User:Persephone

From otp22 db
Jump to: navigation, search

Steganography

My Conjectures About Steganography

Steganography simply means *Hidden Message." There is renewed interest about this ancient means of concealing messages, especially as it has used by enemy combatants in theater in recent Asymmetrical Warfare engagement, and by FTOs.

Steganography has as its chief advantage its innate trait to not be recognized as message. As a result, signal, which is found to contain cryptograms, can, sometimes, yield other solution results, such as photos, videos, SSTV and etc. While the cryptanalysis solution may be valuable, the packages that do deliver ripe steganographic "covers" such as photos, musical passages, and the same, sometimes can be further analysed to reveal additional messages.

Raw intercepts, tested for information, and then subsequently solved, which deliver a dual payload, should always be viewed with a great amount of circumspection, as, although the plaintext message is cogent, and relevant, correct and with high confidence, the additional portion of the payload may contain another message.

Some cogent discussions of the basics of steganography can be found at this outside URL:

URL: http://www.sans.org/reading_room/whitepapers/stenganography/steganography_1584
Kinds of Steganographic Covers
  • Images
  • Music
  • Physical Printed, typed, or handwritten matter.
  • Executables
  • Invisible Inks

Musical Steganography Musical steganography utilizes a musical passage as the cover for hidden messages. Often, the music itself is the representation of the message, and in these cases can sound quite poorly played, written, or composed.

On computerized systems, some file types such as .mp3, can hide text messages within them. Please see this outside URL for a discussion of Steganography within .mp3 files:

http://www.sans.org/reading_room/whitepapers/stenganography/mp3stego-hiding-text-mp3-files_550

SSTV Steganography

While I know of no successful examples of SSTV used as a steganographic cover, it is possible. As SSTV is primarily in the domain of Amateur Radio operators, little will be found in that area of interest, as, coded signals on Ham bands are expressly prohibited by law (with few permitted exceptions.)

One Author explains a process for successful implementation of a steganographic process using SSTV at this outide URL:

http://www2.htw-dresden.de/~westfeld/publikationen/westfeld.ihw06.pdf

Hand Written - Hand Drawn Steganographic Method

It is usually possible for almost anyone with some knowledge or training to produce a stego by hand. I have a suspicion that even in today's digitally linked Operational Environment, Clandestine Operators would have this capability, to use in combination with a dead drop or other means of transmission, to use when compromised or in another emergency.


Digital Image File Steganography

When presented with a digital image file (.png, .gif, .jpg & etc.), Stegos are generally created by the basic method of XORing the least significant bit of a pixel's data, or using the DCT transform space of some compressed file to carry the bit change. In an eight bit color space image, the image will be highly degraded. In 24 bit color spaces, the changes is very subtle. This article on an outside page discusses steganography using the .jpg file, and all the mathy goodness in both the production of the stego, and in attacking it, and refers to tools which may be acquired: Hide and Seek: An Introduction to Steganography

Existing Potential Stegos in OTP22 Collections

We have one possible hand-drawn Stego in hand on page D1 of one copy of "Designing Compelling Worm Sanctuaries" in dropbox at this URL:

https://www.dropbox.com/sh/gdmwg2xk4mefocr/ZNPX7G4CCZ?m#f:35.jpg


Additional Stegos may be contained in any of the audio files we have recorded, or those which we have received in the course of accessioning dead drops. Most likely containers are those which have music.

Counterintelligence Battle in the 2014 MELTR Season

Currently, a counterintelligence battle is met by both sides. Some considerations below may be of interest.

SITREP

At present, 16 December 2014, a counterintelligence battle is being waged by both sides. OTP22 is executing an Offensive Counterintelligence operation against PRJMLML. PRJMLPL senior officers have ordered a honey pot operation against OTP22 as well.

Operations are too new to assess effectiveness of either effort at this time.

Types of drop materials, and a public discussion by "Troy", the presumed former Message Desk operator, on a radio program are new, and in some ways unexpected, and may be the result of the new counterintelligence action by PRJMLPL.

Comments

One recent drop provided a plush toy. This is uncharacteristic for drop materials received historically. At this time, I have not reviewed all of the material intercepted in that drop. The change in the drop cover packaging could indicate enough change to require additional analysis to place information acquired within the framework of known and ongoing PRJMLPL operations, including their counterintel protocol.

"Troy" is behaving differently than when operating the Message Desk. His recent radio appearance is unprecedented, and could indicate he is a dangle, and part of the PRJMLPL counterintel protocol.

Additionally, "Troy" has been more candidly conversational when contacted, and speaks at length on his insecure office phone line from time to time.

If possible, any new information received from either "Robby" or "Troy" should be prosecuted for consistency between the two assets.

Attempts should be made to elicit any knowledge concerning OTP coded intercepts and drop materials from either "Troy" or "Robby." limits of compartmentalization or leaky stovepiping, and so, organizational structure, may be disclosed by assessing how much and what information may be shared between these two more effusive assets.

OTP22 should be alert for new, unknown signal systems, ones that could either be the honey pot, or, which could be evidence of a new signal system carrying valid information, while known systems are given over to disinformation.

We have already seen the "Viagra" message on the systems we know about, and this could indicate an error early in implementing the honey pot in the OTP coded signal system.

