Forwarded message:

Date: Wed, 14 Jan 1998 12:41:53 GMT From: Adam Back <aba@dcs.ex.ac.uk> Subject: Re: (eternity) Covert Superhighway - the missing component?

- post to random newsgroups, use textual mimic functions, send decryption keys after the stegoed data has been distributed to disguise data until it is too late to affect distribution

Isn't this going to increase latency and increase the likelihood of both sureptitious attacks (I notice the request in newsgroup A and begin putting my mitm requests in the other newsgroups - the odds being that I will get the data and then forward to the original recipient with small changes) as well as must plain missing the request?

- become a spammer, or employ some spammers. Spammers use the hit and run approach with disposable accounts; with sufficient availability of accounts, and the economic incentive they seem to flourish in spite of intense displeasure of recipients.

Be shure to pay with cash and use an anonymous name and address. Considering the cost of accounts this could be quite expensive. Many services do provide the first 2 weeks free or similar features. I predict that should this model be put into practice at a very broad level the ISP's won't give the free trial-periods to anonymous accounts.

- video signals: live porn shows, one on one "chat live to our model, she will do anything you ask, blah, blah" -- high volume, easy target for stego, plausible reasons for anonymity

Is this going to be a live model or a VR relicant? If it is a live model then it should be relatively trivial to determine that persons identification and location. Another question that comes up is how many strippers are going to participate in this if they know the consequences? It's one thing to spend the night or a few weeks in the tank, a whole nother thing to spend years in there.

- subliminal channels in the TCP/IP and IPSEC protocols. Someone posted a reference for an implementation of some subliminal channels in the linux TCP/IP stack.

These still have to show up in the actual packets and are open to sniffer attacks. Also, the individual packets can be traced from router to router. Lot's of blind alleys but you'll get there eventualy.

When people can buy a T1 to their house for £2,000/yr instead of £20,000, we will stand a better chance.

SWBT will currently sell T1 access to homes for as little as $214/mo. Would you settle for $2,568/yr.? Note that this price doesn't include routing and name resolution. I'm still (3 months later) trying to get SWBT to tell me how much they will charge for this - they supposedly offer it but I have yet to find an actual business office that support home delivery of service. ____________________________________________________________________ | | | Those who make peaceful revolution impossible will make | | violent revolution inevitable. | | | | John F. Kennedy | | | | | | _____ The Armadillo Group | | ,::////;::-. Austin, Tx. USA | | /:'///// ``::>/|/ http://www.ssz.com/ | | .', |||| `/( e\ | | -====~~mm-'`-```-mm --'- Jim Choate | | ravage@ssz.com | | 512-451-7087 | |____________________________________________________________________|