2 comments

Creating Silly Images

by Javantea
Oct 10, 2006
AltSci Concepts Nov 10, 2006 Cover

An image is a simple representation of a complex system in the same way that a program is a simple representation of a business. These similarities are hand in hand in the creation of programs and images as well as the viewing. Viewing an image is very much like using a program and reverse engineering a program is quite similar to analysing an image. The concepts are much easier for non-programmers to understand in terms of art, so to discuss programs, I will first discuss art. For programmers, the concepts are much easier to understand in terms of a program, so to discuss silly images, I will then discuss programs.

First, I will discuss the image which I enjoyed so very much creating and which I enjoy so very much discussing. The background is a favorite technique of mine. It is discussed in great detail below. It represents the sea of random information in cyberspace that users swim through daily. The colors are bright like the virtual neon signs that plague every corner of the internet. Each line of text was created using a different technique. Motion blur on the word welcome represents how quickly the user glances past any piece of data that they are not interested in. John Smith is set in the Times font that all generic 'legit' websites use to lull customers into a false sense of security. The words "to the" use another fun technique (blur, sharpen 99 twice) that I use often (same as the background). This effect represents the repetitive fawning and disillusionment that the technolust lifestyle commonly generates amongst its users. The word "Future" is written with two futuristic features ((blur(f) - f) & hue(f)) that I designed specifically for this image. These features remind me how much of the future is ubiquitous and how little of it really seems Sci-Fi. The phrase "Welcome, John Smith to the FUTURE" is a parody of the common phrase used to greet users when they login. Welcoming someone to the future is a derogatory phrase and is quite akin to telling someone that they're a cave dweller. The second meaning is that most people will be seeing someone else's login page (considering how few John Smiths will be reading this page). This is a common occurrence for hackers and often brings a great feeling of accomplishment, which might be lost on readers who aren't hackers. There is yet another meaning in the phrase and that is the inspiration of the phrase is the song "Cities of the Future" by Infected Mushroom. The design of the song invokes a feeling of power and electricity. The main vocal is modified to be very electric and warbly like the lead synth. I originally created the image as a 1024x768 (for no good reason), which had to be expanded and then shrunk. But it makes a fine background image if you'd like. There you have it, a complete discussion of a mediocre piece of art.

A program can be made simple or complex. A program's reliability depends on how well it has been properly debugged. Debugging depends on hours looking at inane code, which coders often dislike. A program that is built simply is simply debugged. Therefore, the building of many simple programs each of which are easily debugged makes for a better operating environment than having a few large programs.

Linux and the GNU project has seen this quite thoroughly: simple programs make for easy work. After a while, a certain pattern of running programs shows itself. This is the beginning of scripting. Programmers often start out by seeing a gap between the software that they use and their job. The solution to this gap is to write scripts that do the required action with as little user intervention as possible. Each combination of programs is a new and interesting program itself, even though it's just a script. Often, scripting is not enough, so actual programming comes into play for more interesting tasks like internet messaging, file transfer, and so on.

How does this compare to images? An image can be made with many different techniques: vector graphics, photography, brush strokes, and so on. These can be further modified with gaussian blur, sharpen, and a multitude of filters. The method of creating images can be so diverse, that the possible outcomes of a miniscule size image are astronomical. Yet, there is a limit. Using all possible entropy, a 640x480x24-bit image can only hold 0.9 MB of information. Most images have much less entropy. Using compressors like PNG and JPEG, we can see a much more realistic number of how much entropy an image has. An image that has already been compressed with JPEG has a fraction of the entropy of an image that is completely random. Compressing random data with JPEG reduces the entropy by at least the ratio that the JPEG compresses at.

Creating an image for the cover of my journal is a fun experience because I get to control the amount of entropy with the things I do. The yellow, magenta, cyan, and black lines spread over the page are created by a 1% hurl, blurred 25 radius, sharpened 99 twice. The hurl introduced ~75578 pixels of pseudorandom data over a fairly large surface. The blur destructed some of the entropy, but left a very small (invisible to the naked eye) field of color. Sharpening 99 produces a strange effect with blurred noise. It makes field lines for the colors where there was only a slight variation in field. This shows the entropy much better than the hurl did. Also, this pattern is simple, but is fairly difficult to reverse. To reverse it, all psuedorandom keys must be tried and each operation must be calculated (4.29e9 operations). Other ways of reversing this are possible, but not entirely reasonable. The same effect was applied to the text "to the". It caused so much damage to the original, that I decided to multiply the original to the damaged original so that the reader could read it.

