On 20 August 2007 16:00, Steven M. Bellovin wrote: > http://www.esecurityplanet.com/prevention/article.php/3694711 > > I'd sure like technical details...
Well, how about 'it can't possibly work [well]'? " [ ... ] The article provides a detailed example of how 20 messages can be hidden in a 100 x 50 pixel picture [ ... ] " That's gotta stand out like a statistical sore thumb. The article is pretty poor if you ask me. It outlines three techniques for stealth: steganography, using a shared email account as a dead-letter box, and blocking or redirecting known IP addresses from a mail server. Then all of a sudden, there's this conclusion ... " Internet-based attacks are extremely popular with terrorist organizations because they are relatively cheap to perform, offer a high degree of anonymity, and can be tremendously effective. " ... that comes completely out of left-field and has nothing to do with anything the rest of the article mentioned. I would conclude that someone's done ten minutes worth of web searching and dressed up a bunch of long-established facts as 'research', then slapped a "The sky is falling! Hay-ulp, hay-ulp" security dramaqueen ending on it and will now be busily pitching for government grants or contracts of some sort. So as far as "technical details", I'd say you take half-a-pound of security theater, stir in a bucket or two of self-publicity, season with a couple of megabucks of goverment pork, and hey presto! Tasty terror-spam! BTW, I can't help but wonder if "Secrets of the Mujahideen" refuses to allow you to use representational images for stego? ;-) (BTW2, does anyone have a download URL for it? The description makes it sound just like every other bit of crypto snakeoil; it might be fun to reverse engineer.) cheers, DaveK -- Can't think of a witty .sigline today.... --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]