[extropy-chat] codes in scam letters

Eugen Leitl eugen at leitl.org
Tue Sep 27 10:20:55 UTC 2005


On Mon, Sep 26, 2005 at 09:16:11PM -0400, David Lubkin wrote:
> Kevin Freels wrote:
> 
> >A huge amount of spam is trapped at the ISP level before getting to the
> >consumer, so I doubt this would be an effective way to send code to
> >terrorists. They would be better served sending genuine personal messages
> >that are coded with one-time cyphers.
> 
> Any traffic that appears to be encrypted will be scrutinized by their 
> opponents, as will any traffic from or to a suspect. The best ways to 

A large and rising fraction of traffic is already encrypted. People
can scrutinize 

Received: from proton.jfet.org (unknown [69.60.117.34])
        (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
        (Client CN "sp2734", Issuer "sp2734" (not verified))
        by leitl.org (Postfix) with ESMTP id 2AA8B10380D7

until the cows come home, until they actually actively manipulate
session setup (and cause tell-tale warnings in the logs) there are not
many locations where they could tap.

Properly done steganography is indistinguishable from the natural
noise background of the channel. It only makes sense if you have
the the exact algorithm to extract the payload, and the matching
key.

> communicate will not draw attention. In the WW II model, signalling 
> by the radio broadcast of a particular popular song is preferable to 
> "the crows fly at dawn."

Number stations broadcast just fine with one-time pads.
 
> Because encrypted traffic is relatively rare, it draws attention. 

Encrypted traffic is only rare in comparison to P2P and multimedia
streams. In terms of absolute numbers, there's a challenge to even
detect it with statistical means. Recording it en bulk is prohibitive,
drinking from a firehose. You can only focus on a few connections
at a time, unless you move the snoop hardware towards the leaves 
(periphery).

> Those who want strong crypto should also want it to be an automatic, 
> default feature in all popular software for communicating through 
> Internet protocols (email, chat, HTTP, SMS, VOIP, etc.).

-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.extropy.org/pipermail/extropy-chat/attachments/20050927/831d1c28/attachment.bin>


More information about the extropy-chat mailing list