What a fuckin' joke. You mean they're only now realizing that Al-Qaeda could use stego? Do they think they're stupid? Nah...certainly the NSA are fully prepared to handle this. I doubt it's much of a development at all to those in the know. -TD
From: "R.A. Hettinga" <rah@shipwright.com> To: cryptography@metzdowd.com, cypherpunks@al-qaeda.net, osint@yahoogroups.com Subject: Blinky Rides Again: RCMP suspect al-Qaida messages Date: Thu, 9 Dec 2004 09:14:41 -0500
Lions and Tigers and Steganography, Nell...
For those of you without a program, here is the new, official, Horsemen of the Infocalypse Scorecard:
At 3:14 PM -0400 10/3/04, R. A. Hettinga wrote:
Horseman Color Character Nickname
1 Terrorism Red Shadow "Blinky" 2 Narcotics Pink Speedy "Pinky" 3 Money Laundering Aqua Bashful "Inky" 4 Paedophilia Yellow Pokey "Clyde"
Cheers, RAH -------
<http://cnews.canoe.ca/CNEWS/Canada/2004/12/08/pf-773871.html> December 8, 2004
RCMP suspect al-Qaida messages By JIM BRONSKILL
OTTAWA (CP) - The RCMP has warned its investigators to be on the lookout for cleverly disguised messages embedded by al-Qaida in digital files police seize from terror suspects.
An internal report obtained by The Canadian Press gives credence to the long-rumoured possibility Osama bin Laden's terrorist network and other extremist groups are using a technique known as steganography to hide the existence of sensitive communications.
Steganography, from the Greek word stegos, meaning covered, and graphie, or writing, involves concealing a secret message or image within an apparently innocuous one.
For instance, a seemingly innocent digital photo of a dog could be doctored to contain a picture of an explosive device or hidden wording.
"Investigators in the course of their work on terrorist organizations and their members, including al-Qaida and affiliated groups, need to consider the possible use of steganography and seek to identify when steganography is known or suspected of being used," the report says.
It recommends investigators consult the RCMP's technological crime program for assistance, including "comprehensive forensic examinations" of seized digital media.
A heavily edited copy of the January 2004 report, Computer-assisted and Digital Steganography: Use by Al-Qaida and Affiliated Terrorist Organizations, was recently obtained from the Mounties under the Access to Information Act.
Among the material stripped from the document is information on how best to detect, extract and view surreptitious messages.
Steganography dates to before 400 B.C. The ancient Greeks hid messages in wax tablets, while invisible inks have long been used to convey secrets.
Simple computer-assisted steganography helps apply such traditional methods in an electronic environment, the report notes. The messages may also be scrambled using cryptography to prevent them falling into the wrong hands.
The RCMP seems especially concerned, however, about digital steganography - the use of special computer programs to embed messages.
"There now exist nearly 200 software packages which perform digital steganography," the report says.
A limited number of publicly available software tools are designed to detect the use of steganography, but the "success rate of these tools is questionable," the RCMP adds.
Some only detect the use of specific software, while others are useful for scouring only certain types of files in which the secret message may be hidden.
There have been numerous media reports in recent years that terrorist groups, including al-Qaida, were using steganographic techniques.
The phenomenon is "deeply troubling," said David Harris, a former Canadian Security Intelligence Service officer now with Ottawa-based Insignis Strategic Research.
He suggested any delay in detecting disguised messages could be disastrous.
"We're talking very often about time-sensitive issues: where is the bomb? Who's operating in connection with whom?" he said.
"On that kind of basis, this is really, really disturbing as a development."
Harris also questioned whether western security agencies have sufficient personnel and resources to uncover the messages.
-- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'