c0mmando/reddit-pizzagate-archive
1
0
Fork 0
mirror of https://github.com/c0mmando/reddit-pizzagate-archive.git synced 2025-05-31 16:21:44 +05:30
Code Issues Packages Projects Releases Wiki Activity
Files
main
reddit-pizzagate-archive/r/pizzagate/5cf9bo.html
c0mmando ebfc5cbdcf add navbar to every page
2025-05-03 17:24:38 +00:00

864 lines
31 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<!-- Favicon -->
<link href="../../favicon.ico" rel="shortcut icon"/>
<meta charset="utf-8"/>
<meta content="width=device-width, initial-scale=1" name="viewport"/>
<title>
Thoughts on the encrypted data / steganography recently found in CPPP pictures. | /r/Pizzagate Archive
</title>
<link href="https://reddit.pizzagate.hackliberty.org/5cf9bo.html" rel="canonical"/>
<meta content="https://reddit.pizzagate.hackliberty.org/post.webp" name="twitter:image"/>
<meta content="Archive of /r/Pizzagate on Reddit: 2,294 posts, 628,644 comments, and 23,098 voices captured from Nov 7, 2016 to subbredit ban on Nov 22, 2016." name="twitter:description"/>
<meta content="Thoughts on the encrypted data / steganography recently found in CPPP pictures. | /r/Pizzagate Archive" name="twitter:title"/>
<meta content="summary_large_image" name="twitter:card"/>
<meta content="index,follow" name="robots"/>
<meta content="Archived /r/Pizzagate post from Nov 11 2016 16:11:56 created by JangoTheJanitor" name="description"/>
<meta content="pizzagate, pedogate, conspiracy, child trafficking, comet ping pong" name="keywords"/>
<!-- Open Graph Tags -->
<meta content="Thoughts on the encrypted data / steganography recently found in CPPP pictures." property="og:title"/>
<meta content="Archived /r/Pizzagate post from Nov 11 2016 16:11:56 created by JangoTheJanitor" property="og:description"/>
<meta content="https://reddit.pizzagate.hackliberty.org/post.webp" property="og:image"/>
<meta content="article" property="og:type"/>
<meta content="https://reddit.pizzagate.hackliberty.org/r/pizzagate/5cf9bo.html" property="og:url"/>
<link href="../../static/css/style.css" rel="stylesheet"/>
<meta content="en_US" property="og:locale"/>
<meta content="Reddit /r/Pizzagate Archive" property="og:site_name"/>
</head>
<body>
<header>
<nav class="navbar navbar-dark bg-primary">
<a class="navbar-brand" href="../../index.html">/r/Pizzagate Archive</a>
<div class="navbar-collapse">
<ul class="navbar-nav">
<li class="nav-item">
<a class="nav-link" href="../../score/page-1.html">Score</a>
</li>
<li class="nav-item">
<a class="nav-link" href="../../date/page-1.html">Date</a>
</li>
<li class="nav-item">
<a class="nav-link" href="../../comments/page-1.html">Comments</a>
</li>
<li class="nav-item">
<a class="nav-link" href="../../search.html">Search</a>
</li>
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button"
data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
subreddits
</a>
<div class="dropdown-menu" aria-labelledby="navbarDropdown">
<a class="dropdown-item" href="https://reddit.conspiracy.hackliberty.org">r/conspiracy</a>
<a class="dropdown-item" href="https://reddit.pizzagate.hackliberty.org">r/pizzagate</a>
<a class="dropdown-item" href="https://voat.conspiracy.hackliberty.org">v/conspiracy</a>
<a class="dropdown-item" href="https://voat.pizzagate.hackliberty.org">v/pizzagate</a>
</div>
</li>
</ul>
</div>
</nav>
</header>
<div class="submission" id="t3_5cf9bo">
<p class="userinfo">
<a href="https://www.reddit.com/u/JangoTheJanitor">
JangoTheJanitor
</a>
<span class="score">
| 32 points
</span>
<span class="timestamp">
| Nov 11 2016 16:11:56
</span>
</p>
<strong>
Thoughts on the encrypted data / steganography recently found in CPPP pictures.
</strong>
<p>
</p>
<p>
I just woke up and started reading about "encrypted data found in pictures" and got happy. Not to toot my own horn or anything, but I brought up the possibility of steganography in these pictures yesterday, went to bed, and I'm glad to see that I was in the right ballpark. I'm guessing that's what this data is.
