Steganography is the art of hiding a secret message inside another
message.
Exhibit
Description
gif/zip file
with
css_descramble.c This
gif file contributed by
Robert de Bath, contains a
surprise inside. Mr. Bath writes:
"There are two tiny facts about
GIF files and ZIP files you might like to know about: GIF files have
their length defined at the start of the file; any bytes after are
ignored. ZIP files have a table at the end; anything at the start of
the file is ignored. The result is that a file can be both a GIF and
a ZIP, just change the extension."
"Not the
DeCSS Source"
Click to view full image.
Joshua Shagam at NMSU created this very clever image of some C source
code. This is not the code for DeCSS. But if you compile the code in
the image and then feed it a raw pnm version of the image file as
input, you'll get a surprise. (The DeCSS source is encoded in the low
order bit of every byte in the image.)
Prime number
encodings: Carmody
Hannum 8-bit
Hannum 7-bit
Jobling
Carmody's
executable prime
This
prime
number, found by
Phil
Carmody, encodes the gzipped
source
of the anonymous C decryption code (minus the tables). Phil has some
information about this
here The number
is listed in the
registry of "interesting
primes" maintained by
Professor Chris Caldwell of
the department of Mathematics, University of Tennessee at Martin. The
prime is interesting, first, because it is over 1000 digits with no
easily-provable form, and second, because as an encoding of DeCSS, it
is the first known
illegal
prime: its publication is prohibited under the Digital Millenium
Copyright Act. Read more about it at
tbtf.com or
The
Register. A
Perl program
for extracting the source from this prime number was
contributed by
Jamie McCarthy,
Inspired by Phil's effort, two prime
number encodings of the source of efdtt.c (not gzipped) have been
contributed by Charles M. Hannum,
and a prime
number encoding of a variant of qrpff.pl has been developed by
Paul Jobling.
Phil Carmody subsequently created the first non-trivial executable prime, an
implementation of Hannum's efdtt.c for the Intel architecture. For
more information, see Tom Greene's article
in The Register. Here's the official Prime
Curios entry.
Jack Valenti
brings
you
efdtt.c Here is the source of efdtt.c, the
434 character C decryption program,
embedded in a photograph of MPAA
president Jack Valenti. The embedding was done with Xerox
DataGlyphs technology. You can
read more about DataGlyphs in this
article from the March
2001 issue of IEEE Computer. Contributed by
Tim Scott.
X-Face header
is efdtt
Benot Rouits
writes:
"X-Faces are ASCII icons intended to show in low-quality the face
of an e-mail author... Most Unix mailreaders and Mac ones handle
X-face headers... *Anyway*, the purpose of this thumbnail was for me a
mean to express a kind of personification of efdtt.c since it can be
now seen as a *face*... More informaton about X-Face header can be
found here: http://www.dairiki.org/xface."
get CSS-auth
from a DNS
server This is a Unix shell script (/bin/sh) containing
the following sequence of commands:
for DVDs
in Linux screw the MPAA and ; do dig $DVDs.z.zoy.org ; done | perl -ne
's/\.//g; print pack("H224",1ドル) if(/^x([^z]*)/)' | gunzip.
Explanation: a hex dump of the gzipped css-auth code was used
to generate a bunch of host names in a DNS server. (DNS, or Domain
Name Service, is how host names get mapped to IP addresses.) The
dig command is used to query the server and extract the
entries; the rest of the commands reformat the output to recover the C
source code. This code comes from Samuel Hocevar's
42 Ways to Distribute DeCSS.
DNA sequence css_descramble.c as a 43,016 base pair
DNA sequence, contributed by
Joerg Dietrich, who says:
"Maybe somebody with a local copy of the Human Genome Project database
on his personal supercomputer can find this sequence in our genetical
information. This would mean nearly 6 billion lawbreakers on this
planet." The encoding is a simple substitution cipher, produced by
this Perl code.
