Steganography Podcast - Embedding Secret Messages in Online Conversations

On February 15, 2010, Mike Qaissaunee and I recorded a podcast titled Vice over IP: Embedding Secret Messages in Online Conversations. In the podcast Mike discusses embedding secret messages in images and Voice over IP sessions using a technology called steganography. The podcast is based on an excellent article in this months IEEE Spectrum titled Vice Over IP: The VoIP Steganography Threat. Here's a list of some of the questions Mike answers:

Before we delve into this new topic, lets provide the audience with a little background. First what is steganography - sounds like a dinosaur?
Can you give us some examples?
How does steganography work?
How do we stop it? Can we?
How would spectrum analysis help detect these messages?
What is network steganography and how does it work?
What are the three methods or flavors of network steganography that researchers have developed? Can you describe each?
Should we be worried?

Fascinating and interesting stuff. Here's how to listen:

To access show notes and audio of Mike Q and my 24 minute and 5 second podcast titled Vice over IP: Embedding Secret Messages in Online Conversations, click here.

Listen to it directly in your web browser by clicking here.

If you have iTunes installed you can subscribe to our podcasts by clicking here.

Telco TV Subscribers Predicted To Double by 2011

Here's some interesting numbers from a new ABI Research report:

• Global pay-TV subscribers will number more than 730 million by the end of 2011.
• North America has the highest subscriber penetration and should reach 115.4 million by the end of 2011.
• Western Europe has the highest Telco TV penetration rate and continues to increase in subscriber numbers, especially in France, Italy and Germany.
• North America and Asia-Pacific regions are the second and third highest in Telco TV penetration. The numbers of subscribers in those regions are forecast to exceed 9 million and 15 million respectively by the end of 2011.
• In the Asia-Pacific region South Korea, Hong Kong and Taiwan are the leading countries in Telco TV adoption.
• Telco TV subscribers will number 47 million by the end of 2011, with a CAGR of 22.5% over the next five years (2009-2014).

Traditional Telco providers (like AT&T and Verizon in the U.S.) should continue to push hard and try and lock customers into broadband-based voice, video and data (triple play) contract offerings. What about the other providers? ABI Research associate Khin Sandi Lynn is quoted - Other type of pay-TV platforms, satellite, cable and terrestrial are also found to be increasing, although at a slower rate.

Wireless providers are not specifically mentioned in the summary but I'm guessing they will be next year as higher-bandwidth fourth-generation (4G), LTE and WiMAX service offerings grow in 2010.

You can get more information on this ABI Research report here.

Video Delivery and MPEG (Moving Pictures Experts Group) Podcast

Mike Q and I recorded the 26 minute and 30 second podcast "Video Delivery and MPEG (Moving Pictures Experts Group)" today. Below are the show note questions and some diagrams referred to in the podcast. You can listen directly by turning up your speakers and clicking here.

If you have iTunes installed you can get this one, listen to others, and subscribe to our podcasts by following this link. If you don't have iTunes and want to listen to other podcasts and read full sets of shownotes using your web browser, follow this link.
*****

Intro: The Moving Picture Experts Group or MPEG, is a working group of ISO/IEC charged with the development of video and audio encoding standards. In this podcast we look at the MPEG standards and video delivery systems.

Mike: Gordon, what sources are we referring to here?
Wikipedia and white paper from the MPEG Industry Forum at www.m4if.org/public/documents/vault/m4-out-20027.pdf. we've also got a couple of diagrams from the Verizon website.

Mike: What's the history of MPEG?

Mike: Are these open standards?

Mike: What's the history? Can you tell us about MPEG-1?

Mike: How about MPEG-2?

Mike: We don't hear much about MPEG-3 - what's up with that?

Mike: Let's talk about MPEG-4 now.

Mike: What are some of the advantages of MPEG-4?

Mike: Let's switch gears and talk about carried video delivery systems - specifically the telcos and cable companies. How is this technology used?
It's different for broadcast and video on demand (VOD) content. Let's discuss broadcast systems and look at how Verizon (as an example) is setup.

