A couple of years ago somebody posted some clever programs to sci.crypt that hid arbitrary (cipher)text in seemingly innocuous "plaintext". You had two options: plaintext that looked like a running commentary on a baseball game (with the ciphertext encoded in the choices of names of players at bat, the sequence of balls and strikes, etc) or plaintext that looked like the writings of a particular legal scholar (I think). I don't remember his name, but he was chosen because Senator Joseph Biden of Delaware plagairized his works during law school, and Biden had recently introduced S.266 with the now-infamous "resolution" against cryptography. A nice touch. :-) Another approach to this problem is this: if you can't make the needles inconspicuous by themselves, generate some big haystacks to hide them in. I.e., write a program that produces bogus PGP "messages" and execute it frequently to produce background traffic. I wrote a first-order bogus PGP message generator and posted it to sci.crypt two weeks ago. I say "first order" because it looks like a PGP message to the naked eye, but is clearly invalid when fed to PGP - I didn't bother generating correct checksums on the ciphertext. The ideal bogus message generator would produce a message indistinguishable from a real PGP message encrypted with an unknown public key, or perhaps with a known public key chosen at random. Anybody want to write this? Phil