Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Censorship

Peekabooty, Camera/Shy Released 156

An anonymous (how appropriate) writer sends "Peek-a-Booty, a program designed to circumvent mechanisms (such as China's Great Firewall) limiting access to websites, has been open-sourced. It's listed as a "Beta" on SourceForge, but the Peek-a-booty website seems to encourage people to start using it." And Doug writes "PC World reports about a new tool to encrypt text with a click of the mouse and bury the text in an image. After posting an embedded image on a Web site, someone can notify intended recipients by e-mail with code words such as 'Go to this URL to see pictures from my birthday party.'"
This discussion has been archived. No new comments can be posted.

Peekabooty, Camera/Shy Released

Comments Filter:
  • What a shame (Score:1, Insightful)

    by Spazzz ( 577014 )
    It's shame that software like this is even necessary, but with the way things are going, we'll soon need this software here in the good ol' US of A as well.
    • Isn't half of sourceforge beta products that work pretty well? I am running alot of stuff from CVS that's not even beta, but nightly builds...
      Just a thought

  • by ocbwilg ( 259828 ) on Sunday July 14, 2002 @09:25AM (#3881315)
    After posting an embedded image on a Web site, someone can notify intended recipients by e-mail with code words such as 'Go to this URL to see pictures from my birthday party.'"

    This product must have already been released since I've been getting emails like that for months now. "I just turned 18! Click here for hot pictures from my 18th birthday party! You won't believe how wild my barely 18 year old friends and I got that night!"
    • they are anything but camera shy.
      • they want to make a little bit of money with no regard to their reputation in a global economy.

        It always disturbs me when I realize the sheer volume of pron and the number of potentially interesting people who may very well have ruined any chance that they will do anything worthwhile... for %5,000.00... a pittance, a trifling amount, one-third of a decent raise, the price of a car 5 ft. in the grave, etc. and in other words --not much---.
        • Re:Sounds like.... (Score:2, Insightful)

          by Myco ( 473173 )
          I don't get it. Are you saying that people who appear in porn are ruining their chances to have worthwhile lives? That's a very sex-negative attitude.
        • Re:Sounds like.... (Score:1, Insightful)

          by Anonymous Coward
          You're right. We need to legalize prostitution instead. That way instead of just downloading this stuff and whacking off: we can call the 1-800 number and have a couple of these nympho's stop by for some real sex. WoooHooo! Think about how much money a good-looking girl could make between 17-30? After that, she could become a "madame" and help to manage the younger girls. In order to have a girlfriend/wife in this country you have to spend a shitload of money anyway. Why not just make it so that the money goes towards straight sex? If you have a full-time girlfriend you spend about the same amount of money on her to get laid -- only you only get sex about 1/5 of the time. With a prostitute -- it's just a business transaction. You spend the money, you get the sex: guaranteed! No headaches! No periods! No bullshit!
        • They wouldn't be "ruining their chance to do anything worthwhile" if prudes didn't have the bizarre notion than sex under anything other than monogamous, heterosexual, church- and government-blessed circumstances tainted a person for life.

  • er... (Score:4, Funny)

    by david_g ( 24196 ) on Sunday July 14, 2002 @09:26AM (#3881319)
    How are the chinese going to circumvent their firewall to be able to get this program that enables them to circumvent their firewall?
    • Since it is only 1.2 MB, it'll fit on a floppy, which would be very easy to slip through if needed, since I doubt they're going to destroy all incoming floppy disks in the mail. Or just disguise it like an AOL CD.
    • Well... (Score:3, Funny)

      by Greyfox ( 87712 )
      Seeing as how they've been merrily spamming us for a while now, we could just return the favor, spamming everyone in china with copies of this program. Worst case, the Chinese government comes up with a solution to the spam problem...
      • And if the Chinese government comes up with an effective spam blocker, the world will jump with joy, and the chinese make a whole load of dosh selling it off at £10 copy. Wouldn't you like a decent spam blocker than can distinguish between spam and chopped pork?

    • As Usual (Score:2, Informative)

      by emkman ( 467368 )
      People didn't actually read the website ...

