Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

VoIP Numbers Stations were Social Experiment

ScuttleMonkey posted more than 7 years ago | from the mysteries-always-draw-the-crowds dept.

116

IO ERROR writes "The mysterious phone number stations appearing on Craigslist for the last three months, which resembled their shortwave radio cousins, and which Slashdot reported on in June, were an experiment devised by security researcher Strom Carlson and a group of Los Angeles hackers to determine if encrypted messages could be passed using unwitting third parties to foil traffic analysis by hostile intelligence agencies. Carlson and the hackers presented their findings at DEFCON earlier today and gave away CDs with "Make your own Mein Fraulein station" kits and posted one final number station for people to try to decrypt."

cancel ×

116 comments

Another matter (4, Interesting)

Anonymous Coward | more than 7 years ago | (#15853978)

Okay, and who's behind HELLO WORLD [wikipedia.org] ? It's been running in stops and starts since April 2005.

Re:Another matter (4, Interesting)

razvedchik (107358) | more than 7 years ago | (#15854026)

It reminds me of Enigma ciphers where they repeat the initial settins twice at the beginning of the message. They are encrypted, but because they are given twice, it becomes easier to attack the crypto system.

http://en.wikipedia.org/wiki/Cryptanalysis_of_the_ Enigma [wikipedia.org]

And at one time, I was trained to transcribe 5-digit numbers from another language. That was a different time and place, though.

Interesting stuff.

Re:Another matter (-1, Redundant)

Anonymous Coward | more than 7 years ago | (#15855037)

Also, I just heard some sad news on talk radio - Horror/Sci Fi writer Stephen King was found dead in his Maine home this morning. There weren't any more details. I'm sure everyone in the Slashdot community will miss him - even if you didn't enjoy his work, there's no denying his contributions to popular culture. Truly an American icon.

Re:Another matter (1)

noidentity (188756) | more than 7 years ago | (#15854945)

April 2005? That's been going on for decades! Almost every introductory programming text is in on the conspiracy. Always that cryptic phrase, "Hello, world!"

Re:Another matter (0)

Anonymous Coward | more than 7 years ago | (#15856045)

I've cracked it! It's a link to https://www.nsa.gov/applyonline/index.html [nsa.gov] !

I work at Vonage (-1, Troll)

Anonymous Coward | more than 7 years ago | (#15853988)

Muslims are still shitheads. Fuck Allah!

shortwave radio number stations (1)

bobalu (1921) | more than 7 years ago | (#15853994)

I'm still more interested in the orginals!

Re:shortwave radio number stations (5, Funny)

gEvil (beta) (945888) | more than 7 years ago | (#15854025)

I'm still more interested in the orginals!

Shortwave numbers stations are a social experiment being conducted by the aliens. They'll present their findings at GALAXICON on July 8, 2047.

Re:shortwave radio number stations (3, Funny)

mikael (484) | more than 7 years ago | (#15854080)

And there will be a guest talk by John Titor on implementing secure communication links using time travel.

Re:shortwave radio number stations (0)

Anonymous Coward | more than 7 years ago | (#15854119)

An some Stallman guy will be handling out literature at the door rambling about some microkernel or something.

Re:shortwave radio number stations (4, Funny)

QuantumFTL (197300) | more than 7 years ago | (#15854104)

Shortwave numbers stations are a social experiment being conducted by the aliens.

Actually they are mostly tenticle-enlargement spam, but we don't have the proper char-set support yet. Hopefully this will be included in Vista.

Re:shortwave radio number stations (1)

fremsley471 (792813) | more than 7 years ago | (#15856149)

Best collection can be found by searching for The Conet Project http://en.wikipedia.org/wiki/The_Conet_Project [wikipedia.org]

When released the recordings were subject to a D-Notice http://www.dnotice.org.uk/ [dnotice.org.uk] and had little publicity; there must be something behind it.

summary (2, Informative)

superphreak (785821) | more than 7 years ago | (#15854003)

from the article:
It seems to have worked.

Re:summary (1)

hemp (36945) | more than 7 years ago | (#15854408)

I still have absolutely no idea what they did...can anyone 'splain this to me?? Pretty please?

Fools! (0)

Anonymous Coward | more than 7 years ago | (#15854009)

That's what they want you to think!

Not much of an experiment (5, Insightful)

ericpi (780324) | more than 7 years ago | (#15854015)

experiment ... to determine if encrypted messages could be passed using unwitting third parties They managed to share anonymous information with others using only a site whose purpose is to share anonymous information with others. The fact that the encrypted the info still doesn't make it much of an 'experiment'.

Re:Not much of an experiment (1, Insightful)

Anonymous Coward | more than 7 years ago | (#15854083)

How many of them went to their friends and said "check this thing out"? After a few thousand calls or a few million pagehits (HELLO WORLD), I'm sure the person the message was intended for got it, but where I do start looking for that person? Thats a lot of log files to go through and people to extraordinarily rendition before I find the one who knows what the message said. Of course, I'd have to torture each one thouroughly just to make sure they're not lying before I toss their body into a shallow grave and move on to the next. Of course, I'll have to spend some extra time with the men to make sure that they appreciate the homosexual rape and the electrodes and the broom hand... hang on, I've got a call from the President I have to get.

