3

I am in the process of creating an image host, but want to avoid people embedding hidden images and files in the images they upload, as I cannot see the hidden images, therefore cannot monitor them.

I have heard of some people using steganography on some image hosts, and was wondering how would I go about blocking or preventing people from using it?

By the way I need this to support animated gifs and the image quality must remain as the original image's quality?

How can I go about doing this? as someone can embed illegal/banned files or images in an image, and I wouldn't know what is going on. I have seen some cases where the user must download the image then rename the extension to .rar or something to be able to access the file embedded in the image.

ramo
  • 945
  • 4
  • 12
  • 20
  • 3
    I don't think there are any good solutions (http://en.wikipedia.org/wiki/Steganalysis). It seems a general approach is to save the images yourself using a different compression method. It will not remove the embedded file, but it should jumble it up enough to make it unusable. – Malk Feb 09 '13 at 00:44
  • Can you point me in the direction of how to go about compressing the images while keeping the gifs animated – ramo Feb 09 '13 at 00:46
  • Sorry I cannot. Another option is that image files rely on a predefined byte structure allowing for extra bytes usually at the beginning or end of the actual file. You could check the bytes of these files for certain beginning/end [depending on type] values, but there is always the chance [although small] that you hit false negatives. Here is a decent link http://marcoramilli.blogspot.com/2007/11/how-to-detect-steganography.html – Malk Feb 09 '13 at 00:59
  • Thanks for the link, good read, but I don't see how this can be done in PHP, I think re-compressing would be a good way of doing it. – ramo Feb 09 '13 at 01:14
  • Just need to figure out how. – ramo Feb 09 '13 at 03:03

1 Answers1

1

Do you have to detect steganography? Since steganography can use the lowest bits to store data without it showing on the image, can't you flip the lowest bits on some of the colors? It should not change anything in the actual image, but will garble any hidden message

rypskar
  • 2,012
  • 13
  • 13