      Users in countries where the Internet is censored do not necessarily need to install any software. They merely need to make a simple change to their Internet settings so that their access to the World Wide Web is mediated by the Peekabooty network.
    • It's the normal problem; To define recursion, we must first define recursion
    • Re:er... (Score:2, Informative)

      If someone sent you the IP address of a Peekabooty node (or any other proxy) to you, you could proxy through it to download Peekabooty for yourself. One of the main jobs of Peekabooty is to constantly find you new proxies to route through so that you dont have to constantly be getting IP addresses of proxies via email. So the bootstrap process requires a little manual labor, but after that it should require no intervention on your part.
  • by MxTxL ( 307166 ) on Sunday July 14, 2002 @09:27AM (#3881325)
    I guess all those x10 ads were just a bunch of Chinese dissidents passing messages ICQ style.
  • by Anonymous Coward
    With a name like that, who is more likely to find and use it - Chinese democracy hax0rs or childpornists? I'm serious.
  • by wirefarm ( 18470 ) <jim@ m m d c . net> on Sunday July 14, 2002 @09:30AM (#3881332) Homepage
    Long ago, I tried hosting the images for a site on Geocities or Tripod or somewhere and the HTML page on my laptop and Ricochet modem. Worked OK, but I noticed one side effect that would seem to be relevant - these sites were re-compressing the images.
    If you take a jpeg and encode some data steganographically and later the compression is changed, wouldn't that effectively remove the steganographic information? (Correct me if I'm wrong.)

    Now, if I was trying to communicate with terrorists this way, pretty much the only safe way would be to put the 'birthday pics' up on a very popular free site - no way I'd post them anywhere that had my name connected to it.

    I don't know if the compression thing is common, but couldn't something like that be put pretty transparently into "The Great Firewall"?

    Cheers,
    Jim in Tokyo

    • Jpeg compression is considered to be a lossy compression, so yes your data in your original image would be irrecoverable.
    • Some of the watermarking vendors claim that their watermarks can survive recompression.

      Watermarks are like steganography in that both involve embedding information in a file that isn't immediately visible or audible.

      Of course watermarks are supposed to be easy to find, which is a big difference. Ideal steganoraphy should be undetectable without a secret key.

      Then there's the question of whether the watermarking vendors are, uh, exaggerating.

      Wide use of stego technology could lead to a brand new kind of censorship. Any secret policeman could claim that any file contained contraband. "Attention all citizens! The file 'Los Angeles Police.mpg. contains encoded attack orders from Osama bin Laden! If you know anyone who has it, denounce them to your neighborhood committee immediately!"
      • They're not exaggerating. Watermarking can survive [columbia.edu] printing and scanning in addition to many manipulations. I know I tried it once just to see -- it's a weird feeling to put a watermark in something, save it as a jpeg, print it out, wrinkle up the paper, recan it, and still be able to get the watermark out of it. I don't know about steganography, but if the process is similar your information should survive.
    • there are methods that survive heavy recompression that show extreme resiliance even after being photocopied, scanned, and reprinted, being clipped rotated, etc. here's one [nec.com] though there's probably newer and better methods
    • FWIW, free sites do this because they're being abused. There are Japanese warez groups that upload fake JPGs and GIFs, with valid headers, that contain nothing but warez. They have some custom program that assembles the pictures and uncompresses them. I've yet to see the actual program, but I've seen the massive amounts of bandwidth this sort of thing costs.

      Really, in a case I know about, warez ends up being about 30% of a "free hosting" site's traffic. (With naked kiddies taking up the rest of the majority).
    • Compression is not the worse 'attack' - as they are commonly called.

      By definition any steganographic technique is removable by some attack (think about random noise in the same domain as the encoding), but some are quite good.

      In any case, compression is not a major problem for any decent steganogram.

      By the way, if you are willing to use one of several pictures, it is trivially easier to make the information unremovable. There are drawbacks though.

  • by FreeLinux ( 555387 ) on Sunday July 14, 2002 @09:35AM (#3881349)
    From the description at the Peek-a-Booty site it seems to me that it is nothing more than open proxies running SSL. While I understand their stated goals, the whole project seems redundant.

    First, the project assumes that the governments are using a NOT list. This is a big assumtion. I would think that control freaks like the Chinese government would more likely use an ALLOW list. A small list of governmet sanctioned sites. This would, of course, negate Peek-A-Booty.

    If the government is in fact, using a NOT list, there are already countless open proxies continually popping up all over the place. This makes me think that the whole project is redundant.
    • Allow list would probably be way too much work, you mean people would just sit there visiting and decides whether these pages are gonna be allowed or not?

      I always thought if you want information bad enough, you can just sign up for an ISP account offshore, sure long distance is gonna cost you, but then again, you can see access all the information you want.

