Xeni Jardin wrote:
You gotta love those scribes at the Register--take this comment on UK tabloid frenzy over alleged stego-hijinks of OBL and crew:
"Since the Times' stablemates the Sun and the News of the World have allegedly been hiding news in pornographic content for several years, (although we've never found any news in either paper to substantiate that meme), the allegation doesn't surprise us. "
:-) The (London) Times is in a sad decline historical eminence as the paper of record since it was taken over by Murdoch. It is basically run as a loss-leader to preserve Murdoch's claim to respectability. The Sun is the archetypal contentless tabloid, where the methods of snide laddish journalism developed in Scotland and Australia in the 1950s and early 60s were honed into a money-making behemoth in the 1970s before being exported to the USA and other countries. Us Brits may not have invented rock & roll but we perfected the populist tabloid headline. To be fair the Sun has improved slightly in the past 4 or 5 years, but then it could hardly have got worse. If it had become any more pornographic the distributors would have moved it off the news shelves, if it had got any more cynical and thuggish it would have lost many of its readers. Ross Anderson's letter to the times appeared on the UKcrypto list. Which is archived, & therefore I guess crosspostable. Apologies in advance to Ross if he didn't want to see it here. The stuff after the "=====" is crossposted from UKcrypto. The implication has to be that the Times is no longer a newspaper in this context, but an instrument of government propaganda. Ken Brown ================================================== The Editor, The Times, Dear Sir: In Friday's article, `Secrets concealed by software' [1], you quoted me as saying that rather than using steganography, it was `likely that they [al-Qaida] sent thousands of innocent messages along with their live orders, so that the secret information was missed.' Your claim is untrue. I did not say that. Your reporter called me and told me he had had a briefing from the security services that al-Qaida were using steganography, that is, hiding messages inside other objects such as MP3 files or images. He asked me whether I thought this was plausible. I replied that although it was technically possible, it was unlikely; and that, according to the FBI, the hijackers had sent ordinary emails in English or Arabic. I explained that the main problem facing police communications intelligence is traffic selection - knowing which of the billions of emails to look at - rather than the possibility that the emails might be encrypted or otherwise camouflaged. A competent opponent is unlikely to draw attention to himself by being one of the few users of encryption or anonymity services. For just the same reason, he is unlikely to draw attention to himself be sending unreasonably large numbers of messages as cover traffic. Instead, he will hide his messages among the huge numbers of quite innocuous messages that are sent anyway. Throwaway email accounts with service providers such as hotmail are the natural way to do this. Unfortunately, the story that bin Laden hides his secret messages in pornographic images on the net appears to be too good for the tabloids to pass up. It appears to have arisen from work done by Niels Provos at the University of Michigan. In November last year, he wrote in a technical report that he could find no evidence that messages were being hidden in online images. By February this year, this had been been conflated by USA Today, an American popular paper, with an earlier FBI briefing on cryptography into a tale that terrorists could be using steganography to hide messages [2]. Similar material has surfaced in a number of the racier areas of the net [3], despite being criticised a number of times by more technically informed writers [4]. It is unclear what national interest is served by security agencies propagating this lurid urban myth. Perhaps the goal is to manufacture an excuse for the failure to anticipate the events of November 11th. Perhaps it is preparaing the ground for an attempt at bureaucratic empire-building via Internet regulation, as a diversionary activity from the much harder and less pleasant task of going after al-Qaida. Perhaps the vision of bin Laden as cryptic pornographer is being spun to create a subconscious link, in the public mind, with the scare stories about child pornography that were used before September 11th to justify government plans for greater Internet regulation. Whatever the security services' motive, it is quite unclear to me why a `quality newspaper' should have run this story, even after its technical and operational implausibility were explained to you in detail (see also `Al-Qaeda hid coded messages on porn websites' [5]). Could you kindly publish this letter as a correction. Yours Faithfully Ross Anderson Reader in Security Engineering University of Cambridge [1] http://www.thetimes.co.uk/article/0,,2001340010-2001345085,00.html [2] http://www.usatoday.com/life/cyber/tech/2001-02-05-binladen.htm [3] http://www.feedmag.com/templates/printer.php3?a_id=1624 [4] http://www.wired.com/news/politics/0,1283,41658,00.html [5] http://www.thetimes.co.uk/article/0,,2001340010-2001345211,00.html ==================================================