blackmail / real world stego use
bear
bear at sonic.net
Tue Aug 26 17:49:18 EDT 2003
On Sat, 23 Aug 2003, Barry Wels wrote:
>Hi,
>
>So far I have only found one English item in the news about this.
>
>http://www.expatica.com/index.asp?pad=2,18,&item_id=33655
>
>So let me translate some of the dutch information about this
>interesting case :
<snip - story of a dutch man who used surfola.com, an american
anonymizing service claiming "we will not give out your info
to anyone ever", to browse a website containing stego data
worth US$185K that he'd extorted a dutch company into placing
there. FBI was apprised of situation, had his email address
within 24 hours - he was arrested by (dutch?) police the
instant he tried to touch the money. >
It is interesting to speculate about whether the FBI served
surfola.com with a warrant. If the anonymizing service is
"transparent" after the fact to the details recorded during
the FBI's ordinary daily monitoring of the internet, then we
live in interesting times indeed.
That would imply packet recording and correlation on a level
greater than we've ever considered to be in the arsenal of
cryptographic threats, implying the emergence of forces (and
inevitably of forces other than governments) that have
eavesdropping capabilities that cannot be defeated except with
time-delayed packet relay through many hosts and re-encryption/
redecryption at each step of the way.
That is a model that does not permit realtime communication,
meaning that monitoring may be impossible to escape for
realtime activities such as web browsing.
Bear
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list