</p>
<p>
Those who don't know, familiarize yourself with the concept a bit: https://en.wikipedia.org/wiki/Steganography
</p>
<p>
Whoever's looking into these should look at various solutions like stegdetect and a number of the tools that come with security distros like Kali. You might also look at lower-sophistication Windows solutions because the people involved in the day-to-day of this are likely not sophisticated (i.e. programmers or Linux users) and probably have a "drag-n-drop-n-password" type of solution for their steg.
</p>
<p>
Just food for thought.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo">
permalink
</a>
</p>
</div>
<div class="comment" id="t1_d9vz21h">
<p class="userinfo">
<a href="https://www.reddit.com/u/IntenseDreams65">
IntenseDreams65
</a>
<span class="score">
| 4 points
</span>
<span class="timestamp">
| Nov 11 2016 16:16:44
</span>
</p>
<p>
</p>
<p>
I think others have said it's fake.. I'm completely unsure if its real or not. I'd advise checking out 8chan they've been looking into that kinda stuff pretty intensely lately. Iirc, one person posted that image of the encrypted data, yet many others were unable to replicate it using the same method
</p>
<p>
Edit: I'm specifically talking about what someone "found" in the pizza.jpg
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9vz21h">
permalink
</a>
</p>
<div class="comment" id="t1_d9vz5ja">
<p class="userinfo">
<a href="https://www.reddit.com/u/JangoTheJanitor">
JangoTheJanitor
</a>
<span class="score">
| 6 points
</span>
<span class="timestamp">
| Nov 11 2016 16:18:50
</span>
</p>
<p>
</p>
<p>
I'll take a look sometime today. I work in cybersecurity / forensics and I've got a lot of stuff setup at my office that would be perfect for this.
</p>
<p>
Any particular links to the alleged "encrypted" pictures? I'm still loading up on coffee and trying to catch up with the recent news on this.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9vz5ja">
permalink
</a>
</p>
<div class="comment" id="t1_d9vzhoi">
<p class="userinfo">
<a href="https://www.reddit.com/u/hoeskioeh">
hoeskioeh
</a>
<span class="score">
| 4 points
</span>
<span class="timestamp">
| Nov 11 2016 16:26:01
</span>
</p>
<p>
</p>
<p>
the 4chan thread got trolled pretty fast.
</p>
<p>
it was
<strong>
not
</strong>
the pizza.jpg with the hidden stuff, but some pdf from that Comet Ping Pong site, IIRC
</p>
<p>
unfortunately that site is now aware of the attention, so anything still there is most probably clean by now.
</p>
<p>
other threads mentioned the weird .pps files with pictures of birds in the podesta files, e.g. [this] (https://wikileaks.org/podesta-emails/emailid/11339), all from the same sender.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9vzhoi">
permalink
</a>
</p>
<div class="comment" id="t1_d9w34cd">
<p class="userinfo">
<a href="https://www.reddit.com/u/JangoTheJanitor">
JangoTheJanitor
</a>
<span class="score">
| 2 points
</span>
<span class="timestamp">
| Nov 11 2016 17:42:30
</span>
</p>
<p>
</p>
<p>
Do we have any centralized backups of all the findings on this so far? Might be a good idea for someone to zip this all together and host it in a few different places (outside the Googleverse), given the fact that the subjects are now aware they're under the internet's collective microscopes.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9w34cd">
permalink
</a>
</p>
</div>
</div>
<div class="comment" id="t1_d9vzres">
<p class="userinfo">
<a href="https://www.reddit.com/u/IntenseDreams65">
IntenseDreams65
</a>
<span class="score">
| 2 points
</span>
<span class="timestamp">
| Nov 11 2016 16:31:42
</span>
</p>
<p>
</p>
<p>
I saw some links to various 8chan threads on this subreddit while I myself was catching up on it. I'd say just look around on here and definitely check on the threads on 4chan and 8chan (which are confusing af to me lol). I think people have been saying 4chans been getting DDOS's and/or the threads are being deleted. I specifically saw the thread about trying to find encrypted data in the various images on 8chan though.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9vzres">
permalink
</a>
</p>
<div class="comment" id="t1_d9w3139">
<p class="userinfo">
<a href="https://www.reddit.com/u/JangoTheJanitor">
JangoTheJanitor
</a>
<span class="score">
| 3 points
</span>
<span class="timestamp">
| Nov 11 2016 17:40:29
</span>
</p>
<p>
</p>
<p>
Has anybody checked out their weird Instagram pictures yet? I'll download a big batch of everything when I get my daily caseload a bit more under control. Supposed to respond to a small business breach this afternoon so I might not have as much time as I anticipated, but I'll definitely be giving it a crack over the weekend.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9w3139">
permalink
</a>
</p>
<div class="comment" id="t1_d9w3ohk">
<p class="userinfo">
<a href="https://www.reddit.com/u/DepressedExplorer">
DepressedExplorer
</a>
<span class="score">
| 1 points
</span>
<span class="timestamp">
| Nov 11 2016 17:54:18
</span>
</p>
<p>
</p>
<p>
You seem to be the specialist, but to my understanding, as Instagram does compress the images and the images we talk about are JPGs, there would be no data left on Instagram images?