    • by helarno ( 34086 ) on Sunday July 14, 2002 @11:24AM (#3881663) Homepage
      Last time I checked, they used a NOT list and it was a very small list. For mainstream use, you could pretty much access anything you wanted with the exception of a couple of news sites like CNN and sometimes, NYT. The blocking was erratic though ... some months the sites were reachable, other days, they were perfectly fine. Of course, I'm sure a few dissident sites are blocked, but since I don't view those on a daily basis, I wouldn't know.

      But it's really a non-issue. Even 4 years ago, all the internet cafes I visited by default went through a proxy that pretty much allowed you to view whatever you wanted. Knowledge of how to circumvent the blocks were very common among the younger audience. I'm sure it's even more prevalent today. For China, at least, this project isn't really relevant.
      • China has made major strides in the censorship war in the past year. There is a report that is about to be issued from RAND [rand.org] (named "You've Got Dissent") that describes the situation way better than I could. A lot of the things you mention still work in China, but they are really putting a lot of effort into clamping down. If we dont do something soon, the good guys will soon be too far behind to catch up.
      • I want to reemphasize the point made in the parent: "For China, at least, this project isn't really relevant." The "hactivist" crowd has never been any good at doing their homework, and this is just the latest example.

        The Chinese government DOESN'T EVEN BLOCK THE GOOGLE CACHE. Any site that's blocked, you just look it up in Google, and hit the "cached" link. They did block Google, once, for about a week, until popular outrage made them give it up.

        That should give you an idea of just how "terrified" they are by the so-called threat the Internet poses to their hold on power. What they're really afraid of are the tens of millions of affluent, educated, urban Internet users rising up in revolt if their favorite toy gets taken away from them.

        That, and the hundreds of millions of undereducated, underemployed peasants and factory workers who don't have a future, and barely enough to eat, much less Internet access.

        • Your misconceptions on this subject are common, indeed I shared them fairly recently, until some Chinese folks straightened me out on it.

          There are hundreds of millions of Internet users in China, and the blocking and surveillance there have become much worse over the last year or so. Hacktivismo *did* do its homework, and did talk to people in China (either directly or indirectly) during the design and coding process. I don't mean to be rude, but I suspect that the Chinese know more about conditions there than you do.
    • Their implementation of their current firewall is very loosely implemented as it is up to each carrier in each city to do the blocking. They are currently rolling out a much improved system that will enable them to completely control and/or replace content, as referenced by several stories on slashdot. The attractive thing about SSL proxies is that they either allow SSL or deny it completely - making this arrangement very attractive. Of course, there's nothing that will prevent them from declaring this product illegal, which, unlike the US has serious ramifications if you're found violating a state security law. Additionally, they could just deny all traffic that doesn't run through their proxies. China currently mandates that a site must have approval for a site to be hosted in China. It's a small step to require companies to buy an SSL cert from China in order to reach a quarter of the world's market in the coming years. Bottom line - it will be a constantly evolving war between the freedom seekers and the freedom takers.
    • From the peekabooty FAQ:

      Do you think that your efforts to create Peekabooty will cause censoring countries to change their filtering policy from 'default-allow' to 'default-deny', that is, instead of blocking 'bad' sites it will instead only allow 'good' ones?

      This is very similar thinking as to what happened prior to WWII. The good guys let Germany invade its neighbors because they didn't want something REALLY bad to happen. If an evil madman tells you that you have to choose which of two people he is going to kill, it is still the madman's fault that someone is dead no matter which one you choose. If a government switches over to an allow-only system, this helps the cause even further. What we want is an end to censorship. The only way that is going to happen is that the government stops censoring its own people. The people have to make that happen. Not only is censorship possible, but total 1984-style control and monitoring is possible, and China in particular is heading in that direction as fast as it can. One of the benefits of Peekabooty is that it is bringing awareness to thousands of people around the world about the issues.

      In any event, a country has to overcome some major obstacles to switch to an allow-only system: 1) It's a lot of work with a lot of administration headaches (there are way more good web sites than bad ones), 2) the 'allow' list is bigger than a 'deny' list, which puts more strain on hardware that already cannot handle the load, 3) economic reasons (the cash doesn't flow if the commercial web sites are blocked), and 4) it will cause unrest.

      • I have to disagree with one of your points - a)I would say that there are a lot more undesirable sites than there are desirable sites. Think of how many warez/pr0n/crack/capitalist sites there are compared to the number of communist/anti-capitalist sites there are.

