[marcosdumay]

> Steganography is solidly a "security through obscurity" thing.

I never really understood why is it so.

Encrypted data must be indistinguishible from random, thus, if you replace any random projection of a file with your data, the result should be completely unrecognizable. It shouldn't really matter if your algorithms are public.

Is the problem that it's hard to get random projections from modern data? If so, why not use older formats?

[cjg]

People don't typically exchange randomised versions of their data.

[dllthomas]

I think "random projection", as used by the parent, can be things like "low bits of the pixels in this image". If the color depth provides greater resolution than the sensors, then you can expect to have some random data implicit in the image that it would be possible to change in ways that could be provably undetectable.

A tremendous caveat is that when we find ourselves shipping around lots of meaningless random bits, we often quickly reach for lossy compression that doesn't faithfully reproduce those bits, and that can break the scheme.