[Reader-list] Fw: Wired News :Bin Laden: Steganography Master?

Gayatri Chatterjee gchat at vsnl.net
Wed Sep 26 22:28:57 IST 2001


>  From Wired News, available online at:
> http://www.wired.com/news/print/0,1294,41658,00.html
>
> Bin Laden: Steganography Master?
> by Declan McCullagh
>
> 2:00 a.m. Feb. 7, 2001 PST
>
> WASHINGTON -- If there's one thing the FBI hates more than Osama bin
> Laden, it's when Osama bin Laden starts using the Internet.
>
> So it should be no surprise that the feds are getting unusually
> jittery about what they claim is evidence that bin Laden and his terrorist
allies are using message-scrambling techniques to evade law enforcement.
>
>
>
> See also:
> Israel's Seminar on Cyberwar
> 'Cyber-Terrorist' Jailed Again
> The Feds'll Come A-Snoopin'
> Keep an eye on Privacy Matters
> Everybody's got issues in Politics
>
>
>
>
>
>
>
> USA Today reported on Tuesday that bin Laden and others "are hiding
> maps and photographs of terrorist targets and posting instructions for
terrorist activities on sports chat rooms, pornographic bulletin boards and
other websites, U.S. and foreign officials say."
>
> The technique, known as steganography, is the practice of embedding
> secret messages in other messages -- in a way that prevents an observer
from learning that anything unusual is taking place. Encryption, by
contrast, relies on ciphers or codes to scramble a message.
>
> The practice of steganography has a distinguished history: The Greek
> historian Herodotus describes how one of his cunning countrymen sent a
secret message warning of an invasion by scrawling it on the wood underneath
a wax tablet. To casual observers, the tablet appeared blank.
>
> Both Axis and Allied spies during World War II used such measures as
> invisible inks -- using milk, fruit juice or urine which darken when
heated, or tiny punctures above key characters in a document that form a
message when combined.
>
> Modern steganographers have far-more-powerful tools. Software like
> White Noise Storm and S-Tools allow a paranoid sender to embed messages in
digitized information, typically audio, video or still image files, that are
sent to a recipient.
>
> The software usually works by storing information in the least
> significant bits of a digitized file -- those bits can be changed without
in ways that aren't dramatic enough for a human eye or ear to detect. One
review, of a graphical image of Shakespeare before and after a message was
inserted, showed JPEG files that appeared to have no substantial
differences.
>
> Steghide embeds a message in .bmp, .wav and .au files, and MP3Stego
> does it for MP3 files. One program, called snow, hides a message by adding
extra whitespace at the end of each line of a text file or e-mail message.
>
> Perhaps the strangest example of steganography is a program called
> Spam Mimic, based on a set of rules, called a mimic engine, by
Disappearing Cryptography author Peter Wayner. It encodes your message
into -- no kidding -- what looks just like your typical, quickly deleted
spam message.
>
> So if steganography is so popular, is there anything the feds can do
> about it?
>
> Some administration critics think the FBI and CIA are using potential
> terrorist attacks as an attempt to justify expensive new proposals such as
the National Homeland Security Agency -- or further restrictions on
encryption and steganography programs.
>
> The Clinton administration substantially relaxed -- but did not remove
> -- regulations controlling the overseas shipments of encryption hardware
and software, such as Web browsers or Eudora PGP plug-ins.
> One thing's for certain: All of a sudden, the debate in Washington
> seems to be heading back to where it was in 1998, before the
liberalization.
>
> "I think it's baloney," says Wayne Madsen, a former NSA analyst and
> author. "They come out with this stuff. I think it's all contrived -- it's
perception management."
>
> Three years ago, FBI Director Louis Freeh spent much of his time
> telling anyone who would listen that terrorists were using encryption --
and Congress should approve restrictions on domestic use.
>
> "We are very concerned, as this committee is, about the encryption
> situation, particularly as it relates to fighting crime and fighting
terrorism," Freeh said to the Senate Judiciary committee in September 1998.
"Not just bin Laden, but many other people who work against us in the area
of terrorism, are becoming sophisticated enough to equip themselves with
encryption devices."
>
> He added: "We believe that an unrestricted proliferation of products
> without any kind of court access and law enforcement access, will harm us,
and make the fight against terrorism much more difficult."
>
> But Freeh never complained about steganography -- at least when the
> committee met in open session.
>
> Some of the more hawkish senators seemed to agree with the FBI
> director, a former field agent. "I think the terrorist attacks against
United States citizens really heighten your concern that commercial
encryption products will be misused for terrorist purposes," said Sen.
Dianne Feinstein (D-Calif).
>
> Sen. Jon Kyl (R-Ariz) added he was concerned about "the sophistication
> of the terrorists, the amount of money they have available (and) their use
of technology like encryption."
>
> In March 2000, Freeh said much the same thing to a Senate Judiciary
> subcommittee headed by Kyl. He echoed CIA Director George Tenet's earlier
remarks, saying: "Hizbollah, HAMAS, the Abu Nidal organization and Bin
Laden's al Qa'ida organization are using computerized files, e-mail and
encryption to support their operations."
>
> Related Wired Links:
>
> Ashcroft to Chew On Carnivore
> Jan. 27, 2001
>
> Ashcroft to Chew On Carnivore
> Jan. 27, 2001
>
> Crypto: Three Decades in Review
> Jan. 9, 2001
>
> Crypto: Three Decades in Review
> Jan. 9, 2001
>
> New Congress to Push Privacy
> Jan. 7, 2001
>
> Top Cop Arrives With Mixed Bag
> Jan. 5, 2001
>
> Privacy a Victim of the Drug War
> Dec. 11, 2000
>
> Privacy a Victim of the Drug War
> Dec. 11, 2000
>
> Why E-Security Is Hard to Tame
> Sep. 19, 2000
>
> Why E-Security Is Hard to Tame
> Sep. 19, 2000
>
> Regulating Privacy: At What Cost?
> Sep. 19, 2000
>
> Copyright (C) 1994-2001 Wired Digital Inc. All rights reserved.
>
>
>




More information about the reader-list mailing list