This week’s reading gives you basic technical information about passwords and encryption, and how to recover data protected by these mechanisms. There is also a section on Steganography, which literally translated means “covered writing.” When some people think of steganography, or “stego,” they think of documents or other data files being hidden in other file types (usually image/picture files). This is something that is used frequently in secreting child pornography to avert detection. Interestingly, the use of stego goes much farther back than the use of computers.
Like cryptology, steganography is used to hide something in something else. So, even though a code breaker can detect the hidden code, they may not be aware that the code actually contains a different message. Cryptography scrambles a message so that it is unreadable, but still visible, while stego camouflages data to hide it or make it undetectable. This course is not meant to teach you about the technical details of encryption or passwords or steganography (entire books are written on each of those subjects), but rather to help you understand their place in the criminal justice process.
As a side note concerning discussions in previous weeks; does a warrant give you the authority to break passwords protecting information or to decipher encrypted data? This is a very important question. As many of you have discussed in our previous week’s discussions, it is important to make sure you know the limits of your warrant. But while you are conducting a search with a properly executed warrant, you may come across other information that is not included in your scope, but is still evidence of a crime. For example, imagine you are searching a hard drive for information related to a fraud scheme. While you are looking through the files you come across a picture that is obviously child pornography, but you do not have child pornography addressed in any way within your warrant. What do you do? The proper response is to stop the search and obtain another warrant for evidence related to child pornography. The same thing applies to discovering encrypted data. In your affidavit you should explain that criminals sometimes encrypt files that contain evidence. Some may even use steganography techniques to hide other files.
For this week’s discussion, complete the following assignment below in detail. Please discuss thoroughly and substantively in your post. You are required to respond to at least one classmate in this week’s discussion, and responding in a thorough, substantive, intelligent way to your fellow classmates will add to our discussion and learning of this week’s topic!
Find a recent article (newspaper, journal, magazine, conference, etc.) about how steganography or encryption (or cryptology) was used in deterring a computer forensic examiner from quickly finding evidence.
1) Briefly summarize the article and events, and then explain the challenges that it presented, and if it was possible to successfully recover the data that had been embedded in the stego, or encrypted. Also, make sure that you reference the article.