This shows the complexity and the resistance to debugging that is derived from simple operations that involve entropy. Hashes are similar mathematical equations that exist to this end. Hashes are one-way functions that usually involve reduction of entropy into an unusable state. The method of creating the cover image took a small amount of entropy and turned it into a much larger data set with the same entropy, but still not reversible.

Non-reversible computer-generated images are of importance to the field of steganography that I discuss in the article "Basic Text and Image Steganography". Steganography usually requires a source of entropy that is not completely random since it is meant to hide in plain sight instead of giving away intent. However, photos are much less easy to come by than computer- generated images. A psuedo-random image generator would be sufficient for steg, but it would give away intent. If an image could be created that looks like it was human generated and contains valuable information, it can hide much better. As we can see from the multitude of fractal programs, screensavers, video games, and so on that populate the world's images, computer-generated images are relevant to art. A person who generates five hundred computer-generated images might be a steganographer or a pioneer of the computer art field. Since computers can generate works in its medium much quicker than any other artist, photographer, or other system, it makes sense that as computer art comes into mainstream, it will be possible to create an art set of gigabytes in several hours. Viewing such art is quite easy given a broadband connection, so users might be able to view the art in real time if the images are displayed quickly. Does it sound like I'm making excuses for a badly conceived steganographic idea? It's funny that the idea of the new form of art came long before the steganography. Now that a reasonable interest can grow in the medium, it makes sense that artists will thrive in it.

The key to the cover's steganographic message is:

00A8 01E8 00A3 02CA 001E 0003 0052 009B 003A 0028 00E8

You could crack this without the program, but I'll give you the program anyway.

#!/usr/bin/env python

# ptr_steg1.py
# Pointer Steg
# By Javantea
# Oct 10, 2006

from base64 import b16decode
from sys import stdin
import struct
infile = open('altsci_comp6med.png', 'r')
data = infile.read(1024)
infile.close()
output = ''
while 1:
	bptr = stdin.read(4).upper()
	sptr = b16decode(bptr)
	iptr = struct.unpack('>H', sptr)[0]
	output += data[iptr]
	delim = stdin.read(1)
	if delim == "\n" or delim == "": break
#loop

print output

Key exchange is a difficult issue in steganography. How do we store the key? Encrypt it with the password and steg it? That may seem to defeat the purpose, but it actually does something incredibly clever: turn the plaintext into a unreadable bunch of garbage. The brute force attacker must now desteg twice. The sophisticated attacker, though is robbed of a plaintext to attack. How many times should a steganography program steg? Once, but give the user the option to resteg any number of times. This way the attacker has to know what level to try. Some people will steg enough times to cover for the rest of us who only steg once. Or not.

Another method exists which is strange and subtle. The SHA1 hash of a password and salt can be used as the key of an arbitrary image. The salt can be incremented until the message that the person wants to send is found. The salt can then be sent in plaintext. Since the salt can be arbitrary, it can be generated to make it harmless. For example, say that the salt "A fine day in London" just happens to be the right salt for the password "getsome!!1111" and some arbitrary picture. The picture can be posted with the ALT text set to "A fine day in London". How long would it take to brute force the password with this system? Not very long, but the number of false positives would be very high.

Permalink

Comments: 2

Leave a reply »

 
  • Asian Beauties

    Hi there! I just wanted to ask if you ever have any trouble
    with hackers? My last blog (wordpress) was hacked and
    I ended up losing a few months of hard work due to no data backup.
    Do you have any methods to protect against hackers?

     
     
  • Javantea

    Dear Asian Beauties,

    I have not had any problem with hackers. I've spent most of my entire adult life hacking, so that might have something to do with it.

    Regards,
    Javantea

     
     
  • Leave a Reply
    Your gravatar
    Your Name