more reports of terrorist steganography

[sjk]

Dave Korn wrote:

> 
>   That's gotta stand out like a statistical sore thumb.
> 
> 
>   The article is pretty poor if you ask me.  It outlines three techniques for
> stealth: steganography, using a shared email account as a dead-letter box, and
> blocking or redirecting known IP addresses from a mail server.  Then all of a
> sudden, there's this conclusion ...
> 
> " Internet-based attacks are extremely popular with terrorist organizations
> because they are relatively cheap to perform, offer a high degree of
> anonymity, and can be tremendously effective. "
> 
> ... that comes completely out of left-field and has nothing to do with
> anything the rest of the article mentioned.  I would conclude that someone's
> done ten minutes worth of web searching and dressed up a bunch of
> long-established facts as 'research', then slapped a "The sky is falling!
> Hay-ulp, hay-ulp" security dramaqueen ending on it and will now be busily
> pitching for government grants or contracts of some sort.

This struck me oddly as well. I cannot think of a single significant
Internet attack which has been traced to any terrorist organizations. I
would agree that this article seems to be designed to alarm rather than
inform, and, no doubt, pick up a government contract.

Additionally, the author seems to make a big deal about asymmetric
encryption without considering how key exchange is accomplished. The
logistics of key exchange remains one of the vulnerabilities any
asymmetric encryption system.


-- 
-------------------------------------
sjk at cupacoffee.net
No one can understand the truth until
he drinks of coffee's frothy goodness.
~~Sheik Abd-al-Kadir

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com