      • 5) Sites which are considered 'good' can be quickly changed to be actually 'bad'. In other words, if you allow "pink fuzzy bunny's home page [uga.edu]", after spending 6 months making sure it's not got any bad content and none of the images appear to contain messages, then the next day the owner can upload a picture of fuzzy bunny with a secret message.
  • Snake Oil (Score:5, Informative)

    by cperciva ( 102828 ) on Sunday July 14, 2002 @09:44AM (#3881361) Homepage
    This "steganography tool" is no more than snake oil.

    Rather than using a more advanced method of steganography, this tool packs data into the least significant bits of the image. Simple, easy, and incredibly obvious. This is to steganography what ROT13 is to encryption -- if you use it for anything important, people will laugh at you.

    In fact, this is the worst kind of snake oil, because it is not only ineffective, but also dangerous. The administrators of the Great Firewall Of China (for example) could very easily detect files encoded with this software; using it would then be akin to waving a red flag and shouting "hey, I'm doing something I don't want you to know about". Bad steganography is worse than no steganography, because it highlights the fact that you're trying to hide something.
    • Re:Snake Oil (Score:2, Insightful)

      by phaxkolumbo ( 572192 )
      This might sound like a stupid question (but then again I'm no steganography expert), but how exactly is packing the data in LSB's obvious?

      Doesn't that become obvious only after the inclusion of headers and such? I mean that the distribution of 1's and 0's in an image should be pretty much the same, regardless of any hidden data.

      The article is pretty light on technical details, so no answers from there.
      • Googling for "steganalysis" [google.com] will yield several interesting places to look.

        "Steganalysis of Images Created Using Current Steganography Software" gives some good information.
      • When you hide an image in a pic, most stego tools take the last two bits of of the 8 bit color code and re-write them. Thus, 10010101 could become 10010100 or some other substitution. The net effect of this over the whole picture is usually to reduce the total number of colors. Simple tools can detect this color reduction pretty simply and reliably.

        That doesn't mean you can get the missing data out, anyone going to the trouble using stego will probably encrypt their data.
        • Why would this necessarily reduce the number of colors in the picture? Wouldn't that depend on the data stream you are encoding into the picture? I mean if you decide to put each consequtive 2 bits of your data stream into the last two bits of each byte, then number of different colors would depend on the percentages of the 4 different combinations of two bits. All you have to do then is massage your data stream to be sufficiently random. Any good compression scheme should do that.
          • I had to go dig up my SANS notes for this one. I'm not a mathematician and I'm not some stego expert. I just attended the seminar.

            According to what it says here, when you embed data in an image, you have to alter the color table and this increases the number of near duplicate colors. A normal bitmap has very few duplicates, a stego'd bitmap has many. In the example, a bitmap of a forest scene jumps from 2 duplicate colors to 1046 after being stego'd. Why? Ask an expert, I just work here. When the number of duplicate or near duplicate colors aproaches 50, usually there is a hidden file in the image.

            Going to what you said, colors in an image are not randomized, and a random bit stream would stand out exactly for that reason.

            This [umich.edu] is an article on detecting stego I found on Google, want more info, ask the author.
            • Imagine having a picture that is all the same color. If you only had one such color in you palette, you could not encode any info in the file. But if you had many duplicates(of near duplicates) of that color you could alternate between those to encode the data. 32 duplicates(or near duplicates) could encode 5 bits in every pixel.

              You could use a wery high color image. And just pair the colors close to each other. That whould make it hard to spot(with encryption maby impossible) but that whould result in a wery low payload density.

    • there are many tools which allow you to hide things in images. there is already "Steganotools" (i forget the website) and programs like "Camoflage" that hide files inside of other files, or append them on the end as junk.

      if you really want secrecy, you can move to things like "DriveCrypt", which makes containers you can mount as new drives. but these containers have no header, and being compressed and encrypted, it's impossible to distinguish them from purely random data unless you know the strong passphrase.

      the idea of hiding data in the LSB of pictures (or mp3's for that matter) is old. just better hope that no one else has a copy of the original file! if you choose specific pictures where the LSB is statistically random enough, there is nothing that says you can't hide data there securely. the simplest way for short messages is to run MD5 (or some other hash) on your passphrase, and XOR the resulting digest on your message to produce your cyphertext. then just replace the LSB's in your image file.

      just make sure you replace all your LSB's or else an attacker can detect that there is something hidden.

      the only thing new about this particular tool is that it uses a browser plugin to decrypt the picture by double clicking on it. that sounds insecure to me.

      drivecrypt lets you install the program entirely on removable media, so you don't have strange stego tools installed on your computer when the Red Police come busting down your door...

      just my $.02.

      muerte

    • Instead, they should probably hide their messages in recycled comments like this one... :) Use minor differences between them & you have a secret message.

