Shostack + Friends Blog Archive


The Intent of a Tank

“We used to talk about the intent of a tank,” Colonel Thomas explained in an interview. “If you saw one, you knew what it was for. But the intent of electrons – to deliver a message, deliver a virus, or pass covert information – is much harder to figure.”

Ian Grigg points out an interesting article in the New York Times on the difficulty of gathering data to monitor the net.

The article mentions spammimic and draft messages and how to use an ATM to send messages. (The article doesn’t mention that you can create a reasonable codebook of up to about a thousand messages by using deposits, or 100,000 messages if you deposit coins as well as bills.) And as long as we’re discussing clever steganography, has anyone investigated how many spare bits are in those Hallmark musical cards? It should be possible to add a little data in there, or even replace the chip with a smarter one. Who could tell the difference?

All reasons why bulk surveillance is going to have to be replaced by messy, difficult, targeted infiltration. Of course, if John Walker Lindh can do it, the CIA and FBI should be able to, too.