Return-Path: <sentto-279987-2632-1002078873-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Tue, 02 Oct 2001 20:15:13 -0700 (PDT) Received: (qmail 29829 invoked by uid 510); 3 Oct 2001 03:14:39 -0000 Received: from n17.groups.yahoo.com (216.115.96.67) by 204.181.12.215 with SMTP; 3 Oct 2001 03:14:39 -0000 X-eGroups-Return: sentto-279987-2632-1002078873-fc=all.net@returns.onelist.com Received: from [10.1.4.55] by n17.groups.yahoo.com with NNFMP; 03 Oct 2001 03:14:33 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_4_1); 3 Oct 2001 03:14:32 -0000 Received: (qmail 37776 invoked from network); 3 Oct 2001 03:14:32 -0000 Received: from unknown (10.1.10.142) by l9.egroups.com with QMQP; 3 Oct 2001 03:14:32 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta3 with SMTP; 3 Oct 2001 03:14:32 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id UAA10611 for iwar@onelist.com; Tue, 2 Oct 2001 20:14:32 -0700 Message-Id: <200110030314.UAA10611@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Tue, 2 Oct 2001 20:14:32 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Government.snoops.emulate.cybervandals.] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit We Hack You: Government snoops emulate cybervandals. By Victoria Murphy, Forbes, 10/2/2001 Government snoops emulate cybervandals. Get ready for an entirely new kind of computer bug. Readily available encryption software easily turns e-mails and instant messages into strands of gobbledygook that can thwart even the pros at the National Security Agency. So agents for a time will have to resort to hacker-like methods. Bugging a computer let the FBI, in a 1999 investigation, listen in on a Mafia suspect. The FBI won't reveal how it did it, but defense lawyers suspect it was able to install software to capture each keystroke. Two years ago, cybervandals spread the Back Orifice virus that let remote snoops view a PC's activity. "If these kids can do it, then you'd better believe the NSA and FBI have something even better," says Mark Rasch, a former Justice Department prosecutor of cybercriminals. Another countermove: Pass a program through a firewall that swipes the key to a terrorist's encryption scheme. "I like to believe [NSA agents] don't have all their eggs in one basket. I wouldn't be comfortable being a U.S. citizen if they were relying only on code-breaking," says Edward Scheidt, a 26-year veteran of the CIA, who headed its Cryptographic Center. Cracking code has never seemed more insurmountable. Before the Pentagon and World Trade Center assaults, suspected hijackers were believed to be swapping e-mails via popular services such as America Online, which says it is cooperating with government investigators. Reportedly, online messages retrieved so far were, surprisingly, unencrypted, but the FBI suspects that Osama bin Laden's Al Qaeda terrorist network has used encryption before. By the Numbers Global Babble Fast chips have made code-cracking, never easy, now nearly impossible. 4 trillion e-mails sent in 2000. 656 million instant messages sent per day on AOL. 4,000 years to crack 128-bit encryption using every computer in the U.S. Sources: Gartner Group, AOL - Earlier encryption schemes were more penetrable because they were designed for keys 32 bits in length. But today's encryption standard is an impregnable mathematical fortress built on 128-bit keys. Cracking it would take 2-to-the-128th-power calculations, or all the computer power in the U.S. running for thousands of years. A secretive citizen can get 128-bit crypto for $113 in products like Pretty Good Privacy's PGPmail. "Academic cryptographers can produce algorithms that are out of reach of the NSA," says Philip Zimmermann, PGP's founder, who left in January and now develops encryption for wireless phones. In a break with the past, NSA employees now openly attend industry conferences. For now, a scant 0.5% of the billions of e-mails sent every day are encrypted. Simply sending a secret message could be a tip-off to authorities. Since the attack, a bill has been introduced in Congress that would ease restrictions on tapping e-mail accounts. Talk of a ban on strong encryption has resurfaced as well, but it comes too late. ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:53 PST