      Unfortunately, this one is identical & apparently a KW. *shrug*
  • by Anonymous Coward
    need a list of nodes to use
    • People are posting nodes at the discussion site [peek-a-booty.org]. Peekabooty apparantly needs some kind of gnutella style peer discovery or peer reflectors. Of course, those would then become blocked...
  • While it's good to have more and more foolproof encryption methods, the problem is there's an evil element out there that will make use of this for their planning.

    Of course, it's not like it does us a lot of good even when we are able to intercept these messages, with the long-term ineptitude of the FBI and CIA.
    • the problem is there's an evil element out there that will make use of this for their planning.

      That's true of all technology. The best we can do is have the technology in everyone's hands, that way at least it can be used for good and bad, since the "bad guys" could discover it on their own anyway, and are highly motivated to do so.
  • by WCMI92 ( 592436 ) on Sunday July 14, 2002 @10:12AM (#3881436) Homepage
    I can see a growing need for this kind of thing in the USA, as we allow the Megacorp cartels like the RIAA/MPAA to chop off and "firewall" so to speak, the individual.

    Remember the Napster trial? The infamous statement by a RIAA honcho "We will firewall them at their PC"? And then go read the story just below this one where AOLTW's RoadRunner is port blocking Kazaa.

    I find it very interesting phinisophically, that the net result of "Big Government (Communist)" and "Big Business (Capitalist)", when left unrestrained by civil law that is supposed to protect and affirm the rights of the individual, produce the SAME RESULTS!

    In the communist system, as China is, the governmment IS the corporation. It makes up "laws" as it goes along, always to benefit those in power. In the USA, we've allowed corporations to achieve similar results by the fact that our Congress and Presidents are passing and signing laws WRITTEN BY THEM, as the DMCA and CBDTPA are.

    Unfortunately for the tyrants, both governmental and corporate, there are a lot of Thomas Paine's in the world, and they tend to be creative people. Hence this program that lets you circumvent firewalls.
    • True.

      The rulers of a society themselves have little or nothing to do with the outcome. Socialism is simply totalitarian democracy. Communism is simple totalitarian Republiscism.

      Assuring freedom for the individual should come paramount in a society. Followed by freedom for corporations and governments. The individual should always come first.

      We should break trade negotiations with China for the simple fact that they are totalitarian. It isn't an issue of race, but an issue of civil liberties. A good friend of mine is Chinese.

      Why do we claim to be an enlightened nation, yet actively trade with China? They need us much more than we need them.

      One of the slogans for communism is that with everyone equal, there is no slavery and no discrimination. If you look at it, all but those in the high levels of government are slaves. If you look at it, all but those in the high levels of government are discriminated against.
      • "Why do we claim to be an enlightened nation, yet actively trade with China? They need us much more than we need them."

        Two reasons:

        1. The extreme on the left in this country, the ones who's religion is government, LIKE China and wish the USA were more like it...

        2. The megacorporations, who's religion is cheap labor.

        Yet another stunning example that the extreme right and extreme left produce the SAME results, ultimately.

        BTW, I don't necessarily agree that Communism is extreme Republicanism, I think socialism/communism are left wing totalitarianism. Right wing totalitarianism would be something more akin to what exists in the middle eastern Islamic fundamentalist states.

        Much as I am devoted to my religion (Christianity), I DO NOT want priests running the country, if you catch my drift.

        But they both produce similar results, an oppressed people whom have no individual rights or choices.

        "One of the slogans for communism is that with everyone equal, there is no slavery and no discrimination. If you look at it, all but those in the high levels of government are slaves. If you look at it, all but those in the high levels of government are discriminated against."

        Communism is state slavery. Where there is no individual liberty, nor right of private property, the State owns everything, and therefore, everybody. Should it surprise anyone that in EVERY so called "egalitarian" system, which Marxist-Lenninism-Maoism purports to be, that some (the few elites) are "more equal than equal".

        Our own system is the same way, looking at the easy access the rich have to legislation, but has the virtue of not having YET opressed the average individual to the extreme of a communist state.

        YET being the operative word. Legislatively, we are headed there. Rapidly. Not at the behest of government, but at the behest of the CORPORATIONS...