Traffic Analysis (4, Informative)

PhunkySchtuff (208108) | more than 7 years ago | (#15854645)

They've done it in this fashion to defeat Traffic Analysis [wikipedia.org] .
This is a method of sending a message out, and having someone you want to receive the message, without other third parties being able to tell that a message has been exchanged. I can send you encrypted emails using any one of a number of secure protocols, and you can reply in kind. This is good on one level as reasonably no-one can read these emails, however it is trivial to work out that we're communicating - and this forms a pattern. Even if you can't work out what's being said, just knowing that certain parties are talking to each other is enough to build up a web of who's connected with who.
Exchanging data in the way mentioned above is a way that an interested third party is unable to work out who's sending, and who is receiving the message - if lots of people can receive it then it becomes harder to tell out of those who can receive it, who is able to read it, or make anything of it - ie, who is actually able to exchange useful information in this fashion.

Back in my day (3, Funny)

eagl (86459) | more than 7 years ago | (#15854037)

Back in my day, we called that a prank.

Ha. Hah.

*golf clap*

One Time Pads (4, Interesting)

tradecraft1 (993475) | more than 7 years ago | (#15854053)

You just have to love the simplicity. There were so many amatateur cryptananlysts thowring all sorts of methods at these messages. A sound implementation of a OTP is a formidable foe. --Chris

Re:One Time Pads (5, Informative)

QuantumFTL (197300) | more than 7 years ago | (#15854079)

A sound implementation of a OTP is a formidable foe.

OTP has two huge problems associated with it, despite the mathematics being sound (assuming you have good random numbers):
  1. Key distribution - do you like sending long messages? You'll need a key that's at least as long as the compressed message, and that distribution system must be absolutely secure. Also you'll need to make sure no one ever has a chance to access your key before or after the message is sent, otherwise you're screwed.
  2. Overconfidence - Congratulations, if you've done it correctly you have 100% secure communications channel. The endpoints, however, are not protected by this mathematics, and are succeptable to everything from hidden bugs to software hacking or even "rubber hose" cryptoanalysis.

Re:One Time Pads (2, Interesting)

tradecraft1 (993475) | more than 7 years ago | (#15854130)

I was referring to the crypto-system behind OTP, not the implementatio per se. --Chris

Re:One Time Pads (4, Interesting)

QuantumFTL (197300) | more than 7 years ago | (#15854135)

Oh, I don't disagree with you at all... In fact if I ever try to do something like this, you better believe I'll be using OTP. I just worry that some people perceive this to be a "magic bullet," which it most definitely is not. In another post [slashdot.org] that even attracting attention with encrypted messages (especially those the government cannot break) could soon be an unacceptable risk for many people, and unfortunately OTP can't help with that.

Re:One Time Pads (4, Interesting)

X0563511 (793323) | more than 7 years ago | (#15854263)

Better method:

1. Encrypt data with OTP.
2. Hide this encrypted data in some false information (stenography)
3. Encrypt the result with something that can be broken (but not too easily)

This way, even if they managed to extract the original data from the stenography, they would just get what looks like random junk. It would actually be quite hard to even realize what you have extracted was real (rather than an error)

Re:One Time Pads (4, Interesting)

X0563511 (793323) | more than 7 years ago | (#15854267)

Oops, forgot to specify:
The data you hide the OTPed data in, does not have to be text. You could use an audio file (notch out a frequency on the edge of the sample range, and then use very small amplitudes to put the data in) or an image, or even a video. You could even put this data out on P2P (encrypted data in porn? who would bother to look?) and simply email an ED2K link or something to the intended recipient. Hmm, porn-link swapping; fairly benign behavior.

Re:One Time Pads (5, Funny)

foniksonik (573572) | more than 7 years ago | (#15854360)

Dude is that why I keep seeing pr0n that looks slightly mangled? I thought it was just amateur encoding jobs... now you're telling me i'm watching encrypted messages while.... NOW I feel dirty... it's like some guy was talking to me while i was... ewwwww...

Re:One Time Pads (1)

beebware (149208) | more than 7 years ago | (#15854926)

Even wrose news - the guy was talking about having hot dirty homosexual sex with his lover: and there you were thinking you were just watching some run of the mill porn!

porn stars are CIA agents? (0)

Anonymous Coward | more than 7 years ago | (#15855876)

wow -- someone is in trouble now after outing all those CIA agents in porn

Re:One Time Pads (1)

Lumpy (12016) | more than 7 years ago | (#15856248)

if you Xor an audio stream with another audio stream you get aural encryption.

we did this back in the 80's with a bridge rectifier in a strange configuration and used a OTP of a casette tape of Pink Floyd's dark side of the moon. Get your encrypted tape and put it in deck 1 put your floyd tape in 2 and cue to the right spot. Play tape 1 until beep press pause. play tape 2 until predetermined part of song press unpause on encrypted tape and hear the audio message.

