Steganography and Information Security

December 11th, 2007 at 18:19 · Filed Under Call Me a Geek, Hacking, Information Forensics, Technology, Web · Comment 

One of the major threats in this information age is the exposure of sensitive information in the Internet. The most common method of securing information is through encryption technology. Today, 128-bit technology is the commonly used encryption method in emails and documents. Recent upheaval as my ISP closing down port 25 for SMTP (Simple Mail Transfer Protocol) has rung an alarm to my computing needs on the Internet. My ISP’s decision is to curb spammers who have abused direct SMTP access to email servers. The act is a foolish one as this will not stop spams but at the same time, it affects those genuine users.

A 128-bit encryption can be broken into with cluster computer. A cluster computer consists of computers, called nodes, with one or more CPU. These computers are connected to a network. A special program capable of distributing calculation tasks to all the nodes is needed. This architecture is called Beowulf. Breaking a 128-bit encryption is just a matter of time depending on the number of nodes and the number of CPUs on each node.

My ISP forces all direct SMTP connection to be routed to an unsecured proxy server. As an emergency contingency to my Internet use, I quickly setup encryption for my email client. So far, the closing of port 25 has not affected me.

As I have the need to send sensitive work information across the Net, I feel the encryption is not enough on a unsecured proxy server. I would elevate the level of information security by using steganography together with encryption.

Steganography is a technique to embed information to a digital photo or picture without altering the photo or picture at eye level. The technique uses advanced algorithm to manipulate bits of data in the digital image with the bits from the information I am going to send. To extract the information from the encrypted digital image, an original image is the key. Only my intended recipient has an original copy of the digital image.

Tags: , , , , , , , ,

Information Forensics

December 11th, 2007 at 11:19 · Filed Under Blogging, Call Me a Geek, Computing, Hacking, Information Forensics, Web · Comment 

What is information forensics? Information forensics is a science of investigation into systemic processes that produce information. Systemic processes utilize technology, primarily computing technology, in creating, delivering, storing, evaluating and processing of information. This process is usually complement by manual process. Information forensics investigation dwells into the aspect of creation, operation and evolution of the enterprise information.

My first exposure to information forensics was during my project seeding at UTAR. Dr. Robert Tee was a good friend of mine and he exposed me to information forensics. Although we did not dwell too much deeper into it, I did some research myself and practice it. I provide Information Security Assessment Service to my clients on demand basis.

Information forensics is also very useful for SEO (Search Engine Optimization). My current SEO effort has fully utilized my skill in information forensics investigation to optimize my blog search results on search engines. I also utilize this skill to investigate the visiting patterns of my visitors by cross-referencing their IP addresses from various sources, visiting destination, search criteria, and other interests. From this information, I can have a deeper understanding of the visiting habits of my visitors and identify their search interest. To date, I have identified some spammers and reported them.

I am amazed how information forensics investigation helps me in SEO. If you would like more information about SEO or ISAS services, please visit here.

Tags: , ,