"Still, if you put in more effort, there is yet hope."YOU FIRST. Otherwise, a case like yours would get thrown out of a courtroom. IOW, you're failing AT failing. At least I'M giving specifics that I have actually encountered in real life. What's YOUR basis?
Ah, the old "I've seen it, really, someone else has done it" cry of the inexperienced. If you really are talking from experience and knowledge, you'd give some actual specifics (and could point to them) when being asked, rather than trying to claim you have.
IOW Charles, stop talking bollocks.
Here's a couple of really basic, easy to do but impossible to check stego ideas I've come up with this morning with a few moments thought.
1) I take a photo in low light, meaning grainy picture. I then alter certain pixels to a specific colour value. The code could be in the number of pixels between the encoded ones, or I could use certain colours for certain characters, even mix it up so #FFFAAA in one instance = A but in another =",", depending on what the preceding character was, or the spacing of the pixels could also change so #FFFAAA=A but no less than 150 pixels apart. Lots of ways to mix it up. Unless you know what those values are, you don't have any way to tell what is in there. A grainy enough image (like the fireworks ones I took on Saturday night) gives plenty of room for altered data. Now, what system would you use to easily automatically test for that, as you so often claim is easy? Remember, we're talking the colour of pixels in a very "noisy" picture which will have a LOT of effectively random pixels in it.
2) I put a number of pictures online across various sites. A small portion of each image is "visually altered" in that when all of these are collected together, you can see a small bit of information (Eg a target building and time - "target building" could be a pre-arranged one of 5, so just single 1-5, same for date and time (so 1 4 5 could represent the subway station at 104 75th street London (I hope there really is no such place). 30th February (so no one can claim I'm trying to send a secret attack date here - or am I?) at 4:70pm (seriously even a fake time!) - I could even do that taking a photo of a "nice car in the street" which just, by absolute coincidence, happens to have the right digits in the right order on it's number plate). How are your "easy to detect" methods going to find this? Hey, lets make the code for the attack a specific model of car for the building, the colour of the car for the date, a specific model of motorbike for the time and a picture of one item of house, apartment block, shop and tower block to decide if I use nerve gas/explosives/shooting etc etc etc/ Tell me how your "well-conditioned traffic sniffer" will pick any of that up?
In all your answers, BTW, I expect verifiable 3rd party references, not your normal "BUT they'll MAKE a LAW" or "Its easy to do I've seen it", or the stuff that calls to the use of weird drugs and vivid imagination rather than science.
3) I log into a chat server, or something via SSH or telnet or anything else where individual keystrokes are sent. Lets use a "online vet" as an example. I hold a conversation with someone about my cat's toilet habits, the colour of its crap, how often, what it's diet is like and so on. The encrypted message is in the pauses behind my keystrokes, which are not being typed directly by me but through software that inserts the slight delays in a way that mimics normal human typing (as we all have slight differences in the delays between keystrokes).
4) Or the encrypted message is in the typed-then-deleted typos and so on, where the typos spell out the key message (encrypted/encoded of course) while the rest of the data is just there to keep the officials watching chatter about kittens.
5) How many millions of mangled data packets does your home computer send out while you're playing online games? How about a few extra packets inserted in those streams which appear to be from the game, but get dumped by the game as mangled data? How is that going to be "easily parsed"? (makes me wonder a little more about the recently reported alterations to Windows for stopping certain game mods...)
Here's 5 with only a couple of minutes thought. As I've said, this stuff is easy to come up with if you sit and engage your brain for a moment. No software will be able to catch these out unless there's issues with the implementation, eg the delay between characters that equates to specific letters is too "mechanical", or the changing of dots in a grainy picture spells out words that are visible rather than being used as code in a way that would never look like written language.
Your so-called "real life experience" is often looks more like "wild drug trip mixed with some of the sort of interesting stuff 5yo's come up with".
Oh, and my basis? Growing up gay in a country that was very anti-gay, in a very conservative small farming community, where to survive and keep the few friends I could get we had to be able to communicate privately in public - sometimes just saying "leave him, he's had enough" was enough to get them beaten as well. At some stage I took an interest in resistance efforts and how they communicated (can't say whether or not "Hogan's Heroes" had any bearing on that), and after becoming a Christian I learned a bit about the supposed acts of Christians in places like Russia and China and other states where simply having a private prayer with a friend could supposedly lead to imprisonment or even death.
Since then I've kept a basic interest in privacy and preventing conversations being monitored should we choose to do so. I've probably watched way to many movies where the innocent man on the street suddenly has to become an expert at evading tails and avoiding state-sponsored eavesdropping.
Oh, and I've spent a long time in computing, various childhood "wargames" where we couldn't always be sure we weren't being heard, various RPG's where you couldn't be sure the SysOp of an intermediary BBS wasn't also an "enemy agent" (ok, one we were sure about - much fun sending plaintext plans through his system which said something different - just toggling a few things like a ".." at the end of a sentence or an extra space would change the meaning of the words we wrote - and this was long before we had internet or cheap calling rates so phoning wasn't an option (not at >$1/minute rates!), and of course time in front-line computing cleaning up the systems of victims of malware and hacks.
Not a great deal, but enough to give me some actual "real-world experience" and some basic ideas that work (even if at a low data rate) and can be openly published without fear of detection (unless you do something silly like put "the attached images contain stego of our terrorist plot" in the same email).
It's really easy to come up with this stuff, and no "well-conditioned traffic sniffer" will even get a hint there's more there to look at, let alone being able to "easily parse" it.
Engage brain Charles. You can do better than this, I have seen it! You might want to try playing some chess for a while. Oh, a whole new range of stego there - sending chess moves in the mail!
(BTW, I've spent a while encoding 8 different texts in here. Tell me what and how if it's so easy. The clear text of one of those is "You're talking bollocks" to help get you stared (must remember to stick the geany in the bottle so I can recall it myself later!) - IOW yes, I've used multiple versions of stego in this one message!
Biting the hand that feeds IT