Heck I had it working as a voice scrambler for telephones here in town, Both of us would tune to a specific station and click in the circuit, parents would only hear the station with garbled audio.

Getting large numbers of OTP's to someone today is really easy. usb thumb drive hidden in a shoe, SD card sewn inot the lining of a coat,pants,shirt collar.

Passing a large number of huge OTP's today is insanely easy to do without getting caught because commodity removeable media is so stinking small, cheap and no longer strange to have.

Re:One Time Pads (1)

QuantumFTL (197300) | more than 7 years ago | (#15854301)

A much more detailed version of what you describe can be found here [nicetext.com] .

If the hostile party even thinks you're still hiding something, however, this won't stop them.

Stenography vs. Steganography (4, Informative)

sshore (50665) | more than 7 years ago | (#15854587)

I'm sure someone has pointed it out by now, but stenography [wikipedia.org] (shorthand) is not the same as steganography [wikipedia.org] .

The mistake is apparently common enough that the first line of the wikipedia entry for steganography says, "Not to be confused with stenography".

Re:One Time Pads (1)

a_n_d_e_r_s (136412) | more than 7 years ago | (#15854700)

You're only using activites real encryption specialists - have already for a long time - thought upon. I disagree - dont think adding an extra layer will help much. Probably better to just hide the message in plain view. Like in a comment on slashdot :-)

PS But only if you dont find it :-)

Issues (1)

Mark_MF-WN (678030) | more than 7 years ago | (#15854627)

Are these really resolvable issues? Ultimately, those two questions are the big ones in security. Mostly the second one, I'd say. But it's nice to be able to focus on them without having to worry that the actual cipher technology will make your efforts worthless. I mean, it's really saying something that we've only now entered an age where we can finally stop worrying about the engineering side of secure communication, and actually focus on the endpoints in confidence. As long as we don't forget that the channel is just the simplest part of security, we've moved forward, and finally have a really solid base upon which to build best practices.

Numbers Stations as OTP delivery? (1)

CdBee (742846) | more than 7 years ago | (#15854872)

It would be insane to think that the purpose of the Numbers Station is to distribute new One Time Pads to agents using other form of communication - maybe so insane that nobody is checking for it....

Re:One Time Pads (1)

k2r (255754) | more than 7 years ago | (#15854887)

> OTP has two huge problems
> 1. Key distribution

Since one can buy a 4GB SD-Card the size of a stamp I'd think that the distribution of HUGE OTPs is a lot easier nowadays.
If Alice has initial physical access to Bob, of course.

k2r

Re:One Time Pads (1)

dnoyeb (547705) | more than 7 years ago | (#15854253)

If its only used once, and you have to pass it securely, then why not just pass the message in place of the OTP? I understand that the message may not be ready. But in this light it seems like OTP is not 'encryption' but encoding?

Re:One Time Pads (1)

Dr_Barnowl (709838) | more than 7 years ago | (#15854595)

Because you may not have the luxury of exchanging messages over a secure channel all the time.

The scenario is typically this ; your field agent is issued with his book of OTPs at home base ; you can be sure of the security of this distribution channel because you have vetted your staff, have armed guards, big EM shielded rooms, etc.

The agent then moves to Enemy Country X, where the phones are routinely tapped by the government, postal mail is all steamed open, and the only ISPs are government sanctioned and snoop all their traffic for subversive content. The agent can exchange messages in the knowledge the content is secure, because he (and HQ) both have their OTP books. Of course, if the signals corp of ECX are any good, they'll detect someone exchanging encrypted messages and bag him, unless he takes steps to obfuscate the message (which is where stenanography comes in).

Stenography Encryption (5, Interesting)

QuantumFTL (197300) | more than 7 years ago | (#15854060)

I think we're moving to a society where just being suspected of a crime will be so bad (in terms of government harassment like no-fly lists, wiretapping, etc) that the most important thing will not be to make sure that the government can't read what you communicate, but rather have no reason to suspect you're doing anything they don't like. With current advances in data mining, it's going to be an arms race - the stenographers against the miners. I for one am fascinated by both technologies, and frankly rather terrified of how they each may be used. It was be interesting to see, but one thing is for sure - encryption will no longer be enough.

Re:Stenography Encryption (5, Interesting)

hcob$ (766699) | more than 7 years ago | (#15854076)

Of course, if you are visible as a "citizen" through credit card purchases, debit cards, atms, banks, etc. and all your other traffic is encrypted... It might make a case for a visual tail to be attached to you. Warrants are only required for searches... not observations in public areas.

Re:Stenography Encryption (2, Insightful)

zacronos (937891) | more than 7 years ago | (#15854201)

I think that was the point... As GP said, "the most important thing will not be to make sure that the government can't read what you communicate, but rather have no reason to suspect you're doing anything they don't like".

In other words, you'll (additionally) need to hide your communications, not just encrypt them. If the government doesn't know any of your encrypted traffic exists, or can't attribute it to you, then there would be no case for a visual tail, possibly excepting the "This person seems to have no additional traffic... that's impossible! Must be hiding it somehow. Put a visual tail on 'em." uber Big Brother possibility.

