US Secret Service capabilities

John S. Denker jsd at monmouth.com
Thu Apr 24 13:29:01 EDT 2003 

Hi --

I just returned from the Post Office.  And
I don't mean SMTP, I mean ink on paper, with
little self-adhesive micropayment certificates
on the corner.

The reason is that the US Secret Service
asked me to mail them some info about an
identity-theft scam.

I offered to email the info, but the Special
Agent said he didn't have email at work, and
it was "not convenient" for him to check his
email account at Yahoo.  At that point I broke
off the conversation, figuring that if they
couldn't invest the effort of checking their
email they wouldn't invest the effort of
actually investigating the incident in
question, so I wouldn't waste any more of
their time or mine.

To my surprise, the Special Agent called back
and pleaded with me.  He changed his story and
said they had means of sending and receiving
email, but they _weren't allowed_ to give out
their email addresses.

I know this is supposed to be the Secret
Service, but keeping their email addresses
secret is going a bit far IMHO.  I would
think most computer-security professionals
would know how to set up a temporary and/or
anonymous email address.

I hope he enjoys transcribing the scammers'
350-character-long URLs from the paper I sent.

I put the info on a secure web site and
suggested he pull it down from there, but
he declined that, too.

The Special Agent was surprised to hear that
I controlled multiple web sites.  He didn't
understand how that was possible.

The Special Agent was surprised to hear that
given an IP address, I could figure out what
country it's in.  He argued with me about this.
The term "whois" meant nothing to him.

Heretofore I didn't understand how identity-
theft rings could operate so openly.  One
might have thought they would be afraid of
stings, but evidently they're not.

There's a lot of darkness here.  I've set
out a few candles, but I'm not sure it's
going to be enough.


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list