[iwar] [fc:U.S..Agencies.Seek.Experts'.Help.in.Tracing.Encrypted.Messages]

From: Fred Cohen (fc@all.net)
Date: 2001-09-19 12:38:17

Return-Path: <sentto-279987-2078-1000928298-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Wed, 19 Sep 2001 12:40:10 -0700 (PDT)
Received: (qmail 10998 invoked by uid 510); 19 Sep 2001 19:38:45 -0000
Received: from n5.groups.yahoo.com ( by with SMTP; 19 Sep 2001 19:38:45 -0000
X-eGroups-Return: sentto-279987-2078-1000928298-fc=all.net@returns.onelist.com
Received: from [] by hl.egroups.com with NNFMP; 19 Sep 2001 19:38:19 -0000
X-Sender: fc@big.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_3_2_2); 19 Sep 2001 19:38:18 -0000
Received: (qmail 61157 invoked from network); 19 Sep 2001 19:38:18 -0000
Received: from unknown ( by m8.onelist.org with QMQP; 19 Sep 2001 19:38:18 -0000
Received: from unknown (HELO big.all.net) ( by mta3 with SMTP; 19 Sep 2001 19:38:17 -0000
Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id MAA02967 for iwar@onelist.com; Wed, 19 Sep 2001 12:38:17 -0700
Message-Id: <200109191938.MAA02967@big.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Wed, 19 Sep 2001 12:38:17 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] [fc:U.S..Agencies.Seek.Experts'.Help.in.Tracing.Encrypted.Messages]
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 8bit

Terrorists' Online Methods Elusive
U.S. Agencies Seek Experts' Help in Tracing Encrypted Messages

By Ariana Eunjung Cha and Jonathan Krim
Washington Post Staff Writers
Wednesday, September 19, 2001; Page A14

Government agencies are contacting computer experts for help in
understanding how Osama bin Laden and his associates may have used the
Internet to send encrypted electronic messages to one another to
coordinate last week's attacks on the World Trade Center and the
Pentagon, sources said yesterday. 

For at least three years, federal agents had found evidence that bin
Laden's group embedded secret missives in mundane e-mails and on Web
sites.  But efforts to track down and decipher the messages have

Numerous, easy-to-download software applications are available online
that enable users to protect transmissions from curious eyes and
frustrate government attempts to create a systematic way to locate and
screen those messages. 

Basic encryption tools allow people to scramble messages so that only
those with a "key" can read them.  An increasing number, however, go
beyond this by allowing messages to be hidden inside graphics, music
files or in the headers of e-mails.  The technology, known as
steganography, allows users to get around electronic wiretaps by
piggybacking messages on seemingly innocent digital files for things
such as 'N Sync songs, a posting on eBay or a pornographic picture. 

The proliferation of this technology, people in the security community
say, is changing the rules of the intelligence game by allowing anyone
to coordinate dispersed global armies quickly and cheaply. 

Several experts in the field said yesterday they've received calls from
the government asking for their assistance.  One academic researcher
said he was asked to remain on standby to help try to peel the layers
off of any encrypted messages the government might find. 

But that might be the easy part.  Sources close to the investigation
said the few messages investigators have intercepted in the past did not
take advantage of encryption techniques.  The challenge, at least in
this case, has been finding the messages in the first place. 

Neil Johnson, associate director of the Center for Secure Information
Systems at George Mason University, which receives funding from the
government, said steganography is powerful because messages can
effectively be hidden almost anywhere. 

Johnson's recent research has focused, with some success, on how to
crack it by examining a site, image or data stream for signs that
steganography was used, he said. 

Mark Loveless, a computer security consultant with BindView Development
Corp., said the technology is also popular because if it's used
properly, it is almost impossible to trace the author of the message and
the recipient because of the random way in which files are distributed
from user to user using swapping services such as Napster and Gnutella. 

In the wake of the attacks, Sen.  Judd Gregg (R-N.H.) has proposed
making it mandatory that software developers give government security
agents the "keys" to encryption programs when they are created, a
position strongly opposed by many in the technology community who worry
it could be used to invade the privacy of law-abiding computer users. 

Phil Zimmermann, the creator of a popular encryption technology, said he
believes the answer to catching the terrorists lies in human footwork
rather than more surveillance technologies: "It's not practical to frisk
everyone on the planet to find the one person with a box cutter."

The government has been waging war on data-scrambling technology on
several fronts for more than 30 years.  It has asked Congress for
stricter rules on exporting the technology and has taken the developers
of such technology to courts.  Most recently, the National Security
Agency created a whole department to try to "leverage emerging
technologies and sustain both our offensive and defensive information
warfare capabilities," according to a recent document outlining its
cryptography strategy. 

At a closed congressional hearing last year, one federal official said
that U.S.  intelligence is "detecting with increasing frequency the
appearance and adoption of computer and Internet familiarity" in the
hands of terrorist organizations.  "The skills and resources of this
threat group range from the merely troublesome to dangerous," the
official said in a submitted statement.  "As we know, Middle East
terrorist groups -- such as Hezbollah, Hamas and Osama bin Laden's
organization -- are using computerized files, e-mail and encryption to
support their organizations."

 2001 The Washington Post Company

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Do you need to encrypt all your online transactions? Secure corporate intranets? Authenticate your Web sites? Whatever
security your site needs, you'll find the perfect solution here!


Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 

This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:45 PDT