Return-Path: <sentto-279987-2786-1002563857-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 08 Oct 2001 10:59:06 -0700 (PDT) Received: (qmail 25391 invoked by uid 510); 8 Oct 2001 17:57:33 -0000 Received: from n32.groups.yahoo.com (216.115.96.82) by 204.181.12.215 with SMTP; 8 Oct 2001 17:57:33 -0000 X-eGroups-Return: sentto-279987-2786-1002563857-fc=all.net@returns.onelist.com Received: from [10.1.4.53] by n32.groups.yahoo.com with NNFMP; 08 Oct 2001 17:57:37 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_4_1); 8 Oct 2001 17:57:36 -0000 Received: (qmail 57120 invoked from network); 8 Oct 2001 17:57:00 -0000 Received: from unknown (10.1.10.27) by l7.egroups.com with QMQP; 8 Oct 2001 17:57:00 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta2 with SMTP; 8 Oct 2001 17:56:59 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id KAA13097 for iwar@onelist.com; Mon, 8 Oct 2001 10:56:59 -0700 Message-Id: <200110081756.KAA13097@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Mon, 8 Oct 2001 10:56:59 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:A.Secret.Language.Hijackers.May.Have.Used.Secret.Internet.Messaging.Technique] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit A Secret Language Hijackers May Have Used Secret Internet Messaging Technique By Brian Ross, ABC News, 10/8/2001 <a href="http://abcnews.go.com/sections/primetime/DailyNews/PRIMETIME_011004_steganography.html">http://abcnews.go.com/sections/primetime/DailyNews/PRIMETIME_011004_steganography.html> Oct. 4 - The terrorists responsible for the Sept. 11 attacks may have communicated over the Internet using a computer version of invisible ink that allows secret messages to be concealed in image and music files. Western intelligence officials say they have learned that instructors at Osama bin Laden's camps in remote Afghanistan train his followers in the high-tech secret-messaging technique. And French investigators believe that suspects arrested in an alleged plot to blow up the U.S. Embassy in Paris were to get the go-ahead for the attack via a message hidden in a picture posted on the Internet, former French defense official Alexis Debat told ABCNEWS. One of the men in custody, described by French officials as a computer nerd well-versed in the messaging technique, was captured with a notebook full of secret codes. "This code book is major breakthrough in the investigation," said Debat. Covered Writing To transmit a hidden message, the sender uses specialized software to hide a text message - or a graphical file such as a building plan - inside another file, such as an image file or an MP3 music file. "Criminal organizations, terrorist organizations around the world use this," said Chet Hosmer, an Internet security expert who has been helping the FBI and military intelligence since Sept. 11 track down hidden communications on the Internet. "Images that might be in an e-mail message that I send to you, that has a picture of my dog or my cat - I hide an actual secret message inside that image that no one else would be able to detect or see," Hosmer said. For example, with a few clicks and the right password, a terrorist could use a picture of the Mona Lisa, or an MP3 of the U.S. national anthem, to carry a secret coded message, such as a seating chart for an airliner or a list of flights out of Boston. The technique is known as "steganography," meaning covered writing. "It actually goes back to Roman times when they used to shave the head of messengers, and tattoo secret messages on their scalp," said Hosmer. "It really doesn't have very many legitimate purposes. The purpose is to actually hide the fact that you are communicating." Instructions Via E-mail In addition to low-tech equipment like box-cutters, the alleged hijackers in the Sept. 11 attacks also had e-mail accounts at Yahoo! and Hotmail. Suspected ringleader Mohamed Atta was seen repeatedly by witnesses using his Hotmail account at public libraries in Florida to surf the Internet, downloading what appeared to be pictures of children and scenes of the Middle East. Special FBI squads are working full-time on the Internet connections of the 19 alleged hijackers, going through accounts at America Online and other service providers. Investigators are also searching cyberspace for more deadly messages and warnings that could help them take precautions against future terrorist attacks. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Get your FREE VeriSign guide to security solutions for your web site: encrypting transactions, securing intranets, and more! http://us.click.yahoo.com/UnN2wB/m5_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:54 PST