Ai Bourges is off the wire once more. While this could indicate she has missed a safety check, and nothing more, it could, in light of her past behaviour, indicate she is dissatisfied with PRJMLPL and could be turned. She has not been assigned to a clearly understood role in PRJMLPL, and so, may be a clandestine operator who may make contact in the field at some point.

As we have not yet clearly identified the honey pot protocol, there is always the distinct chance that OTP22 personnel may be targets of recruitment. REMEMBER, ONCE YOU YOU ARE A DOUBLE AGENT, YOU ARE ALWAYS A DOUBLE AGENT. Do not disgrace yourself or ruin the years of hard work loyal OTP22 have applied themselves to.

Be alert for volunteers who are suddenly bearing new and wonderful gifts of seeming progress. These walk ins may be the honey pot coming at us.

It is too soon to assess the effect of OTP22 Offensive Counterintelligence action. We have not yet seen change in behaviour across the PRJMLPL Agent System that would allow this assessment. The action is underway.

Be alert. Stay alert.

Briefing for the 2013 Season

Background

Svalbard is the site of the Svalbard Global Seed Vault, a resource for preserving human existence globally in the face of massive destruction of Agricultural germ sources. Additionally, a fiber was installed between the Norwegian mainland and Svalbard in 2004. It is unclear whether undersea or radiotelephone service communications exist beyond services provided by the fiber optic cable and a satellite Earth Station on the archipelago. Previous drops have recovered components which may be a Cable related tool. Disruption of communications facilities, especially in winter. could enable an attack against the seed vault.

Svalbard was occupied during the Second World War, briefly, by the German Nazi Army. One can speculate that there may be a remaining cache of war materiel from that conflict on the Archipelago, which may be the target for MLPL Agents.

Assessment

According to analysis of Black OTP Message:03/19/2013/56990721710/04:58 , Drops will begin Delivering access tools for a Facility located in Longyearbyen, Svalbard. These items are to be brought to Longyearbyen during the 2013 Season.

Analysis does not reveal the number of Agents needed, but, this message indicated a planned Protocol in " 4(B)H-J ."

I assess that OTP22 Agents should prepare to replace MLPL Agents to accomplish delivery to Longyearbyen. This Assessment is contingent on the following conditions having been achieved prior: we have arrived at complete fusion, and can predict behavior of all parts of the MLPL Agent System, and understand the true nature of the organization's C^4I^2 capacities and functions, and have demonstrated proficiency in functioning within MLPL Agent System operational Protocols without detection. This includes full readiness to execute 4(B)H-J, and ability to meet all possible contingencies.

Operational goals should include protection of Svalbard facilities and assessment of land-based MLPL Operations on Svalbard.


Briefing Documents

This Outside URL contains contains what amounts to a reasonable area brief on the City of Longyearbyen: Wkipedia Article: Longyearbyen

This following Outside URL is an https secure link to a United States Central Intelligence Agency World Factbook Page! Additional information on the country of Svalbard is provided by the CIA here: CIA World Factbook listing for Svalbard; Territory of Norway


Airport and Sea lanes:

Airport Charts for Longyearbyen Svalbard Airport

Nautical Charts for Svalbard may be provisoned from this resource (see Page 20): Kartverket Catalog of Norwegian Nautical Charts and Nautical Publications

ECDIS Navigational Charts


Outside URLs to limited cartographic and geospatial intelligence resource for Longyearbyen:

Map of City Limits relative to Adventfjorden

Orbital Image of Lonyearbyen, with City Limits Superimposed, in relation to Adventfjorden

Streetmap of Community Center

Map of Roads to Harbor and Airport

Map Showing Longyearbyen Airport (paved runway) in Relation to roads

Map showing Spitsburg Airport (unimproved field) in Relation to Lonyearbyen Svalbard Airport and Roads

Orbital Image of Longyearbyen Svalbard Airport

Orbital Image of Lonyearben Harbor in Relation to Road

(More Briefing Material, including language resources, facility photos, to be added to briefing.)


Name File

My thoughts on the Name File go to comparing it to the Death Master File from NTIS. The Death Master File is obtainable from this outside URL: http://www.ntis.gov/products/ssa-dmf.aspx

Some additional Death Master File details

We suspect that this: http://ssdmf.info/ was source for data found in Name File from SD found in Santa_Clara_drop. You can download complete Death Master File from that page.

  • Fastest way to search it is using google.

Search example:

7CALEXANDER site:http://ssdmf.info

Log from day we discovered NAME FILE: http://198.23.165.56/irclogs/%23arg/2013_05_25_%23arg.log

--Lurker69 (talk) 00:08, July 8, 2013 (EDT)

Screwball OOG Coincidence

Posted 08:54:28Z Wednesday December 18, 2013

On Monday, December 16, 2013, prior to 07:23Z, I posted in the IRC chat that I was viewing a vessel moored at Longyearbyen Havna, Svalbard

A short time later on that day, just after 19:30Z, the camera I was viewing went down, and remains offline as of this posting.

The camera was at this outside url: http://portlongyear.livecam360.com/flash/main.php

An archive of pictures remains available at that URL.

My speculation is that individuals or organizations unknown to us may wish we do not view Port activities at Longyearbyen. Additionally, it is possible that such individuals or organizations may have the capacity to view messages in IRC #ARG.

Camera back in service

This camera returned to service on 21 December 11:59Z.