Steganography

Apr 29, 2022

Can you spot the difference between these two images? (Yes, they are different.)

trex-1.jpeg

trex-2.jpeg

They are different. You can download them both and run this command in your terminal to calculate a hash of images.

➜  steganography shasum trex-1.jpeg trex-2.jpeg 
5ffa6e972ef1c00e010e7117312a8486580077f2  trex-1.jpeg
a8319cc7c53cea9fd42d2973435ad994197f3223  trex-2.jpeg

Surprise. There's another image encoded in the second image of a t-rex. There's a secret image of a baby panda hidden inside _trex-2.jpeg_.

A baby panda

Steganography (from the greek "concealed writing") is the practice of concealing a message inside something else. This means taking advantage of different file formats to encode extra information in the computer age.

Here are some practical ways in which this steganography is done digitally.

  • Hiding data in ignored sections of a file, such as a header or a footer.
  • Encoding a message in some metadata: e.g., a message in a spectrogram (wave analysis) of an audio file (see Nine Inch Nail's album Year Zero).
  • Using the lowest bits of a lossy image format. This distorts the visual representation of an image but is not enough to be noticeable.
  • Hackers often use steganography tricks to hide dangerous executables inside seemingly innocuous file formats.

You can recreate the panda image by using this utility, stegify, that I found on Github.

$ stegify decode --carriers trex-2.jpeg --result small-panda.png