Join Books.org — it's free
Home > Books > Hiding in Plain Sight

Security - Computer Networks, Computer Security, Computer Science & Combinatorics, Cryptography
Hiding in Plain Sight by Eric Cole — book cover

Hiding in Plain Sight

by Eric Cole
Write a review
Log in to track your reading progress.

Overview

  • Explains exactly what steganography is-hiding a message inside an innocuous picture or music file-and how it has become a popular tool for secretly sending and receiving messages for both the good guys and the bad guys
  • First book to describe international terrorists' cybersecurity tool of choice in an accessible language
  • Author is a top security consultant for the CIA and provides gripping stories that show how steganography works
  • Appendix provides tools to help people detect and counteract stenanography

About the Author, Eric Cole

ERIC COLE is currently Chief Scientist for The Sytex Group's Information Warfare Center, where he heads up cutting-edge research in steganography and network security. Prior to this, Cole worked for more than five years in security for the CIA, during which time he earned six achievement awards and led a team of security professionals in the design and deployment of secure communications systems. Cole continues to consult for many government agencies. He holds several professional certifications and helped develop several of the SANS GIAC security certifications and corresponding courses. He has appeared on CNN, CBS News, and 60 Minutes.

Reviews

There are no reviews yet. Log in to write one.

Editorials

From Barnes & Noble

The Barnes & Noble Review
Where would you hide something if you never wanted it to be found? In plain sight, of course. (A familiar idea if you’ve ever read Edgar Allan Poe’s The Purloined Letter -- or, for that matter, misplaced your TV remote.) “Hiding in plain sight” is the principle behind one of the most exciting -- and controversial -- fields in computer security: steganography.

In steganography, secret information is embedded within routine, apparently innocuous communications of any kind -- JPEGs of your vacation photos, MP3 music files, you name it. Since nobody’s looking there, your message passes undetected, no matter how closely you’re being watched.

How does it work? How would you use it? How would you detect it if someone were using it against you? Those are the subjects of Hiding in Plain Sight by Eric Cole.

Cole is one of the field’s leading experts -- in fact, his doctoral dissertation covers stego. His security career has taken him from the SANS Institute (where he served as Director of the Cyber Defense Initiative) to the CIA (where he identified security holes in the agency’s Web servers, earning several “Exceptional Performance Awards” along the way). Who better to explain state-of-the-art security technologies to you?

It’s often been speculated that the 9/11 terrorists used stego. Nobody’s sure, but here’s Cole’s educated opinion: “I believe the terrorists did use stego because they had the technical savvy, the money, access to the technology, and images to hide data in. Perhaps most importantly, they had not only the means, but the motive for hiding information.” Possibly an even better reason to suspect Al Qaeda’s use of stego is that, based on Cole’s research, it’s used far more widely than most people imagine.

In Hiding in Plain Sight, Cole begins by placing stego in historical and technological context, and then explaining how it works, in simple English. He then explains today’s least ominous and most widespread application of steganography: digital watermarking. Next, you’ll dive more deeply into this “hidden realm,” understanding traditional insertion-based, algorithmic-based, and grammar-based forms of steganography, as well as newer substitution- and generation-based approaches.

Cole offers step-by-step instructions for utilizing S-Tools, stego software that will both encrypt your message and embed it into files for you. He then introduces a wide variety of stego tools -- including Hide and Seek, Jsteg, EZ-Stego, Image Hide, Digital Picture Envelope, Camouflage, Gif Shuffle, and Spam Mimic. If you’re a programmer, you’ll appreciate his detailed coverage of “rolling your own” stego software for embedding messages in everything from WAV audio files to HTML white space. He also presents a full chapter on sending stego files across a network (including techniques hiding data in email attachments -- or even IP and TCP message headers).

The book’s final section offers detailed techniques for identifying and cracking stego -- including ways to recognize files coded with each of the leading stego tools. Cole concludes by presenting high-level security strategies that take stego into account. If you’re a security professional, you need to know about this stuff. Even if you’re not, you may still want to read this book, just for the sheer fascination of it. Bill Camarda

Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks for Dummies, Second Edition.

Book Details

Published
April 25, 2003
Publisher
New York : Wiley Pub., c2003.
Pages
360
Format
Paperback
ISBN
9780471444497

More by Eric Cole

Insider Threat: Protecting the Enterprise from Sabotage, Spying, and Theft
Insider Threat: Protecting the Enterprise from Sabotage, Spying, and Theft
Network Security Bible
Network Security Bible
Hackers Beware: The Ultimate Guide to Network Security
Hackers Beware: The Ultimate Guide to Network Security
Wiley Pathways Network Security Fundamentals Project Manual
Wiley Pathways Network Security Fundamentals Project Manual
Network Security Fundamentals
Network Security Fundamentals
Cyber Spying Tracking Your Family's (Sometimes) Secret Online Lives
Cyber Spying Tracking Your Family's (Sometimes) Secret Online Lives
Man and Beast
Man and Beast
Advanced Persistent Threat: Understanding the Danger and How to Protect Your Organization
Advanced Persistent Threat: Understanding the Danger and How to Protect Your Organization

Similar books

Modern Cryptology
Modern Cryptology
Cryptography for Internet and Database Applications: Developing Secret and Public Key Techniques with Java
Cryptography for Internet and Database Applications: Developing Secret and Public Key Techniques with Java
Secure Information Networks, Communication And Multimedia Security
Secure Information Networks, Communication And Multimedia Security
Cryptography For Dummies
Cryptography For Dummies
Wireless Security and Cryptography: Specifications and Implementations
Wireless Security and Cryptography: Specifications and Implementations
Brief History of Cryptology
Brief History of Cryptology
Disappearing Cryptography: Being and Nothingness on the Net
Disappearing Cryptography: Being and Nothingness on the Net
Innovative Cryptography
Innovative Cryptography
Security in Communication Networks
Security in Communication Networks
Primality and Cryptography
Primality and Cryptography