.910 --> 02:22.330
First of all we're gambling that the image will just see this little bit of text I've written in in

02:22.330 --> 02:27.110
and try to interpret a pixel or two to be something different but things are kind of persnickety and

02:27.110 --> 02:28.950
graphics formats for example.

02:29.180 --> 02:33.680
You have a bunch of images and then you have the end of that line as it begins to draw the next line

02:33.680 --> 02:34.520
of the image.

02:34.520 --> 02:35.980
If I were to mess that up.

02:36.080 --> 02:41.380
Well we could run into trouble so there's a lot of issues involved with this that can make simply going

02:41.380 --> 02:44.330
in in a raw way like this work or not work.

02:44.330 --> 02:49.170
So I'm just I'm not going to save that but let me show you one example.

02:49.430 --> 02:55.160
Here's an example where I actually went in and I just tried to type in this is secret text and I got

02:55.160 --> 02:56.060
a result like this.

02:56.060 --> 02:57.380
This is actually a good result.

02:57.380 --> 02:59.620
It still thinks it's a P and g file.

02:59.720 --> 03:01.630
It's just having trouble interpreting it.

03:01.670 --> 03:04.880
I've seen a lot of times where you mess up and it's like I don't even know what this is and it just

03:04.880 --> 03:05.880
blows up.

03:06.140 --> 03:10.560
So keep in mind the whole idea of steganography is that to the normal person it'll just look like a

03:10.640 --> 03:11.760
PNB file.

03:11.780 --> 03:16.490
So to get around this problem what we do is there's lots of little tools out there that allow us to

03:16.490 --> 03:17.920
do steganography.

03:18.140 --> 03:21.700
So this one particular program is called Image steganography.

03:21.770 --> 03:24.300
I like this one because it's not complicated.

03:24.380 --> 03:33.560
What he can do is embed some data into BNP J pigs pian gs because the program knows these file formats

03:33.800 --> 03:37.870
and it's not going to let you accidentally put it in a place where it's going to mess stuff up.

03:37.910 --> 03:40.140
So it's actually trivially easy to use.

03:40.190 --> 03:43.810
I'm just going to drag an image over here.

03:48.550 --> 03:49.510
I can type it in.

03:49.590 --> 03:53.690
This is secret text and now it's going to say where do you want me to put this.

03:53.730 --> 03:55.320
And I'm just going to say call it Mike.

03:55.380 --> 04:05.920
Pick three and just dump it to the desktop so you'll see here we are actually encoding it.

04:05.930 --> 04:06.890
We're not encrypting it.

04:06.890 --> 04:08.910
We're just going to leave the actual text there.

04:09.230 --> 04:11.920
And these are different ways that it can embed the information.

04:11.930 --> 04:15.970
But what is important is we're going to go ahead and we make this.

04:16.040 --> 04:17.530
And here's the cool part.

04:17.540 --> 04:19.370
So we've made this new file Let's take a look at it.

04:19.370 --> 04:23.670
So just opening it up there's nothing really to see here.

04:23.950 --> 04:26.200
And that's the whole idea of steganography.

04:26.200 --> 04:29.880
You want to hide the data whether it's encrypted or not unimportant.

04:29.890 --> 04:36.340
The only downside to this is that because I use this tool to perform the steganography I need to get

04:36.340 --> 04:41.900
the other person this exact same tool because he has a proprietary way of hiding that data.

04:41.950 --> 04:44.380
So to actually get the data back out

04:47.950 --> 04:52.980
what we're going to do is we take the encoded image I can output it to a file I'm just going to say

04:52.980 --> 05:00.420
output to text and if I've done it right it's able to read the information that was put into that.

05:00.630 --> 05:03.230
So steganography is actually pretty cool.

05:03.580 --> 05:09.150
A lot of work with like the FBI and the DEA they watch out for stuff like this because it is a great

05:09.150 --> 05:10.750
way to hide stuff.

05:10.770 --> 05:12.890
It's an unsophisticated way to do it.

05:13.050 --> 05:16.140
But when you're not looking for it it can be a real challenge.

05:16.150 --> 05:17.520
Watch out for steganography

05:32.240 --> 05:33.850
in.