RE: Just Carnivore (was: Yahoogroups and Carnivore)

From: Larry Diffey []
Sent: Monday, September 17, 2001 4:22 PM

Let's see, I want to send email to someone but I want it to
be completely
anonymous. I go to or any other anonomizer and
get myself a
hotmail address. I then send it to the recipient with PGP
encoded text. He
logs on to hotmail through anonomizer and retrieves it,
decodes it and reads
it. If I was really smart I'd bounce around a couple of
other proxies while
I was at it.

The only way this works is that you route to someone, that has a VPN pipe to
somewhere else.... nah, even that won't work. You can encrypt the packets
but you can't do it anonymously, unless you are at a public access point.
Even so, they can identify the MAC addr. That, plus the time-stamp, and
you're nailed. All they need is the motivation.

However, given mil-grade VPNs these days, there is no way they can read what
you sent. They can only tell that you sent something. However, I just
discovered the Steganography stuff in my SuSE Linux distribution, hmmmmm.
But, they still know where it came from and where it went.

The problem is that, it's looking for a camoflaged needle in a camoflaged
needle stack, all of which are capable of changing patterns, like a
chameleon. First you have to find it and then figure out what it is. That
processing capability doesn't yet exist. Certainly not under WinNT and the
typical hardware it runs on. All that they can tell is that encrypted
traffic went from point A to point B.

As Bruce Schneier said, the problem with steganography is that you need
a good cover story for why you're mailing JPG's of giraffes back and forth...

Porn makes for a pretty good cover-story.