A team of researchers tasked with thinking of new ways to hide messages online have suggested that spies could be sending hidden messages, simply by influencing the phrases generated by Google’s Suggest search feature.
NewScientist reports that stenography specialist Wojciech Mazurczyk, from the Warsaw University of Technology in Poland, believes spies would utilise such a visible medium because it would avoid arousing suspicion as million of people would take to their computers to complete a Google search.
Mazurczyk’s team turned to Google Suggest to see how effective it would be to hide messages. The feature works by “suggesting” ten phrases or keywords each time a letter is entered into the search box, based on what the popularity of those searches by other Google users.
Realising that they would need to influence the search suggestions directly to encode messages, the team created a piece of malware called StegSuggest that could infect a target computer and intercept the Google Suggest lists exchanged between the search giant and the infected computer. It would then add a random word from a list of 4000 English terms to the end of each of the ten suggestions.
The receiver of the message would then type in a random search term and note the additional word in each suggestion. They would then be referenced against a “codebook” which generated a binary number, which when linked together could display a hidden message.
The process is not without its doubters, including Ross Anderson, a cryptography specialist at the University of Cambridge. He believes that the amount of traffic between a sender and receiver would be large enough to alert authorities’ suspicions, reducing the effectiveness of the process.
Despite this, the process highlights the lengths that governments and intelligence agencies may go to to ensure that their communications remain undetected. You could see it every day and possibly never know.