Re:Stenography Encryption (1)

Ohreally_factor (593551) | more than 7 years ago | (#15854335)

Oh, they'll have plenty of ways to flag you. Any sort of unusual behavior, such as changes in spending on consumer goods, what books you are buying or checking out from the library, dissatisfactions with life that you express not just online, but face to face to close friends and confidantes. Maybe even a tone of dissatisfaction in your voice in a conversation about something that has nothing to do with the issues of the day.

Crawford, Texas Uber Alles
Uber Alles Crawford, Texas

Now it is 1984
Knock knock at your front door
It's the suede/denim secret police
They have come for your uncool neice

Come quitely to the camp
You'd look nice as a drawstring lamp
Don't you worry, it's only a shower
For your clothes here's a pretty flower

Die on organic poison gas
Serpent's egg's already hatched
You will croak, you drunken lush
When you mess with President Bush

Crawford, Texas Uber Alles
Uber Alles Crawford, Texas

Re:Stenography Encryption (4, Interesting)

Kadin2048 (468275) | more than 7 years ago | (#15854449)

All very true. Which makes it more important -- if you're up to some sort of "no good" (where 'no good' is defined by the people with the most guns in the vicinity) -- that you maintain a passable facade of normalcy, at least as far as the government/credit bureau databases are concerned.

If you're the only person on your block using encrypted email, and using it for all of your email, you're an obvious red flag for some form of side-channel attack (i.e. they just sneak into your house when you're away and bug your keyboard). So if you did want to use encrypted communications, not only would you have to hide said communications in other things, but you'd also have to maintain the regular volume of unencrypted traffic from your email accounts so as not to arouse suspicion.

Email use is a trivial example, but it extends to anything else that can be tracked. The exact same thing goes for purchasing patterns: if you're spending large wads of dough (in cash) buying things that the government doesn't want you to have (*cough*recreational drugs*cough*), then you had better make sure that the rest of your purchasing habits aren't affected, so that nobody can find out how much money you're diverting into your illicit hobbies, just by looking at the difference between your income and your creditcards+savings+retirement accounts.

I, too, see this as becoming a cat and mouse game; as the authorities become better and better about mining information, people are going to start to become more clever and more aware about not only limiting the information they give out, but about putting out patently false information in order to create a semblance of "Joe America" when in reality they could be the Shah of Iran.

Re:Stenography Encryption (3, Insightful)

Lumpy (12016) | more than 7 years ago | (#15856256)

not so.

If you have any brain cells you would make sure that your "visible life" was randomized as much as your invisible life. Then your secret transmissions will be missed as you raised the noise floor so much their detection systems will miss it.

the first way to defeat any detection system is to make it go off all the time and the operatores will start ignoring it.

Stenography Encryption-Faster than a speeding PIN. (0)

Anonymous Coward | more than 7 years ago | (#15854077)

"but one thing is for sure - encryption will no longer be enough."

You could always use your moniker against them.

Re:Stenography Encryption (1)

QuantumFTL (197300) | more than 7 years ago | (#15854098)

Sorry, the title was supposed to read "Stenography >> Encryption"

Re:Stenography Encryption (2, Funny)

blincoln (592401) | more than 7 years ago | (#15854309)

Sorry, the title was supposed to read "Stenography >> Encryption"

You should probably use a bit-rotation method instead of just a shift.

Re: Stenography Encryption (5, Funny)

Black Parrot (19622) | more than 7 years ago | (#15854102)

> I thin k we're moving to a society where just being suspected of a cr i me wi ll b e so ba d (in terms of government harassment like no-fly lists, wiretapping, etc) that the most important t h ing w i ll not be to m ake sure that the government can't read what you communicate, but rather have no reason to suspect you're doing anything they don't like. With current advances in data mining, it's going to be an arms race - the stenographers against the miners.

A little analysis reveals your cause for concern.

MOD PARENT UP (0)

Anonymous Coward | more than 7 years ago | (#15854120)

I wish i had mod points for you, thats hilarious, good form.

Re: Stenography Encryption (1)

QuantumFTL (197300) | more than 7 years ago | (#15854190)

Well, I suppose this makes you next...

Re:Stenography Encryption (0)

Anonymous Coward | more than 7 years ago | (#15854133)

Stenography? What does the ability of a personal assistant to take dictation have to do with this? Oh, you meant steganography. I see now. Very cleverly hidden.

simulated weapons of mass destruction (0)

Anonymous Coward | more than 7 years ago | (#15854258)

heres an example ov people suspected ov a crime and being arested for it

"MINNEAPOLIS (AP) - Six friends spruced up in fake blood and tattered clothing were arrested in downtown Minneapolis on suspicion of toting "simulated weapons of mass destruction."

Police said the group were allegedly carrying bags with wires sticking out, making it look like a bomb, while meandering and dancing to music as part of a "zombie dance party" Saturday night."

http://www.kstp.com/article/stories/S17817.html?ca t=1 [kstp.com]

People dressed up like its halloween when its not actually halloween?! must be terrorism. look at the way those kids dance. Spo0o0o0oky!

Re:Stenography Encryption (4, Funny)

Deadstick (535032) | more than 7 years ago | (#15854308)

the stenographers against the miners.

Wow, fighting it out with typewriters against picks and shovels. Wait till the steganographers get in the act...

rj

Re:Stenography Encryption (1)

Ohreally_factor (593551) | more than 7 years ago | (#15854321)

Wait till the steganographers get in the act...

Don't they need both typewriters and picks and shovels if they're going to write biographies of dinosaurs?

Re:Stenography Encryption (1)

Tavor (845700) | more than 7 years ago | (#15854448)

If the pen is mightier than the sword, I'll wager that the typewriter is mightier than the steamshovel!

Re:Stenography Encryption (1)

noidentity (188756) | more than 7 years ago | (#15854936)

Yes, those court reporters and others who record dictation in shorthand [google.com] , will be the revolutionaries! Hint: Steg

(sorry, just making an obligatory Slashdot-style joke, nothing personal)

Re:Stenography Encryption (1)

noidentity (188756) | more than 7 years ago | (#15854955)

"[...] the most important thing will not be to make sure that the government can't read what you communicate, but rather have no reason to suspect you're doing anything they don't like. [...]"

In other words, abiding the law will become insufficient; there will be a new set of truely harmless things which will be met with punishment, but without any courts involved or room for defense.

Re:Stenography Encryption (1)

Sam423 (993522) | more than 7 years ago | (#15855026)

Isn't there a possibility of political activism with this thing?

I mean, imagine, just out of the blue, everybody starts posting or emailing around random groupings of 5 numbers.

If everybody does it, you are less likely to be singled out. It will annoy the hell out of the surveillance government. It will allow people who want to really have a covert channel to be undetectable. It will make a strong political statement, can become viral. Add a line at the end of the bloc of numbers to the effect of: 'I'm fed up of being watched. So, I'm sending around numbers. They could be some sort of communication. Or not.

If you're fed up of being watched too, let the watchers know: do as I do. It will soon become useless watching when everyone is doing it'.

You can very well imagine the same thing with telephone numbers. You post your phone number on a site. You can see all the numbers of everyone else who subscribed. You choose a few, you call them. Tell them: 'Hey! You're into this too! Kalaschnikov Ben Laden! And good day to you sir!'. Everybody which will be on this list can them communicate without fear of traffic analysis.

And who knows, you could end up talking to some interesting people with the same view on the matter as you!

Let's plant false leads all over the place. It'll annoy them, it may give us back our privacy, it will be, for once, a political act easy to do from your keyboard.

Let's all get red-flagged.

00005 45678 69815 46844 44684 00456 48466 48466 781548 45184

(Gee... I'm getting all carried away. Point out the flaws please :)

Random Noise (0)

Anonymous Coward | more than 7 years ago | (#15855410)

LAMENESS FILTER CAN BITE MY SHINY METAL ASS!!!!!!!

  I had an example of a simple C program that would generate numberstation noise
and an example of it's output. It's best piped into the speach generator on
OS x (numsta #lines | say ) but lameness filter is not willing.

too bad.

Posted Anonymously because if everyone used this the spooks would be mad at Me.

Syntax (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#15854069)

I can't make out a fucking thing about this article. Why is it that slashdot assumes I've been following their articles for the last 50 years? How about a simpler and more to the point explanation that some random bullshit blather from the cut and paste monster?

No wonder why I quit reading here and started reading reddit.com months ago.

Isn't the point of the summary to summarize something? And a summary, isn't that supposed to provide an overview of the original? What did this bullshit summary summarize except a steaming turd?

12 24 55 88 45 97 96 (2, Funny)

DAldredge (2353) | more than 7 years ago | (#15854105)

23 42 13 75 24 53 20 45
12 43 88 42 90 45 23 23
45 63 00 06 34 64 22 64
32 54 99 99 23 54 32 22

Re:12 24 55 88 45 97 96 (4, Funny)

CUatTHEFINISH (970078) | more than 7 years ago | (#15854139)

In related news, slashdot member accidently picks correct lottery nubers for the next 4 drawings.

Re:12 24 55 88 45 97 96 (4, Funny)

CUatTHEFINISH (970078) | more than 7 years ago | (#15854143)

and in other related news, I can't spell numbers.

Re:12 24 55 88 45 97 96 (3, Funny)

teamhasnoi (554944) | more than 7 years ago | (#15854492)

Dammit! I just blew a paycheck on lottery nubers!

Re:12 24 55 88 45 97 96 (0)

Jah-Wren Ryel (80510) | more than 7 years ago | (#15854672)

With such a high slashdot-id, I just assumed that you were a nube.

Re:12 24 55 88 45 97 96 (1)

CCFreak2K (930973) | more than 7 years ago | (#15854706)

You also seem to have invented a way to net double the karma than with a single comment.

