|> From: Valdis.Kletnieks@vt.edu [mailto:Valdis.Kletnieks@vt.edu] |> Sent: Monday, September 17, 2001 10:10 PM |> |> On Mon, 17 Sep 2001 18:01:53 PDT, Roeland Meyer |> <rmeyer@mhsc.com> said: |> > However, given mil-grade VPNs these days, there is no way |> they can read what |> > you sent. They can only tell that you sent something. |> However, I just |> > discovered the Steganography stuff in my SuSE Linux |> distribution, hmmmmm. |> > But, they still know where it came from and where it went. |> |> As Bruce Schneier said, the problem with steganography is |> that you need |> a good cover story for why you're mailing JPG's of giraffes |> back and forth... I can actually see lots of applications for steganography; Stealth porn on a public web-site, for example. But for purposes of clandestine communications with and far-flung org, use a news content site that has pictures and imbed messages in the news content pictures. A site like www.Kavkaz.org, for an example, could be used to transmit messages in such a way. Another method is to take advantage of a photo album sharing site like www.ofoto.com. Whom is to know that a mega-pixel image isn't just an image of the family dog? Photos are just the easiest thing, there are other multi-media content vehicles. However, most folks aren't sufficiently talented to be able to post original music. I imagine that the terrorist population has no larger percentage of musical composers than the general populous. Whereas, people generally take snapshots like crazy. I am reasonably sure that Casper the friendly ghost has either thought of, or used, most of them, at one time or another. I can't think that your average terrorist scum-bag has any less of an imagination. So, Bruce Schneier, when posing that problem, must have had his imagination disengaged. There is more than adequate cover story for passing huge JPGs around.