IP: wrestle the stegnography boogeyman to the ground

[David Farber <dave () farber net>]

> From: "Meeks, Brock (MSNBCi)" <Brock.Meeks () MSNBC COM>
> To: "'dave () farber net'" <dave () farber net>
> Subject: FW: [vor] wrestle the stegnography boogeyman to the ground
> Date: Mon, 17 Sep 2001 10:18:00 -0700
> X-Mailer: Internet Mail Service (5.5.2653.19)
>
> FYI
>
> -----Original Message-----
> From: Frank Rieger [mailto:frank () ccc de]
> Sent: Monday, September 17, 2001 12:36 PM
> To: Weld Pond
> Cc: vor () attrition org
> Subject: Re: [vor] wrestle the stegnography boogeyman to the ground
>
>
> I talked with Peter Honeyman about the project about a month ago. He
> said that he was really amused that they found not a single image.
> Interesting side-note is that they choosed ebay out of two
> considerations. First it is one of the few place where you can upload
> images anonymous (usefull for communication schemes) and Second they did
> not want to submit their university to the stress that would have
> happened when they would have checked 2 mil porn images ;-)
>
> Unfortunately the porn theory was the one spread by the newspapers and
> is difficult to check out on government money. Btw: if I would need to
> setup a internet based communication system I would do it on
> warez-trading newsgroups and use one-time offset schemes into the
> binaries that are not different in entropy from normal binaries. In the
> end there is no way to detect a sufficiently complicated security by
> obscurity communication hiding scheme that is hardened by one-time-pads.
> There are so many possibilites for that, that you can think of 200 and
> change them in infrequent intervals in order to avoid compromise by one
> cell beeing discovered.
>
> So all this "regulate encryption to stop terrorists"-bable is extreme
> nonsense that completely misses the point. No self-respecting islam
> terrorist would use western  encryption products anyway.
>
> Btw: I seriously doubt the claims that Laden used telephone encryption
> the NSA could not brake on his Inmarsat. As far as I know the market
> today, there is not a single product avialable for Inmarsat voice
> encryption that is not produced by a company that has known ties to
> their respective home country intelligence agencies, which happen to be
> either western world or russian or israeli. (James, correct me if I am
> wrong, please). Theoreticaly he could have hooked up a PC and used
> something like speakfreely or PGPphone, but we do not need to discuss
> the resitance of general purpose operating systems when it comes to a
> determined NSA attack to compromise the cipher.
>
> Greetings
>
> Frank



For archives see: http://www.interesting-people.org/