Share on Pinterest
Share with your friends










Submit

Have you ever come across the word Steganography? I will be honest with you, I haven’t before writing this article. For those of you who don’t know what it means, Steganography is the act of hiding data in images, and apparently, it is not that new to Twitter.

However, one David Buchanan, a computer science undergraduate, took the art of Steganography to a whole new level; and then some. This guy fitted the entire collection of Shakespeare work into on tiny picture and tweeted it out. So much for Twitter’s 280 characters limitation.

Buchanan was out to test the limit of how much data can be shared on Twitter. And as you probably already know, Twitter is one of the most limiting social networks when it comes to voluminous expressions. Though lately, they are a bit better by setting the character limitation to 280 characters, up from 140 per tweet. So to tweet the entire works of Shakespeare in a single tweet is an achievement to be marveled.

How Buchanan was able to Tweet entire collection of Shakespeare work

Buchanan used how Twitter handles metadata to his advantage. As explained to the Motherboard, he stripped most of the metadata from the image, however, Twitter always leave a certain type of ICC untouched. And this is exactly where he kept his data of choice complete in the form of ZIP and RAR archives.

So basically, I wrote a script which parses a JPG file and inserts a big blog of ICC metadata. The metadata is carefully crafted so that all the required ZIP headers are in the right place,” said Buchanan. “This process was quite fiddly.”

He says the process took him a couple of hours to complete, although the writing of the script itself took place over a few months.

I was just testing to see how much raw data I could cram into a tweet and then a while later I had the idea to embed a ZIP file.”

In a later tweet, Buchanan goes into the details of how anyone could pull the data from the Shakespeare image in which he hid the entire collection of the author’s work. Various independent Steganography experts have since verified that indeed the tweet contains the entire work of Shakespeare.

How Steganography could be the new affront for Malware and Virus distributors

Security experts have now warned that Steganography could just be the new front for sharing potentially harmful files in plain sight. Hackers, fraudsters, and people with malicious intent could now share information and files in a simple tweet.

While they may appear as a harmless tweet on the face value, they could, in fact, be malicious files that spies on or highjacks users’ devices. Or it could be a way for sharing child porn and other illegal activities in plain sight on open social media.

Buchanan agrees that malware distribution could be a potential use case for Steganography: “It already has been possible via more ‘traditional’ Steganography techniques, but this method allows you to pack in way more data.”

Twitter downplays the threat of Steganography threat

Buchanan says he reached out to Twitter through its buy bounty platform, HackerOne. However, the social network does not seem interested in addressing the issue, which could only mean they are not taking Steganography as a serious threat to Cybersecurity.

(Visited 44 times, 1 visits today)
Share on Pinterest
Share with your friends










Submit