>By Declan McCullagh
> Wired News, 7 February 2001
> http://www.wired.com/news/privacy/0,1848,41658,00.html
>
> WASHINGTON -- If there's one thing the FBI hates more than
Osama bin
> Laden, it's when Osama bin Laden starts using the Internet.
>
> So it should be no surprise that the feds are getting
unusually jittery
> about what they claim is evidence that bin Laden and his
terrorist
> allies are using message-scrambling techniques to evade law
enforcement.
>
> USA Today reported on Tuesday that bin Laden and others
"are hiding maps
> and photographs of terrorist targets and posting
instructions for
> terrorist activities on sports chat rooms, pornographic
bulletin boards
> and other websites, U.S. and foreign officials say."
>
> The technique, known as steganography, is the practice of
embedding
> secret messages in other messages -- in a way that prevents
an observer
> from learning that anything unusual is taking place.
Encryption, by
> contrast, relies on ciphers or codes to scramble a message.
>
> The practice of steganography has a distinguished history:
The Greek
> historian Herodotus describes how one of his cunning
countrymen sent a
> secret message warning of an invasion by scrawling it on the
wood
> underneath a wax tablet. To casual observers, the tablet
appeared blank.
>
> Both Axis and Allied spies during World War II used such
measures as
> invisible inks -- using milk, fruit juice or urine which
darken when
> heated, or tiny punctures above key characters in a document
that form a
> message when combined.
>
> Modern steganographers have far-more-powerful tools.
Software like White
> Noise Storm (http://www.sevenlocks.com/steganog/wns210.zip)
and S-Tools
> (http://www.sevenlocks.com/steganog/s-tools4.zip) allow a
paranoid
> sender to embed messages in digitized information, typically
audio,
> video or still image files, that are sent to a recipient.
>
> The software usually works by storing information in the
least
> significant bits of a digitized file -- those bits can be
changed
> without in ways that aren't dramatic enough for a human eye
or ear to
> detect. One review, of a graphical image of Shakespeare
before and after
> a message was inserted, showed JPEG files that appeared to
have no
> substantial differences.
>
> Steghide
(http://www.crosswinds.net/~shetzl/steghide/index.html) embeds
> a message in .bmp, .wav and .au files, and MP3Stego
> (http://www.cl.cam.ac.uk/~fapp2/steganography/mp3stego/)
does it for MP3
> files. One program, called snow, hides a message by adding
extra
> whitespace at the end of each line of a text file or e-mail
message.
>
> Perhaps the strangest example of steganography is a program
called Spam
> Mimic, (http://www.spammimic.com/) based on a set of rules,
called a
> mimic engine, by Disappearing Cryptography author Peter
Wayner. It
> encodes your message into -- no kidding -- what looks just
like your
> typical, quickly deleted spam message.
>
> So if steganography is so popular, is there anything the
feds can do
> about it?
>
> Some administration critics think the FBI and CIA are using
potential
> terrorist attacks as an attempt to justify expensive new
proposals such
> as the National Homeland Security Agency -- or further
restrictions on
> encryption and steganography programs.
>
> The Clinton administration substantially relaxed -- but did
not remove
> -- regulations controlling the overseas shipments of
encryption hardware
> and software, such as Web browsers or Eudora PGP plug-ins.
>
> One thing's for certain: All of a sudden, the debate in
Washington seems
> to be heading back to where it was in 1998, before the
liberalization.
>
> "I think it's baloney," says Wayne Madsen, a
former NSA analyst and
> author. "They come out with this stuff. I think it's
all contrived --
> it's perception management."
>
> Three years ago, FBI Director Louis Freeh spent much of his
time telling
> anyone who would listen that terrorists were using
encryption -- and
> Congress should approve restrictions on domestic use.
>
> "We are very concerned, as this committee is, about the
encryption
> situation, particularly as it relates to fighting crime and
fighting
> terrorism," Freeh said to the Senate Judiciary
committee in September
> 1998. "Not just bin Laden, but many other people who
work against us in
> the area of terrorism, are becoming sophisticated enough to
equip
> themselves with encryption devices."
>
> He added: "We believe that an unrestricted
proliferation of products
> without any kind of court access and law enforcement access,
will harm
> us, and make the fight against terrorism much more
difficult."
>
> But Freeh never complained about steganography -- at least
when the
> committee met in open session.
>
> Some of the more hawkish senators seemed to agree with the
FBI director,
> a former field agent. "I think the terrorist attacks
against United
> States citizens really heighten your concern that commercial
encryption
> products will be misused for terrorist purposes," said
Sen. Dianne
> Feinstein (D-Calif).
>
> Sen. Jon Kyl (R-Ariz) added he was concerned about "the
sophistication
> of the terrorists, the amount of money they have available
(and) their
> use of technology like encryption."
>
> In March 2000, Freeh said much the same thing to a Senate
Judiciary
> subcommittee headed by Kyl. He echoed CIA Director George
Tenet's
> earlier remarks, saying: "Hizbollah, HAMAS, the Abu
Nidal organization
> and Bin Laden's al Qa'ida organization are using
computerized files,
> e-mail and encryption to support their operations."
* * * Back to the Home Page of John "Birdman" Bryant, the World's Most Controversial Author * * *