Tim May writes:

[G8 outlawing of crypto efforts forging ahead]

It's not hopeless. Physical havens are vulnerable, to all sorts of pressures (I doubt many cryptographers want to set up shop in Libya or Iraq, not that these places would be hospitable to Cypherpunks sorts of goals and methods).

Going underground, using the untraceable features of cyberspace, may be the last, best hope.

I'm not sure we have the software to do this right now. Let's say that we start with the assumption of remailers still running in some countries (non G8). Message pools are ok for receiving messages. But for sending messages, we need a stego interface to remailers. Now seems like a good time to produce this software. It's time has come, much as Phil Zimmermann felt the pressure of the 1991 Senate anti-crime bill 266. Good stego encoding techniques are the difficult problem. We could do something in-your-face like: use a random number, go to jail! BECBFEAAA13241237419283749183123487A7BCDEFBBDCEFDBEB23CDDEBDEBDB AA13241237419283749183123487A7BCDEFBBDCEFDBEB23CDDEBDEBDBBECBFEA 419283749183123487A7BCDEFBBDCEFDBEB23CDDEBDEBDBBECBFEAAA13241237 ... As a form of protest, where it really is stegoed instructions to a remailer in a GAK-free country, which is reading the list. Text stego is hard to do. At ultra low encoding rates (say a few bits per email), it would be ok. (Just message parity, perhaps the entropy in the message-id, posting time). Anything more in text seems intrinsically hard to do well enough to feel comfortable betting against a jail term. Images and audio files are much rosier targets, but who posts volumes of gifs, or uses audio files? Not I, the bandwidth isn't up to it yet, and pay-per-second phone bills don't help either. PGP 2.x signatures (presuming we're still allowed to sign posts with such software) don't have much scope for subliminal channels. The time of posting in seconds is about it. However, PGP 3.x signatures on ElGamal/DSS keys should have. There are several subliminal channels in DSS signatures. It involves generating a random number component, and this can be exploited. Still pretty low bandwidth. Perhaps someone can have a go at adding this to PGP3.x, once Stale has finished scanning the source code books, and has posted the source. Also, I hear that PGP3.x has support for RSA keys, but won't generate them? Perhaps we can add that back in also. For comfort, I'd like to be able to post, lets say 10k per day of messages, via remailers in non-GAKed countries. Clearly I'm going to have to increase my rate of bit-production to stego encode this much data in my stegotext output. How am I going to do it with good plausible deniability though? Adam -- Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0

Tim May writes:

At 3:02 AM -0700 22/6/97, Adam Back wrote:

...

Text stego is hard to do. At ultra low encoding rates (say a few bits per email), it would be ok. (Just message parity, perhaps the entropy in the message-id, posting time).

Pointers can be useful. A small number of stego bits in a message of this length could be used to tell a recipient where to look for a longer message. Thus, this message could contain instructions to "Look at the image "cindy-fake17.gif" in "alt.binaries.erotica.cindy-crawford" for instructions about the Cabal meeting."

Provides some plausible deniability, more than posting random numbers.

If the images are recyclings of older images, as most images in these porn groups are, then there is the problem that images may be diffed (compared) and the LSBs detected to be different. Fixes for this either include deliberate (and stated) "enhancement" in Photoshop, which is also fairly common, or scanning of some of those old Penthouse mags laying around! :-)

That's the major problem with images, you need to generate your own. Unless you fancy writing an image enhancement system, and analyse the algorithms in existing systems to ensure that randomness is introduced. Another idea, there's a golf-ball cam on top of my monitor, how many list members have played with CU-SeeMe? (You'd get to see my 2 year old son playing with his toy tractor on the desk, making it difficult to type, keeps pulling my hands off keyboard). Does any of the CU-SeeMe stuff come with source code? Cons: at 28.8k modem speed, the image frame rate is poor, but worse the audio is near unusable, also limited to 8 conference participants. Or how about enhanced IRC with VR chat rooms? You could get lower bandwidth IRC stylised computer generated VR than you could video stream. I'm sure you could come up with some subliminal channels in that (computer generated images, simulated moniker movements), and you'd just need to chat on #cypherpunks for a while, and your posts would be sent. Quite plausible for cypherpunks to stop off at #cypherpunks and reminisce about the days before non-gakked crypto was outlawed. Adam -- Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0

-----BEGIN PGP SIGNED MESSAGE----- In , on 06/21/97 at 10:16 AM, Tim May said:

It's not hopeless. Physical havens are vulnerable, to all sorts of pressures (I doubt many cryptographers want to set up shop in Libya or Iraq, not that these places would be hospitable to Cypherpunks sorts of goals and methods).

