REVIEW: "Hiding in Plain Sight", Eric Cole
- BKHDPLST.RVW 20031205
"Hiding in Plain Sight", Eric Cole, 2003, 0-471-44449-9,
%A Eric Cole
%C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
%I John Wiley & Sons, Inc.
%O U$35.00/C$53.95/UK#24.50 416-236-4433 fax: 416-236-4448
%P 335 p. + CD-ROM
%T "Hiding in Plain Sight"
Part one explores the world of covert communication. Chapter one
suggests that covert communication is all around us, but weakens its
case by providing only fictional examples. The author also states
that he has detected huge numbers of files which contain embedded
steganographic materials. He doesn't seem to understand that this
hurts his argument: what good is steganography if you can detect its
effects? There is a confused and incomplete introduction to
cryptography in chapter two. To be fair, it does make some good
practical points, such as the difference between an algorithm and an
implementation. The basics of steganography are provided in chapter
three but the explanations and examples may not make clear the
distinction between steganography and covert channels or codes. The
definition and illustration of digital watermarking, in chapter four,
does not present a rationale as to why the invisible marking data
cannot be removed. The example is confused and unconvincing.
Part two is supposed to take us into the hidden realm of
steganography. Chapter five outlines miscellaneous computer crimes
and intrusions with only the most tenuous ties to steganography,
fabricated by the author. A list of steganographic programs (almost
all of the insertion type) are provided without details in chapter
six. There are more examples of the same illustrations, a couple of
related programs, and some mislabelled figures (a graphical layout of
an IP header rather than the promised sniffer example) in chapter
seven. Cole uses an instance of hiding a virus with steganography,
but the dangers of inventing your own cases becomes evident: the
virus, as described, wouldn't work anymore.
Part three purports to show you how to make your own communications
secure. Chapter eight lists cryptanalytic and steganalytic
techniques, but does not delineate them well. A rehash of previous
ideas and weak examples substitutes for the strategy promised in
chapter nine: the main illustration has a complete failure of forward
secrecy. Chapter ten pledges that steganography will get better.
Although Cole is more entertaining than Katzenbeisser and Petitcolas
manage to be in their "Information Hiding Techniques for Steganography
and Digital Watermarking" (cf. BKIHTSDW.RVW), his information is
sketchy and suspect. In comparison, his work is little more than a
copyright Robert M. Slade, 2003 BKHDPLST.RVW 20031205
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... slade@... rslade@...
Vah! Denuone Latine loquebar? Me ineptum. Interdum modo elabitur.
Oh! Was I speaking Latin again? Silly me. Sometimes it just sort
of slips out.
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade