Reports like this both scare me and impress me. It's impressive because, well, who would think to throw terrorist plans into a bunch of porn sites and raw images (no pun intended)? Very clever.

It scares me for not only the obvious reasons, but the fear of some sort of government intervention locking out non-American websites. (Don't ask how it could be done, I know it really couldn't, but that hasn't stopped Congress before.)
posted by hijinx at 10:25 AM on February 6, 2001

U.S. officials and experts say it's the latest method of communication being used by Osama bin Laden and his associates to outfox law enforcement.

In other words... "US officials say 'see what happens, you crazy internet kids, when we allow free encryption? Wouldn't you all feel better letting us, the good guys, hold the keys?"

I don't doubt that it's possible--or even that terrorist may be using encryption that way--but FBI scare tactics with political ulterior motives make me wretch.
posted by jpoulos at 10:27 AM on February 6, 2001

-----BEGIN PGP MESSAGE-----
Version: PGPfreeware 6.5.8 for non-commercial use

qANQR1DBwU4DgNNy312VhSAQCACLGFbchdQdq5kBYJQgUkScD/nuWNMOvy4fx5QP
FguL2ruGPs8ptRzHh7OKEF4zITigZlQYC6JGokM+pTrEqVVvZWGW/zW5drORB7xL
RcRXf/E6kSicEfE1bXonA8pW5NQjND3h9aR3Y9qpg/KBIhHwmNrVy61veH948eeC
CwMMt59poKoEVzEJ2Q17JNHF/TX4GHO+fm0fOAZRssEZudPC1K6BEDqbyMUvz6Go
2+WhY0yPthaFWZ4EVrMqOiIXQdlG+L4XTaGf+MROc3Fis4ocRIRVBNgDIbSjj3ja
riV/IjRS1izVnK5gBrXLjZGBWsC6cGu8WHCSmp8yzwFgpE1JCAClV2oEwJa1CSti
VIVQLoGkPKXNpAdemgikP8L6+g6jzJCV72Oj7zpGeDLNUmyM6t/C9y8fNXHnuhJ1
KP9g1UQuRd41kJh/NP+X3wI3BE8/VX6nca0RK/NBtQzX6I8i1xH/GcdzEmu14htO
d84Km4s+IV8uZTvixeinHAdEHL/f7T/8UlCsclMA6OlHa/QLg+gn9l4o1rMsrJY2
H4UWHd/qVSkI9dzuj3X8PUz34BCU/+vF7Z97zktqw6NzStboXOl7YvTz6+bbxsBz
FgEw6WVKZrAJpKdzDmx8hTnYYhMon8tg/jzGalOUzaLD1Zj6GnlM7NKZxD4LC6a3
yUPQ1qLiycFw+ABXRTa28rYS+CCr5xOKSwcWV0UWMjHkNUVCMBVPIhBzWMj4JA2M
YSfdbj8h1bljY10t3/elbtbmbSZHIbXwGbVsd8K+DvKbCDQTzHLXGV8sriSr/9TI
th6o035fUw+VOBsSSTFIdimZJumPPEQ2z+7EbiU4efZEhf3o9ARXTJTyaCwcmvbj
g2PKMhcbDoXJMt5tpFBwdNsyZ6RzaIX9fIs59JB0RbEJLRDg1mWuJK1l61F70+wk
Q8FDmcWXEOlPpvkoMKELvhTMZ/BNpbvrH3as0lRJXm+Tf2FVLc8sJM5OR6eCq+4/
dxNj+v1Fx8Qrwuw9DXwTA6tBN9yAF8X6UaPOkcEK8WDFDcQt4fjcUSfo3dGIX0al
j9pQF9Yr4Z4x7quYwxgUIyVpBqkkGHwhebD/w24fFjrY+jiYbvjI9ZauJdr2WaYy
7Vys6qWtn4AoQ5/DpNHEgW+BvWdrxX8gpSS7cVJdwzWmnH1Z9DMhluYxtayLNhig
fAGgfT0ZcmAgILjNukcY6fRfY3CfHsHoNe0aHA6NqzJ4WU6yXGLKELipAXSHJXXd
BmlSFFecH34R/j55aZjB6M6i5mgK159wP39XHrcSI1kUn/tqwTpJjUUn8Yo+pGHx
XB0TYLfiW3vSo1pcZHgyOKF8DMKxfM61E9Rp2sP91GxNBQ2+jl+I8Yr2eoWs402e
hLiisUZgMIHiFJdJTiHi2LKr2Y449wOkWn9Nz6Yd2VBvr7AVb0Ba9E0=
=Nyv+
-----END PGP MESSAGE-----

posted by bondcliff at 11:01 AM on February 6, 2001 [1 favorite]

One little thought (and forgive my ignorance on this matter), but isn't it considered wrong in Islam to translate the word of Allah into any language? Wouldn't encrypting Arabic count as a translation, albeit a very presice and perfectly reproducible one?

I only bring this up because it seems like a logical flaw in this line of thinking. Oh, wait...I'm talking about fundamentalists. I forgot that rational logic doesn't apply to them.
posted by RakDaddy at 11:06 AM on February 6, 2001

One little thought (and forgive my ignorance on this matter), but isn't it considered wrong in Islam to translate the word of Allah into any language?

Hm. If so, my inter-lineal Arabic/English version of the Quran is more valuable than I thought. :)

posted by aurelian at 11:16 AM on February 6, 2001

bondcliff: You should use harder encryption, I beat that with a pencil and paper.
Translation for the rest of you "Thirteen is the greatest". Thanks!

The first thing I thought of when I saw this thread was that Osama was buying himself an excuse to spend time on porno BBS's. When Mrs. bin Laden catches him, he can say "No honey, I was trying to destroy America."

Those wacky terrorists.
posted by thirteen at 11:22 AM on February 6, 2001

Reports like this both scare me and impress me. It's impressive because, well, who would think to throw terrorist plans into a bunch of porn sites and raw images (no pun intended)? Very clever.

{shrug}

It's a classic example of, The place to hide a needle is not in a haystack, but in a stack of needles.

Look, guys, encryption can't be proven to work. The only thing that can be demonstrated is that no one has told you that they've broken your cypto -- and they have a vested interest in not telling you. See the problem?

Coding is much more secure. Take the made up word, GLOPS. Does GLOPS mean, "See you at Granma's on Thursday"? Or does it mean, "Set off the nukes on Thursday, inshallah."? For GLOPS, substitute any string of words, reasonably innocuous.

The advantage crypto has over codes is flexibility of message. All codes have to be prearranged. But they are much more secure -- and places like chat rooms, porn sites, etc., are just about the perfect places to use codes.

posted by aurelian at 11:25 AM on February 6, 2001

Terrorists are using off-the-shelf computer technology and widely-available encryption programs. I'm stunned. Next the media will be telling us they have guns and bombs too.
posted by aaron at 11:33 AM on February 6, 2001

The problem with anything that is pre-arrainged is that somewhere there needs to exist a Dick Tracey Decoder Ring. Should someone get a hold of that ring, the code is cracked.

Public Key Encryption is the way to go. Sure, it is technically possible that someone has already cracked your code, but if the encryption is strong enough, and if the users of the encryption are educated enough about the weaknesses (the problem that led to the cracking of Enigma), it is highly unlikely that the encryption will ever be cracked.

Given enough computing resources and time, almost anything can be cracked, but if something takes six months to crack and the bomb is timed to go off in five months, what is the point?

A good source of information on creating and cracking encryption is Simon Singh's The Code Book. Excellent read.

Oh, and Mr(s). 13, you were wrong. It actually says "Be Sure To Drink Your Ovaltine."



posted by bondcliff at 11:37 AM on February 6, 2001

bondcliff: too easy. i did it with my Little Orphan Annie secret decoder ring.
posted by pnevares at 11:45 AM on February 6, 2001

The Code Book is an excellent read. And I almost made an Ovaltine joke, but stopped when I thought it would be too obscure. Wouldn't THAT have freaked you out.

I do posters for local rock shows, and have been putting stronger and stronger (but still very solvable) code messages for people to play with in the margins. Somebody always writes to me to let me know they broke it. I am trying to feel out the edge of what people can casually do. That doesn't have anything to do with the topic at hand, but aren't codes great!
posted by thirteen at 11:53 AM on February 6, 2001

Why is anyone shocked by this? If I were Fat Tony (and, God willing, one day I will be) wait, no, a terrorist, I'd have been using stego and crypto since jihad one.

One little thought (and forgive my ignorance on this matter), but isn't it considered wrong in Islam to translate the word of Allah into any language?
No, but when they publish the quran they always publish the original text w/ it, so as to provide an unadulterated reference.
posted by sonofsamiam at 12:17 PM on February 6, 2001

Dear Son: you can do anything you want in any relgion and find a wahy to justify it.
posted by Postroad at 12:39 PM on February 6, 2001

Although I do not consider myself a pious Muslim, I can tell you that it is not against the Islamic faith to translate the text of the Koran. Actually, there are quite a few translated texts of the Koran in English.
posted by Lifeblood at 12:41 PM on February 6, 2001

Postroad: I don't follow.. was that responding to something in my post?
posted by sonofsamiam at 12:46 PM on February 6, 2001

It's not wrong to translate the Koran, you just can't represent it *as* the Koran itself, since the Koran is in Classical Arabic.

