Encode Hidden Messages in Your Facebook Pics

HardOCP News · Apr 10, 2013

And the countdown to "outrage" over this browser add-on begins in 3...2...1. I'm sure Facebook will simply tweak its image compression algorithm to kill this off but it will be interesting to see how long that takes.

With the extension, anyone — you, your sister, a terrorist — could share messages hidden in JPEG images uploaded to Facebook without the prying eyes of the company, the government or anyone else noticing or figuring out what the messages say. The only way to unlock them is through a password you create.

mastaBlasta · Apr 10, 2013

With the extension, anyone you, your sister, a terrorist could share messages hidden in JPEG images uploaded to Facebook without the prying eyes of the company, the government or anyone else noticing or figuring out what the messages say.

My sister is not a terrorist.....i think

sfsuphysics · Apr 10, 2013

You could also upload an archive file that looks like a picture too, it opens like a picture, it imbeds like a picture, but unless you open it with winrar or some program you'll never know it was actually an archive. Only clue mgiht be an 800x600 picture that's 10MB in size

Elf_Boy · Apr 10, 2013

This is not new technology. Hiding data in jpeg or other images has been around for at least a decade.

leeleatherwood · Apr 10, 2013

Elf_Boy said:
This is not new technology. Hiding data in jpeg or other images has been around for at least a decade.

Yep, this is not limited to facebook but anything that can host image files. Even your company logo image in your outlook signature can be used to send secret messages.

the-one1 · Apr 10, 2013

I heard that if you display the pictures on Facebook backwards, it shows a hidden message.

mcravenufo · Apr 10, 2013

Elf_Boy said:
This is not new technology. Hiding data in jpeg or other images has been around for at least a decade.

I was working with this technology back in 1999, almost 15 years.

SunnyD · Apr 10, 2013

mcravenufo said:
I was working with this technology back in 1999, almost 15 years.

Steganography itself is centuries old.

rand4505 · Apr 10, 2013

Why not just encode code to auto download a script that loads something malicious, that will get extif data killed off by blockage in hurry.

RangerXML · Apr 10, 2013

Old news, Steganography has been around for a very long time. I even mentioned my friends and I running tests on passing messages back and forth encoded in pictures on Facebook some years back in another post on here. The terrorist are probably planning their next big attack in some private guild in WoW (which runs on just about any computer)

WBurchnall · Apr 10, 2013

This seems like an old technology... there are tons of examples of different jpeg files that can contain entire-torrents such that you send your friend a DVD-Cover-Of-Movie-Title.jpg and if the renames the .jpg to .tor and double clicks agian...the movie starts downloading -- assuming he uses torrents.

It's also possible to put .mov or .mpeg or any real data into those files allowing the jpg to contain a trailer for said show...but... a 20-mb jpeg would be a pain to transfer. Making it a bit of a mute point. Adding 3kb to an image of a dvd cover to include torrent details doesn't though. That's only like another 0.05sec of transfer time or there abouts?

Ashton · Apr 10, 2013

RangerXML said:
Old news, Steganography has been around for a very long time. I even mentioned my friends and I running tests on passing messages back and forth encoded in pictures on Facebook some years back in another post on here. The terrorist are probably planning their next big attack in some private guild in WoW (which runs on just about any computer)

Considering most of what I've read, I think your giving them WAY too much credit

lol

WBurchnall said:
It's also possible to put .mov or .mpeg or any real data into those files allowing the jpg to contain a trailer for said show...

I'm actually surprised that studios havn't thought of this - "cover" images that contain a trailer or other "bonus features" it would be a very amusing idea (or possibly a stealth-launch of an ARG...)

prndll · Apr 10, 2013

lol....
I once embedded a rar'd mp3 of a song I shared with a particular young lady I used to know inside of picture of me that she has asked me to give her. She was pleasantly surprised when I told her about the song. put a smile on her face....

and that was many years ago

It is interesting to think that not only messages...but functional code could be embedded into a graphic. Kinda makes ya think about all those little bits and pieces of "background" that get downloaded as cookies from various websites. Many of these background images are only 1pixel by 1pixel in size and are never even noticed by the casual surfer.

mynamehere · Apr 10, 2013

sfsuphysics said:
You could also upload an archive file that looks like a picture too, it opens like a picture, it imbeds like a picture, but unless you open it with winrar or some program you'll never know it was actually an archive. Only clue mgiht be an 800x600 picture that's 10GB in size

FTFY

CrimsonKnight13 · Apr 10, 2013

Why is this news? Stenography isn't exactly cutting edge technology & neither is the implementation into a browser add-on.

Drakenfeng · Apr 11, 2013

Speaking of WoW, this reminds me that they encode user data into their screenshots using a similar technique.

http://gamasutra.com/view/news/1775...mbedding_user_data_in_screenshots__report.php

HardUp4HardWare · Apr 11, 2013

RangerXML said:
Old news, Steganography has been around for a very long time. I even mentioned my friends and I running tests on passing messages back and forth encoded in pictures on Facebook some years back in another post on here. The terrorist are probably planning their next big attack in some private guild in WoW (which runs on just about any computer)

Wasn't one of the Benghazi victims a big EVE online player and they were speculating that he was CIA?
(sorry that was Glenn Back who speculated that) However, despite the source it is not outside the realm of possibility.

Ashton · Apr 11, 2013

Drakenfeng said:
Speaking of WoW, this reminds me that they encode user data into their screenshots using a similar technique.

http://gamasutra.com/view/news/1775...mbedding_user_data_in_screenshots__report.php

I first was outraged, then I read the article and went *meh* since there's nothing important there, it's not like a simple /who in-game cant get you my screen name and it's childs play to ping a PC and get it's IP (several members on here have signature images that do it on their own) I actually think it's a good idea, since it will help WoW devs identify genuine bugs vs Photshopped images of non-existant bugs.

RangerXML · Apr 11, 2013

HardUp4HardWare said:
Wasn't one of the Benghazi victims a big EVE online player and they were speculating that he was CIA?
(sorry that was Glenn Back who speculated that) However, despite the source it is not outside the realm of possibility.

I've heard similar from other sources and it would not surprise me if the CIA used something like EVE or some F2P MMO to pass messages, they are virtually untraceable if you take the proper precautions in game (private chat/channel or guild chat). And now a lot of the MMO allow you to link external chat clients, you don't even need to be in game to take advantage of the system.

Encode Hidden Messages in Your Facebook Pics

HardOCP News

[H] News

mastaBlasta

Gawd

sfsuphysics

[H]F Junkie

Elf_Boy

2[H]4U

leeleatherwood

[H]ard|Gawd

the-one1

2[H]4U

mcravenufo

Ravenufo's Macs

SunnyD

2[H]4U

rand4505

Limp Gawd

RangerXML

Supreme [H]ardness

WBurchnall

2[H]4U

Ashton

2[H]4U

prndll

I'm floppy, even when I don't want to be

mynamehere

[H]ard|Gawd

CrimsonKnight13

Lord Stabington of [H]ard|Fortress

Drakenfeng

Gawd

HardUp4HardWare

Supreme [H]ardness

Ashton

2[H]4U

RangerXML

Supreme [H]ardness