Sex, drugs, and technology
There was a time when people blamed rock music for the ills of society. We were warned of hidden messages in songs by The Beatles. Well, I wasn't much of a Beatles fan, but I listened attentively for these messages. Somehow, I managed to get through those formative years without joining a satanic cult.
Every generation has its share of fear-mongering stories that fuel the suspicions of the paranoid. Urban legends and bogus virus warnings are prime examples of how people are easily manipulated by social engineering. Cryptography is the latest case in point. We are told that child pornographers and drug dealers use cryptography to carry out their nefarious activities. It's easy to get sympathy from the general public and rally support for government action to curb such criminal behavior.
Recent news reports tell us that terrorists are leaving hidden messages on Websites -- aided by the evil science of cryptography.
"Bin Laden Uses Web to Plan Terrorism": http://www.cnn.com/2001/TECH/internet/02/06/terrorists.internet.ap/index.html
In essence, the breaking news is that bad guys use computers to streamline their operations. Well, duh! I'll bet they use phones as well. To give the story a more frightening twist, it is revealed that, "Messages are scrambled using free encryption programs set up by groups that advocate privacy on the Internet." Those damned privacy groups ...
Other reports about these tech-savvy terrorists claims that they're using steganography in addition to cryptography to hide their secret messages. Strangely enough, the same computer security company is heavily quoted in many of the articles.
Steganography is based on the notion of communicating without the correspondence being noticeable. The Greeks used it by writing messages on the heads of couriers. Adversaries who intercepted the couriers could find no message in their possession, so they'd let them pass. The intended recipients, however, knew where to look. It's believed that terrorists are encrypting data within files containing pornographic material (Those immoral terrorists!) so that it can be deciphered at the receiving end without detection.
No one has publicly presented any evidence of this. All we hear are vague references to "unnamed" sources and "closed door" meetings. While it's theoretically possible to use steganography and cryptography this way, the question begs to be asked: Why? It makes no sense to go through all that trouble when there are much easier methods available. Law enforcement would have us believe that encryption protects criminals and hinders efforts to protect the public. A witness in the US embassy bombing trial testified that he warned US officials of the plot two years before the bombing. No encryption or steganography involved here -- just a plain old-fashioned tip.
http://www.cnn.com/2001/LAW/02/07/embassy.bombing.03/index.html
Law enforcement agencies will jump on any opportunity to make their job of surveillance easier. They tried with the Clipper Chip, and more recently with the email-spying program, Carnivore. In response to the public outcry over a loss of privacy, the FBI is changing the name from Carnivore to the less intimidating "DCS1000." Oh, I feel better already.
http://news.cnet.com/news/0-1005-200-4769965.html?tag=mn_hd
We're supposed to believe that our government is merely interested in our safety and can be trusted. But law enforcement agencies are not just a single entity. Rather, they are composed of thousands of employees. An agency may have a policy about nondisclosure, but who's to say that the people working for the agency will follow it? Especially if someone were considering a career in the private sector, wouldn't it be tempting to gather information about future clients and competitors? Recently, a DEA agent was charged with selling confidential information to a private investigation company. This is just one of many cases in which an official apparently abused his position.
http://www.usdoj.gov/usao/cac/pr2001/007.html
http://www.securityfocus.com/news/142
We often hear the argument that pedophiles and other criminals use cryptographic systems to cover their crimes. Obviously, anyone who uses encryption must have something to hide. The assumption seems to be that they're engaging in criminal activities. While this may well be true in some instances, there are legitimate reasons for protecting data. Cryptography provides assurance on the validity and ownership of the data that's encrypted. Ironically, the weakened cryptographic systems desired by the US government would bring the validity of evidence found online into question.
People fear what they don't understand -- and the average person doesn't understand anything that ends with ography. When in doubt, blame technology.
» posted by abennett
Unix Insider
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