Two National Super Head Ends (SHE) - one in Tampa and the other in Bloomington, IL:

- Diversely located - Satellites collect video feeds
- Video is converted to digital MPEG-2 and packaged in a 10-GigE payload
- SHE servers “pitch” data to the Video Hub Office (VHO)
- Three OC-192 SONET (long haul) rings that drop and continue GigE to VHOs

Mike: What is OC-192? Mike: OK, these video hub offices are distributed over Verizon's footprint - what happens when they get the video?
Video Hub Office (VHO) ex. Burlington MA Combines:

- National Channels
- Servers “catch” data from the SHE servers
- Off-Air, program guide, public, education, and government (PEG) channels, and local ads are injected
- Encrypts all content
- Content sent over several 1-GigE links to local Video Serving Offices (VSO, ex. CO) over SONET (medium haul)
- VSO then sends it to the OLT and then to the PON network for delivery to customer.

Mike: Broadcast is still done using traditional RF modulation methods - correct?
Yes - that will change - rumor has it Verizon will be trialing IP Broadcasting this summer in Pennsylvania - just a rumor!

Mike: Now - Video on Demand (VOD) does things a little differently - correct?
Yes - VOD delivers IP content to the customer - it is not in RF format:

- Content is requested by user via the IP network (private subnet)
- Content is then streamed from the video pumps to the Video Distribution Routers (VDR) in the VHO (ex. Burlington)
- VDR then sends 10-GigE links to a Video Aggregation Router (VAR)
- The Video Aggregation Router (VAR) then sends it to the Gateway Router (GWR) in the VSO (ex. CO)
- GWR then sends it to the OLT and then to the PON network

Mike: So - Verizon is combining Voice, Video and Data services on the same fiber?
Yes - Here's another nice diagram from the Verizon website:

Internet Protocol version 6 (IPv6) Details Podcast

Mike Q and I recorded "The Internet Protocol version 6 (IPv6) Details Podcast" last night. Below are the partial show notes. You can listen directly by turning up your speakers and clicking here.
If you have iTunes installed you can get this one, listen to others, and subscribe to our podcasts by following this link.
If you don't have iTunes and want to listen to other podcasts and read full sets of shownotes using your web browser, turn up your speakers and click here.

Partial Shownotes:

Intro: Two weeks ago we gave an overview of IPv6. This week we take a look at some of the technical details for this protocol.

Mike: Gordon, a couple of weeks ago we discussed Ipv6 - can you give us a quick review - what's the difference between IPv4 and IPv6?
The most obvious distinguishing feature of IPv6 is its use of much larger addresses.......

Mike: It's not just to have more addresses though, is it?
It is important to remember that the decision to make the IPv6 address 128 bits in length was not so that every square inch of the Earth could have 4.3x10²⁰ addresses......

Mike: Is there a specific RFC for IPv6?
The IPv6 addressing architecture is described in RFC 2373.....

Mike: I know there is some basic terminology associated with IPv6. Can you describe Nodes and Interfaces as they apply to IPv6?
A node is any device that implements IPv6.......

Mike: How about some more IPv6 terminology - can you discuss Links, Neighbors, Link MTUs, and Link Layer Addresses?
A link is the medium over which IPv6 is carried......

Mike: Can you give a brief ouline in address syntax?
For IPv6, the 128-bit address is divided along 16-bit boundaries.......

Mike: I know there are lost of zeros in IPv6 addresses - can you discribe zero compression notation?
Some types of addresses contain long sequences of zeros......

Mike: IPv4 addresses use subnet masks - do IPv6 addresses?
No - a subnet mask is not used for IPv6. Something called prefix length notation is supported.......

Mike: I know there are three basic types of IPv6 addresses - can you give a brief description of each?
Unicast – packet sent to a particular interface.......

Mike: What about broadcasting?
RFC 2373 does not define a broadcast address......

Mike: What about special addresses?
The following are special IPv6 addresses......

Mike: How is DNS handled?
Enhancements to the Domain Name System (DNS) for IPv6 are described in RFC 1886..... a

Mike: Can you discuss transition from IPv4 to IPv6?
Mechanisms for transitioning from IPv4 to IPv6 are defined in RFC 1933.....

Mike: we've only touched on some of the IPv6 details - where can people get more information?
I'm hoping to run a session at our summer conference July 28 - 31 in Austin, TX - we've currently got faculty fellowships available to cover the cost of the conference. See www.nctt.org for details.