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9w3ohk">
permalink
</a>
</p>
<div class="comment" id="t1_d9w3un0">
<p class="userinfo">
<a href="https://www.reddit.com/u/JangoTheJanitor">
JangoTheJanitor
</a>
<span class="score">
| 1 points
</span>
<span class="timestamp">
| Nov 11 2016 17:57:57
</span>
</p>
<p>
</p>
<p>
Good point. Theoretically there could also potentially be extraneous (if corrupted) data visible in a hex editor, but unless the Instagram compression algorithm is known and accounted for in the steg method, it's unlikely.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9w3un0">
permalink
</a>
</p>
</div>
</div>
</div>
</div>
<div class="comment" id="t1_d9w6047">
<p class="userinfo">
<a href="https://www.reddit.com/u/justforthissubred">
justforthissubred
</a>
<span class="score">
| 2 points
</span>
<span class="timestamp">
| Nov 11 2016 18:43:09
</span>
</p>
<p>
</p>
<p>
Check out the files sent to Podesta here. Very strange.
https://www.reddit.com/r/pizzagate/comments/5cg181/steganography_possible_communication_through/
</p>
<p>
Edit: and Please let me know what you find!!!
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9w6047">
permalink
</a>
</p>
</div>
<div class="comment" id="t1_d9vzakm">
<p class="userinfo">
<a href="https://www.reddit.com/u/toneii">
toneii
</a>
<span class="score">
| 1 points
</span>
<span class="timestamp">
| Nov 11 2016 16:21:51
</span>
</p>
<p>
</p>
<p>
Just start with the basic, get the pizza.jpg off Wikileaks and verify if it contains extra bytes at the end that indicate another file at the end.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9vzakm">
permalink
</a>
</p>
<div class="comment" id="t1_d9w0yuq">
<p class="userinfo">
<a href="https://www.reddit.com/u/GulliverDark">
GulliverDark
</a>
<span class="score">
| 4 points
</span>
<span class="timestamp">
| Nov 11 2016 16:56:57
</span>
</p>
<p>
</p>
<p>
Yeah, the pictures are straight from Wikileaks. Anyone can download and have a go at releasing the data that is encrypted in them. I'd be wary. I'm sure it's 'can't unsee' kind of moment when you do crack the code.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9w0yuq">
permalink
</a>
</p>
<div class="comment" id="t1_d9w3m9x">
<p class="userinfo">
<a href="https://www.reddit.com/u/JangoTheJanitor">
JangoTheJanitor
</a>
<span class="score">
| 4 points
</span>
<span class="timestamp">
| Nov 11 2016 17:53:02
</span>
</p>
<p>
</p>
<p>
I've worked on a lot of cases involving "can't unsee" kind of content in the past, so at least I'm a bit more prepared for the worst.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9w3m9x">
permalink
</a>
</p>
</div>
</div>
<div class="comment" id="t1_d9w6khf">
<p class="userinfo">
<a href="https://www.reddit.com/u/p00p431">
p00p431
</a>
<span class="score">
| 3 points
</span>
<span class="timestamp">
| Nov 11 2016 18:55:06
</span>
</p>
<p>
</p>
<p>
There's nothing in pizza.jpg. You can verify yourself (if you're on a Mac):
</p>
<ul>
<li>
<p>
Opening the Podesta emails and searching for "pizza.jpg" gives us these results: https://wikileaks.org/podesta-emails/?q=pizza.jpg&amp;mfrom=&amp;mto=&amp;title=&amp;notitle=&amp;date_from=&amp;date_to=&amp;nofrom=&amp;noto=&amp;count=50&amp;sort=6#searchresult
</p>
</li>
<li>
<p>
Open this email: https://wikileaks.org/podesta-emails/emailid/10037
</p>
</li>
<li>
<p>
Click the attachments tab. Download the file to your computer.