Minesweeper Game This actual
board from
a run of
Swine
Keeper (an open source, GPL'ed implementation the popular
Minesweeper game) is also an encoding of the ASCII source of Charles
Hannum's
efdtt.c program.
Skeptical? Here are
the mines. The
encoding is left as an exercise for the reader, but if you don't feel
like guessing, you can find the answer
here. Thanks to anonymous contributor
Blat Froop.
css_descramble.c
encoded in
the DMCA Here is css_descramble.c encoded as
a collection of
seemingly
random lines drawn from the text of the Digital Millenium
Copyright Act. It was contributed by
Sham Gardner. Each byte of
the original source has been used as an index into an array of unique,
non-blank text lines. Basically, it's a one-to-many substitution
cipher. You can read more about this encoding technique and download
the Perl code from
Sham's page.
Zero-click
DeCSS Here's a page of
search engine
queries courtesy of
Cameron
Miller. Click on any link to search for DeCSS. So the page is
really a list of links to lists of links. But wait -- are you really
two mouse clicks away from having the DeCSS "virus" infect your
computer? What's that thing in the page's META tag? (Select "View
Source" in your browser to see the META tag.) Whoops! There it
is!
Trojan
Cow Trojan Cow is a scheme for
distributing the DeCSS source by embedding it in image files that
become part of official government document collections, such as the
set of comments submitted to the Librarian of Congress concerning the
DMCA. There are actually two cows involved, and the technique for
recovering the code is a secret (hence, presumably protected by the
DMCA.) Contributed by
Karl O. Pinc.
Whitespace
encoding
Rene S. Hollan contributed
this example of
self-documenting
steganography: the source of css-descramble.c is encoded in the
patterns of spaces between words, while the words themselves explain the
encoding! Sample text: "Consider a file
format where data
modulates non-leading and
non-trailing spaces between
non-space tokens of
a plain text
file...." The C++ source for the encoding and
decoding programs is included in this
gzipped
tar file.
ASCII art This
ASCII art
encoding of the css_descramble.c source file contains nothing but
pound signs (#), spaces, and carriage returns. It's another example
of human-readable source code that is not readable by a C compiler.
Contributed by
Nicolas
Ribot.
Typo
encoding
Here is a
typo-laden
transcript of day 6 of the New York DVD trial. We're talking a
lot of typos here. In fact, there seems to be a typo about every 17
characters. The typos encode the text of css_descramble.c. The encoding/decoding
program can be found
here, and the uncorrupted
source for the transcript
here.
(Contributed by
Scott A. Crosby.)
GNUPG'ed
source
-----BEGIN PGP MESSAGE----- An
encrypted copy of css_descramble.c,
produced by
GNU Privacy Guard (GPG).
To decrypt it, you need to know that the secret pass phrase is
"speechiscode". Under what circumstances would the
encrypted file be legal to publish?
(Contributed by
Scott A. Crosby.)
PNG palette
encoding
This
scan of a six-page preliminary injunction
issued in the California DeCSS case contains two identical copies of the 32-entry
color palette. Whether the
ith byte of the image is encoded using
palette 0 or palette 1 depends on the
ith bit of decss.zip.
Contributed by
Russell Nelson. All six
pages of the injunction can be found
here.
Commodore 64
audio
tape This Commodore 64
audio
tape file was contributed by
John Mildham, who writes:
"If you know it, you remember the squeaky tape-noises of a
Commodore 64 program on cassette. Well there are programs that can
convert C64-tapes (wavs) to programs and vice versa. I used
... wav-prg to make a C64 version of the Decss routine (simply
renaming decss.c to decss.prg and making a wav from it with the
program) ... simply convert the WAV-file back later to its .prg form
and rename it to .C ;) The included WAV-file is 8 Bit 44.1 khz."
Decoding program available
here.
Return to the main Gallery
Dave Touretzky
Last modified: Tue Dec 2 21:14:42 EST 2003
