On 2006-05-17T15:42:41-0400, Tyler Durden wrote:
But the other axis is statistical (as you point out). It's far better to never get caught in the NSA driftnets in the first place. This means stego, this means P2P (hum...what if I had a P2P video of a document I wanted to transmit...NSA wouldn't be able to read that document, right?) this means (somehow) encouraging more crypto in more places so your traffic doesn't stick out.
I suspect that anyone caught by narus sending any sort of unusual encrypted traffic (i.e. not skype or ssl on port 443), particularly traffic to a published tor node or to a known mix node, is automatically put in the "somewhat interesting" bucket. Thus, the kind of people who can avoid being caught in the dragnet by using stego have already been caught due to earlier experimentation. If the NSA has access to ISP subscription records, which current news reports suggest they do, even changing IPs or ISPs is not enough. You have to create a completely new identity, or you have to abuse an open net connection somewhere. And open connections like wireless hotspots are probably already flagged due to interesting traffic coming from them in the past. -- The six phases of a project: I. Enthusiasm. IV. Search for the Guilty. II. Disillusionment. V. Punishment of the Innocent. III. Panic. VI. Praise & Honor for the Nonparticipants.