Advance Image Steganography for your privacy

Introduction

If you didn’t know, the state of privacy is very fragile right now. There are journalists getting k*lled every week all across the world. Some of the famous cases involve their devices being infected with malware (pegases case went high profile). There are even more underground 0days being deployed unlawfully by police (believe me I’ve worked with several law enforcement across the globe and they buy malware). So, in this critical matter, everyone like you and me are a target. Especially the Linux community that has always been active towards freedom, open-source, privacy and security. We have always pushed the basic human rights ever since the cyberpunk and hacktavism movement started - basically even before internet was a thing, we wanted electronic freedom and worldwide access to technology for all.

The Now

Privacy has been ripped apart by data mining. I will write about how we are fighting for privacy in next subheading. But for now, there is extensive use of data and machine learning to dismantle even the basic privacy. There are products and services that hear you have a dump in your washroom and monitor when you eat your food (amazon has also faced lawsuit against similar microphone issue and their latest wifi sharing feature means that I can hack your network from anywhere because this system makes a grid of interconnected wifi ap’s based on the same ‘node’ ap). Anyway, this is the ‘now’ of how we will loose our basic privacy if not being vocal and extreme about it now.

Our Efforts

Not just Linux as a community, but many individuals who didn’t use Linux have come forward in support of open-source and GNU ethics of 4 digital freedoms without which there is no freedom in open-source (Free software, free society: Richard Stallman at TEDxGeneva 2014 - YouTube).

Current Efforts:

  • Open ledger systems (blockchains) provide accountability and proof of knowledge which is good against fraud and tracking transactions, or anything transacted on the chain. However, it’s ‘terrible’ for privacy. So, certain projects like Monero (XMR) are a good classic example of integrating privacy in such systems.

  • Zero Knowledge Proofs - This is the current privacy research effort of many companies that are realizing that without privacy, they are also doomed and that their comany secrets will be revealed to public. Companies like Google and Microsoft will be in a hell of trouble if they become accountable for working with NSA for their targetted hacking and data mining of Chinese and Russian users. There was a recent effort during the pandemic to sponsor shadow research by rogue Indian university professors for researching bio-weapons. This is some deep intel shit I’m sharing here and not for critisism of such projects - they may have their own place in maintaining world peace, but to point out that Privacy with important for everyone regardless if they’re on one or the other side of the coin.

  • Quantum Proof Cryptography - Very important and a necessity to shift from AES to newer algorithms. Quantum computers have come a very long way and our cryptographic systems even if you merge 5 frecking algorithms with AES, are not secure against QC. So, do your effort and make tutorials/projects etc., on how users can deploy these new research systems. Many are still theoritical and need programmers to translate mathematics into code.

  • Advance Steganography - I’ve done my part in this area because it’s the only direct practical thing a modern journalist can deploy for safe communications. Current tools use various techniques like LSB, PVD etc., but they’re all interceptable/detectable and would get journalists klled, like we have already seen. This is very real. This month more journalists working undercover were killed in few countries that news doesn’t cover. Their families will also be dumped and chiled rped. Not a joke. So, we need to constantly improve the current systems with hybrid techniques. Check out my project that makes it very hard to detect steg and more hard to decrypt message - GitHub - xerohackcom/Chaya: Advance Image Steganography

  • Many more efforts related to security but also improve privacy for example using K-Anonymous algorithm along with Homomorphic cryptography for secure data distribution etc…

What Must You Do!

Do your part. Without another sound, there is no sound. As dumb as this quote is, it’s logical.

  • If you don’t push your friends and family to use for easy alternatives like Ubuntu, PopOS, Mint etc., they will never even touch it. Even if they shift back to WIndows and Mac, atleast they get fimiliar with basics.

  • If you’re a programmer, ‘quickly’ implement new algorithms and hybrid techniques into your systems. I point out ‘quickly’ because I understand that your employer may not have the time and funds to focus on this side of coding and may even reject any efforts by you. So, you must do your experiments at home and learn to merge production ready stuff within few days itself to prove that your employer doesn’t have to suffer time for your merge.

  • If you’re a student, write a new research paper and publish it in a journal. To many graduates and only 5% of them have a damn worthy paper. Out of them only a handful have a working code to implement their thing. Don’t be a dumbf*ck. If you love what you do, make it practically available for everyone. Your dreams and bs don’t give a shit to this world unless you share your work. If you’re someone who doesn’t know how to use google scholar and find PDF versions of research, God help you.

  • If you’re an influencer, writer etc., who writes about Linux, Privacy, Security - then you are right track. Write about new projects (btw use my tool and make your own hybrid technique instead of just using aes. Copy paste other algo’s and merge it and you have a brand new research of anti-steg technique with you :wink: ). Use the modern tools and dump the standard old of techniques.

  • Webdevs/Other devs - make libraries and frameworks with privacy and security as core feature. There will be very few users initially, but marketing it is your own efforts. If your shit is midly usable, request others to contribute. If noone does, make it a self improvement target and use your own thing to project your own things. Take it as a positive and write boast about it in your CV/Resume. You’re the master of your efforts. People like that.

Conclusion

I gave you techniques, future learning topics and a good tool to use. Now it’s on you to dump this info as yet another tutorial or actually goto the github repo and try it out. After that goto google scholar and read about k-anonymous, quantum proof cryptography, hybrid steganography techniques etc… etc… DO IT NOW. BYE. :slight_smile:

  • XeroHack
  • LinkedIn: www(dot)linkedin(dot)com/in/r4nd0mh3x-0x1337/ (remove dot - new users only 2 links allows :confused: )
2 Likes