Tuesday, August 26, 2008

Work Work Work - StegoFS demo

So things have been super busy as of late, and there is not much sign of things letting up. I still hope to release something from the new StegoFS project, but I'm scheduled to be in many different places in the next few months.

I have had a few folks contact me about the video I demonstrated at DEFCON 16. I choose a video from youtube (that awful HACKERS movie) because at the time I was testing how consistent youtube was in compressing audio and video that it had already processed. Also, it's nice to choose something with aspect ratio bars--that way I can demo a barcode style watermark where you can see it (how to demonstrate something designed to be hidden is problematic . . .). Plus, it was handy to use a video that unlikely to be watched. http://www.youtube.com/watch?v=djhWj19aWAA or just search youtube for "OMG HACKERS"--at least right now it is the top result.

So if you check it out, you may want to use an FLV recorder such as real player. In this example, the coded data is just hexadecimal FF in even hamming code, in triplicate. I chose to use grey as ones and leave black as zeros just to make it easier to read. Watch the video for a while, and notice how youtube's compression manipulates the encoded bits worse when there is a lot of bright activity on the screen. But all we have to do is average them out, maybe add a little more redundancy, then we are good to go--mostly. :)

You may want to use an accessability tool like xzoom to zoom in on the coded part of the video.

Saturday, August 16, 2008

SANS Sec560 - Penetration Testing and Ethical Hacking

We just wrapped up the SANS Security 560 course in Boulder, CO. It was a really great session, especially since we had four extra bootcamp sessions. I'm really looking forward to teaching it again at Indianapolis and San Antonio in the next few months. It's been a crazy trip this last couple of weeks, DEFCON, Boston, Boulder . . .

It has been a blast, but it seems like I've been on the road all month and I'm definitely looking to going home.

Friday, August 08, 2008


DEFCON 0x10 is in full swing, and there was a good turn out at my StegoFS talk. As I hoped, we had some very interesting discussion during Q & A aftward. I've already posted revised slides at www.bluenotch.com/resources/StegoFS.ppt.

I hope to release the actual source to StegoFS in September, we'll see how that goes soon enough. :)

Sunday, August 03, 2008

More work on watermarking and stego

Trying to finish up some work on my defcon presentation has been difficult this week.

After a huge catastrophic infrastructure outage at my biggest client took most of my time this week, one of my longest-term clients had an obnoxious virus infection. This particular one was odd, I had to smile when it faked a bluescreen to try and get you to reboot. At least it was a good refreshing for the malware course I'm teaching in Boston during the last day of defcon. I'm bummed I miss some of my friends talks, but we've got work to do.

Also looking forward to teaching SANS Security 560, Penetration Testing and Ethical Hacking in Boulder, CO. This one has unadvertised extra bootcamp sessions (even though this course already has three times the hands-on as Security 504). It will be a blast.

Well, back to pollishing up some video stego stuff for Friday's talk.

Labels: , ,