Slashdot Mirror
To Avoid Detection, Terrorists Made Messages Seem Like Spam
HughPickens.com writes: It's common knowledge the NSA collects plenty of data on suspected terrorists as well as ordinary citizens, but the agency also has algorithms in place to filter out information that doesn't need to be collected or stored for further analysis, such as spam emails. Now Alice Truong reports that during operations in Afghanistan after 9/11, the U.S. was able to analyze laptops formerly owned by Taliban members. According to NSA officer Michael Wertheimer, they discovered an email written in English found on the computers contained a purposely spammy subject line: "CONSOLIDATE YOUR DEBT."
According to Wertheimer, the email was sent to and from nondescript addresses that were later confirmed to belong to combatants. "It is surely the case that the sender and receiver attempted to avoid allied collection of this operational message by triggering presumed "spam" filters (PDF)." From a surveillance perspective, Wertheimer writes that this highlights the importance of filtering algorithms. Implementing them makes parsing huge amounts of data easier, but it also presents opportunities for someone with a secret to figure out what type of information is being tossed out and exploit the loophole.
According to Wertheimer, the email was sent to and from nondescript addresses that were later confirmed to belong to combatants. "It is surely the case that the sender and receiver attempted to avoid allied collection of this operational message by triggering presumed "spam" filters (PDF)." From a surveillance perspective, Wertheimer writes that this highlights the importance of filtering algorithms. Implementing them makes parsing huge amounts of data easier, but it also presents opportunities for someone with a secret to figure out what type of information is being tossed out and exploit the loophole.
Applying the Cameron Solution, all we need to do is ban spam... or email. I confess I'm not quite clear.
The world's burning. Moped Jesus spotted on I50. Details at 11.
I use spook-mode in Emacs to greet the voyeurs at NSA all the time.
Kh-11 SSL FBI cypherpunk Attorney General HAMASMOIS Roswell Power Syria Food Poisoning cryptanalysis North Korea Verisign halcon Nuclear facility
an ill wind that blows no good
Prince of Nigeria is really funding terror cells to cure his erectile disfunction.
If "Consolidate Your Debt" was a special subject for them, I wonder, how many proposals of that kind the assholes had to sift through to find messages from real comrades.
In Soviet Washington the swamp drains you.
It's common knowledge the NSA collects plenty of data on suspected terrorists as well as ordinary citizens
Being suspected of something doesn't actually stop you being an ordinary citizen.
So does this mean the NSA will now filter my spam for me? Hooray!
...Had this been an actual emergency, we would have fled in terror, and you would not have been informed.
More interestingly, I wonder how many perfectly good terrorist emails I've deleted from my spam folder.
Sure we will get some actual spammers in with that, but better safe than sorry.
If "Consolidate Your Debt" was a special subject for them, I wonder, how many proposals of that kind the assholes had to sift through to find messages from real comrades.
The sender address? Or a special forged "from"?
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Easy to do with specific words used in the body. This is no different than using the classifieds. Noteworthy because it's being done on a computer.
“He’s not deformed, he’s just drunk!”
Sorry why? xD
It was a tactic in WW1, it was a tactic in WW2, and I presume it's been a tactic for centuries.
Any 'information gathering' operation worth a gram of salt knows never to discard any information, ever. Making assumptions of any kind, let alone the kind that throw away information, is one of the most foolish and amateur mistakes an individual can make, but an entire spy organisation? wow...
According to Slashdot, Betty White is a terrorist?
This is my signature. There are many like it, but this one is mine.
Watch the Home Shopping Network. All their plans are on display. Look for the hidden pictures in those artsy plates they sell. They're actually maps and blueprints.
And Hair Club for Men is a sleeper cell.
"I've fallen! And I can't get up!" is a call to arms.
They're everywhere. Am I not right?
“He’s not deformed, he’s just drunk!”
these guys are clever
.......of something similar back in 2002. There were a lot of messages on UseNet that had been attributed to being either spammers or some college testing out an AI. I noticed that the messages all had the same subject but with an added "suffix" at the end and that the messages were all the same in the beginning but at the end of them they had what appeared as a word salad. I dropped a hint to the FBI that it looked like the "suffix" was giving the order in which to reassemble the message and that the word salad at the end was likely some form of steganography that contained the actual message. Two days later those messages stopped appearing on UseNet and were never seen again. Was it a terrorist? I don't know but they were made aware of it at that point at least. I would have contacted the NSA but I didn't want to deal with them on any level.
Comment removed based on user account deletion
By exposing the fact that the intelligence community is onto this method, the terrorists are sure to change their behavior (perhaps to more nefarious spam subjects).