</p>
</li>
<li>
Open a Terminal window and browse to the directory where you saved the pizza.jpg file.
</li>
<li>
Run the command "xxd pizza.jpg pizza-hex.txt" to create a hex dump of the file.
</li>
<li>
Use any text editor to view the pizza-hex.txt file.
</li>
<li>
Note that there is no additional information after "ffd9" the marker indicating the end of a JPEG file (You can read about file markers for JPEG here: https://en.wikipedia.org/wiki/JPEG#Syntax_and_structure)
</li>
</ul>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9w6khf">
permalink
</a>
</p>
<div class="comment" id="t1_d9wi007">
<p class="userinfo">
<a href="https://www.reddit.com/u/alfy26">
alfy26
</a>
<span class="score">
| 2 points
</span>
<span class="timestamp">
| Nov 11 2016 23:10:28
</span>
</p>
<p>
</p>
<p>
I explained this in greater detail in
<a href="https://np.reddit.com/r/conspiracy/comments/5cdfr7/new_development_in_pizzagate_the_rabbit_hole_just/d9wb0kh/?context=3">
this thread
</a>
.
</p>
<p>
The original /pol/ thread about this PK stuff was meant to direct people to download/install iSteg, which uses a pedologo, IMO in an attempt to hack anons investigating the pizzagate.
https://np.reddit.com/r/conspiracy/comments/5cgv3x/if_i_was_being_investigated_by_4chanreddit_and/
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9wi007">
permalink
</a>
</p>
</div>
</div>
<div class="comment" id="t1_d9w328p">
<p class="userinfo">
<a href="https://www.reddit.com/u/JangoTheJanitor">
JangoTheJanitor
</a>
<span class="score">
| 2 points
</span>
<span class="timestamp">
| Nov 11 2016 17:41:11
</span>
</p>
<p>
</p>
<p>
Thanks - just wanted to make sure I was looking at the same file(s) as everybody else.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9w328p">
permalink
</a>
</p>
</div>
</div>
<div class="comment" id="t1_d9whoyc">
<p class="userinfo">
<a href="https://www.reddit.com/u/alfy26">
alfy26
</a>
<span class="score">
| 1 points
</span>
<span class="timestamp">
| Nov 11 2016 23:02:48
</span>
</p>
<p>
</p>
<p>
By order of priority, please look at:
</p>
<p>
<a href="https://wikileaks.org/podesta-emails/emailid/10037">
Pizza.jpg
</a>
</p>
<p>
<a href="https://wikileaks.org/podesta-emails/emailid/35941">
The "playing cards" image
</a>
</p>
<p>
<a href="https://wikileaks.org/podesta-emails/emailid/15503">
The Antartica images
</a>
</p>
<p>
<a href="https://wikileaks.org/podesta-emails/?file=pps&amp;count=50#searchresult">
The images in the pps files (and the pps files themselves) that have Chinese characters in the name
</a>
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9whoyc">
permalink
</a>
</p>
<div class="comment" id="t1_d9wj9b3">
<p class="userinfo">
<a href="https://www.reddit.com/u/JangoTheJanitor">
JangoTheJanitor
</a>
<span class="score">
| 3 points
</span>
<span class="timestamp">
| Nov 11 2016 23:42:02
</span>
</p>
<p>
</p>
<p>
So far I've looked at of these except for the playing cards image. I had to step away from my Linux box for a while but I'll throw that into the mix as well.
</p>
<p>
As for the others, see: https://www.reddit.com/r/pizzagate/comments/5cg181/steganography_possible_communication_through/
</p>
<p>
Stegdetect picked up some possible steganography in some of the Chinese PPS files. Nothing so far for the Antarctica images but I'm just at the tip of the iceberg with those (pun intended).
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9wj9b3">
permalink
</a>
</p>
</div>
</div>
</div>
</div>
<div class="comment" id="t1_d9wmquy">
<p class="userinfo">
<a href="https://www.reddit.com/u/Mr_Reight">
Mr_Reight
</a>
<span class="score">
| 3 points
</span>
<span class="timestamp">
| Nov 12 2016 01:11:46
</span>
</p>
<p>
</p>
<p>
https://wikileaks.org/podesta-emails/emailid/48897
</p>
<p>
This attachment says it's a 1.2mb .png file
</p>
<p>
changed the extension to .txt and opened it in sublime, 10,721 lines.....a similar sized .png i had was 2-300 lines.
