I wonder if they're using PGP stealth 2 that I contributed to based on Henry Hastur's 1. It's kind of interesting to see these things used in the field. However one suspects unless they had some hired security consultants it may be that they just used the stego programs such as Andy Brown's or Romano's stego program with raw messages. Or perhaps using PGP without PGP stealth. Also you've got to wonder if the whole thing is some spook public opnion manipulation attempt. And then there's the question of how they found out. Did they get a tip-off and find the person stegoing the messages into the porn? Or was the stego not that well done and the result didn't provide plausible deniability, so they could remotely confirm their informant based suspicions. Adam On Wed, Feb 07, 2001 at 09:05:03AM -0800, Tim May wrote:

At 10:25 AM +0100 2/7/01, Tom wrote:

...

damn, it seems someone already did what I proposed a while ago under the thread "stego for the censored". if anyone in here has contacts to these terrorists, can you ask them for the software, please? maybe they want to GPL it so we can use it for other purposes as well? :)

On Wed, Feb 07, 2001 at 08:18:31PM -0400, Adam Back wrote:

I wonder if they're using PGP stealth 2 that I contributed to based on Henry Hastur's 1. It's kind of interesting to see these things used in the field.

However one suspects unless they had some hired security consultants it may be that they just used the stego programs such as Andy Brown's or Romano's stego program with raw messages. Or perhaps using PGP without PGP stealth.

Also you've got to wonder if the whole thing is some spook public opnion manipulation attempt. And then

Right. Prominent articles in USA Today and eslewhere, followed by front-page LA Times article, followed by the Fidel Castro cyberterror hearing on Wed. There's a pattern. -Declan

Ray Dillinger wrote:

...

There's a pattern.

Yah. A pretty blatant one. I'm wondering though why they're concentrating on international threats and political crap instead of more domestic threats.

let's take a guess: the kind and source of the alleged threat depends on - the TLA that is looking for additional funds?

At 09:05 AM 2/7/01 -0800, Tim May wrote:

At 10:25 AM +0100 2/7/01, Tom wrote:

...

damn, it seems someone already did what I proposed a while ago under the thread "stego for the censored". if anyone in here has contacts to these terrorists, can you ask them for the software, please? maybe they want to GPL it so we can use it for other purposes as well? :)

Not that I want to claim credit for this use by terrorists, but you will find that I wrote about this precise use in the late 80s. The Kevin Kelly book, "Out of Control," had a long description of this kind of use, based on interviews he did with me in 1992.

And, of course, in 1992 there were numerous posts on this in Cypherpunks, by me and by others. The Apple consultant Romana Machado took these discussions and generated a little program she called "Stego," which put simple messages into GIF files. At least a couple of other stego programs were in use around this time, too. (This was circa 1993.)

I know this has been mentioned before, but it seems to me that we should make use of all the great CRM watermarking technologies being developed. One of the primary goals of such technology is to hide the watermark in such a way that it cannot be isolated from the source material or removed by copying or filtering without making reproduction of the source material unacceptably degraded. At MacCrypto BlueSpike http://www.bluespike.com/ gave an good talk on this and my mind has been considering the stego uses of CRM ever since. To the degree such technologies deliver on these aspects of their CRM mandate they may serve the needs of clandestine communications. steve