Key insight: "The problem with many security systems based purely on secrecy is that their usage is itself anomalous. It singles out and attracts attention to the users." In other words, the very use of secrecy is itself a weakness that can be exploited by attackers.
And this is why privacy advocates try to push for pervasive cryptography. If everyone's traffic is encrypted, then use of crypto doesn't bring suspicion on you.
This is why I'm somewhat dubious about Tor. While it can be a valuable tool, by it's nature it routes you between 3 other machines, which may be spread all over the world, thus substantially impacting performance. It can't really be used by the general population, as opposed to, say, encrypted email which if implemented well would have negligible impact.
It can't really be used by the general population for some web browsing, but it can easily be used for a variety of other applications.
Most mobile traffic, for example, could probably go over Tor. All background data syncronization could go over Tor. Email and IM could go over Tor.
Assuming you still use a general-purpose computer, and try to execute code on your own CPU rather than someone else's whenever possible, it's easy to have most of your applications (email, RSS, IM, data sync) go over Tor without your noticing.
3-5 anonymous hops wouldn't be a bad thing in the future, say ~5yrs assuming continued investment in better broadband infrastructure as well as investment in Tor nodes.
The performance drop could hypothetically be unnoticeable to the user. Just as most TCP handshakes are.
This has to become a movement indeed towards pervasive cryptography. Tor's design isn't the real problem. The lack of Tor nodes/efficient broadband is the real problem.
The espionage game has always been about being clandestine, many new techniques attract attention (tor for example) because of their honeypot nature. The old adage of hiding in the crowd will always be more difficult to notice.
Is steganography then something that should be used?
"I just like looking at pictures of cats on imgur" (while they actually contain handler's instructions).
Now is a 40 year old Syrian man looking at pictures of cats on imgur?. That's anomalous. I guess one can't hide the need for a human factor, in other words tailoring it for a particular case.
It used to be that spies had short wave radios. You know they still have stations for example.
That's pretty good. Well except that this day and age spotting someone with a shortwave radio who is already a bit suspicious (maybe doesn't speak with the correct accent) is going to raise eyebrows perhaps. While maybe 10-30 years ago it wouldn't have.
> "I just like looking at pictures of cats on imgur" (while they actually contain handler's instructions
Not sure how pervasive it has become, but the couple of Russian spies that was caught in Germany last year or so were also using comments on Cristiano Ronaldo YouTube videos to communicate with their contacts.
> The middle-aged Anschlags, who pretended to be Austrians born in Argentina and Peru, used "dead letter drops" to communicate with their informers and then transmitted information to Moscow via satellite. Some messages were passed via coded comments on YouTube videos where Mrs Anschlag's online alias was Alpenkuh1 (Alpine cow 1
Not bad. Also could for plausible deniability of use of encryption. Or I guess to use our governments' newspeak "parallel construction".
"So Jon, you use tor a lot. What's going on?" --"Hmm, well I like women wearing high heels stepping on tomatoes alot.." ---"Ok, well that's 10 lashes for you" (Instead of decapitation for conspiring to overthrow the government).
The question I would have about this (and i wouldn't be at all qualified to answer) is, how difficult would it be to detect the presence of steganography in images, disregarding being able to decrypt it? In other words, couldn't a state actor just find out what the most common steganography techniques were, derive some kind of fingerprints from that, scan sites like imgur and profile users posting those images?
> how difficult would it be to detect the presence of steganography in images
I would imagine if it's a completely original image, it would have to be done through frequency analysis of the various bits and bytes - not easy at scale.
On the other hand, if it's an oft-posted image, a simple diff would show off any hidden messages very quickly.
> if it's an oft-posted image, a simple diff would show off any hidden messages very quickly.
How would that scale though? Many 'oft-posted' images are modified by users for legitimate reasons. You would have to be able to figure out which changes were legitimate and which were hidden messages.