Re:12 24 55 88 45 97 96 (4, Funny)

eosp (885380) | more than 7 years ago | (#15854333)

Be...sure...to...drink...your...Ovaltine??? You ASS!!!!

Re:12 24 55 88 45 97 96 (0)

Anonymous Coward | more than 7 years ago | (#15854402)

23 42 13 75...

Yes, life, the Universe, and everything goes to hell, I completely agree with you.

Lost Numbers? (1)

jarg0n (882275) | more than 7 years ago | (#15854593)

4 8 15 16 23 42

Trolls everywhere! (1)

Heembo (916647) | more than 7 years ago | (#15854213)

These trolling phenomena, encrypted or not, really get to me! It seems to senseless and a waste of time! ALL YOUR BASE BELONG TO US

I Love You. (0)

Anonymous Coward | more than 7 years ago | (#15854249)

ADs (0, Offtopic)

+Suez (990479) | more than 7 years ago | (#15854236)

There is a web(www.imqun.com) which gives the service of MSN Group. Once you add a MSN group as a contact, all people in this group can talk through MSN together! I created a MSN Group for people who like Slashdot, msn14400@imqun.com. Just add msn14400@imqun.com as a contact! Then it's OK.

What was the point again? (1)

clambake (37702) | more than 7 years ago | (#15854272)

Wouldn't it have been just as effective to just write the numbers into the craig:s list pointing right fromt he start? What's the point of the VOIP nonsense?

Oh, and:

Group 214
80020 21085 00601 30690
01201 50240 07006 01601
70690 01702 40050 14024
00908 70220 67089 00820
10086 07801 30240 02707
30130 15006 09306 20084
00000 00210 03070 03107
02706 70000 07016 01201
Q

Re:What was the point again? (5, Interesting)

Dachannien (617929) | more than 7 years ago | (#15854306)

A post containing the actual encoded message might get deleted from Craigslist due to its content (or lack thereof). A cleverly disguised reference to a phone number where the message can be retrieved fits in with the natural flora of Craigslist.

It's like doing the same thing on a restroom stall. "For a good time, call 202-555-3988" will probably get passed over as graffiti, but a large block of cryptic-looking numbers looks unusual enough to attract attention.

Re:What was the point again? (1)

bdulac (868850) | more than 7 years ago | (#15854339)

It seems obvious that people who read bathroom stalls might the same people that look at craigslist........ or is that making an assumption? Maybe we should all put our private messages in public view to prevent them from being read...........uh what?

Re:What was the point again? (1)

Lord Kano (13027) | more than 7 years ago | (#15854357)

What's wrong with reading bathroom stalls? You can find some great poems and limericks.

Here I sit, broken hearted. Came to poop and only farted.

LK

Re:What was the point again? (1)

bdulac (868850) | more than 7 years ago | (#15854361)

Totally nothing wrong with it. Just like reading posts on Slashdot. Kinda pointless but funny. Helps pass the time too....or is it pass the gas?

Re:What was the point again? (1)

Geoffreyerffoeg (729040) | more than 7 years ago | (#15856177)

It's like doing the same thing on a restroom stall. "For a good time, call 202-555-3988" will probably get passed over as graffiti, but a large block of cryptic-looking numbers looks unusual enough to attract attention.
You're a genius. Don't worry about Craigslist...train the girls to memorize your encrypted numbers. They'll recite them if you ask. And if government officials start calling the girls...instant scandal! They're forced out of office, and they can't tap your conversation any more. (And anyway all they got was a limited amount of cryptotext.)

I cracked it!! (2, Funny)

Anonymous Coward | more than 7 years ago | (#15854287)

The decrypted message is: "There are motherfuckin snakes on the motherfuckin plane."

Suduko (1)

Inigo Montoya (31674) | more than 7 years ago | (#15854374)

I'm beginning to think that the Suduko puzzles printed in the newspaper will actually turn out to be encrypted text sent between parties in small printable blocks.. the entire text won't be available for several more years.

There's probably some dastardly plan in there somewhere :)

Puzzles = High entropy (4, Interesting)

Kadin2048 (468275) | more than 7 years ago | (#15854460)

Actually a while back I was talking to someone who was writing a little steganographic program (not sure if he ever completed it) that was designed to make "word find" puzzles out of encrypted or encoded text. So the result would be a block of letters that you could print up as a trivial word-find puzzle, the ones where you look for the words printed vertically, horizontally, diagonally, etc., but then if you actually analyzed the letters (I think he was using some sort of trivial cipher that could be broken via distribution analysis) it contained a message.

I thought that was pretty neat; "puzzles within puzzles" and all that. When you think about places where you can hide messages though, there are lots of opportunities when you have puzzles, because people expect a certain amount of randomness there. In a newspaper, there aren't a whole lot of other places where you can just have a whole block of random letters and not arouse suspicion; if you find someplace where there is already expected to be high entropy, then you can sneak in your encoded material much more easily.

Sudoku puzzles and crosswords could also be good candidates, but there are even ways you could probably work them into more subtle things if you had a predetermined scheme for encoding the message. I'm sure you could probably work the chess puzzles if you knew what you were doing.

