The Collicutt Software Company
Software products, developer tools, and applied security engineering
The Stegalographer Guidebook
They said never write your own encryption. They didn't say anything about steganography.
This guidebook covers Stegalographer, the tool, and steganography more broadly.
Stegalographer adds watermarks and attribution markers to log files. If your logs already flow through a pipeline, Stegalographer slots into that pipeline and encodes information you can verify later, without disrupting anything visible.
Most people think of steganography as hiding messages in images, but the same idea works anywhere you have controllable variation. Distributed infrastructure already produces massive volumes of logs and metrics with natural variation baked in. That variation is a surface you can write on.
The security world has spent decades on encryption and availability. Steganography solves a different problem: provenance and attribution. Who produced this data? Has it been tampered with? These questions matter most in democratic and institutional systems, and they are the ones encryption alone cannot answer.
72 pages ~15,000 words 8.5 x 11 PDF
Curtis Collicutt
Curtis Collicutt runs The Collicutt Software Company. He works across product engineering, developer experience, and cybersecurity, with a bias toward tools that make complex systems easier to reason about and safer to run.