[Cryptography] russian spies using steganography?

Henry Baker hbaker1 at pipeline.com
Sun May 8 23:57:36 EDT 2016


At 06:18 PM 5/8/2016, Kent Borg wrote:
>A steganographic channel I have long thought is under appreciated is spam.  I guess the flaw here is the real senders of spam seem to be pretty few (I see it come in in batches, some one person pushed a button, I see the results, not a lot of little mom-and-pop retail spam senders).  Also, unfortunately to the spies, gmail does such a good job of filtering spam that who sees all that spam anymore? 
>
>Twitter also seems an interesting one-to-many channel.  But I guess that depends on Twittter not letting the TLAs into their network, and not letting them carefully monitor all the comings and goings.

Intel agencies & LEO's always take advantage of any "noise" and/or chaos in the system to hide under (reminiscent of spread spectrum radio, where the signal hides many dB down in the noise).  One problem with "broken window" policing is that at some point *all* of the broken windows & other crimes are committed by undercover operatives and/or informants; e.g., in the 1950's, supposedly >50% of the dues to the American Communist Party were paid by FBI/CIA informants.  Supposedly, the biggest fallout from the OPM hack has been to take 20+ million people off the eligible rolls for "secret"/undercover agents, because all their bio info -- including their fingerprints -- has been compromised.

The FBI has had a number of money-laundering stings which involved setting up fake banks around the world.  I believe that NPR recently talked about one such operation.  These kinds of operations only work if there are already a lot of other shady operators for the FBI to hide among.

I wouldn't be at all surprised if some non-negligible % of spam comes from TLA's around the world.  We already know that some non-negligible % of phishing/malware emails come from TLA's, so outright spam simply widens the potential.



More information about the cryptography mailing list