In the aftermath of September 11, 2001, several attempts were made to determine whether and to what extent steganographic images were present on the Internet.

One well-publicized University of Michigan study searched over two million eBay images using special detection programs, but was unable to find a single hidden message. Another group examined several hundred thousand random images from various websites with similar negative results.

Although these projects provide a framework for searching a website for steganography images, experts say no conclusions should be drawn from them. Absence of evidence is not evidence of absence.

"One problem is, programs like 'stegdetect' only look at JPEG images," Kessler says. "Other image types-Tiff, PDF, GIF-were never examined. In the other study, only a limited number of websites were examined-far too few to make any definitive statements about the Internet as a whole."

In the event steganography abuse is far more pervasive than anyone is presently aware, federal law enforcement agencies remain eager to develop solid steganographic detection techniques.

"One reason for federal interest is that stego tools have been found in the forensic analysis of computers belonging to some criminals and terrorists," says Hany Farid, a computer science professor at Dartmouth College.

There are few hard statistics, however, about the frequency with which steganography software or media are discovered by law enforcement officials in the course of computer forensics analysis.

"Anecdotal evidence suggests that many computer forensics examiners do not routinely search for steganography software, and many might not recognize such tools if they found it," Kessler says.

One reason is computer forensic examinations can be a lengthy process. A thorough search for evidence of steganography on a suspect hard drive that might contain thousands of images, audio files, and video clips could take several days.

Finding steganographic messages has been equated to finding a needle in a county of haystacks. eBay, for instance, contains millions of images. Farid believes, however, that disabling steganography in a controlled environment like eBay could be easy.

"Forget trying to find the needle in the haystack-just turn the needle into a piece of straw by adding to each image a low-level noise pattern," he says. "The noise will be imperceptible to the user but will destroy the stego message, which, unlike digital watermarks, are highly sensitive to even the simplest attack."