From: wcs@anchor.ho.att.com
To: gnu@toad.com
Message Hash: 285cf22d309749ec59931f40a6ff6ed87ebdc895b7434c85f1cf134ec9d0ede2
Message ID: <9305270012.AA10969@anchor.ho.att.com>
Reply To: N/A
UTC Datetime: 1993-05-27 00:12:40 UTC
Raw Date: Wed, 26 May 93 17:12:40 PDT
From: wcs@anchor.ho.att.com
Date: Wed, 26 May 93 17:12:40 PDT
To: gnu@toad.com
Subject: Re: Steganography and Steganalysis
Message-ID: <9305270012.AA10969@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text
John Gilmore writes:
> My favorite scheme was to encode messages in trailing spaces and/or tabs
> in netnews messages. You could also put internal tabs in place of spaces.
and other fun things...
> In fact, you could do this with news messages that flow "through" your
> site, (if the messages aren't protected with a crypto checksum), so that
> you would not be the message's sender (and it wouldn't be addressed to anyone
> either -- recipients get very good privacy).
Hmmm... While this certainly does provide some privacy, it also can break things,
which is not nice to do to other people's messages. For example,
if other people are encoding messages in trailing spaces or tabs in netnews messages,
you'll replace their hidden messages with your own :-)
I don't know if there's much news out there with Content-Length: headers or other
byte-counting headers that would be disrupted; Lines: is obviously not bothered.
On the other hand, if the messages that appear to be flowing through your site
are really being generated there, either as forgeries of messages from other people,
or forgeries of messages from anonymous posting sites, or are forged messages
you're really posting through an anonymous posting site, you gain about the same
effect (assuming your forgery is good enough to not attract attention.)
(Forging messages from other people is best done either with cooperative people,
or fake people, or people who don't mind like MAILER-DAEMON%Fidogate@BAR.BiTNet.)
Bill Stewart
Return to May 1993
Return to “wcs@anchor.ho.att.com”
1993-05-27 (Wed, 26 May 93 17:12:40 PDT) - Re: Steganography and Steganalysis - wcs@anchor.ho.att.com