</p>
<p>
So then i tried opening the wikileaks.png in Adobe Illustrator (error-ed out, could not understand the file, but could open my plain .png just fine.)
</p>
<p>
I didn't have any luck with any known file extensions(.zip, .7z, .pgp, .mp3, .mp4, .mov[i know the last few are a strech since its only 1.2mb]), except .hc, which is VeraCrypt and it let me at least try and mount it to put in a password, all passwords i tried failed, I was searching for the Social Security like 9 digit number that got posted the last few days.....does anyone have that to give it a shot?
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9wmquy">
permalink
</a>
</p>
<div class="comment" id="t1_d9wr5e9">
<p class="userinfo">
<a href="https://www.reddit.com/u/JangoTheJanitor">
JangoTheJanitor
</a>
<span class="score">
| 3 points
</span>
<span class="timestamp">
| Nov 12 2016 03:08:34
</span>
</p>
<p>
</p>
<p>
Try a hex editor - that's the most basic way of looking at a file. Also try running it through CGSecurity's PhotoRec - it's data carving software that can be targeted against raw data. If a file exists within another file (slack space), PhotoRec will often pick up on it.
</p>
<p>
~~I'll try in the morning as well.~~ Of course I'm not going to bed now. That black area at the bottom of the PNG is really suspicious. I've seen that kind of thing before in data recovery, like using PhotoRec to recover images from unallocated space and allowing corrupted files. An image file can be "corrupt" to a certain degree and still be functional. That "corruption" may very well be hidden data. Updates to come.
</p>
<p>
Edit: That email title really makes me cringe.
</p>
<p>
Edit 2: Looking at the metadata with exiftool yields a "Warning: Corrupted PNG image" response. As I suspected by the black bar, this PNG has extraneous data in it. As to whether it's garbage or something hidden... still examining.
</p>
<p>
Edit 3: Here's the text source for the article contents in case we want to throw that into a custom dictionary. http://ricerca.repubblica.it/repubblica/archivio/repubblica/2015/04/11/hillary-20-social-network-e-giovani-per-riportare-i-clinton-alla-casa-bianca21.html
</p>
<p>
Edit 4: Another email with "puttanesca" in the title. (https://wikileaks.org/podesta-emails/emailid/8936). No attachment, but the content refers to La Repubblica: the newspaper the corrupt PNG is a part of. Obviously code, but it could be something as simple as "shitty press relations." The corrupt PNG is still suspect, unless it's something somebody scanned in or otherwise beat with a metaphorical idiot-hammer. Interestingly, for those who don't know, "spaghetti alla puttanesca" literally translates to "spaghetti in the style of a prostitute." The etymology is closely related to "puttanata," an Italian noun meaning something worthless. It derives from the Italian word for whore, "puttana."
</p>
<p>
Edit 5: Heading to bed now, running on two hours of sleep and not getting much yet. This one might deserve its own thread. Since it's an iPhone screenshot, having it corrupted really makes me curious what's going on, yet the paint-bucket approach doesn't yield any noticeable artifact patches. My gut tells me there's something going on here but I just haven't gotten there yet.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9wr5e9">
permalink
</a>
</p>
</div>
<div class="comment" id="t1_d9wsu2a">
<p class="userinfo">
<a href="https://www.reddit.com/u/chayesdigital">
chayesdigital
</a>
<span class="score">
| 0 points
</span>
<span class="timestamp">
| Nov 12 2016 03:57:01
</span>
</p>
<p>
</p>
<p>
join hackforums and ask for help - there are some real pros there
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9wsu2a">
permalink
</a>
</p>
<div class="comment" id="t1_d9wt5gg">
<p class="userinfo">
<a href="https://www.reddit.com/u/JangoTheJanitor">
JangoTheJanitor
</a>
<span class="score">
| 1 points
</span>
<span class="timestamp">
| Nov 12 2016 04:06:37
</span>
</p>
<p>
</p>
<p>
If by "pros" you mean middle school scriptkiddies, then yes, tons and tons of pros.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9wt5gg">
permalink
</a>
</p>
<div class="comment" id="t1_d9wtm6b">
<p class="userinfo">
<a href="https://www.reddit.com/u/chayesdigital">
chayesdigital
</a>
<span class="score">
| 1 points
</span>
<span class="timestamp">
| Nov 12 2016 04:20:40
</span>
</p>
<p>
</p>
<p>
"There are
<strong>
some
</strong>
real pros" on hack forums. Read again. I know the userbase is mostly skids. Doesn't change the fact there are some very skilled hackers there as well.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9wtm6b">