To bad Israel is so dependant on US $$$ I wouldn't mind going back there and setting up shop. Alot of intresting crypto work is being done there. Of cource with Palasinian "problem" I have no ideal what their current export/remailer stance is. - -- - --------------------------------------------------------------- William H. Geiger III http://www.amaranth.com/~whgiii Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html - --------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: cp850 Comment: Registered_User_E-Secure_v1.1b1_ES000000 iQCVAwUBM63U/49Co1n+aLhhAQGP1wQAyXldUetUa5omquNkKbUS5nVvc3iIoQqh DkRcPjiWMnhjXcIdkCiqNG9lEpVAM/RLahs8MlpX+ROhtHrq1Nt8h+P+h9/Aq3Ov xEH3QExCc3LmaotXWm+ibyCpnaUTwcOjIAUcDNk7YqBADSGqFqBqi5sg3wFRl26d bYLQN4gYguw= =hv0W -----END PGP SIGNATURE-----

At 6:41 PM -0700 6/22/97, William H. Geiger III wrote:

In , on 06/21/97

To bad Israel is so dependant on US $$$ I wouldn't mind going back there and setting up shop. Alot of intresting crypto work is being done there. Of cource with Palasinian "problem" I have no ideal what their current export/remailer stance is.

Israel? I don't get the joke.... Israel is a controlling, f$sc%st state in many ways. (I typed "f$sc%st" because many are unreasonably offended when the f-word is used in conjuction with the Zionist Entity.) Look into IDF control of most of the leading Israeli electronics companies. Look into Shin Bet, Mossad, the Pollard case, Dimona, and so on. Also, Israel is one of the world's major "soft targets." Look to see Tel Aviv vaporized one of these days. A nation formed by stealing land from "sand niggers" (what the Brits called Arabs) and having these sand niggers only a few miles across a poor geographic barrier....the very definition of a soft target. As for a lot of "interesting work," there is no doubt that Shamir and his students are doing wonderful work. One genius and his team do not make up for the many other problems with Israel. (If the Germans are able to get Scientology declared to be a dangerous cult, partly because of its violent activities and its strange beliefs, can't they have Judaism similarly declared to be an illegal cult? A cult which believes God gave them some land, and that Jews born in Poland, Russia, Lithuania, and not having any ancestors in Palestine for 1000 or 2000 or more years (or never), have a religious right to kick the sand niggers off their farms in Haifa....sounds worse than Scientology. By the way, I strongly disagree with the German assault on Scientology....I have told my good friend Keith Henson that his battle with Scientology is dangerous.) --Tim May There's something wrong when I'm a felon under an increasing number of laws. Only one response to the key grabbers is warranted: "Death to Tyrants!" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."

On Sun, 22 Jun 1997, Steve Schear wrote:

...

That's the major problem with images, you need to generate your own. Unless you fancy writing an image enhancement system, and analyse the algorithms in existing systems to ensure that randomness is introduced.

There are plenty of Net-cams watching traffic or sunsets around the world. Since these images tend to change a bit from frame to frame they could cheaply and reliably provide the sorts of images which are ideal for stego. I'm not sure if you can frame-grab from such a changing Web page with the current browser features, but this should be a significant hurdle.

Or, set up your own webcam "to watch your coffee pot twice a minute" or something. Merge the crypto stream through the gifs after tweaking the brightness and contrast to avoid 0 and 255 (a light fixture with a pattern of 254/255 values gets suspicious, and is not from thermal noise - a "problem" with monochrome quickcams for night photography). Then do something like lynx -source webcam.x.y/images/coffee.gif | destegodecrypt >>reconstruct every 30 seconds (with some kind of dropout correction). [lynx is a textmode browser that works well for these types of things]. Or even an AVI for both video and sound stego.

On Mon, Jun 23, 1997 at 11:38:25PM -0700, Bill Stewart wrote:

...

...

...

That's the major problem with images, you need to generate your own. Unless you fancy writing an image enhancement system, and analyse the algorithms in existing systems to ensure that randomness is introduced. .. Or, set up your own webcam "to watch your coffee pot twice a minute" or something. Merge the crypto stream through the gifs after tweaking the brightness and contrast to avoid 0 and 255 (a light fixture with a pattern of 254/255 values gets suspicious, and is not from thermal noise - a "problem" with monochrome quickcams for night photography).

Pictures like coffee pots are likely to have parts that change (e.g. the state of the coffee pot) and parts that don't change (e.g. the part of the wall that isn't blocked by the pot.) This means that it's easy to tell which bits are being messed with, if somebody's watching successive pictures. If the digitization's random enough in the low bits, it's a bit better, but a picture of something moving helps. Oceans and fog are great....

Sources of pictures aren't really the problem, though -- it's developing the widespread habit of people sending references to pictures along with their email. For example, if the "cool thing to do" was to note a link to a favorite photo in your sig (as I have done, below), then people who were interested in communicating privately could build up a significant cache of shared pictures. Code to automatically compare pictures with the previous version, and decrypt the embedded messages is no big deal -- the big deal is getting people to habitually include links to pictures -- or sound files, or whatever... -- Kent Crispin "No reason to get excited", kent@songbird.com the thief he kindly spoke... PGP fingerprint: B1 8B 72 ED 55 21 5E 44 61 F4 58 0F 72 10 65 55 http://songbird.com/kent/pgp_key.html Picture of the day: http://songbird.com/pix/photos/gc8.jpg