References - Content for this academic podcast from Microsoft sources:

All Linked Documents at Microsoft Internet Protocol Version 6 (note: excellent and free online resources): http://technet.microsoft.com/en-us/network/bb530961.aspx

Understanding IPv6, Joseph Davies, Microsoft Press, 2002 ISBN: 0-7356-1245-5
Sample Chapter at: http://www.microsoft.com/mspress/books/sampchap/4883.asp#SampleChapter

The Next-Generation Internet: IPv6 Overview Podcast

Mike Q and I recorded "The Next-Generation Internet: IPv6 Overview" podcast today. Below are the show notes. You can listen directly by turning up your speakers and clicking here.

If you have iTunes installed you can get this one, listen to others and subscribe to our podcasts by following this link.

If you don't have iTunes and want to listen to other podcasts and read shownotes you can click here.

Shownotes:

Intro: The world has changed significantly since the Internet was first created. IPv6 gives over 4.3x10²⁰ unique addresses for every square inch on the planet, and is going to allow us to do things we've only dreamed of in the past. In this podcast we give an overview of IPv6.

Mike: Gordon, before we get into the technology, can you give us an update on IPv6 history in the United States?

Sure Mike, this comes from a 1-minute history of the Internet by Federal Computer week at FCW.COM


Mike: So, the federal government has ordered its agencies to become IPv6- capable by June of 2008 and this is going to happen in June on our federal government networks - how about businesses?

It's happening with business too Mike. Let's take Verizon as an example as quoted in a Light Reading post from last September.

Verizon Business, which began its first phase of deploying IPv6 on the public IP network in 2004, will complete the North America region in 2008 and move into the Asia-Pacific and European regions from late 2008 to 2009. The company will operate both IPv6 and IPv4, in what is known as a "dual stack" arrangement, on its multi protocol label switching (MPLS) network core. The company also has deployed IPv6 throughout its network access points (peering facilities) where Internet service providers exchange traffic.

Mike: So, what's the problem with IPv4?

It's a combination of a lot of things - Microsoft has a nice set of resources on IPv4 and IPv6 - let's use that as a guide:

The current version of IP (known as Version 4 or IPv4) has not been substantially changed since RFC 791 was published in 1981. IPv4 has proven to be robust, easily implemented and interoperable, and has stood the test of scaling an internetwork to a global utility the size of today’s Internet. This is a tribute to its initial design. However, the initial design did not anticipate the following:

The recent exponential growth of the Internet and the impending exhaustion of the IPv4 address space. IPv4 addresses have become relatively scarce, forcing some organizations to use a Network Address Translator (NAT) to map multiple private addresses to a single public IP address. While NATs promote reuse of the private address space, they do not support standards-based network layer security or the correct mapping of all higher layer protocols and can create problems when connecting two organizations that use the private address space. Additionally, the rising prominence of Internet-connected devices and appliances ensures that the public IPv4 address space will eventually be depleted. The growth of the Internet and the ability of Internet backbone routers to maintain large routing tables. Because of the way that IPv4 network IDs have been and are currently allocated, there are routinely over 85,000 routes in the routing tables of Internet backbone routers. The current IPv4 Internet routing infrastructure is a combination of both flat and hierarchical routing. The need for simpler configuration. Most current IPv4 implementations must be either manually configured or use a stateful address configuration protocol such as Dynamic Host Configuration Protocol (DHCP). With more computers and devices using IP, there is a need for a simpler and more automatic configuration of addresses and other configuration settings that do not rely on the administration of a DHCP infrastructure. The requirement for security at the IP level. Private communication over a public medium like the Internet requires encryption services that protect the data being sent from being viewed or modified in transit. Although a standard now exists for providing security for IPv4 packets (known as Internet Protocol security or IPSec), this standard is optional and proprietary solutions are prevalent. The need for better support for real-time delivery of data—also called quality of service (QoS).

