The Steganography Scenario
In February, 2001, USA Today reported that foreign and U.S. officials said "bin Laden, indicted in the bombing in 1998 of two U.S. embassies in East Africa, and others are hiding maps and photographs of terrorist targets and posting instructions for terrorist activities on sports chat rooms, pornographic bulletin boards, and other web sites."
U.S. officials say that Osama bin Laden's al Qaeda organization used money from Muslim sympathizers to purchase computers from stores or by mail. bin Laden's followers in hostile countries throughout the world downloaded easy-to-use encryption programs from the web and have used the programs to help plan or carry out their terrorist plots.
Whether or not these reports are true, al Qaeda operatives living in a hostile country can use steganography to exchange messages and coordinate attacks without the country becoming any the wiser. Any location that provides Internet accesssuch as Starbucksprovides an easy way access point. But they would need a location on the Net where they can hide their messages in plain site.
And guess what? Porn sites are ideal for this purpose.
Porn sites are filled with images that sometimes change multiple times each day, require authentication in some cases to access their "better" areas of content, and by using steganographic techniques would allow an agent to retrieve messages from their home bases and send back updates, all in the guise of porn trading. Thumbnails could be scanned to find out if there are any new messages for the day; once decrypted, these messages would point to links on the same site with the remaining information encrypted.
The terrorists know that so many different types of files can hold all sorts of hidden information, and tracking or finding these files can be an almost impossible task. These messages can be placed in plain sight, and the servers that supply these files will never know it. Finding these messages is like finding the proverbial "needle" in the World Wide Web haystack.