Hi Community,
I didn't new where to post... After reading, reading and over reading thies thread, in which I tried to understand ppl meanings and problems I wanted to ask the following:
Would it be a good idea to tell ppl what kind of programs are needed/required to solve some challs? For example there are some challs that require a good knowledge of PSP or PS and so on... what do you think of?

Allmost every stegano challenge can be solved by use of (not solved with) even the most basic photo editor.
So this means you could add PS and PSP everywhere. So I don't think this will help you much.

BaRa

I have to agree with many posters about the stegano's. If I can't see what to do in the first ten minutes then I leave them alone. CEP was the most interesting I have seen, it was obvious what to do and I enjoyed solving it. Too many of them are just peculiar puzzles though and all you get out of them is solving the puzzle, and all too often it's not obvious how to start. Similarly with many of the cryptos which are just stupid puzzles - like the drugs one. I feel the same way with a lot of the specials - a few cryptos and steganos strung togther, and chances are you get stuck on one bit. I think even the crackits are starting to see this kind of change with peculiar cpu's and programs. It seems that many people have submitted things just to submit something as hard as they can think of, and it isn't much fun to solve these things. And that's why I solve, because I enjoy doing it, if I find something that I'm not enjoying then I don't do it, and that's where many of the stegano's are fitting right now. If a particular stegano attracts a lot of solvers then I might look at it more, but otherwise it's the ten minute rule for me!

Oh, my. Just re-reading this thread!
Damn, I hate to be sooo low and w/o enough knowledge about stegano (crypto, forensics and coding)

It is quite a trip to read back through this thread after 20 years

But honestly, the world looks a lot different now. Back in 2006, we were arguing about whether these challenges were "educational" or just "puzzles". Today, steganography has graduated from being an "underrated" mind-bender to a serious, high-stakes problem in modern cybersecurity.

It's no longer just about finding a hidden word in a 10x10 BMP. We are seeing incredibly sophisticated use cases that affect everyone's security:

- Hiding Attack Vectors: Advanced persistent threats (APTs) are frequently using steganography to sneak malicious payloads past perimeter defenses. By embedding exploit code or C2 instructions within mundane-looking media files or even network protocol headers, they can bypass traditional signature-based detection.

- Data Loss Prevention (DLP): This has become a nightmare for enterprise security. How do you stop a disgruntled employee or a corporate spy from leaking sensitive proprietary data when they can hide an entire database inside a high-resolution vacation photo posted to social media?

- The "Out of the Box" Reality: BaRa was right about one thing - it forces you to think differently. Only now, that "different thinking" is a requirement for threat hunters. If you aren't looking for anomalies in the noise of a digital signal, you're missing half the attack surface.

Back then, we complained that it wasn't "realistic". Fast forward to today, and if you aren't accounting for steganography in your security posture, you're essentially leaving the back door unlocked.