        I see things like Peakabooty as 21st century civil disobedience. Sooner or later, a rebellion of the individual against the collective WILL happen, or else we will become nothing more than uniformed drones in the collective.
  • by PDG ( 100516 )
    Has anyone found where to download Camera/Shy? I'm really interested in trying this software out but can't find it anywhere.

    Help?
    • I went looking for it too. Didn't find it at the Hactivismo site. They intended to release it yesterday at H2K2. I expect that within a few days it should be findable.

      Other steg software includes "blindside", "hide in picture", "in plain view", "stash it", "jphide"

      The above are all ones I found several months ago when I started looking at steg software. Google should turn up lots of stuff to look at.

      Look for "stegdetect" for a program that can analyze images to indicate if they may contain steganographic data. Running it on the images from my web cache was interesting.

    • i ran into the same problem. this news post is obsolete: first of all, the release of peekabooty was reportet elsewhere earlier and secondly, mentioning camera/shy in the topic and then not providing a link to is pretty much useless
  • Camouflage [camouflagesoftware.com] can hide any file(eg mp3) inside any other file like a picture or a word document. The created file will look and act normal but might be a little big.
  • by phaxkolumbo ( 572192 ) <phaxkolumbo.gmail@com> on Sunday July 14, 2002 @10:22AM (#3881470)
    How about putting hidden messages in spam? Nobody bothers with those anymore, anyway.

    Here's an example:
    ***SNORING KEEPING YOU FROM A GOOD NIGHT SLEEP ?***
    tHIs proDuct has been featureD on national tv.doEs sNoring keep you up at night?
    tired of having to sleep in separate rooMs bEcauSe of Snoring?
    just tired of being tired becAuse of someone's snorinG?
    tired of hEaring how your snoring kept someone up all night?
    There is a safe, natural solution to your snoring problem...

    And so on...

    The steganographic schema could be a bit more advanced in the production version, but i think the basic idea is good enuff for a start.
    • by Tazzy531 ( 456079 ) on Sunday July 14, 2002 @10:32AM (#3881503) Homepage
      Already available: http://www.spammimic.com/ [spammimic.com] and talked about here: Wired [wired.com]
      • Damn, too late again... but thanks for the info anyway.

        But seriously, i'm quite curious about the 'strength' of the steganography used in spam mimic. It looks like a toy, but i think the idea is sound enough, if someone came up with a crypto-schema strong enough.

    • Spam mimic [spammimic.com] does something like this.
    • That kind of steganography is called "hidden channel." Although in your case, its not that hidden :)
    • I found nursery rhymes embedded in some spam I got recently, no joke. In fact, here's the source:

      <html>
      <b><br>St<!--This-->oc<!--is the-->k Expect<!--beginning-->ed to So<!--of the-->ar</br><br>

      Powder River Basin Gas Co<!--we think-->rp. (OT<!--end of-->CB<!--the world-->B:PRVB)</br><br></b>

      Ma<!--Mary had-->jor New<!--a little-->slet<!--lamb-->ter Ann<!--its fleece-->ouncem<!--was white-->ents and Huge New<!--as snow-->sletter
      Cover<!--and everywhere-->age for PRVB<br><br>

      This we<!--that mary-->ek, PRVB will be prof<!--went the-->iled by some major new<!--lamb was-->sletters<br>
      along with the release of sign<!--sure to-->ificant news regarding incr<!--go-->eased<br>
      reve<!--it followed-->nues for the Comp<!--her to-->any. There will be huge vo<!--school one-->lume, and a <br>
      strong increase in price for several days. These are the same<br>
      newsle<!--day which-->tters that profi<!--was against-->led NVEI two weeks ago. They brought<br>
      NVEI from $.68 to $1.79 in ten days. We know for certain that<br>
      the same groups are going to profi<!--the rules-->le PRVB this week.<br><br>

      We are ve<!--humpty-->ry proud that we can sha<!--dumpty-->re this information with yo<!--sat-->u so<br>
      that you may part<!--on a wall-->icipate alongside the many other Newslet<!--humpty-->ter<br>
      subs<!--dumpty-->crib ers that recie<!--had a-->ve this inform<!--great-->ation. It is highly advisa<!--fall all-->ble<br>
      to take a pos<!--the kings-->ition in PRVB as soon as po<!--horses-->ssible, today before the<br>
      ma<!--and all-->rket closes, or to<!--the kings-->morrow.<br><br>

