a screenshot of a pgp key loaded as favicons
a screenshot of a pgp key loaded as favicons

Since using PGP is automatically detected, flagged and stored by the NSA, one is required to hide PGP messages in a cypher that is not machine-readable. ransomnote.py is a script that encrypts texts using the most common images on the internet, favicons. As such, all emails encrypted with ransomnote.py will look like a list of URLs. Referring to techniques of James Bond films of the ’70s and news-paper collage ransom notes, it comes with no decryption function. Instead, decoding is supposed to by done by the human recipient, pen and paper in hand.

The above screenshot gives you an idea, but since it is a net art piece you should actually see it in the browser! Half the fun is seeing all these favicons load at unequal speeds, if the load at all anymore..

Example one

Example two

the code

You can find the code for ransomnote.py here: https://github.com/rscmbbng/ransomnote.py



a set of scripts to produce favicon alphabets!

==building a favicon cypher==
step 1: set the path to your browser in faviconfig.py
step 2: run browser_history.py to extract the favicons from your browser's history
step 3: using make_favicon_db.py make an sqlite3 database to store the favicons
step 4: download all the favicons with download_favicons.py
step 5: (optional) run auto_clean_db.py to remove duplicate images based on similar appearance. Will also remove some false positives though.
step 6: annotate your database by hand, assigning symbols to favicons, using annotate_favicon_db.py
step 7: use print_cypher.py to save your cypher and generate a HTML 'codebook'

optional: to merge multiple annotated favicon dbs made with ransomnote use db_merge.py 

== running ransomnote.py ==

ransomnote.py takes input from stdin and prints to stdout so use it like this:

$ echo 'Hi, how are you?' | python ransomenote.py > output.html

$ cat mysupersecretmessage.txt | python ransomenote.py > output.html