The Kernel’s Business

April 2nd, 2008General

The Kernel’s going to focus mainly on enterprise security and communication. You won’t be hearing news about it on this blog, but you can bookmark The Kernel’s site and get back to it in a couple of weeks.

Here’s what I’m so excited about: Even though security companies are growing like fungi in the Gulf, there isn’t much serious focus on enterprise security. The knowhow is largely imported, most of the available solutions are developed elsewhere, and it costs ridiculous amounts of money to simply close your front doors.

We’re not going into the saturated firewall, IPS/IDS market; these products cannot protect you by themselves without understanding how they work and their pros and cons. We want to make sure that data is never compromised, no matter how aggressive an attack is.

You might have heard of steganography, which is the science behind hiding information. There are many applications that can hide documents inside other documents on the computer (Steganos comes to mind), and they do a great job at it, but they are limited to digital steganography.

Here’s a simplification of how these applications work:

  • Pick a binary file.
  • Pick another binary file.
  • Scramble second file’s bits and store among.
  • Restore hidden file with password or key.

Here’s how we’re doing it:

  • Pick a media file, an image for example.
  • Pick a file to hide or a message to store.
  • Hide file inside image.
  • Print image on a $100 printer.
  • Scan the image on the other receiver’s side.
  • Restore hidden file with password or key.

So instead of manipulating the the bits of the media file itself, we’re manipulating the signals it sends and making them carry data inconceivable to the human senses, and sometimes even machine’s. The very same principle can work on other media files, the bigger and noisier, the better. Now we’ll be able to hide PDF files over traditional FM radio stations, or broadcast Picture-in-Picture TV channels quite literally.

Trackback URI.



One Response (Add Your Comment)

  1. J. P. Apr 6, 2008
    at 12:53pm

    It’s a nice idea, but I suspect the feasibility will be the hard part.

    You’ll need relatively high bitrates to really store anything that’ll survive the quality loss inherent in your average $100 printer’s output. Then you have any bit-loss from damage in transit– it makes it very difficult to actually retain data integrity all the way to the end in the first place. After that, you have to trust that ANY $100 scanner will be able to pick up the embedded data and get it right.

    It would seem like the only way to do it would be to apply heavy modification to the stream to even out noise patterns. On something like your average XVID/DIVX/MP4 stream, adjustment to just about any part of it would be noticible as differences in the noise patterns (more specifically, I’d say noticible additional macroblocking)… that’s going to make it easy to detect using anti-steganographic methods.

    I see other issues as well, but I could be wrong on all this. If you’re really this far into the whole start up thing, you obviously feel you’ve got an angle on the situation. Right?

    Reply ↵

Leave a Reply

Formatting: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Other Entries

Tweets from