Hidden Messages in Spam
randomwalker writes "There was an extremely interesting presentation at the Blackhat Windows Security Conference in January by Dr Curtis Kret entitled Nobody's Anonymous.
In his presentation he showed how information about spammers can be determined. In addition he showed that some spam is being used as a covert communication channel. This presentation demonstrates how to apply data forensics to spam in order to identify the sender of specific spam messages. Some senders can be identified by name, while others can be distinguished by attributes such as preferences, nationality, religion, and even left-handedness. Four spam categories are provided that classify spam by function, including List Makers, Scams, and Covert Communication channels. The examples provided include full-disclosure case studies: a phishing gang that targets bank customers with malware and impersonations, and an IRC group that uses spam as a covert communication channel."
I remember studying Thomas Pynchon in school, and upon hearing how his military records and university records were lost, I often wondered if his books were some kind of method of covert messaging, due to the code-like writing style he has, and the ominous history he has. Using spam as a method of communication is useful in the sense that it can be hard to tell who the real message is going to; making it impossible to identify the two points of connection, and therefore limiting accountability and obscuring who is doing the talking; so if Pynchon's books are like this... it would also be impossible to tell who the books were intended to (and therefore the US Mil could contact spies who could be in a tight spot, or informants who may be in a tight spot). The books could also contain a bunch of different messages using different cryptographies, in plain sight, to communicate with multiple agents. This is likely incorrect and way off the tin-foil-hat scale of reason, but the thought did occur to me when I read The Crying of Lot 49, and even more so when I read Mason and Dixon.
Really, the Feds ought to be hauling in spammers (for violations of all sorts of existing laws pertaining to fraud, computer cracking, etc) and anal-probing them for customer records, instead of wasting time on nonsense.
/. If the government wants us to respect the law, it should set a better example.
If you think of it, hiding messages in spam would make quite good steganography. Since pretty much most spam comes with a sizeable chunk of 'hashbusters' (random words on the bottom, random characters in the subject), you could hide your message quite easily in the hashbuster.
In regular email, just the fact a PGP encrypted message was sent by Alice to Bob would tip the authorities off that Alice and Bob were at least communicating; if they are both criminals for instance, just seeing the activity between Alice and Bob might be enough to alert the authorities to watch the pair a bit more closely because something's about to go down - even if they can't actually discover the message content.
However, if Alice and Bob are both spammers, and use the Windows worm du jour as their open spam relay, and each spam a few million email addresses, it's much harder to see that Alice and Bob are in fact conversing let alone find the actual message.
Oolite: Elite-like game. For Mac, Linux and Windows