While standards for QoS exist for IPv4, real-time traffic support relies on the IPv4 Type of Service (TOS) field and the identification of the payload, typically using a UDP or TCP port. Unfortunately, the IPv4 TOS field has limited functionality and over time there were various local interpretations. In addition, payload identification using a TCP and UDP port is not possible when the IPv4 packet payload is encrypted. To address these and other concerns, the Internet Engineering Task Force (IETF) has developed a suite of protocols and standards known as IP version 6 (IPv6). This new version, previously called IP-The Next Generation (IPng), incorporates the concepts of many proposed methods for updating the IPv4 protocol. The design of IPv6 is intentionally targeted for minimal impact on upper and lower layer protocols by avoiding the random addition of new features.


Mike: OK - can you list the primary features of IPv6? What makes it different?

Sure Mike - this list also comes from Microsoft's website. The following are the features of the IPv6 protocol:

1. New header format
2. Large address space
3. Efficient and hierarchical addressing and routing infrastructure
4. Stateless and stateful address configuration
5. Built-in security
6. Better support for QoS
7. New protocol for neighboring node interaction
8. Extensibility

Mike: Let's go through the list with a brief summary of each. Your first item on the list was the new header format. What's different?

Mike: How about number 2, large address space?

Mike: Number 3 was efficient and hierarchical addressing and routing infrastructure - can you describe?

Mike: How about number 4, stateless and stateful address configuration?

Mike: Number 5 was built-in security.

Mike: How about number 6, better support for QoS?

Mike: And number 7, new protocol for neighboring node interaction?

Mike: And finally, number 8, extensibility.

Mike: Are there any other things you want to add to the list?

Mike: Are we ready?

I always look at the end devices (even though there is so much more) and, if we just look at desktops, you have to look at Microsoft.

Microsoft started with the following implementations of IPv6, all subsequent versions/products continue to support IPv6:

The IPv6 protocol for the Windows Server 2003 and later families.
The IPv6 protocol for Windows XP (Service Pack 1 [SP1] and later).
The IPv6 protocol for Windows CE .NET version 4.1 and later

The capture and parsing of IPv6 traffic is supported by Microsoft Network Monitor, supplied with Microsoft Server 2003 and later products.


Mike: This is a good overview - next week we'll get into some details on the IPv6 protocol!

IPv6 Coming June 30 to the Federal Government

It's been almost a non-event - I think most don't realize the Federal Government has an IPv6 (Internet Protocol version 6) mandate scheduled for June 30 of this year. Last month, Network World ran an interesting piece titled How feds are dropping the ball on IPv6. Here's a quote from the Network World article:

Only 10% of federal agencies are buying services to run IPv6 traffic on their backbone networks, carriers estimate. The other 90% of federal agencies will likely meet the IPv6 mandate by upgrading their core routers to be IPv6 capable without running IPv6 traffic over them, carriers predict.

Internet traffic currently runs using IPv4 (Internet Protocol version 4), with the current IPv4 standard approved way back in 1981. Version 4 has survived the explosive growth of the Internet with a series on enhancements including CIDR and NAT. When the Internet was privatized in the mid 1990's many assumed the end of Version 4 was near, predicting we would soon run out of addresses (IPv4 supports a maximum of 4,294,967,296 or 2³² addresses). Anticipating the growth of the Internet, IPv6 was approved by the Internet Engineering Task Force with the first RFC's released that defined IPv6 in 1996. IPv6 uses 128 bit addresses and supports a maximum of 2¹²⁸ addresses - that's a lot of addresses!

IPv6 also provides additional overhead that can be used for things like better security and quality of service. However, the larger address space and overhead means more bits on the transmission media that are not data which can slow transmissions down - especially on lower bandwidth connections.

Router manufacturers have allowed IPv6 implementation for years - I recall working with Bay Networks routers back around 2000 that supported IPv6. Microsoft has also supported IPv6 since 2002 - providing implementations for Windows Server 2003, Windows XP with Service Pack 1 (SP1) or later, and Windows CE .NET 4.1 or later.

Both iPv4 and IPv6 will run on the same network and, since the federal mandate only requires core routers to be IPv6 capable, those required to meet the mandate only have to enable IPv6 on their backbone routers.

It looks like June 30 will come and go without significant IPv6 traffic moving on federal networks. I'm trying to stay optimistic, hoping this is a first step in moving to more secure IPv6 based communications, especially on networks that carry sensitive information.