Re:Puzzles = High entropy (0)

Anonymous Coward | more than 7 years ago | (#15854674)

Like this? [historic-uk.com]
But while some members of MI5, Britain's counter-espionage service, were whiling away their spare moments in May 1944 by doing the Telegraph Crossword, they noticed that vital code-names that had been adopted to hide the mightiest sea-borne assault of all time, appeared in the crossword.

They noticed that the answer to one clue, 'One of the USA', turned out to be Utah, and another answer to a clue was Omaha. These were the names, given by the Allies, to the beaches in Normandy where the American Forces were to land on D-Day.

Another answer that appeared in that month's crossword was Mulberry. This was the name of the floating harbour that was to be towed across the Channel to accommodate the supply ships of the invasion force. Neptune another answer, referred to the code-name for the naval support for the operation.

Perhaps the most suspicious was a clue about a 'Big-Wig', to which the answer was Overlord. This was the code-name given for the entire operation!

Re:Puzzles = High entropy (1)

drakkos (203515) | more than 7 years ago | (#15854927)

Not quite what you are saying here, but I thought this was interesting enough as a factoid to bring up:

During a phase of Bletchley Park's expansion, the Government Code and Cipher School place a challenge to the readers of the Daily Telegraph for anyone who could solve it in under twelve minutes. Those who did were brought to Fleet Street for a followup test, and those who passed that (six of them in the end) were brought to work at Bletchley Park.

In Victorian Times, newspapers used to carry columns of encrypted messages from young thwarted lovers to the objects of their affection. These agony columns were a source of mystery for many, and amusement for others (the codes were sophisticated enough to vex a semi-casual analysis, but not enough to stand up to those who actually wanted to invest time reading them). Charles Babbage was a big fan of this.

Not nearly as subtle as you are suggesting, but there is a precedent.

Drakkos.

What I want to know is... (1)

dcigary (221160) | more than 7 years ago | (#15854422)

...how these guys didn't get a visit from a few nice men in suits flashing Homeland Security badges and asking a lot of questions. I'm sure that they had to have been looked at...

Re:What I want to know is... (4, Interesting)

digitalchinky (650880) | more than 7 years ago | (#15854442)

All the three letter agencies across the world have finite resources. Supposing you had a box on every backbone, it's still not practical. Logically you need to have knowledge of your target beforehand, otherwise it's needle in the haystack stuff.

There are very few viable solutions, one might have 'the next terror act (tm)' sitting somewhere on a collection system, though how would an analyst ever know what that snapshot actually means without additional information? Hindsight doesn't help much.

There's an awful lot of noise out there to hide behind, and it's only ever going to get worse.

Signed.
Ex 3 letter agency drone.

That's the Holy Grail, pretty much. (3, Insightful)

Kadin2048 (468275) | more than 7 years ago | (#15854485)

You've just hit one of the biggest problems facing intelligence today square on the head.

In times past, the real trouble was in the acquisition of information. Now, the problem is on the analysis end: there's just so much information pouring in, nobody can even store it all, much less analyze it to any significant degree. You've got signals from the radio spectrum (broadcast TV and radio, satellite signals, telephone signals), plus all the POTS system voice traffic, plus actual Internet data in its myriad formats; it's really overwhelming.

I don't think there's any pat answer to your question. Obviously the intelligence agencies think that the best solution to the problem is with better analysis software and heuristics programs; stuff that can comb through the haystack and try to find the needle. But of course, those systems are only good at finding stuff, if you have a reasonable idea what you're looking for.

International terrorism, which is the bogeyman today, hasn't been around for long enough that -- in my uninformed opinion, anyway -- we probably know exactly what the "fingerprints" of an upcoming operation look like. We've had a couple of incidents to go on, now, but those are precious few datapoints to base future predictions on, or to use in order to seed systems in the hopes of catching future activity beforehand. It will probably be only in hindsight that we'll know of the next few incidents, and we'll have to use those to program the systems to sort the data.

Obviously, it's a very hard problem, both in the literal layman's sense of the term but also I think in the information-science sense of the term. My personal feeling is that it's such a lucrative problem, both in the public and private-sectors, that we'll get quite good in the future at mining through the rough to find the diamonds; however, it'll always be a cat-and-mouse game with people who want to hide their activities, whatever they are.

To go totally out onto a limb for a moment, my (unjustified) feeling is that eventually, the systems for doing this sort of information-processing will be biological in nature; either using some sort of simulated, self-programming neural networks in silicon, or will actually use neurons that have been plugged in to computer systems (literal 'brains in jars,' perhaps). Assuming we start to see the practical limits of information-processing on silicon, I see biological computing as being the next big step forward in information processing, particularly in the areas requiring a lot of heuristic analysis that don't lend themselves easily to more conventional algorithmic solutions. Data mining seems to be one of the few areas that would have enough possible rewards to justify both the risks and massive investment required, at some point in the future, of research and development.

Spelling... (1)

Teun (17872) | more than 7 years ago | (#15854702)

'the next terror act (tm)'

Surely this is different to (I quote a CIC) 'the next terrer act'?

