If I was being investigated by 4chan/reddit, and wanted to hack/identify investigators, this is how I'd do it
33 2016-11-11 by [deleted]
I'd try to get people to submit something to a website I control (e.g. an image or whatever to further "investigate" it) or BETTER I'd convince you to download/install a binary I've compiled ("check out this amazing forensics tool I found that'll allow you to understand everything").
In the first case I have your IP, in the second I have hacked your life.
The recent "swissanon" thread on 4chan about PK strings in pizza.jpg did exactly that, with fotoforensics.com and iSteg.
BEWARE, you have no reason to trust the iSteg app unless you check the source code and recompile it yourself! If I were to guess I'd say it's malware and the pedophiles have hacked you if you installed it! Hanynet has a pedo logo btw.
EDIT: pizza.jpg relates to the Podesta/Pizzagate investigation.
4 comments
2 subdep 2016-11-11
NSA op.
1 wiseclockcounter 2016-11-11
There are youtube tutorials from 2010 and 2013 for isteg though. I agree caution is important. but what would you say about that fact? would they take over that site and replace it with the spyware you're talking about?
1 [deleted] 2016-11-11
You are right, I haven't seen them, it's true that makes it much less suspicious. It seemed to me like a hastened tool, recently put together by some guy somewhere (Hany El Imam). It seemed weird to me that the iSteg binary essentially relied on outguess. But if it's been around for many years, and if people indeed trust it (I personally wasn't aware of it), it's probably fine. Still better to compile the code source though (or at least check the binary signature). So thank you /u/wiseclockcounter for making this clarification possible.
1 a-SynKronus 2016-11-11
I can confirm that it is unlikely that there is any stenography in this particular image... I ran stegdetect, a package you can install on Linux, and the tests came out negative.