      PRVB is a pros<!--men could-->perous and underva<!--not put-->lued oil and gas exploration <br>
      company with reserves of 43 Billion cubic feet of natural gas<br>
      operating in the Powder River Basin, one of the most prolific<br>
      natural resource areas in the United States. The Company<br>
      presently has a 100% working inte<!--humpty-->rest on 15,000 acres contiguous<br>
      to Williams Coal Seam Gas (NY<!--together-->SE: WTU, $11) and Western Gas<br>
      (N<!--again-->YSE: WGR, $38), the major players in this region. Recent <br>
      news that the Company's wells have been producing millions of<br>
      cubic feet of gas per day combined with several acquisi<!--jack be-->tions is<br>
      having an extremely positive impa<!--nimble-->ct on reven<!--jack be-->ues and <br>ear<!--quick-->nings.<br><br&gt ;

      The s<!--jack jump-->tock is tr<!--over the-->ading near its 52-<!--candlestick-->week low, and should begin m<!--hey diddle-->oving<br>
      up immedia<!--the cat-->tly. We think the sto<!--in the-->ck could easily reach $1.50 in less<br>
      than a month.<br><br>

      <b>Goo<!--fiddle-->d Luck, and watch PRV<!--the dog-->B fly!</b>
      </html>
  • Peek-a-booty seems to be simply reinventing the Crowds project [att.com]. Why?
    • Perhaps because the crowds software hasn't been updated since 1998, the server in the default configuration refuses connections and there's no support or development mailing lists nor public cvs. Crowds is "only" 3301 lines of Perl, entirely feasible to reimplement if they disagreed with some crowds design decision, didn't want the Perl dependency, or simply wanted to write it themselves. If crowds had a significant user base they should've thought about implementing its protocol, but it doesn't seem to. Perhaps someone should fork crowds and put it on sourceforge (after pinging the original authors).
    • you of all people to ask this. :-)
      simple - because they can.
    • by Anonymous Coward
      If you look at 'crowds', you'll see that, in addition to being incomplete (things like implementation of proper initialization vectors were not done, stream cipher is untested homebrew, etc.) and unmaintained, it's not available outside the US and Canada, nor is it designed for environments like China.

      Crowds is not anti-censorware, and has no provisions to allow for blocked URLs, nor does it have any way of working with nodes which are in any way blocked. It also assumes that you can trust everyone in your crowd -- messages are decrypted to plaintext at every node. While this might be tolerable within the AT&T workplace, the trust model breaks down when spies might be admitted to the network, or when users and their machines might be captured by hostile parties.

      That's why 'crowds' wouldn't cut it.
  • I am confirming that the GFOC (Great Firewall of China) do not block the Peekabooty websites..... YET
    Not that I really need this - I don't do anything that I need to hide from the Chinese government, Sure they block my access to Geocities and BBC but I don't see that as a bad thing.
    - HeXa
    • H3XA said:
      "Sure they block my access to Geocities and BBC but I don't see that as a bad thing."

      Yes, but wouldn't you like to make that choice for yourself? Surely, if there is nothing on Geocities or the BBC that you want to read, then there is no need for someone to block your access in the first place.

      I much prefer making decisions for myself; it was one of the big reasons for growing up.

    • They could do something worse then block the website, they could just redirect it to their own server, supplying a trojan
  • Picture encryption (Score:2, Informative)

    by fylloxera ( 592613 )
    For Mac OS X Pict encrypt for free ......download at www.pariahware.com. It's a easy program, and requires no geeks. Hides text messages in gif and jpegs.
  • Steganography is nothing new, I believe a program called Stego has been available for Mac for several years.
    The article is also a bit confusing - first they say it encrypts files, then they 'can be protected with a password.'
    Steganography is great for hiding encrypted stuff, but it only offers 'security through obscurity' alone. Also, if the encryption uses something like a fixed, unencrypted header or a magic number or PGP style header, it ought to be pretty easy to detect even if it cannot be decrypted. And that, of course defeats the whole purpose of stego.
  • Oh great, now there is actually a proper excuse to post such nonsense as: "go to blablalbla.com to check out some goatsex pictures..... But wait, there is a hidden message in them, honest!"
    • Re:excuse (Score:2, Funny)

      by GigsVT ( 208848 )
      What if goatse.cx has been used for passing stego messages all along? I mean why else would some guy put up a random sick picture on a domain, and people would constantly post links to it.

      I bet there is a secret code in anonymous Slashdot posts that set off notification to pick up the newest version of gap.jpg off of goatse.cx.

      For example:

      Dirty Gnu Hippie: The plan is ready, go get new instructions.

      BSD is dying: Abort mission, pick up new instructions from hick.org.

      Alan Thicke: Mission sucessful, drinks in safe house tonight

      After all, who is going to run checksums on something silly like the goatse guy? :)
  • With visual steganography, even though we would be unable to decode a message, would it still be possible to detect it?

    I would imagine that changing pixel tones ever so slightly would create at imbalance in the tone distribution, making solid-color areas slightly uneven. This may be undetectable to the naked eye, but software may be able to see it. And, wouldn't compression normalize like colors anyway?

    If this is true (I don't know) I guess a way around it would be to embed smaller messages in larger images, placing only a single character in a given "color zone". Maybe an image with a more robust color scheme could be seen as suspicious.
  • People keep saying "How can they get Peek-A-Booty if the firewall is already inplace?"

    Users in countries where the Internet is censored do not necessarily need to install any software. They merely need to make a simple change to their Internet settings so that their access to the World Wide Web is mediated by the Peekabooty network.

    About Peekabooty [peek-a-booty.org]
  • by GuNgA-DiN ( 17556 ) on Sunday July 14, 2002 @03:37PM (#3882588)
    Sure the Peekabooty website talks about free speech in China, blah, blah, blah.... Everyone here is arguing about whether the Chinese will block Peekabooty and whether it will be an effective tool for freedom of speech. But, the REAL point of this software isn't to help the Chinese -- it's to help us poor saps in the Good Ole US of A! Think about it: since 9/11 our Government has gotten more and more oppressive. They have taken away freedoms that we used to take for granted. But, if the developers of Peekabooty came right out and said: "this is used to circumvent the assholes in Homeland Security" they would get a visit from the NSA/FBI/CIA etc.. They picked an oppressive regime (like China) to talk about this tool. But, substitute the letters USA for CHINA and you will begin to see the truth.

    Another nice benefit of this tool will be the developement of secure, anonymous P2P networks. Look at all the shit in the news lately about how ISP's are cutting off KaZaa. And, how Ranger Online [rangerinc.com] is tracking down Gnutella users. The RIAA/MPAA Gestapo is out to get us and take us down. New tools like Peekabooty and FreeNet will help to insure that these organizations will never, EVER shut down the free-flow of information on the Net. Peekabooty is a dagger that is aimed right at the heart of corporate America! It says: "You think you can take over the Net? Ha! Fuck you and the horse you rode in on!". This just proves to them that we can always defeat them with technology regardless of how much money they have!

    • GuNgA-DiN makes some excellent points, but the reality of censorship in the USA goes beyond the scope of the Internet and 9/11. I think he/she hit the nail on the head when he/she states that the given example of China is simply a sneaky way of criticising the US government. It reminds me of the Fables by Lafontaine, who, in the 17th century, wrote fables involving animals to surreptitiously criticise the French elite. In fact, while many people reading this story might lament the censorship imposed by the Chinese government, few people realize that the US' own mass media is statistically more protectionist than that of "Red China" (cf. "Manufacturing Consent" by Herman/Chomsky). I fully applaud projects like this one, because they open the door to new and more democratic forms of communications -- newspapers, discussion forums, manifestos, interest groups, etc...
      • I think just about everyone on Slashdot is a paranoid nutcase, and the above post is a prime example of that. YOu think this group is pretending to talk about concerns in China, because if they said anything derogatory about the DOHS they would get arrested? That;'s bullshit and you know it. Nobody on this forum is genuinly affraid of being targeted by the government for critisizing the FBI/CIA/DOHS. If you are, your nuts, because thousands of online writers do so every day, and nobody threatens to put them in gulags. I'm sick of every discussion of censorship being dominated by the tinfoil hat crowd. Use some common sense, and realise that there is absolutly no real evidence of any level of internet censorship by the US government, at all. If it happens, i'm first in line for the technology to get around it. But i really doubt that John Ashcroft is going to be firewalling Slashdot any time soon. OF course, if the arguments are going to continue to be so paranoid and baseless, maybe he should.
  • I donated to peek a booty.

    will my name show up if i grep the source code
  • For those who find that the Hacktivismo site is slashdotted, Camera/Shy is also available for anonymous download from:

    http://www.mirrors.wiretapped.net/security/stega no graphy/camerashy/
    or
    ftp://mailprivately.com
  • is being released soon, according to Wired [wired.com]. It will be interesting to see how this works in conjunction with Peek-a-booty.

There are new messages.

Working...