Surely Hayden, Brennan, Rogers, Feinstein, et al will use that same standard in denouncing this Director at the NSA that they used against Snowden. Right? /s
Since they always let the terrorist stuff through, so as not to tip their hand, when will the spammers start disguising their messages as jihadist cal to arms?
http://www.spammimic.com/
Now all spammers are clearly aiding terrorism and therefore must be eliminated.
The solution to the spam problem is at hand.
Finally, something good can come out of the "war on terror" and it can be a good use of the NSA's resources -- they can track down and eliminate spammers to prevent terrorist attacks.
Je suis Charlie!
How f'ing dumb are they? They must've worked at M$ before the NSA.
What I would do is send it via Usenet. Because now they have found the link between sender and receiver. With email if you get one person, you can then start looking for other connections that person made and see where that leads you. This because there is a direct link. Even if they have no idea what it means when you sedn "Grandmother is not feeling well."
With Usenet there is no direct link.
I can send anything from Belgium to my providers Usenet feed and anybody anywhere can pick it up. When I send it I can use images, or just alt.test or whatever group. It can even be something on topic for that group. A reply can be in a completely unrelated group.
To be sure: this ONLY solves the direct link between people. Once they have both sides, it will be identical as if you were sending mail directly.
Now even if they would be able to see who reads alt.test (and all the other groups) it would mean that they would have to monitor everybody. Oh, wait. They do. [waves] "Hi mom!"
Don't fight for your country, if your country does not fight for you.
If you can think of as many distinct sexual activities as there are symbols in your wrinting system, make a table and encode your secret messages as porn movies. (Spies will probably watch them, but probably also forget that they're supposed to be looking for messages.)
Sheesh, evil *and* a jerk. -- Jade
HIdden communicaTions doN't reallY take that muCh efforT tO create. Many cOuld be cReated in Relatively Overt Ways.
During WWII the 'beeb sent messages to the resistance in occupied Europe. (examples at http://www.struthof.fr/en/test... ... damn that is an insanely long url...). If I remember my history "innocuous" announcements in newspapers were used to send covert messages by all sides in the Revolutionary and Napoleonic wars.
Heck, if you controlled your own botnet (reasonable to do and a minor profit center for terrorists) you could put "random" text at the ends of your spams to confuse bayesian spam filters and piggyback coded messages in the random text as well.
Chaffing your messages this way has the bonus of making traffic analysis useless if you are sending your message to literally millions of people.
Or, more likely, you helped the FBI bully some poor teenager in losing permission to access the Internet without supervision. I doubt they would be stupid enough to tell the CURRENT ENEMY HERE to switch to a safer communication method.
The ONE TIME one of those weird gibberish leet-speak "first-post-bsd-is-dying-you-fail-it" spam posts would be on-topic, I can't find one to cite!
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
There are infinite ways of encoding communication or circumventing contaminated channels. So trying to regulate communication or spying on data pipes is absolutely pointless. The NSA is only good for catching idiots and careless mistakes, and is at serious risk of being manipulated by those who can fabricate evidence. That's a low bar considering their cost and their cost on human rights.
I followed his instructions but it did not increase the girth of my Kalashnikov girth even one tiny bit.
Its called steganography.
There is no America. There is no democracy. There is only IBM and AT&T and DuPont, Dow, General Electric, and Exxon
Hopefully this puts spam-senders on the NSA's watch-list..
More poignantly, does than mean we should be treating mass spammers like terrorist, oh my, I am torn between annoyance and justice, arghhh.
Chaos - everything, everywhere, everywhen
Print your bad message on paper and carefully slip it under the label of a fresh can of Spam. Then say Yippppeeee
Ban the export of Spam to countries with terrorism!
NSA wants to further increase its surveillance of the American people, the NSA dreams up a bullshit story about terrorists using spam to hide msgs. Just who at the NSA would advise their staff to EXCLUDE spam from it's spying machine and why is slashdot posting this bullshit story on the front page?
--
further reading ref
This made some member of the AMS very unhappy. Here is what angry mathematicians sound like:
If you read his statement, it is content free. As a admission of wrongdoing, it's completely worthless.
This is more of an apology for getting caught then anything else.
So when Dr. Wertheimer pontificates about filtering email and national security, you should not be very impressed. His agenda assumes the end of constitutional protections for privacy. He is not an honest man doing an honest job for an honest employer.
Why is Snark Required?
Get V1aggra strong enuf to last thru the 72 v1rgins you will s00n meat.
Table-ized A.I.
Train a compression algo using a spam corpus to build a dictionary. Compress and encrypt your message. Then use the spam dictionary to *decompress* it. Hey presto, your message looks exactly like a randomly generated spam message.