Hiding messages indies other messages (such as images) is steganogaphy, not cryptography. Steganography is basically security by obscurity, and as such it's weak once people start looking for it. If they're using steganography, as the article indicates, that should be easy to spot. If it's also encrypted, then all the problems that come with encryption exist, but they're no worse than they would be if the message had been sent as straight bits rather than "hidden in porn."

This is just a scare, trying to capitalize on people's emotional reaction to the P-word. They could have said "messages hidden in pictures of puppies," which is no more or less secure than porn, only that wouldn't have made the dreaded porn-terrorism link in the minds of the USA Today readers.
posted by rodii at 1:07 PM on February 6, 2001 [1 favorite]

Maybe I'm being cynical, but most of that article sounds like an argument to further restrict the use of encryption in the States.
posted by waxpancake at 1:14 PM on February 6, 2001

I think someone should introduce the good people at USA Today to the word "steganography". Although I suppose that would make the "Oh look, Citizen, encryption is bad!" tripe a bit too hard for Joe Sixpack to read.

Cryptographers are the new Commies.
posted by jammer at 1:27 PM on February 6, 2001

There's a hidden terrorist message in this very response.
posted by rafeco at 1:58 PM on February 6, 2001

Including verses from the Koran in encrypted messages is foolish. When you know phrases that are likely to appear in an encrypted message, it makes decrypting it that much easier.

If the spooks can't decrypt it now, they will be able to later, someday. The Koran is a finite corpus, though large, and will provide potential decrypters with a good lever to pry open the messages.

Idiots.
posted by beth at 2:09 PM on February 6, 2001

That article is classic FUD. It's outrageous, in fact, in that it describes stuff that's nothing new (I or anyone here has been perfectly able to use PGP and then stego the encrypted file for at least 7 years) and billing it as 'the new terror'. It's a BS article spewing old news to scare people into believing that if we just give in, the gov't security apparatus will save us all.

From the article: "Who ever thought that sending encrypted streams of data across the Internet could produce a map on the other end saying 'this is where your target is' or 'here's how to kill them'?"

Answer: anyone who spent an hour looking into the subject at any time since 1994.
posted by mikel at 2:57 PM on February 6, 2001

Jorn Barger points out that instead of porn sites, "they'd just use netnews, duh!"
posted by tregoweth at 3:28 PM on February 6, 2001

And I thought all that rage against the Baltimore Ravens on the ESPN site was from Giants' fans! Silly me! Remember, DO YOU LIKE BSB OR *NSYNC, really means, "I have the plutonium!"
posted by girard31 at 3:48 PM on February 6, 2001

mikel hit the nail on the head. Propoganda FUD to scare the ignorant (not too hard considering how little the average person knows about computers, encryption, etc.)Don't worry, the U.S. intelligence community will save us! Not.
posted by Mr. skullhead at 6:35 PM on February 6, 2001

UNION NEWS
War Dept. Reports New Confederate Danger!
Washington -- Gen. Harrison Bergeron of the U.S. Army Intelligence Division reports that Rebel spies may be using "classified ads" to exchange secret coded messages. Lincoln said to be considering shutting down all presses.

In other words *yawn*. This was a pointless report: what, did we think they were speaking in dumb-movie-terrorist language before? "Sayeed, do you have the BOMB MATERIALS? Meet me in front of the WHITE HOUSE." Yeah, right. The breathless tone of the report suggests that we know they're using chatrooms, when in fact almost all it suggests is that they know how to encrypt their e-mail. The chatroom crap was just so the headline writers could squeeze "web" in there someplace.

By the way, it's not necessary to demonize USA Today for this stupid story. It's all over the wire services, too.
posted by dhartung at 9:08 PM on February 6, 2001

Gen. Harrison Bergeron

I had a witty reply set up for this comment, but the transmitter in my ear distracted me something fierce. :-)
posted by youhas at 10:20 PM on February 6, 2001

Ya think we've squeezed enough "Eschelon" buzzwords into this post?

posted by Optamystic at 1:04 AM on February 7, 2001

What does Cringley think?
posted by fullerine at 2:38 AM on February 7, 2001