[9991] in cryptography@c2.net mail archive
Re: Stegdetect 0.4 released and results from USENET search available
daemon@ATHENA.MIT.EDU (Karsten M. Self)
Wed Dec 26 17:49:36 2001
Date: Wed, 26 Dec 2001 14:40:14 -0800
From: "Karsten M. Self" <kmself@ix.netcom.com>
To: cryptography@wasabisystems.com
Message-ID: <20011226144014.C26325@navel.introspect>
Mail-Followup-To: cryptography@wasabisystems.com
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="//IivP0gvsAy3Can"
Content-Disposition: inline
In-Reply-To: <v04210101b84eca7963ad@[192.168.0.3]>; from reinhold@world.std.com on Tue, Dec 25, 2001 at 11:46:30PM -0500
--//IivP0gvsAy3Can
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
on Tue, Dec 25, 2001 at 11:46:30PM -0500, Arnold G. Reinhold (reinhold@worl=
d.std.com) wrote:
> This is an nice piece of work, but I have a couple of comments:
>=20
> 1. The paper asserts "Even if the majority of passwords used to hide=20
> content were strong, there would be a small percentage of weak=20
> passwords ... and we should have been able to find them." That might=20
> be true if there are a large number of stego users independently=20
> selecting passwords, but it's not a compelling argument if stego is=20
> being employed by a few sophisticated terrorist organizations, as=20
> suggested by the April 1991 Newsday article,=20
> http://www.usatoday.com/life/cyber/tech/2001-02-05-binladen.htm .=20
Regardless, it's an assertion which may be corroborated by history of
password attacks on other systems. Does anyone have a reference to an
analysis of dictionary and brute-force password attacks, and typical
patterns of discovery?=20
Remaining discussion is interesting, elided.
<...>
> 2. The signature graphs you presented for several of the stego=20
> methods seemed very strong. I wonder if there is more pattern=20
> recognition possible to determine highly likely candidates. I would=20
> be interested in seeing what the graphs look like for the putative=20
> false alarms you found. It also might be interesting to run the=20
> detection program on a corpus of JPEGs known NOT to contain stego,=20
> such as a clip art CD.
>=20
> 3. If you did succeed in decrypting one of Osama Bin Laden's=20
> missives, wouldn't he have a case against you under DMCA?
There are exceptions for law enforcement, national defense, and
research.
I've noted in the past, however, that data aquired through national
monitoring systems such as Carnivore or Echelon, and forwarded to
private industry, as has been alleged by the French against the US, may
not fall under this exemption, and could be actionable.
Peace.
--=20
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
What part of "Gestalt" don't you understand? Home of the brave
http://gestalt-system.sourceforge.net/ Land of the free
We freed Dmitry! Boycott Adobe! Repeal the DMCA! http://www.freesklyarov.org
Geek for Hire http://kmself.home.netcom.com/resume.html
--//IivP0gvsAy3Can
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8KlHNOEeIn1XyubARAk9lAJ9q7joJdzbfBeU3EHRmYiYSQMVuTgCfQx90
ZuTqTFTbupwlaGIcIPNkw1c=
=l/MG
-----END PGP SIGNATURE-----
--//IivP0gvsAy3Can--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
