---------- Forwarded message ---------- Date: Mon, 17 Sep 2001 14:37:41 -0700 From: Bill Stewart <bill.stewart@pobox.com> To: David Honig <honig@sprynet.com> Cc: "Angelos D. Keromytis" <angelos@cs.columbia.edu>, Carl Ellison <cme@acm.org>, cryptography@wasabisystems.com, ukcrypto@chiark.greenend.org.uk, provos@citi.umich.edu Subject: Re: How to ban crypto? At 07:21 PM 09/16/2001 -0700, David Honig wrote:

At 06:02 PM 9/16/01 -0400, Angelos D. Keromytis wrote:

...

Niels Provos (U. of Michigan) has a very interesting paper on detecting steganography on the network (he talked about it during the USENIX Sec. WIP session). Basically, he didn't find any steganography in about 2 million images he tested on Ebay. He's working on doing the same for other mediums/sites.

He did a positive control, right?

Obviously this means that the stego-mongers are sufficiently good :-) It's not clear that EBay would be the right place to put stego, though I suppose it's an interesting idea. The popular method people discuss is Usenet porn spam; another obvious approach is webcams, since they're typically going to have pictures that aren't broadcast everywhere. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com