Posted by: Tony Bradley
al qaeda, eavesdropping, NSA, secret message, Security, steganography, terrorists, VoIP, wiretapping
Security researchers are increasingly concerned that hackers are close to developing tools for VoIP-based steganography. With hidden messages being transmitted secretly within the voice data, eavesdropping programs like the NSA wiretapping would be rendered useless.
Steganography hides a message within some other medium in such a way that only the sender and the intended recipient are even aware a message exists. If combined with some form of encryption to protect the message on the remote possibility that someone randomly stumbles across it, steganography can be a very powerful method of transmitting secret messages and data.
There have long been rumors that terrorist groups like Al Qaeda transmit secred coded messages to each other by using steganography to embed data within JPG images such as porn photos, or images associated with eBay auctions.
Steganography isn’t new. Even steganography on VoIP is not really new. What is new, and what concerns security researchers, is if tools become available to average users to enable anyone to use steganography over VoIP.
Government and law enforcement agencies in the United States (and other countries as well) use eavesdropping and wiretapping as a means of intelligence gathering for national security purposes. But, if two terrorist operatives use steganography over VoIP they will be able to transmit plans for the next suicide bombing or airplane hijacking secretly in the background while the NSA just eavesdrops on two people having an innocent conversation about which actor is the best James Bond (I vote for Roger Moore).