Here’s what I came up with as a quick ‘n’ dirty way of transfering something via email, so that the contents would not be immediately obvious to someone intercepting your email.
Create say a .xls file with sensitive info. Zip it. Change the extention to say .txt. Open it, insert one million lines of normal text - something unobtrusive. Then email the file to “recipient A”, who knows that he has to delete out the first 1,000,000 lines of filler text.
Recipient A recieves .txt file, opens it, deletes out the million lines, saves it, changes the extension back to .zip, and opens the zip file, revealing the .xls file with all the info.
All well and good, except that it doesn’t work. As soon as you introduce a new line of text into the .txt file, even when you delete it again at the other end, the zip file is corrupted.
So even though I’m only deleting filler text that the Zip app has never seen, I am still obviously deleteing or adding something that remains, that can be picked up by WinZip.
What is it ? What am I doing that forever corrupts the zip file ?
Anyone know ?
PS - I know it would just be easier (and more secure) to encrypt with a real encryption program, but where’s the fun in that ??
What are you using to add the extra lines to the file? Text editors will have a hard time not corrupting a binary file. How about using something like uuencode in the process? Tho’ that will probably defeat the compression.
You don’t say what program you’re using to add and remove the dummy text lines. If it’s a text-oriented program like Windows Notepad, it may be altering some byte sequences in your ZIP file to make them more text-like. In particular, it may be changing lone LF or CR characters to CR-LF pairs, the standard end-of-line marker for DOS/Windows text files.
ZIP programs generally offer password protection/encryption for their contents. If you’re using ZIP anyway, why not just use the password protection? ZIP file encryption is not very strong, but it will defeat a casual snoop quite handily. Wouldn’t using that be a lot simpler and more convenient than this text-editing scheme?
I just opened the txt file, wrote “blahblah” and saved it. I then open the file again, deleted out the “blahblah” exactly - no more no less, and saved it again, changed the extension back to .zip and hey-presto, it was broken.
AFAIK, the file is identical after I have removed the added text.
I was using Notepad to add the extra lines of text. I was unaware of the changes that you say it may make…
And, as I noted, yes - it would be easier and better to use the encryption provided, but I was on the jacks having a dump and was wondering if it would work. So it tried it, and failed. Hence the question.
Is there any other editor app that wouldn’t fuck with the binary values so much.
The idea was that instead of someone knowing you had an encrypted file, they might just think that you were emailing a massive text file, and not look all the way through it. That way, the subterfuge is part of the encryption…
Actually, lagged2death - you are even more right. It has nothing to do with the zip / unzip. I tried just making it a .txt, opening, changing, saving, opening, changing back, making it an .xls file, and hey presto - that doesn’t work either. It must be Notepad fucking with the binary values of the representation of the .xls file. Hmmm.
Securing a message by disguising it as something else is called steganography. There’s a lot of info about it out there, and probably even some free software to help you do it. There are ways of embedding messages in picture files and audio files. There has even been discussion about disguising messages as spam.
If you want to change values in a binary format files (like ZIP an XLS) without incurring extra, unintentional changes to the flie, you should use an editor that supports binary editing (often called “hex editing” because of the way the values are displayed). Many programmer’s editors have a feature like this; one that you can try for free is UltraEdit. There are very likely some completely free programs that offers this capability as well.
Also, the problem with the compression is that anybody with even a clue of what’s going on should be able to figure out where the junk information ends and where the zipped file starts. The .zip files come with header information that follow a fixed format. I’m not a programmer by any stretch of the imagination, but opening up all my zip archives in Notepad reveals that they start with the sequence “PK” followed by some values that notepad can’t render in ASCII. I don’t know if all .zip files have this exact same header sequence, but I figure they all must conform to some standard to tell the computer just what in the heck it’s supposed to do with the file at hand. Making a program that hunts down valid .zip headers seems like it should be trivial.
Firstly, lagged2death is right about the end of line markers being modified. Plus, you should realize that the font that Notepad uses does not adequately represent the 256 various values in a byte and will therefore not necessarily save the contents of the file correctly.
The best way to see how much notepad is not showing you is to download a hex editor and view an .exe file in the hex editor and in notepad. Just don’t save any changes.
Generate a random number from 0 to 255 from a known seed. That way you can regenerate the random series exactly.
XOR every byte in your file with a corresponding random byte from your series. This turns your file into a seemingly meaningless pile of gobbledegook.
All you need to do to get the file back is XOR every byte of it again with exactly the same pseudo-random series. Hey presto, your zip file or whatever looks like it has never been changed.
Steganography is pretty spiffy. You can hide information inside of pictures, sounds or unused sections ofa floppy disk. There are several freeware stego programs available.