09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
This is just like saying, "there is no opensource OS out there". Sure, if all OS you know is MS Windows, then correct. And if all you know is Intel, then correct. But SPARC is opensource, and there are plenty of opensource ARMs, and the LEON, and then there is OpenRISC, and a million other opensource processors, *just* like there are a million opensource OSs. And yes, bodies like the European Space Agency are having none of the Intel bullshit, they just can't afford to bet everything on the US.
So either you are an Intel troll, or grossly misinformed.
No, it means any spam email you have received in the past can be used as 'evidence' of your ties to terrorists, should the need arise.
You got frist psot! Yippppeeee for you!!!
I'm convinced that someone at some point was using javascript injection. I witnessed something typing data directly into Yahoo Mail once on _dialup_ over 10 years ago. I promptly killed that browser window and never did see it again. To this day, I'm not sure exactly how that happened.
About 5 years ago, I noticed rogue IP connections to Russia. I killed those directly by figuring out which process was communicating then pausing it in process explorer. After that, I neutered it by replacing the .exe with another harmless application.
Nothing noticeable has happened directly to my PC, only relatives systems so far, but I have seen some strange things.
Given the fact that France has had one of the most extensive data retension programs since 2006 and were still unable to prevent the terrorist attack should give a clue to politicians and police ... ... All three terrorists (much like the 9/11 ones) were on watch lists and known, yet they were able to buy guns and plan this whole ordeal. Good job, politicians! Fund the police instead of keeping tabs on all of your country's inhabitants and cutting in to their private lifes ... ...
I believe the contrary is true: By relying on being able to prevent attacks through data retention (which by definition will create floods of data hard or impossible to interpret) and expecting to catch anybody before the fact, police have obviously reduced their work on surveillance of suspects as well as regular police work
Even if you had 100% surveillance of ALL the people, including the contents of ALL the communication, any person just slightly intelligent and versed in computers will be able to hide their communication from the state. Also, who ever called for checking every single letter mailed through the postal service? Or listening in to every person-to-person talk? Just because technology makes listening in on people possibly doesn't mean it should be done, or would be helpful to prevent crimes
When they accidentally kill a Viagra spammer and find stock piles of blue piles, they will write it off as a success against a terrorist with chemical warfare.
Terrorists have been sending me messages day and night for years. I didn't know and kept deleting them.
"Computers are useless. They can only give you answers."
-- Pablo Picasso
So we were always told that security via obscurity wasnt safe...just like any "secure" system as long as it works for long enough then that is good enough. Seems that the people who were looking forgot that it is easy to hide in a crowd without a complex disguise, That adverts in classifieds get used for coded transmissions, and even adverts for governemnt agencies are sometimes placed in public for the observant to notice. This also disguises who the intended recepient was, since it is a broadcast medium.
Having read some old laymans cryptography books which show how to break a number of manually enchiphered codes, which is interesting in itself. I came up with a scheme that seems to delay at the least brute force attacks.
I never researched to find out if it is already being done but I briefly describe it here.
First analyse the proposed encryption scheme. Encrypt a message then decrypt it with an incorrect key multiple times. Analyse the result. Create some encryption scheme that takes a plaintext message then encrypts it so it statistically looks similiar to the incorrect decypherings.
Now encrypt your message with the new scheme then encrypt the message with the initial encryption scheme.
Should a brute force attempt be made that stumbles on your key or even if the actual key with a bunch of red herring keys is discovered the output will look as if the key was incorrect, and may be overlooked.
The intended receiver would know the first stage encipherment and would be able to easily decrypt it.
I suspect this two stage encipherment has been used mutiple times, it was a subject I wanted to research but my maths skills are sadly not upto the task, and I needed to start payingt the bills at the time.
As you guess, I am not a security expert just have my own naive thoughts on the matter.
Can't even remember what my original point was.
Signing off.
Oma gehts gut!
Of course it runs NetBSD. BTC: 1NT7QvbetmANwaMzhpVL6
It's a public secret that the reason NSA 's billion dollar program doesn't intercept any terrorist communication is their spam filters
Have ANY of THE supreme idiots advising CAMERON told him THAT STEGANOGRAPHICALLY hindiNG messages in LIVE TV VIDEO BROADCASTS COULD BE much more used than ancient email ?
NOO , that would mean THEY CANNOT SELL THE AGENCIES THEM USELESS SPAM TEXT and DPI FILTERING TOOLS AND COMPLETELY IGNORING WHERE THE REAL THREATS ARE WHICH IS LIVE VOIP AND VIDEO...ESPECIALLY SAT TV !