Google Suggest could be used to transmit secret messages in plain sight. That’s the message from a stenography specialist at the Warsaw University of Technology. Wojciech Mazurczyk investigates methods by which spies and terrorists might try to send messages undetected so that security agencies can discover ways to thwart their communications.
Anyone who has used Google suggest might wonder if it’s already a way of sending messages or pushing certain agendas. Whilst we may laugh at suggested phrases such as “My Favorite Color is Ham” and wonder how it came to be, racial slurs and personal reputation slurs are a more serious topic. Just recently Argentinian courts said they will issue an injunction to Google to request censoring anti-semitic suggestions appearing in the search box.
The stenography teams conducted an experiment to see if messages could be hidden in Google Suggest. By infecting a target computer with malware that intercepts the suggested search terms lists a message could be transmitted directly to that machine. The malware would add terms to the suggest lists, on that machine which the receiver can decode into a binary number using a codebook.
New Scientist summarized the process:
“To do this, the team infects a target computer with malware called StegSuggest. This intercepts the Google Suggest lists exchanged between Google and the infected computer, and adds a different word to the end of each of the 10 suggestions in the list on that particular machine. The added words are chosen from the 4000 most used words in English to make sure they do not appear too outlandish.
The receiver types in a random search term and notes down the additional word in each suggestion. These 10 extra words are then looked up in a “codebook” shared by receiver and sender that contains all 4000 words, which gives each word a 10-bit binary number. The numbers are linked together into a chain which is converted into text using a separate program on the receiver’s home PC, revealing the hidden message.”
Yep, it seems pretty complicated but plausible. However, surely if someone is caught receiving a codebook in the first place would that not arouse suspicions?