Using Tails to hide a message in an image

Tails Install

Tails has excellent instructions on downloading, and flashing Tails onto a USB stick. Open these instructions on your phone as well so you can follow along with install and first boot.

Tails - Home

Using Tails

On the first boot of Tails, you will have a few options for advanced features. I recommend not changing anything and starting tails with default options.

When you start Tails, you will have the option of connecting to Tor using the default Tor network entrance nodes, or using what is called a "Bridge Relay" to connect to the network. A "Bridge Relay" can be run by a trusted person to allow connections to the Tor network without appearing on the public Tor network entrance nodes.

Select "Connect to Tor automatically" and click "Connect to Tor".

Using the Tor network will be frustrating, you need to wait to make the initial connection, then you will load webpages and images on the webpages very slowly. This is the price for obscuring your metadata.

Once the connection has been made, click "Start Tor Browser".

The browsers default homepage is the Tails homepage.

Search "tweetable polygot png".

The github page labeled "DavidBuchanan314/tweetable-polygot-png" is what we're looking for.

GitHub - DavidBuchanan314/tweetable-polyglot-png: Pack up to 3MB of data into a tweetable PNG polyglot file.GitHub

Tweetable Polyglot PNG

Click on "pack.py", where the code we need resides.

Select all of the code and press "Control-C" to copy the code.

Under normal circumstances press the "clipboard" button on the Github website would fill the clipboard with the file contents, but I suspect the Tor Browser has been configured not to allow the clipboard to be modified because it hasn't worked for me.

Click the "Windows" key on your keyboard, you can search for settings and apps. Type "note" to see the "Text Editor" application.

The Text Editor should open up. Right click inside the editor and click "Paste".

After pasting the code, click "Control-S" to save.

Navigate to the Desktop and use the name "pack.py", then click "Save".

Next, click the button with a plus inside a square to start a new file.

Type in the hidden message. This message can be seen in plaintext, it is only hidden. Remember that the content must be encrypted in some manner to keep it safe, such as with a two time pad.

The "Kleopatra" app is worth mentioning, it's installed by default on Tails and can be used for various encryption needs, including encrypting a file using a passphrase. You would then save the encrypted file somewhere online, and download it next session. You would then use the same passphrase to decrypt it and continue your work.

KleopatraKDE Applications

Kleopatra

In our case, we'll just write some plain text. Once you've entered the message, press "Control-S" to save the file.

Place the file on the Desktop with the name "README", then click on "Save".

Open the File Explorer by pressing the "Windows" key and typing out "fil" to make the "Files" app come to the first in the search results.

Right click on the README file and click "Compress" to zip the file.

Click the "Create" button to finish compressing the README file.

This should result in a "README.zip" file next to your "pack.py" file.

Open the Tor Browser again.

We need an image of sufficient size for the message, but not with dimensions above 4096x4096.

Select an image, right click, and then click on "Save Image As..."

The Tor Browser is limited to where it can download files. Simply download to the default location, click "Save".

Once you've saved the file, close the browser, right click the "Home" button in the sidebar on the File Explorer, and click the "Open in New Window".

Navigate to the "Tor Browser" under the "Home" directory.

Drag the file into the other window so that it's on the Desktop.

Close the "Tor Browser" window, right click on the image we downloaded, and click "Rename..."

Rename the file to "input.jpg", and click "Rename".

Right click on the image, and click on "Open With..."

Select the "GNU Image Manipulation Program", and click the "Open" button.

This program is more colloquially known as "GIMP".

Click on the "File" tab, and then click on "Export As...".

Export as "input.png" on the Desktop. The extension determines the "File Type".

You can choose what properties will be saved in the resulting PNG.

Unselect everything and click "Export" to save the PNG image.

You should now have the "input.png", "pack.py", and "README.zip" in the same folder.

Now, we need to run the code we downloaded to create the image. Click the "Windows" key and open the "Terminal" application.

You should result in the command line. If you're not used to the command line, this could be scary, but we only need to write two lines so relax.

In the command line, commands are run inside of directories. Type cd ~/Desktop/ to change the current directory to the Desktop. Press enter to run the command.

Next, we need to run the python script, type python3 ./pack.py ./input.png ./README.zip ./output.png

You should now have the "output.png" image on the Desktop. Double click on the "output.png" to view the image.

The image should look the same. If everything looks good, close the image.

Right click on the file explorer inside the "Desktop" folder and click on "New Folder..."

Make a new folder called "testing".

Drag the "output.png" into the testing folder. This will copy the file so we can test it.

Double click on the "testing" folder, you should now be in the testing folder with the copied file.

Right click on the file and click "rename".

Rename the file to "output.zip".

Double click on the "output.zip" to view the contents of the zip file.

Double click on the "README" file in the compressed file.

You should now see the resulting "README" file contains the message we prepared earlier.