[from the cryptography list..] Hi -- I just returned from the Post Office. And I don't mean SMTP, I mean ink on paper, with little self-adhesive micropayment certificates on the corner. The reason is that the US Secret Service asked me to mail them some info about an identity-theft scam. I offered to email the info, but the Special Agent said he didn't have email at work, and it was "not convenient" for him to check his email account at Yahoo. At that point I broke off the conversation, figuring that if they couldn't invest the effort of checking their email they wouldn't invest the effort of actually investigating the incident in question, so I wouldn't waste any more of their time or mine. To my surprise, the Special Agent called back and pleaded with me. He changed his story and said they had means of sending and receiving email, but they _weren't allowed_ to give out their email addresses. I know this is supposed to be the Secret Service, but keeping their email addresses secret is going a bit far IMHO. I would think most computer-security professionals would know how to set up a temporary and/or anonymous email address. I hope he enjoys transcribing the scammers' 350-character-long URLs from the paper I sent. I put the info on a secure web site and suggested he pull it down from there, but he declined that, too. The Special Agent was surprised to hear that I controlled multiple web sites. He didn't understand how that was possible. The Special Agent was surprised to hear that given an IP address, I could figure out what country it's in. He argued with me about this. The term "whois" meant nothing to him. Heretofore I didn't understand how identity- theft rings could operate so openly. One might have thought they would be afraid of stings, but evidently they're not. There's a lot of darkness here. I've set out a few candles, but I'm not sure it's going to be enough.