The Technology Behind Spying
MICHELE NORRIS, host:
From NPR News, this is ALL THINGS CONSIDERED. I'm Michele Norris.
MELISSA BLOCK, host:
And I'm Melissa Block.
Among the many fascinating facts we've learned about the 11 alleged Russian spies arrested earlier this week by the FBI, here's one that stood out. They sometimes communicated by embedding hidden messages in image files, which they posted on the Internet. This idea of hiding a message in something else is an ancient one. It's called steganography, from the Greek steganos meaning covered, so covered writing.
These days, computer programs can insert encrypted messages into seemingly ordinary text image or sound files, and here to explain is Dartmouth College computer scientist Hany Farid.
Welcome to the program.
Professor HANY FARID (Computer Science, Dartmouth College): Thank you.
BLOCK: And before we get to this modern-day application, why don't you talk a bit about the ancient ways people would use steganography?
Prof. FARID: Yes, what's great about this technology is, although there is this modern-day version that we have in the digital world, it dates back thousands of years. My favorite example of this is that the Greeks, when they wanted to send a message to their generals in the field, would tattoo a message into the back of the head of a messenger, allow the hair to grow back and then send the messenger along the way.
The idea being, of course, if they weren't intercepted, there will be nothing on their physical person that would reveal what the message was. But, of course, at the other end when they arrive, they would shave the head and there the message would be.
BLOCK: Okay, well, a bit of evolution from the Greeks to now. What allegedly did the Russian spies do? How would you do this if you wanted to get a text message inside, say, a picture?
Prof. FARID: It's actually a fairly easy thing to do because you can just download software. There are literally hundreds of freely available software packages, and the way the software works is very simple. You give it one image, which we call the cover. That's the innocuous image of the cat, your backyard, a birthday party and your message.
And the software simply combines them together, and then that image can be either posted on a webpage, sent over an email, and then, of course, at the other end, when it's received, the same software extracts the message out.
BLOCK: And according to the criminal complaint in this case, the images that they were looking at appear, as they say, wholly unremarkable to the naked eye. You really can't tell.
Prof. FARID: That's exactly right. So the beauty of this technology is you can take any digital image and because the Internet has so many images floating around, there's just no way that anybody by simple visual inspection could have determined that there was a message embedded within it.
BLOCK: And you're saying this is an easy thing to do?
Prof. FARID: Anybody can do it. So go onto your favorite Internet search engine, type steganography software download, open the software. It's as simple as using Word, really. It doesn't require any particularly high-tech technology or training of any sort.
BLOCK: What would the advantages be of using steganography, say, over, you know, sending an encoded email message or something like that?
Prof. FARID: If I'm somebody at my home and I encode a message or encrypt a message, which takes a normal message, whether it's text or an image, and scrambles it so that it's incomprehensible and I transmit that to somebody, it looks a little suspicious because the average person doesn't do that. The beauty of steganography is that it doesn't look suspicious. You're simply sending a photograph to somebody.
BLOCK: The way that this was discovered wasn't because the FBI happened to find these images and know to decode them. They found it in the physical search. They found the password for this program in the apartment of some of the defendants here, apparently.
Prof. FARID: That's exactly right. In fact, that's the very nature of steganography, is that even if they had found the images on the computer, they wouldn't have known that there was a message in it, unless they had actually found the software.
Now, there are scientists, such as myself, who are developing computer programs that can determine whether images or sound files contain an embedded message even when you can't see or hear it.
BLOCK: Aha, I would bet that's a growth industry right now.
Prof. FARID: Yeah, I mean, and cases like these actually highlight the need for this. The fact is we don't really know how prevalent this is, but we do know that some organizations and some individuals are using this technology. And because of its very nature, it's a fantastic covert technique that is very hard to detect.
BLOCK: Hany Farid, thanks so much.
Prof. FARID: Thank you.
BLOCK: Hany Farid is professor of computer science at Dartmouth. He was talking about the art and science of steganography.
NPR transcripts are created on a rush deadline by a contractor for NPR, and accuracy and availability may vary. This text may not be in its final form and may be updated or revised in the future. Please be aware that the authoritative record of NPR's programming is the audio.