New Chrome extension Secretbook hides messages in Facebook photos

Hidden Message

A new Chrome extension called Secretbook lets Facebook users hide covert messages in their photos. That these messages are embedded within images means that they cannot be scanned by the site or read by pesky friends. The method takes into account the social network’s compression and mimics it to ensure that data isn’t lost in the uploading process.

The extension was built by 21-year-old Oxford University computer science student and former Google intern Owen-Campbell Moore, Wired is reporting. The website says the tool makes it easy for practically anyone to encode messages in images and share them on the SNS. This would mean that subtle codes can be passed on without anyone even knowing.

The utility takes advantage of JPEG Steganography, which makes several ‘visually imperceptible changes’ in order to encode the data, Moore writes on his blog. He uses Google Chrome because of its popularity and the developer tools available, and he’s got the messages restricted to more or less 136 characters.

Secretbook Instructions

He notes on his blog that while this technique has been demonstrated several times in the past, the software that he has concocted allows the images to be ‘recompressed’ without damaging the content of the message.

We tried out the tool and we must say that it is really easy to encode and send across photos with little or no trouble. It’s a really simple method and just about anyone can tuck information into a scenic photograph. Once enabled, users will have to press ‘ctrl+alt+a’ on the SNS to get the process started.

But does this mean that the system can be used for evil means? Moore points out that ‘tools to detect steganography have existed for a long time’ and while his project was aimed at ‘performing steganography on a social network with JPEG recompression,’ it wasn’t intended to ‘provide total security.’

Encoding A Message

He says that while it a nice way to keep prying friends out of users’ personal stuff, it would be pointless for activities of destruction and terrorism, since organizations like the NSA would be able to easily detect usage. Still, with the magnitude of new images shared on the site everyday – something Moore reckons is upwards of 300 million – any detection process would probably pick up on a huge number of false positives.

We’ve played around with the Secretbook Chrome extension a bit and it is a novel way of keeping specific friends out of certain parts of Facebook users’ lives.