Re:What I want to know is... (2, Interesting)

sdeath (199845) | more than 7 years ago | (#15855551)

I'm frankly surprised that nobody has mentioned the #1 noise source and probable steganographic message carrier out there: spam. It's ubiquitous, customarily comes with a shitload of SEEMINGLY random strings whose purpose is ostensibly to confuse hash-based and keyword filtering (but which could contain God-knows-what), is easy to do, and doesn't raise any eyebrows. What do most people do with spam? Throw it in the trashcan, of course, they can't hardly get rid of it fast enough. You can scatter it across millions of email address, camouflaging the one you're really sending it to. And only for those with the secret decoder ring would the funny strings have any meaning...

Re:What I want to know is... (0)

Anonymous Coward | more than 7 years ago | (#15854806)

What I want to know is when Americans began expecting harmless pranks to result in a visit from the secret police.

Re:What I want to know is... (0)

Anonymous Coward | more than 7 years ago | (#15855409)

I guess that means your paranoia is unjustified.

Too bad you'll never believe it.

Podcasts (eew i hate that word) (1)

Idimmu Xul (204345) | more than 7 years ago | (#15854607)

Are Defcon likely to put up MP3s of the presentations?

Ignore the Stupid Prank (1)

MSTCrow5429 (642744) | more than 7 years ago | (#15854638)

No one cares, and Craigslist swiftly removed the "final number station" post.

My plan (1)

NexFlamma (919608) | more than 7 years ago | (#15854651)

1. Post random number sequence
2. Tell people it was actually an elaborate social experiment
3. ???
4. Profit!

Yet another shameless plug by IO ERROR (1)

ryanduff (948159) | more than 7 years ago | (#15854894)

The article linked to goes right to his Homeland Stupidity site. This guy sits at home and lives off his Adsense revenue and /. just gave him a ton of hits. Unfortunately to help mask this, his previous blog http://ioerror.us/ [ioerror.us] now forwards to Homeland stupidity and any projects previously on ioerror.us are now hosted at homeland stupidity. Either way, IO ERROR is Michael Hampton.

There are a few slip-ups that still tie him together.. on the contact page... is skype name is ioerror_us and on the policies page, the email to contact him is error at ioerror dot us

Nothing to see here... move along.

Similar phenomenon (0)

Anonymous Coward | more than 7 years ago | (#15855666)

I just found a similar phenomenon over at Blogspot: http://encryptedthoughts.blogspot.com/ [blogspot.com]

It seems to have been created in mid-July and there are only four posts at the moment. Also, the posts use letters (all 26), not numbers. I'm not an expert cryptanalyzer, but I do the little Cryptoquip puzzles in the newspaper, so I figured I'd at least frequency analyze the posts, but it turns out they all have completely flat distributions. So maybe they use one time pads too. Oh well, something for you more advanced armchair cryptanalyzers to play with anyway.

Usenet? (1)

John Jorsett (171560) | more than 7 years ago | (#15855977)

If defeating traffic analysis is the objective, why not just post the messages on Usenet newsgroups? They'll propagate to many thousands of servers, and even if it were possible to see everyone who reads them, a popular newsgroup would have so many routine readers that figuring out the intended recipients would be impossible.

UDP packets from China (0)

Anonymous Coward | more than 7 years ago | (#15855986)

What I want to know is why every time I connect to my ISP, within minutes UDP packets are bouncing off my firewall from Chinese sites as
  • 202.97.238.194
  • 221.10.158.141
  • 221.208.208.103
  • 60.11.125.37
  • etc.

This continues until I disconnect.

Even if I run no services whatsoever, they shoot UDP packets all day long. WTF is this? Do some ISPs block this crap?

Glad I wasn't at this presentation.. (1)

madsheep (984404) | more than 7 years ago | (#15855991)

Yes -- honestly I am very glad I was not present for this. I would have been disappointed and felt I wasted my time. Not trying to troll but this is a who cares story if I have ever soon one.

"Social" experiment (0)

Anonymous Coward | more than 7 years ago | (#15856235)

Hello World here is most likely just a trolling attempt. Back on topic, has anyone noticed any seeming correlation?

Cronologically, we've had social engineering (getting your passwords by pretending to be the good guys fixing a problem that doesn't exist, like AOL, Citibank and PayPal logins --even the nigerian email scam.) Then social networks like myspace, whquestion, forums... Finally, social experiments... once it became apparent that the web is reaching critical mass because it is interactive (you can get data back without needing prohibitive resources ro run your polls, and reach thousands without revealing your identity or purpose.)

If you think about it, experiments of this kind are nothing more than pranks to us and "data" to them. However, I fear that 50 years ago, pranks had no way of being widespread. These days we don't even know in which new ways someone will waste our bandwidth in the name of this "social science." Somehow, I feel dirty everytime someone uses terms where 'social' means computer related, because to me the line between hard science and the humanities is very, very thick. We are starting to see a blur now that "scientists" are experimenting with amounts of human guinea pigs previously unimaginable.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...