Slashdot Mirror

← Back to Stories (view on slashdot.org)

VoIP Numbers Stations were Social Experiment

Posted by ryuzaki0 on from the mysteries-always-draw-the-crowds dept.

IO ERROR writes "The mysterious phone number stations appearing on Craigslist for the last three months, which resembled their shortwave radio cousins, and which Slashdot reported on in June, were an experiment devised by security researcher Strom Carlson and a group of Los Angeles hackers to determine if encrypted messages could be passed using unwitting third parties to foil traffic analysis by hostile intelligence agencies. Carlson and the hackers presented their findings at DEFCON earlier today and gave away CDs with "Make your own Mein Fraulein station" kits and posted one final number station for people to try to decrypt."

8 of 116 comments (clear)

  1. Not much of an experiment by ericpi · · Score: 5, Insightful

    experiment ... to determine if encrypted messages could be passed using unwitting third parties They managed to share anonymous information with others using only a site whose purpose is to share anonymous information with others. The fact that the encrypted the info still doesn't make it much of an 'experiment'.

  2. Re:shortwave radio number stations by gEvil+(beta) · · Score: 5, Funny

    I'm still more interested in the orginals!

    Shortwave numbers stations are a social experiment being conducted by the aliens. They'll present their findings at GALAXICON on July 8, 2047.

    --
    This guy's the limit!
  3. Stenography Encryption by QuantumFTL · · Score: 5, Interesting

    I think we're moving to a society where just being suspected of a crime will be so bad (in terms of government harassment like no-fly lists, wiretapping, etc) that the most important thing will not be to make sure that the government can't read what you communicate, but rather have no reason to suspect you're doing anything they don't like. With current advances in data mining, it's going to be an arms race - the stenographers against the miners. I for one am fascinated by both technologies, and frankly rather terrified of how they each may be used. It was be interesting to see, but one thing is for sure - encryption will no longer be enough.

  4. Re:Stenography Encryption by hcob$ · · Score: 5, Interesting

    Of course, if you are visible as a "citizen" through credit card purchases, debit cards, atms, banks, etc. and all your other traffic is encrypted... It might make a case for a visual tail to be attached to you. Warrants are only required for searches... not observations in public areas.

    --
    Cliff Claven
    K.E.G. Party Chairman
    Founding Leader of: Koncerned for Egalitarin Governance
  5. Re:One Time Pads by QuantumFTL · · Score: 5, Informative
    A sound implementation of a OTP is a formidable foe.

    OTP has two huge problems associated with it, despite the mathematics being sound (assuming you have good random numbers):
    1. Key distribution - do you like sending long messages? You'll need a key that's at least as long as the compressed message, and that distribution system must be absolutely secure. Also you'll need to make sure no one ever has a chance to access your key before or after the message is sent, otherwise you're screwed.
    2. Overconfidence - Congratulations, if you've done it correctly you have 100% secure communications channel. The endpoints, however, are not protected by this mathematics, and are succeptable to everything from hidden bugs to software hacking or even "rubber hose" cryptoanalysis.
  6. Re: Stenography Encryption by Black+Parrot · · Score: 5, Funny

    > I thin k we're moving to a society where just being suspected of a cr i me wi ll b e so ba d (in terms of government harassment like no-fly lists, wiretapping, etc) that the most important t h ing w i ll not be to m ake sure that the government can't read what you communicate, but rather have no reason to suspect you're doing anything they don't like. With current advances in data mining, it's going to be an arms race - the stenographers against the miners.

    A little analysis reveals your cause for concern.

    --
    Sheesh, evil *and* a jerk. -- Jade
  7. Re:What was the point again? by Dachannien · · Score: 5, Interesting

    A post containing the actual encoded message might get deleted from Craigslist due to its content (or lack thereof). A cleverly disguised reference to a phone number where the message can be retrieved fits in with the natural flora of Craigslist.

    It's like doing the same thing on a restroom stall. "For a good time, call 202-555-3988" will probably get passed over as graffiti, but a large block of cryptic-looking numbers looks unusual enough to attract attention.

  8. Re:One Time Pads by foniksonik · · Score: 5, Funny

    Dude is that why I keep seeing pr0n that looks slightly mangled? I thought it was just amateur encoding jobs... now you're telling me i'm watching encrypted messages while.... NOW I feel dirty... it's like some guy was talking to me while i was... ewwwww...

    --
    A fool throws a stone into a well and a thousand sages can not remove it.