Secure Communications | 68 comments (68 topical, editorial, 0 hidden)

Re: Secure Communications (none / 1)

Well, it depends on expense, doesn't it? If everyone was doing proper encrypted comms then the NSA's "job" would be prohibitively expensive: they'd have to pick their targets.

But yeah, if you really need security, build your own kit, airgap, one-time pads (stenography is to hide the fact of the encryption) and faraday cages. And worry more about informants, because now you're a target!

by Colman (colman at eurotrib.com) on Thu Aug 15th, 2013 at 05:36:47 AM EST
[ Parent ]

Re: Secure Communications (none / 1)

Well, no. The point is it's not too difficult to make one-to-one communication invisible, to the point where if you're a spook you have to try to decrypt all traffic and web content on the Internet, without knowing if it's been encrypted, or how.

Not even nation states have that kind of budget. Nowhere close.

Public email and cloud storage are very low hanging fruit in security terms. So far the NSA has been relying on hope and wishful thinking to get its sigint.

But my point is that once you start sending messages through non-standard channels, it doesn't take much effort to become invisible.

And once that happens, your only hope as a spook is to scan and decrypt the entire Internet - because nothing else will do the job.

by ThatBritGuy (thatbritguy (at) googlemail.com) on Thu Aug 15th, 2013 at 10:05:24 AM EST
[ Parent ]

Re: Secure Communications (none / 1)

Not if statistical analysis of passing images or video - you just need a sample - throws up that stenography is used. You then get to be a person of interest.

If everyone is using encrypted channels you get lost in the noise. Otherwise you just risk attracting attention.

by Colman (colman at eurotrib.com) on Thu Aug 15th, 2013 at 10:24:03 AM EST
[ Parent ]

Re: Secure Communications (none / 1)

That depends how it's done. The companies offering statistical analysis assume you're using an off-the-shelf app. All they do is buy an app, run some tests, and create a profile.

But all that says is that most commercial steganography apps aren't all that good.

In the limit, good steganography is indistinguishable from compression artefacts and random noise. And if the bit rate is low enough and somewhat randomised, it becomes even harder to be confident about getting a clean positive.

There are also things like this.

by ThatBritGuy (thatbritguy (at) googlemail.com) on Sat Aug 17th, 2013 at 10:46:37 PM EST
[ Parent ]

Secure Communications | 68 comments (68 topical, 0 editorial, 0 hidden)

Top Diaries

The problems with formal education

Speaking right: What an Taoiseach should say in Washington

Ambushing an Taoiseach

Net Zero Energy - March 2025

We do have the cards

Manipulating Irishness

Thomas Paine's Age of Reason

Recent Diaries

Crossroads, Ukraine Loses Either Way

Like a tsunami rolling ashore ...

Breaking: A Christian In the Kremlin

Going Down!

The Inside Job to Murder JFK [Update]

Ukraine Victory In Retreat

Ceasefire Negotiations Step by Step

17th of March

Ukraine Violated Human Rights in Odessa - 2014

Rutte In the Apprentice Theatre

Rearming Europe Peace Through More War

Keith Kellogg Is Out

Nordic States Join Baltics Again WWII Redux

Goodbye NATO/USA, Welcome Europe's E5

Zelensky and the Terror State Ukraine

EU Commissioner VDL In Full Panic Mode

The problems with formal education

The Battle for Kiev/Kyiv

VDL At the Crossroads of Europe - Part 1

The speech Micheál Martin should make in the White House:...

Occasional Series