permalink
</a>
</p>
<div class="comment" id="t1_d9wtug5">
<p class="userinfo">
<a href="https://www.reddit.com/u/JangoTheJanitor">
JangoTheJanitor
</a>
<span class="score">
| 2 points
</span>
<span class="timestamp">
| Nov 12 2016 04:27:49
</span>
</p>
<p>
</p>
<p>
I'm just speaking from my perspective as somebody who regularly testifies in court as an expert witness on digital forensic cases and who has taught cybercrime investigation at the university level. Obviously I'm not going to do this by myself, so I understand the need for extra resources, but the difficulty is finding the diamonds amidst the rubble. First you have to locate the pros, then you have to convince them it's of interest to them, and thirdly the case itself has to be more interesting to them than just trolling the person who sent it to them. It's a hassle. Feel free to go recruiting if you feel the need, of course.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9wtug5">
permalink
</a>
</p>
<div class="comment" id="t1_d9wuenb">
<p class="userinfo">
<a href="https://www.reddit.com/u/chayesdigital">
chayesdigital
</a>
<span class="score">
| 1 points
</span>
<span class="timestamp">
| Nov 12 2016 04:45:40
</span>
</p>
<p>
</p>
<p>
You're right about it being difficult to recruit talent to help. No harm in making a thread and asking though. At worst it's 10 minutes of wasted time.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9wuenb">
permalink
</a>
</p>
<div class="comment" id="t1_d9wugit">
<p class="userinfo">
<a href="https://www.reddit.com/u/JangoTheJanitor">
JangoTheJanitor
</a>
<span class="score">
| 1 points
</span>
<span class="timestamp">
| Nov 12 2016 04:47:22
</span>
</p>
<p>
</p>
<p>
The more the merrier as far as I'm concerned. It's not like anything can be done to alter the integrity of the data - it's all on Wikileaks and thus should be forensically replicable by anybody engaging in the same process.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9wugit">
permalink
</a>
</p>
<div class="comment" id="t1_d9wuoje">
<p class="userinfo">
<a href="https://www.reddit.com/u/chayesdigital">
chayesdigital
</a>
<span class="score">
| 1 points
</span>
<span class="timestamp">
| Nov 12 2016 04:54:33
</span>
</p>
<p>
</p>
<p>
Sorry to waste your time asking this but how does this process usually work? The encrypted image is sent by email and then they send the decryption key via text message or some other means?
</p>
<p>
Stegdetect is just flagging that there's a hidden message. So you still need the key. Is it possible to brute force?
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9wuoje">
permalink
</a>
</p>
<div class="comment" id="t1_d9wv8wp">
<p class="userinfo">
<a href="https://www.reddit.com/u/JangoTheJanitor">
JangoTheJanitor
</a>
<span class="score">
| 1 points
</span>
<span class="timestamp">
| Nov 12 2016 05:13:33
</span>
</p>
<p>
</p>
<p>
I doubt it. Chances are, the parties involved on both ends of the transmission know the transmission scheme. Let's say that you and I have an agreement that the third word in whatever email I send you is the key. I regularly send you seemingly innocent pictures of funny animals from /r/aww with hidden data. You know to look to the third word and use that.
</p>
<p>
Each sender may have a different system, but the same senders would likely use the same key system across various emails. See the ones from johnson_lo, the Chinese text with titles like "peony," or comments like "it takes two to Tango." Words that pop out like that immediately make me want to try them first (like trying "puttanesca" or variants thereof for IMG_4533.png.
</p>
<p>
Bruteforcing is always "possible" but rarely realistically feasible. A better approach is to create a custom dictionary from the whole batch of Podesta emails since we know the content belongs to him, or even limited custom dictionaries based on the senders with suspected coded content.
</p>
<p class="toolbar">
<a href="https://www.reddit.com/r/pizzagate/comments/5cf9bo/_/d9wv8wp">
permalink
</a>
</p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<script src="../../static/js/jquery-3.7.1.slim.min.js">
</script>
<script src="../../static/js/comments-toggle.js">
</script>
<footer class="container-fluid mt-3">
<p class="small mb-0">
/r/pizzagate archive has 2294 posts and 37870 total comments.
<a href="https://git.hackliberty.org/c0mmando/reddit-pizzagate-archive/">
source code
</a>
.
</p>
</footer>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink