Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Censorship

Digital Voices From Rogue Nations? 348

Posted by Cliff from the stuff-to-think-about dept.
Over the past five years, we have watched the Internet shrink distances and bridge the gaps between the international community of nations. Never before has it been easier for a physicist in Zaire to communicate and share ideas with such a diverse group as a professor from UC Berkeley and a computer scientist from Berlin. However, despite this social benefit from what is the world's growing global network, there are still places where the boon that is Internet communcation is frowned upon, even dangerous. What would you do if you had to privately communicate with people in countries like China or Iran where communications are possibly monitored and knowledge of what you are discussing could get the person on the other end in trouble with his or her own government? Is it possible to quietly and privately use the Internet to communicate with these people?

cscrutinizer asks: "I have a friend in Iran who is producing a Web site newsletter (in English) that advocates women's rights there. She is looking for ways to fund her operations and was wanting to add a donation section as well as a section to sell e-books of some Iranian authors who can't get their stuff out to the rest of the world. As we started to talk about how to do it, a myriad of issues came up with regards to credit card transactions, the transfer of funds, the use of encryption, where to host (currently in the U.S.), copyright laws, how to avoid political reprisals, etc. What is the best path for someone living in an embargoed nation?"

BillEGoat writes "A friend of ours is visiting China to do some work that is not in keeping with their government's ideals. We need to know the kinds of e-mail interception techniques China's government and universities use, and if encrypted e-mail will get detected or blocked. Obviously the idea is to communicate without anyone knowing. The real risk is arrest and detention or deportation of our friend if caught. What encryption techniques can we use that are hard to detect and break?"
This discussion has been archived. No new comments can be posted.

Digital Voices from a Rogue Nation? More

Digital Voices from a Rogue Nation?

Comments Filter:
  • To get real communication - get encrypted irc. This will eventually come out in a while - and I bet no firewall can block all of encrypted protocols. Chat is the future for communication - E-Mail may be good, but with IRC/chat you get a meeting table or face-to-face experince - Email would be same as a Penfriend from China. Get an IRC server setup, possible SSH up to it, or wait a little for encrypted irc solutions :) (which will come )
  • I'm kinda glad that there are someplaces safe in the world from the internet. Even if they do resemble hell for people.

  • Step 1: Download Gnu Privacy Guard [gnupg.org].

    Step 2: Exchange keys

    Step 3: Communicate to your heart's content.

    The great thing about strong encrytion is that the transmission medium can be completely insecure; Hell, you could yell the symbols out in a crowded room, and nobody will know what you're saying.

    Of course, getting caught with those tools might be a ticket to a concrete vacation somewheres with lots of bugs and bad food. (Resist temptation to poke fun at Carnival)

  • Stenography anyone? (Score:3)

    by AndroSyn ( 89960 ) on Friday July 21, 2000 @09:00AM (#914195) Homepage
    Perhaps a better way of exchange emails would be through the use of stenography(hiding the content in other data). Send images of your pets(not the images of course) back and forth via email and have a light discussion in the email, when you both know that the real content is in the image itself.

    And to be on the safe side encrypt your message before running it through a stenograhy tool, so there won't be a big glaring header saying, "hey..look at me..i'm hiding something".

  • Not just China (Score:3)

    by cow_licker ( 172474 ) on Friday July 21, 2000 @09:01AM (#914196)
    I think its dangerous to assume that only those "fascist countries over there" are being monitered, especially after the discovery of Carnivore and even the local police taking part as seen in this article [wired.com] from wired.
  • If they're really worried about reprisals, and if the government really is oppressive and arbitrary, then just using encrypted data when you communicate may not be enough. If the censors can see that there is encrypted data flowing between you and them, that may be enough to be suspicion of comitting a crime against the state which may be enough to warrant arrest.

    [TMB]
  • Well, I wouldn't say that text-based chat is the future of communications.

    Right now, I'm wondering a few things. 1) Does the IRC protocol lend itself--at all--to the inclusion of video conferencing? 2) How easy is it to encrypt audio/video signals? I can't imagine it would be much harder than encrypting text, but in a medium where time-delays are unacceptable, there would have to be a pretty tight algorithm for encoding/decoding.

    Of course, when speaking with someone whose first language is not your own, it's often easier to read your in broken, screwy form than to understand it when you add an accent that is incomprehensible to you.

    Did you notice how hard I tried not to use the word "English" in that sentence?

    In conclusion, encrypted video conferencing would be a good step toward solid, private communication, but sometimes it would be even more difficult to understand than plain text.

  • Steganography (Score:5)

    by jabber ( 13196 ) on Friday July 21, 2000 @09:03AM (#914200) Homepage
    BillEGoat, take a look at some steganography tools out on the net.

    For those unaware, steganography is the embedding of useful information in other data, for example encoding text in the least-significant-bit(s) of an image.

    As a hypothetical: Your friend wants to send email with sensitive information. He encrypts it (just to be extra safe) and then burries the ciphertext in a large TIFF file of the Chinese Wall. He compresses the image with ZIP and attaches it to an innocuous e-mail "Having a great time, wish you were here"...

    The government spooks intercept, decode and conclude ' another happy tourist spending dollars '.

    You receive the message, reverse the process and learn that the attack is being launched at dawn.

  • Steganography (Score:3)

    by ch-chuck ( 9622 ) on Friday July 21, 2000 @09:03AM (#914202) Homepage
    I repeat, Steganography [www.thur.de] to also hide the fact that any encrypted comm is even taking place. Put the payload in Islamic and Chinese art, etc.
  • What would you do if you had to privately communicate with people in countries like China or Iran where communications are possibly monitored and knowledge of what you are discussing could get the person on the other end in trouble with his or her own government? Is it possible to quietly and privately use the Internet to communicate with these people?

    That's not up to the user, but to the foreign government in terms of their policies regarding the internet, privacy and how badly do they want to monitor it. Any encryption available to most people could probably be broken given a sufficeint amount of time and resources which many governments have. They probably also monitor phones and mail, so this would be no different - just that it would take more time.



    Being with you, it's just one epiphany after another

  • China (Score:3)

    by Golias ( 176380 ) on Friday July 21, 2000 @09:04AM (#914204)
    I had a friend in college a few years ago that joined a missionary group that was smuggling Bibles into the country. Her return was delayed by four months, during which time we were unable to contact her, or even confirm that she was alive or ever coming back. Turns out that getting out was not quite as easy as getting in.

    China seems to me like a country on the verge of radical change. We all remember the kid standing in front of the tank, throwing rocks... but when you look at the way they handled the annexation of Hong Kong (by changing almost nothing), there's room for hope.

    If I'm wrong, we (by which I mean most of the world) will probably end up at war with them over Taiwan (or something) within the next decade or two. The old Chinese curse about living in interesting times seems to apply.

  • What we really need is some way of obscuring text so that "outsiders" can't read it. I suggest wrapping a long strip of paper around a rod, writing your message vertically, unwrapping and sending the strip (but not the rod) to the person you want to talk to. You will have to setup a rod-size with them beforehand, of course.
    --
  • Hi, I'm planning on writing from a free country (Canada) to a correspondent in one of the worst Rogue Nations in the world. I am afraid that my friend's political opinions will get him into trouble in his home nation (he's a communist and they've been persecuted there in the past from the illegal blacklisting of them from their jobs to their electrocution on trumped up spying charges). This country will stick at nothing and carries out acts of terrorism all over the world with no repercussions ( a short list of countries that they've bombed and invaded illegally includes Nicaragua, Vietnam, Cambodia, Laos, Iraq, Sudan, Libya and Cuba and they provide training and arms to ruthless, sadistic terrorists in Nicaragua, Columbia, El Salvador, Indonesia, Turkey, Afghanistan, Iran and many other nations).
    So, how should I communicate with my U.S. friend in a manner that will make sure that he will not be persecuted by this government which has been condemned by the democratically constituted United Nations?
    thanks,
    Crush
  • > Step 1: Download Gnu Privacy Guard.
    > Step 2: Exchange keys
    > Step 3: Communicate to your heart's content.

    Well if the Government controlls all network access points into and out of the country (which I have to imagine China and Iran probably both do) then saving and looking through emails is easy.

    All they need to do is know what to look for. Files going through email that are not in known formats, or worst yet, apear to be very random data, might raise red flags.

    Encryption is what solves the problem of moving data through untrusted channels. It does not however solve the problem of hiding the fact that communication is going on. That is steganography.

    What could be done, set up a dialog. Develop a hobby of picture taking. Move the dialog towards sharing pictures of eachothers hometowns and other things, sunsets and whatnot.

    Then use something like the jpeg steganography tools to hide the secret messages in the data. If they are encrypted, then the aparent randomness of the message may help to hide the fact that a message exists. Of course, be sure to include text with each picture talking about how beautiful the place is and giving background.

  • Actually I believe there is some software on freshmeat to publically hide encrypted information in a picture (jpeg). It is quite easy to hide encrypted information as it's a binary. I could email you winzip.exe; Ooops, the binary is corrupted, etc.

  • The Economist just published a fascinating article on the future of the internet in China.

    See "Wired China" [economist.com] at The Economist [economist.com].

    Among other things the article demonstrates that Bill Clinton's dream of the Internet bringing democracy to China will face some serious challenges. Apparently the Communist leadership sees the Internet as a great way to keep tabs on people and to nip dissent in the bud.

  • Mod this up!

    Actually, I think that this is an excellent example of a case where security by obscurity is needed. A country like China is certainly capable of setting up a system to squash protocols that they don't like, and anything encrypted is likely to fall into that category. Even if people can't be punished because the government can't read what they're sending, they can be foiled by not being able to get the message through. You're really going to have to conceal the fact that there even is a conversation going on in order to accomplish anything.

  • Don't blame *me* if you spend your oh-so precious time replying to posts on Slashdot. You obviously have even more time to waste than me.
  • I wrote a system like this a long time ago in Quickbasic.

    It manipulated BMP files (and would survive GIF compression) but what i did was to take every pixel and round it's value so it was even in the colour table (in rgb this would be like taking all three elements). I would then convert the message into binary and then add each bit of the message onto each byte of the picture.

    Certainly this was subtly obvious on pictures with large areas of flat colour but almost impossible to detect on photographs.

    I'm sure there is software available to do this though and if you can find a nice obscure author then you can be more or less sure the authorities dont check for it.

  • Compromised endpoint (Score:4)

    by duras ( 34902 ) on Friday July 21, 2000 @09:12AM (#914220) Homepage
    Though cryptography solves the problem of communicating with someone in a country where the communications pathway is insecure, it does not allow you to communicate securely with a 'compromised endpoint.' If your target works at a university and has access to the Internet only through university supplied computers, and Big Brother controls the university, if he decrypts your email on that machine, its now been read by The Man.

    The ethical question is, "assuming your peer's communications are tapped (encrypted or not) what do you do then?"

  • A better link to tools (Score:3)

    by ch-chuck ( 9622 ) on Friday July 21, 2000 @09:15AM (#914226) Homepage
    here [outguess.org] - Outguess (haven't tried it, going to now) - Unix source tarball, BSD license.

  • Bzzt. (Score:3)

    by Enoch Root ( 57473 ) on Friday July 21, 2000 @09:15AM (#914227)
    Sorry, you lose. You don't hold something as a fundamental right then place conditions on it. Certainly not something as suggestive as 'infringing upon the rights of others'. What about the right to live in total isolation of common sense and decency? Free speech doesn't respect that.

    At least the UK is more consistent on the issue: they don't hold free speech as sacrosanct, instead choosing to promote free speech as long as it doesn't promote hatred. The US has no such thing. And so, free speech becomes something claimed left and right for something as stupid as the right to broadcast publicity, and is encouraged by everyone as long as it fits their own view of the world.

    Free speech in America has become a flag of convenience waved whenever one wants to encourage their own view of the world with impunity. How come free speech is never about the right to speak hatred, or to speak for the system that represses women in Iran or encourages crass communism in China? What about the right to treat others as inferior human beings? Get your facts straight. Free speech, along with gun control, is only a tool to constitutionally crush and intimidate others.

  • The process of encrypting information in another medium is called steganography.

    Karma whorish links ahead:

    http://www.jjtc.com/Steganography/ [jjtc.com]

    http://www.thur.de/ulf/stegano/ [www.thur.de]

    http://freshmeat.net/appind ex/1999/10/16/940080510.html [freshmeat.net]
  • A country like China is certainly capable of setting up a system to squash protocols that they don't like, and anything encrypted is likely to fall into that category.

    While I agree that steganography might be the best way to go about communicating with the foreign party, I wouldn't blindly trust steganography.

    As you said, I'm sure that China can detect encrypted messages. And, it's possible to detect steg'ed images.

    Sure, security through obscurity might work fine here, but it's not like the gov't of China has never heard of steganography.

    Might be best to somehow 'test the waters' before getting in some serious political trouble.
  • It *must* be true! Consider the evidence:

    Today's post was done in an eerie, Katzian style. For example:

    "Over the past five years, we have watched the Internet shrink distances and bridge the gaps between the international community of nations."

    "Community of nations"? The internet "shrinking" distances and "bridging" gaps? All very Katzian, IMHO...

    and

    "However, despite this social benefit from what is the world's growing global network, there are still places where the boon that is Internet communcation is frowned upon, even dangerous."

    Note the classic Katz style. First clause: "the internet is wonderful, it is bridging econonic gaps, creating world peace, and bringing your childhood puppy back from the grave." Second clause: "Yet amidst this utopia, geeks are being persecuted on the internet. How can this be??"

    Also, consider that:

    1) We've never seen Jon Katz and Cliff in the same chat room. Coincidence? I think not!

    2) It's easy to hide identity on the internet. Or, (paraphrased) "On the internet, nobody knows you're a Katz."

    I think it should be clear from the above evidence that Jon Katz and Cliff are one and the same. Feel free to provide evidence that I have missed.
  • I suggest the posters of the original questions find someone from a country that doesn't have such restrictions to sponser them. Your only problem is the exchanging of goods and services across the borders of your home country. If the site and management of the site is abroad the amount of stuff that needs to be transfered (money, emails, intellectual property, etc) is minimized.

    -- Moondog
  • Its always up to the individual to determine their own level of acceptable risk, the government can;t do that for them

    Partially. Assume that one of these governments got their hands on a Carnivore-like system. They have complete access to whatever is on the ISP to the point that you might as well should out your e-mails in the street. Add to this severe inhumane punishments and no sane person, no matter how much of an idealist or revolutionary, will use this e-mail systsm.



    Being with you, it's just one epiphany after another
  • I forget what the name of this technique is, but if you need to send data surreptitiously, one thing that might help is to encode it in an image. So, take your data, encrypt it using PGP, etc. Then take the result and hide it within an image. Of course I'm not sure how easy it is to detect these sorts of operations. Sure it's easy to scan plain text messages as they go through the network, but how hard is it to scan the least significant bits of any attached images? Even if they can check that with reasonable efficiency there's also the issue that if you encrypt it they still don't know what the data was. Ah, is it called Stenography? I think that's it...

    ---

  • Steganography is *not* the answer (Score:5)

    by rjh ( 40933 ) <rjh@sixdemonbag.org> on Friday July 21, 2000 @09:27AM (#914241)
    Everyone here who's been advising you to use steganography is well-intentioned, but missing the point. If the secret police suspect your target of receiving subversive information, then they'll likely look for steganography.

    It's not hard to flip the low-order bit in an image file. In fact, it's trivial. They'll be expecting that and they'll intercept it. Don't try it.

    Encryption is also not the answer. In Iraq and Syria, for instance, using encryption is a capital offense. Sure, your communications with your friend might remain secure, but your friend would be executed--whoops!

    Another naieve way to handle things is to encrypt your steganography. "It'll look like random noise!", they claim. Well, yes... and that's exactly what it must not look like. You'd have to find some bizarre cipher with outputs specifically tailored to match the statistical patterns of image files. I don't know of any which can do this.

    One possibility--and I am not reccommending this without a heck of a lot more peer review--is to start an email dialogue about esoteric mathematics. Include a big ol' table of random numbers and do some real mathematical analysis of it. If the email gets intercepted, the secret police will check the table for randomness (it's random, all right--passes every test!), they'll check your email to see if it's sensible (yep--you're doing actual mathematical research!), etc.

    Of course, your friend knows that it's a one-time pad. (Not really a one-time pad--if you and your friend both have a cipher, a shared key and a shared IV, you can run the cipher in OFB mode to generate a lot of statistically random data. You generate the random data, then use it as a one-time pad for your message; your friend re-generates the one-time pad on his/her end, then reverses the one-time pad. Strictly speaking, this is just OFB encryption, not a OTP.)

    Of course, the secret police will know that it's an encrypted message... but they won't be able to prove it. Whether or not that stops them depends on just how totalitarian the state is. Some states will just shoot you in the back of the head and get it over with. Others, such as China, must at least make an attempt at a fair trial in order to soothe Western critics.
  • All they need to do is know what to look for. Files going through email that are not in known formats, or worst yet, apear to be very random data,might raise red flags.

    They might raise red flags, huh?
    ___

  • My impression is that if you know what you are looking for Steganography is traceable. Steganography uses the least significant bits of images, so if one analyzed the least significant bits it would show what was encrypted there. now granted, if you also used PGP the bad guys might not know what the original item was, but at least your activity is suspicious which is probably enough for them to come to your house at 3am and make you a political prisoner.

    ---

  • Everyone is shouting "Steganography". I was about to shout "SSH" or "PGP", which I think is more realistic, but not much.

    Keep in mind -- Most of these rogue nations also have pretty poor pipes. Maybe Iran and China are getting getting better, but what about seriously rogue states -- North Korea, Vietnam, Cuba, much of Africa, etc. where pipes are small (if not nonexistent).

    It might be okay to put small messages inside of images, but how practical is it for people in countries with small pipes to send MIME-encoded JPEGs over email? A relatively few countries benefit from DSL, ISDN, 56K or even 28.8 modems.

    Perhaps a simple message as "I'm going to shoot the king" will be relatively practical to steganographize for these people. It sounds like we are all saying "well, if *I* was in the Congo, with my P333 laptop, Gnome suite, and 33.6 cell modem, I'd do _this_" -- but that isn't always available. We're talking about areas of the world where FidoNet is considered efficient and practical.

    On the other hand, these rogue nations are by no means technocracies (being effectively or partially shut out of the western world is a big barrier to that), so I bet some simple encryption would suffice for these people. I doubt it even has to be complicated. Establish your code phrases, and sprinkle your friendly correspondence with them.

    Hey, in Spies Like Us, they managed to fool the Russians with pig latin. :)
  • Here's your $5, kiddo. Now leave your mom and me alone. She's gotta earn that crack, after all.
  • Seriously, no offense but maybe it would be better if your friend never got out. I dont mean to be offensive but if you look throughout all of history, wherever the christians extended their hand, usually resulted in rape and plunder. Do we really need any more "holy wars" and persecutions? This is not flaimbait but just meant to stimulate thoughts.

    OK, a few thoughts have been stimulated.

    How can you possibly say something like that without meaning to offend?

    His friend could have been killed. Have you no regard for human life?

    Most Slashdotters usually support the freedom of information and oppose censorship. You appear to be advocating censorship and praising those who would try to block the spread of information. Why?

    Rape and plunder don't sound like very Christian things to do - are you sure those were Christians?

    "Do we really need more... persecutions?" You mean like persecuting Christians because they're trying to bring Bibles into your country? I'd be happy to see that come to an end, although I know it will always continue.

    --

  • As a US citizen, I find your post:

    (+3, Funny), and at least (+4, Insightful)

    On the other hand, you were in on Iraq, Vietnam and Korea, and your country is home to more fringe foreign terrorists than any other in the Americas.. Canada, launchpad for Jihad 2000! Oh, and the Communist thing hasn't really bothered us in twenty odd years; We do have a large non-threatening socialist country to the north of us, after all!

  • Re:Private communication is easy. (Score:2)

    by Anonymous Coward

    While the act of sending a message may be easy, the fact that you have the necessary tools with you will alert the authorities that you plan on concealing something from them. Under the wrong circumstances this may be enough to lead to your arrest and questioning. Additionally some countries have strict regulations on import and exported cryptography which may prevent you from bring the tools with you or increase your risk of detention if you do bring them.

    In order to avoid this, you need to use something that will not raise any eyebrows. For example a Running Cipher (otherwise known as a Book Cipher), because having a book (maybe the Bible if you're a missionary or a travel guide if you're a tourist) is a normal thing to bring with you. However Book Ciphers are relatively easy to break so you may not want to use one.

    So what you need is something common and secure. I would recommend that you look into the Solitaire Cipher as described in the appendixes of Neal Stephenson's Crytonomicon. It uses a deck of cards to encipher the messages and can is something you can do by hand if necessary. Additionally once you are familiar with the actions of the cipher you can write a quick Perl script to do the encrypting and decrypting once you are at your final destination. This is advantageous because you won't be in possession of anything funny when you go through customs and you can delete & recreate it as necessary.

    Good Luck!

  • Funny, but also Insightful.

    Given the specific need, the people involve can standardize on a meta-encoding. If it's a nature scene that's being sent, it's good news (decode for details), if it's an architectural one, it's bad news, if it's a GIF is about business and if it's a PNG it's about freedom. If a sound file of bird-calls is sent then it means something else entirely.

    This way, depending on the attachment, the message is relayed to the appropriate department, for decoding. Or the media format suggests the crypto method used in the payload. If it's a pictore of a blow-fish, that's how the message is coded (Blowfish-II).

    I'm very surprised to see this question even being asked, the combinations are endless. The hard part of course is standardizing on a meta-code. If it can be done securely, great! Otherwise... Well... It's all very cloak and dagger.

  • Attempted actual answers to the questions... (Score:4)

    by Hizonner ( 38491 ) on Friday July 21, 2000 @09:42AM (#914267)
    China

    Yes, there is a high probability that naively encrypted e-mail will be detected, if not now, then in the foreseeable future... and they're not going to announce when they develop that capability. If it's detected, then you want to hope it's blocked, since if they don't block it, it probably means they're investigating you and planning something nasty.

    People have suggested steganography. It's a good idea, but it is detectable. Present steganographic methods will not protect you against anybody who's investigating you specifically and has any real sophistication. You can tell if a message has been watermarked into an image, for instance.

    And, as somebody else pointed out, even a pattern of large images passing back and forth is suspicious if you're visible enough to be watched at all. Eventually, they might get bulk techniques for detecting most kinds of steganography. Use with extreme caution.

    Somebody suggested an offshore drop. Probably the safest thing, but use with caution.

    Whatever crypto or steganographic software you use, make sure you know the consequences of getting caught with the software itself. I don't know what they are, but I'd suspect there might be some, especially if they wanted an excuse to nail you.

    Iran

    It depends on who you want to collect donations from. If you really want to take credit cards, it can be tricky to get a merchant account. One trick is to use a Web shopping-cart billing service, although they'll skim a lot of money from you.

    Where to host: How about HavenCo [havenco.com]? They're giving out free hosting for qualified human rights people. They should be pretty hard to get at.

    It shouldn't be too difficult to get the money into a US bank account, perhaps in the name of a local sympathizer. It's probably a bad idea to put her own real name on the account.

    Transfer of funds is the hard part. Setting up some kind of bogus commercial transaction might work. Probably not enough money there to make it worthwhile to smuggle cash, and that's mondo expensive, anyway. Be careful about running into US (or wherever) "money laundering" authorities... they have very sophisticated surveillance on this, and I wouldn't put it past them to let the information fall into the hands of the Iranian government.

    There are specialists in this sort of thing. It's a good idea to seek out a good one. I've probably already said more than I'm competent to say.

    I don't see any copyright issue as long as you have the author's permission (assuming the author hasn't sold the rights to anybody else).

    All the comments about communication for China apply, only more so.


  • > It's not hard to flip the low-order bit in
    > an image file. In fact, it's trivial.
    > They'll be expecting that and they'll
    > intercept it. Don't try it.

    Rather than send the stego'd image to your recipient, post it on a web site. Something innocuous like a personal home page. "Here is my dog. Isn't he cute? Here are pictures of my wedding." In the stego'd image, along with your message put the url where the next stego'd message will be posted. That way, no site is used more than once. Great thing about this is that it's all in the open for all to see with no email to raise eyebrows.
  • Well, for that matter, one could introduce servers for inbound and outbound internet communications which would re-format pictures (even out the least significant bits, etc) such that any trivial steganography is lost. This would not affect the majority of pictures that come across the wire, could be done on the fly, etc.

    But, of course, better communication methods would be invented, and it is often better to discover the communication than it is to suppress it.

    -Adam

    A computer scientist is someone who, when told to "Go to Heck," sees the "go to," rather than the destination, as harmful.
  • Tell ya the truth, I appreciate seeing a (wo)man who lives up to his principles, whatever the flip-side of the coin is to them. I'm afraid you're the exception, however.
  • There is no Left wing in America. There is All-The-Way-To-The-Extreme-Right-Now-Pass-The-Gun and Just-A-Bit-More-Toward-The-Centre-So-We-Tolerate-G ays-But-That's-It.
  • There are no more 'Rogue Nations', only 'Countries of Concern'. I know it's true 'cuz Maddy Albright said so.
  • Nath? I don't like mentioning my bitch in public forums. She gets turned on by it, and keeps begging for anal sex. You know how tiring that is?
  • If you transfer money to someone in Iran, you could be sent to prison. There is an office in the Department of the Treasury called the Office of Foreign Assets Control, [treas.gov] or OFAC for short.

    The purpose of that office is to enforce trade embaros against enemies of the United States. That list of enemies can include countries like Iraq, or persons like Osama Bin Ladin.

    Each country has its own restrictions. Specifically to answer questions about Iran, Americans are prohibited from importing anything at all, including rugs of Iranian origin either directly from Iran, or through a third country. There is an exception made for books and other Iranian publications. There is some question about how you could go about this. I doubt anyone in the US will care if you bring texts from Iran, but to actually set up a business is a different story. I know for a fact that credit card companies, including one I used to work for, set up filters based on databases built from OFAC sources by Thompson Financials to catch funds going to or coming from OFAC listed countries. Those assets are frozen, and everyone involved in the transaction loses their money or goes to prison. You may not be able to set up a cash based business either, because customs will eventually intercept the physical money you're trying to send to Iran to buy the books.

  • Why is it that when the question of hiding X from professional searchers comes up, so many people believe they have an undetectable solution after deeply pondering the issue for TWO SECONDS (or so) ... when the people that X is being hidden from look for such things FULL TIME, PROFESSIONALLY?

    In this thread, some people want to hide communications from a monitoring agency tasked with finding such communications. Most respondents barely considered the issue and responded "stenography!" Don't ya think that the technical & intelligence professionals monitoring the communications channels KNOW about stenography? And that they've developed techniques for detecting it? Frankly, I'd suggest that the main covert-communications methods to avoid would be precisely the ones that are so readily suggested on a forum like this: such methods are well-known even to the lamest geeks, and are thus unquestionably watched for by the pros.

  • We may jail more people... Or we may not. Perhaps we are simply being more honest about how many people we jail, and when we jail them we actually jail them, not "reeducate" them. In a country of 1 billion people, they almost certainly lose track of many thousands of inmates. Also I'd bet the mortality rate in the prison is higher, both from execution and from poor living conditions. What you have to look at isn't just how many are in the typical caged room but how many have been arrested, how many are put into the caged room only to die(the more in prison deaths the lower the prison population), look at what they do with people who get arested and NOT sent to a traditional prison or execution. A higher number of people in our prisons just may be a mark in our favor, depending on how the other factors pan out.
  • Comment removed based on user account deletion
  • And my point is: how do you define oppressive? You can argue that America is oppresive to racists and wife-beaters. The above examples are all nice and all, like women's rights in Iran... But how would Slashdot react to other, less morally uplifting applications of anonymity? Like for data havens: how many geeks realize a data haven has the potential to finance a new genocide? Yet all they claim is free speech. Like Humanity didn't know how to thoroughly fuck up freedom.
  • Any encryption available to most people could probably be broken given a sufficeint amount of time and resources which many governments have

    The general consensus of the people in the know is that properly done hard crypto (say, 128-bit symmetric keys, 2048-bit private/public keys) are currently unbreakable by anybody regardless of the resources they might have.


    Kaa
  • Comment removed based on user account deletion
  • Hmm... And I bet you're the one who wiped his hands on my living room curtains, you fuck. If you ever come close to my house again, you are so dead.
  • And, it's possible to detect steg'ed images.

    First of all, steganography isn't limited to low bits of images by any means. There is a large number of ways to transmit information without being obvious about it.

    Second, I doubt that you can detect if an image has something steg'ed in it (without having the original image, of course). Basically well-encrypted information is indistinguishable from random noise and you are essentially replacing one pseudo-random noise with another.

    Having said that, there are sophisticated statistical techniques that could indicate that something is fishy with this particular image. If you suspect their use, you can adjust the statistical characteristics of your encrypted message to exactly match the characteristics of the original noise.

    Kaa

  • Comment removed (Score:3)

    by account_deleted ( 4530225 ) on Friday July 21, 2000 @10:10AM (#914310)
    Comment removed based on user account deletion
  • Comment removed based on user account deletion
  • Here is a web site that has links to various pieces of software that will hide your information in other media.

    http://www.blackhat.org/stego.html [blackhat.org]

    I've been reading some of the other posts here and Images are not the only way to hide the data. Data can be hidden in images, audio files, headers, and ASCII white space.

    One of the programs listed on that page (Snow) will embed the text as tabs and spaces in any text you provide. This is a great solution because most ASCII viewers will ignore the whitespace and just display the text. This would be good to embed in a web page because they would have to view the source in order see the spaces. The program will also encrypt your message before it converts it to whitespace, adding extra security. It is however a proprietary encryption scheme, so I don't know how well it works. In any case, the whole scheme seems pretty good!

  • Comment removed based on user account deletion
  • You know, when people keep flaming you [slashdot.org] saying you're not funny, I think of posts like this and realize how wrong they are. You should write some of that stuff for User Friendly, it rocks!!! Dude, you're, like, Jon Katz with a better grasp on geek culture and a sense of humor.

  • Hide it by hand (Score:5)

    by bluGill ( 862 ) on Friday July 21, 2000 @10:26AM (#914330)

    Back about 3 or 4 years ago someone on the Scary Devil Monastery got mad at all the lusers posting with line lenghts longer then 72 charicters. So he made all the line lenghs of his next few posts exactly that. The neat thing was he did it by hand, without inserting extra spaces. Those posts made gramitical sense and were intellegent.

    So with practice you should be able to set up a low bandwidth code based on line lenghts. Shorter then 72 is a 0, longer is a 1 (or maybe encode 2 bits in a line...)

    Of course the point is that you need to communicate without rasing suspition. Thus you need a pen-pal that you can write long letters to often, on innocent subjects. (Talk about your girl friend, go into detail about your date at a restaruant - someplace they can quickly verify that you really were in). If keep sending pictures of the mona-lisa around slightly altered, then you better be talking a email class on gimp filters. (This is what I came up with when doing a blur to the nose - and then embed your message in the least significant bits of the nose area only.)

  • encryption is great for hiding the exact content of your communications, but it will draw lots of attention. if you were to use it I would recommend removing the begin and end tags before and after as the Chinese government is most certainly sophisticated enough to do large keyword searches and that would be one of the things that will set off alarms. in fact the absence of actual words like [in Chinese] the, and [no longer in Chinese] will raise some eyebrows as well. the Chinese government is just as sophisticated as the Canadian and European governments and well near the Americans. don't be fooled by the massive poverty and over all lack of tech that the many people must suffer there. they have so little because the government is a parasite that, instead of feeding its people / supporting an economy where they could feed themselves, buys expensive data surveillance equipment. your best bet, and the negotiation of this code is really the hardest part, is to develop a plaintext communication method that resembles normal meaningless conversation (not devoid of meaning but meaningless in the sense of being very mundane and boring). it must be close enough that it would get past scrutiny. I would suggest routing any mail through a server in a country that is not seen as threatening. this way you would have an excuse for speaking whatever language (choose one that is not common in china (English, French-Canadian, polish, whatever)) so when your messages seem strange and semi-suspicious it will just seem like you have a poor grasp of the language. but remember while this is not strong encryption which is great for thwarting aggressive governments from actually knowing what you are saying and will only get you killed, it can be very hard to crack. the trick is to avoid detection so that you are not scrutinized. as this is impossible because if you send more then three emails you will be scrutinized, the mail must be able to pass the scrutiny. another good option would be to go to a server somewhere the Chinese government will not worry about and hop from there to another server that is in a 'safe' country and do all your business there. don't let data leave that server either. it would totally defeat the idea if you went through all of this and then just transferred all the data back home to china.
  • Comment removed based on user account deletion
  • You know, you have to realize that there is more to human issues than a technical solution. This mindset is probably the reason why geeks are not in a position of power, and are merely exploited by the marketing-savvy brains behind the economy. It's the same problem with scientists, who think a scientific solution exists to human problems.

    East Timor is much more than a lack of anonymous technology. You have to realize that the people in power have access to the same technology as the oppressed people, if not more. There is more to anonymity than exchanging secret messages between conspirators.

  • You can encrypt to your heart's content but if they see you encrypting information suspicions will be raised immediately. If you are a foreigner anything could happen from simply being put on the next plane to being tried as a spy. If you are a citizen they will probably torture anything they want out of you.

    A friend of mine was in a communist country in Asia recently and knew he was being monitored. He didn't know quite how much until one day he was using the internet to chat with a friend in North America. He was suddenly cut off. The phone rang a second later and an official questioned him regarding his conversation.

    Many people in non-democratic countries use only mail hand carried by trusted sources in order to get information in and out of the country. If you must use your computer, well, save the stuff to disk. Chatting this way won't be in realtime but it will be the safest way.

    Another option that is becoming more viable is satelite. Bypass the county's ISP's altogether. The equipment needed is getting smaller and cheaper all of the time and it should be fairly difficult to detect and intercept. Should have handheld satelite phones again in a few months.


    Sig. Sig. Sig. Sig. Sig.
  • Comment removed based on user account deletion

  • Re:Hide it by hand (Score:3)

    by wfberg ( 24378 ) on Friday July 21, 2000 @10:41AM (#914352)
    Writing novella-length emails about your girlfriend?? Yikes, that will get you thrown in jail for being a stalker, or thrown into a mental hospital for being a pervert, and that's just what would happen over here let alone what could happen in a CountryOfConcern..
    --
  • Of course you could send back and forth high quality images of your favorite pro china posters, pictures of Chairman Mao, tourist shots, etc.

    You could even set them up on a web site with your out of country friend doing the same. A fan website showing the rising skyline of shanghai.

    go to the website to see the new picture, and then pull it from the cache to decode.

  • Comment removed based on user account deletion
  • I would say not. If you truly want to communicate with the friend that will be in China in a way that will not be noticed encryption isn't the way to go.

    Low profile seems to be important here: If the encrypted data gets through, but is detected it may not matter if the government can break the encryption. If your friend gets arrested for suspicion of treason, the fact that the proof of treason is encrypted won't help them.

    IMHO, I'd use a code instead of encryption. You know, "I had a great time today. We visited a nice outdoor market. See you soon!" == "They almost caught me as I investigated a slave labor camp. Can not leave right now."

    That way, even if the message IS intercepted and read, it raises no red flags. The only catch is that you have to devise the code in the first place, and either memorize it, or bring a codebook that would mark you as a spy.

    Still, it seems safer than encryption.

  • Comment removed based on user account deletion
  • In this posting [slashdot.org] which was apparently posted at +2 and is currently at -1, Enoch Root [slashdot.org] wrote:
    Now, obviously, Americans being the hypocrites they are, they'll censor him in the name of human rights, when they're supposed to hold free speech sacred above all else.
    Talk about moderators Not Getting The Point, indeed. I bet at least two out of those three moderators rooted for Terrence and Phillip and booed Kyle's mom, too. Irony, how delicious.
    --
  • Dunno - maybe people suggested steganography because, if you do it RIGHT, it doesn't matter whether a professional is looking for it - it's still hard to find, esp. if they're not actually SURE there is a message in there somewhere.

    Of course, doing it RIGHT isn't as easy as you seem to think it is.

    Of course, if a government is suspicious of a citizen, then it would be much easier for them to wiretap/bug/peep/Van Eyck-monitor/Trojan that citizen than try and crack encrypted messages.

  • For someone who's just visiting China temporarily and needs to send something like status updates, you may be trying overkill by writing messages on the fly and trying to smuggle them out. Instead you could try a more classic technique using a code instead of encryption. You simply have a series of code phrases or words, each of which has a specific meaning. You just sprinkle the codeword into an otherwise boring message.

    As an example, you might only be interested in sending back three or four different status updates. So you just change your closing in the letter you send to indicate your mesage:

    • "Sincerely" means that everything is going according to plan
    • "Yours truly" means that you were unable to get to a meeting for mundane reasons, so arrange the backup meeting time
    • "Love" means that you couldn't meet because you saw security, but you don't think that they're on to you
    • "Your humble and obedient servant" means that your cover is blown, abort, abort, abort

    This scheme is obviously something that you could modify fairly easily. Just send a letter with no hidden content at all and hide the message in who you send it to, or discuss different topics depending on what message you want to send. The code can't be broken by technical means, only by getting the code book (which might be small enough to memorize) or getting a member of the group to spill the beans. Of course the range of messages you can send is comparatively small- with a bit of work you could probably arrange 50 or 100 canned messages- but if that fits with your mission it's an approach that can't be beat.

  • Really? Can I borrow your goat, Mr. Stallman?
  • Believe it or not, that was actually an accident... But now you mention it, it's quite a nifty plan!
  • I heard about a Chinese dissident group that collected every email address they could in China, and then sent their newsletter as spam to everyone on it.

    It made traffic analysis impossible, although I imagine having the messages on your computer, undeleted, would still be seen as incriminating.

    I guess even evil technologies (like spam-automation software) can (possibly) have good uses.

  • I wonder if this is actually true? I don't know, but I wouldn't mind suspecting that the U.S. actually has more "fringe" terrorists

    The FBI released a report back in November saying that Canada is the confirmed location of more known 'terrorists' than any other nation, and leads as a suspected home as well. Got a good scare out of the national media, what with the Y2K hoopla and all.. Oh, and those two wacky Seperatists with the trunk full of explosives came through from Canada just after that.. 'Sides, the Contras, Sandinistas, etc, are not on U.S. soil.

    But I find your creation of the term "fringe terrorist" interesting. Does that mean that you accept that states carry out terrorist actions and that the usual rhetoric of condemning violent acts as being "terrorist" is hypocritical when one's own country is sending missiles, bombs and armed forces into another nation's sovereign territory?

    By fringe terrorist, I mean the dissident political minority of a country that decides sneaking explosives and weapons on other countries aircraft in an effort to merely scare is a good idea. The soverignty stomping we do is not terrorism. It's war. Why? We do it with the implied authority of the citizens, they do it because they can't think of any better way to make the government sit up and notice them.

    I wouldn't call the US hypocritical as a whole. We're just damn confused. We've got the douche bags at Pershing Field 'declaring undeclared war' and a stressed ex-rep as their puppet 'Commander in Cheif'. The DoD says 'We have to blow up Tehran on Tuesday, here are a few reasons' and he goes for it. On top of that, we have another set of cash-jockeys in Congress that keep funneling taxes into 'peace keeping operations', 'black budgets' and 'nuclear proliferation' because the DoD, CIA, and NSA scare them with 'Gee, Senator, if the Chinese become a threat, your constituants will surely throw you out of office for not funding us better'.

    Toss in the liberal intelligencia media trying to make the shit not smell, and Bang! A confused populus that no longer sees the government staring down the Iraqis over the wings of A10 Warthogs as a bad thing.

  • If they're really worried about reprisals, and if the government really is oppressive and arbitrary, then just using encrypted data when you communicate may not be enough. If the censors can see that there is encrypted data flowing between you and them, that may be enough to be suspicion of comitting a crime against the state which may be enough to warrant arrest.


    In this case, they may presume that you are doing more than you actually are, and my convict you in a kangaroo court of espionage when it's really something much more minor.

    On the issue of surrendering keys---the government can then claim that ANYTHING is what was encrypted, since they have hte power to create it with your keys now.

    --
  • Please point out a relevant passage where Jesus suggests that persecution and murder were OK if the person wasn't a Christian.

    Well, here's one passage where He explicitly says that's exactly the kind of shit He intends to stir up. Vicious motherfucker, isn't He?

    Matthew 10

    34 Think not that I am come to send peace on earth: I came not to send peace, but a sword.
    35 For I am come to set a man at variance against his father, and the daughter against her mother, and the daughter in law against her mother in law.
    36 And a man's foes shall be they of his own household.
    37 He that loveth father or mother more than me is not worthy of me: and he that loveth son or daughter more than me is not worthy of me.
    38 And he that taketh not his cross, and followeth after me, is not worthy of me.
    39 He that findeth his life shall lose it: and he that loseth his life for my sake shall find it.
  • Yeah, that's Mother Night.

    The radio guy in the tv show Forever Knight was a vampire who just pretended to be all goth and stuff to send messages to other vampires. That's another option: innuendo. But it breaks down when you're trying to send detailed messages.

  • Consider a supposed chat session or e-mail. Use as a base any prepared text which has been thoroughly spell-checked against a common standard (say, the unabridged Oxford English dictionary). Preferably it is a message which in itself is an appropriate message.

    Now, at a rate which approximates normal typing errors, take a letter that is keyboard-adjacent to the one you wish to insert into the message, and make the substitution. As an example, say you are trying to insert the word DANGER into the text. To put the letter D in, find an S, F, R, X, E, or C (using my QWERTY keyboard as an example). For spaces, just double a space. Make sure that the word created is an actual typo, not a new word. (So, using the s in "sandy" prodces "dandy", which doesn't help, but using the the f in "frozen" produces "drozen", not a word I know and therefore useful.)

    The end result of this is that a simple program can extract the appropriate letter from the message. Put together, this forms either the message or an encrypted form of the message (the safer route, as a good encryption algorithm should look like random errors anyway -- defeating an initial analysis of the errors.

    Plausible?

    -TBHiX-
    Suggestion: Use Jon Katz articles as the background text; if the opinions around here are any indication, we'd have security through disdain. ("I don't care if there's government info in it, I'm not reading it!")

  • So the accidental killing of a college student 30 years ago equates to the situation in Tibet?

    I'll spare you the embarrassment of having to admit you don't know jack shit about the situation in Tibet.

    It's actually far more analagous to the situation of the Apache, Nez Pearse, or Lakota. Or the Phillipines (though did leave there eventually).

    The Tibetans are far better off than the luckiest group of North American natives, and probably even better off than African Americans today.
  • What Lincoln did was unconstitutional. No question about it.
  • >In case you hadn't heard, the Bible has been
    >translated into English; you no longer have to
    >learn Latin in order to read it.

    Yes it has. But if you've read any history, you know full well that the christian church fought tooth and nail to PERVENT this. They did *NOT* want thost dirty commoners to be able to read scripture without the "helpful intrepretation" of the clergy. Hell, they weren't even so fond of the nobility having their own copies in Latin! Gutenberg was NOT a popular guy in Rome. To say nothing of all the other science and technology (Gallileo anyone?) they've tried to supress over the years. But that would be too far offtopic for this thread.

    >If you don't trust people, go read it yourself;

    Okay... soon as I learn aramic, ancient hebrew and latin I will. Oh... wait you meant I should read the translated works didn't you?

    Here's a little exercise. Take a relatively simple phrase: "The quick brown fox jumped over the lazy red dog". Go over to the babelfish at altivista and run it through a few generations of translations. How rapidly does it become obfuscated? Now, these are MODERN languages, in everyday useage in the world. Where's the babelfish that includes aramic and hebrew?

    Remember, too, that the babelfish is an OBJECTIVE program that gives computer generated translations WITHOUT the "helpful corrections of obfuscated meanings" that were *SO* thoughtfully provided during the church's translations of the bible throughout the few thousand years the bible has been kicking around.

    Oh... one LAST point. No perfect digital duplication of the bible till the last decade or so. And the VAST majority of it's existence was BEFORE Gutenburg. Guess how it was duplicated... by hand. Even if the church was above making a few "adjustments" to christian dogma that would make it easier for them to control the masses (not bloody likely), such a stupid, inefficent duplication process is BEGGING for errors (even unintentional ones).

    You think your COMPUTER has a case of bit rot??? It's not likely to be more than five years old... wanna go for five thousand?

    john
    Resistance is NOT futile!!!

    Haiku:
    I am not a drone.
    Remove the collective if

  • I didn't realize that men having sex with young girls,

    That charge is completely unsubstantiated. It was a pretense, like the Gulf of Tonkin or the Mythic Kuwaiti Incubator Babies.

    assembling a ton of weapons,

    In Texas, that is nowhere near illegal. It is also well known that most of the guns were kept as investments, like a gun dealer would. (ie, they *were* actively trading them, not just intending to).

    and most likely burning the place down when the government decides something ain't quite right

    That is pure conjecture about there motives. It is also easy to prove with the FBI's own infrared film that the fire was started in the exact same places where the three FBI tanks breached the compound wall, and at exactly the same time.

    was included in the phrase 'peacefully assemble'. It doesn't fit perfectly, but it was certainly morally wrong to sit around and do nothing...

    On the contrary. After seeing the evidence from both sides I think it does fit perfectly. Those Davidians were set up, and then they were murdered.
    As neat and simple a case as ever I saw.
  • There's nothing wrong with you or your ideas that an education won't fix.
  • And you think he meant this literally?

    I think in the context of his entire ministry, it's pretty obvious that he wanted potential followers to know that following his doctrine was going to upset their families and divide their communities. Which until Constantine was exactly what happened.

    Thank you though for the object lesson in how words can be twisted when taken out of context and interpreted with a malicious intent.
  • Yes, goddamnit yes? Are you saying the heart of Christianity is a material book and not good will and such? Come on. I seriously doubt that people in China have no exposure to Christianity. They are not that lucky.

    If you think Christianity is about dizzy happy thoughts, being nice to people and doing what you're told, you obviously don't know very much about it.

    In fact, I think it would be easy to demonstrate that most of your objections to Christianity stem from ideas that themselves are very Christian in nature.
  • Holy wars and persecution (bad things) have happened in the name of Christianity.
    Ergo: Christianity is bad.

    The LTT (a Sri Lanka Terrorist organization) have assassinated many innocent Hindus in the name of Buddhism.
    Ergo: Buddhism is bad.

    Back in the 20th century during the Russian Revolution, many millions lost their lives in the name of workers rights.
    Ergo: Workers rights are bad.

    In the French revolution, the French royalty were beheadded (bad things) in the name of Democracy.
    Ergo: Democracy is bad.

    To date, over a million Iraqi citizens have lost their lives in a war for Human Rights.
    Ergo: Human Rights are bad.

    I hope you see my point. Bad people will use whatever pretense is available and effective to justify their actions. During colonization (which, make no mistake, was 100% political) Europe was devoutly Christian.
    "Bringing souls to Christ" was just an effective cover for robbing the natives blind and taking slaves. The general public was no smarter then than it is today, so they bought it. It's as simple as that.
  • One time pads are back to the whole rsa type problem since data encrypted with them looks like encrypted data.

    The best part about my system was it eliminated a small amount of random noise from the photo and replaced it with random noise from the message.

    I did even briefly wonder as to using it on the internet to create yet another underground file exchange system. Splitting an mp3 into maybe 10 or 20 gifs which are the spread across free hosting providers... but it'd be too hard to organise
  • That quote is WRONG. I was into horses back then.
  • This is counter to good cryptography.

    You should never give the opponent any information! Encoding message subjects by picture topic puts information in an insecure part of the message. In this case, they can look for trends in what sorts of images are sent when, and from whom to whom. It's not much, but it's something. There's no good reason to give up security on that part of the message. Pictures, like keys, should be chosen randomly.

  • If you need ot keep things on you drive hidden use StegFS [cam.ac.uk]. It provides plausable deniablility for the things you keep on the drive, i.e. the cop show up, take you computer, force you to give them the password, you give them a pass word, they find some mildly incriminating stuff, they let you go with a wrist slap. There is no way the could prove that you had more incriminating stuff on the drive sine you have given them a password and they can not prove there are more passwords.
  • You really should encrypt before using steanography since you want the data your hiding to look like random noise *before* you hide it (the steanography program will *not* do this for you unless it asks for a password). Also, you should research the encryption program to verify that it's output looks like random noise.

    You do not want the cops to find you by scanning for the words PGP START in the low order byte of image files.
  • Think.. Porn images tend to be noisy, low quality. Perfect for hiding random bits.

    And if someone sees them, then don't tend to look twice.. Though they might tend to make copies for 'safe keeping'.

    So, you can move data through sending porn images to each other. You send american porn, they send chinese porn.

    Another option is to do the same, only on an FTP site.

    There are a few practical problems though, first, the stego technique must be some type of spread-spectrum. (IE: keyed, if you don't know the key, you can't determine if there's any data stego'ed in it.) The second problem is where do you obtain so much porn? Maybe you'll have to accept donations? Or make your own porn?

  • As I pointed out in another post.. Set up a FTP site where you exchange porn. Or use email. You now have an excuse to exchange large numbers of images back and forth. And a realistic reason too! And snoops might save copies just for 'safekeeping'. Besides, if they think that you're 'morally unsound' act of just moving porn back and forth, they're more likely to miss the fact that you're smuggling contraband data out.

    Since the images tend to be low quality, you can introduce noise artificially and then stego the data on top. You have to choose a stego technique whereby the information is hidden such that it is impossible to determine if anything is stego'ed. MAKE SURE YOU FIND A GOOD TECHNIQUE! Your friend's life may literally depend on it.

    If you want to be clever, make a prepackaged program 'logo_pron' that has an undocumented feature where it can accept a secret message and stego's it into the image while innocously introducing a logo. Make it look like some crappy shareware program. That way, if they test it, it behaves like it's supposed to. Or make it look like a program that puts 'personalized messages' onto images.

    As someone else pointed out. If they suspect you and are monitoring you or you're endstation, and they catch you doing something, you're hosed. Never forget this critical fact.

    Your best bet is to hide it in something obvious and apparently innocous. Crappy shareware. Ratio porn site on a .edu system. Porn trading.

    Which reminds me of something..

    Where do you find enough porn to stego an entire censored newspaper? :)
  • Hey, we all have to make a living. Don't criticize my choice of lifestyle.
  • Just to correct a couple of mistakes:
    Its the LTTE (Lankan Tigers of Tamil Eelam).
    They killed civilians, both Hindus and Buddhists, who were not Tamil in origin. Also, their policy of war has lead to the death of thousands of Tamils.
  • Seriously, the best method would be for you to host a web site outside the country in question, and encode inside some posted family pictures (you on trip to Yukon, at the KMart, etc) your basic message. All they need on the other end is the same encoding software for images and you're done.

    Then, they could either host the images or send them via email (e.g. "Here's some pics of Marge and the kids fishing on the river Kwai"). Make it really boring ("Uncle Jim and Aunt Li-Po shopping").

    This is the stuff that they don't care about.

  • Comment removed based on user account deletion
  • Is the issue the forms of the American and Chinese governments at present, or the way conquered minorities have been and are being treated under said governments' control?

    The fact that the PRC is (relatively) oppressive really has no bearing on this issue.

    China has a Soviet-style federalist system under which registered minorities enjoy a large degree of regional autonomy. Meaning minorities can teach school in their own languages, including the university level, and they are not bound by many laws. For example, minorities do not have to comply with the one-child law.

    Contrast this with the US which has been entirely integrationalist, the goal bein nothing less than complete assimilation. No minority groups or languages have any legal status here, (for that matter, neither does English except at the state level). Recent attempts to start programs taught in minority languages/dialects have been soundly derided and defeated. (AAVE and Spanish come immediately to mind) Heck, even Iraqi Kurds are free to do that.

    About Nez Perce, touche' on the spelling. I was trying to make it look more French :)

Slashdot Top Deals

As you will see, I told them, in no uncertain terms, to see Figure one. -- Dave "First Strike" Pare

Close