Steganography, or “stego,” as it’s also known, is a way to hide messages like text or images into larger files.
Security Focus recently published an excellent and very well-documented article on this subject. Here is the introduction.
Over the past couple of years, steganography has been the source of a lot of discussion, particularly as it was suspected that terrorists connected with the September 11 attacks might have used it for covert communications. While no such connection has been proven, the concern points out the effectiveness of steganography as a means of obscuring data. Indeed, along with encryption, steganography is one of the fundamental ways by which data can be kept confidential. This article will offer a brief introductory discussion of steganography: what it is, how it can be used, and the true implications it can have on information security.
Kristy Westphal, the author, answers these questions. She also tried several steganography tools. You can see the results of her tests in her article, in two JPEG images, one without an embedded message and one with embedded text. The modified image shows less luminosity, but if you don’t know the original one, it is very hard to guess that the second one contains a hidden message.
For more information about this technology, you can visit the exhaustive Steganography & Digital Watermarking web page from Neil F. Johnson of George Mason University.