Security Through Obscurity - Spam Mimic 153
ragnar! writes "Ingenious. Not just strewing spam-speak between the words of your message, actually does some kind of character/word -> phrase conversion.
Interesting concept - check out Spam Mimic." I tested it out - looks pretty darn cool.
It had to be done (Score:1)
... OR (Score:1)
No way they're gonna be able to tell that you mailed just one person.
Either way, Spam encoding works.
Re:This is cute but... (Score:1)
Not everyone considers their e-mail top secret enough bother with actual encryption. It is for those kind of people that this might be useful every now and then.
!! (Score:2)
Re:... OR (Score:2)
Not true - presumably they have multiple boxes on multiple networks that can coordiante and see if more than one of the message was received. In fact, this is most likely the way they do spam detection, not by looking at phrasing.
-Alison
Romance technique (Score:1)
The possibilities are almost endless....
Re:Used real spam in the decoder (Score:1)
Additional security mechanism... (Score:1)
sinan
Oh, boy... (Score:2)
Now, we have SPAMGANOGRAPHY to hide the meaning of life from Echelon....
--
Re:May be... (Score:2)
Wonderful (Score:5)
Can everybody please post examples for how their short message was ballooned into wordy spam? I just got a new mouse with a scroll wheel and I'd like to try it out.
Oh, you've done that already. Thanks.
I decoded some real spam... (Score:2)
I really like this direct marketing thing. I failed in life as a salesperson, but I belive everyone loves my ideas so they will buy my crappy ideas if I send this stuff out in volume. Come on, send me the cash. I am broke because I invested in all these pyramid schemes that I thought would work, and that penis enlargement? It did not help. Hell when I signed up for those XXX sites all they gave me was a link to goats.cx. Come on buy my crap and help out a poor spammer!
Re:You're all missing the point (Score:2)
But, the site is unencrypted! (Score:2)
--
if you really want to send covert email (Score:3)
What would really work well is a random spam generator that takes any random stream of bytes as input. Then you do the following:
Plaintext -> PGP/GPG -> cyphertext ->SpamMimic -> cyphertext which looks like spam
Then, it would be secure and would not attract attention. There are some interesting pitfalls tho:
o It could be deleted by a computer rejecting spam based on a text signature
o Your friend would have to know ahead of time to expect your message or he'd delete it. Of course, then he could no longer ignore any of his spam. If he automates the process, this could be avoided because normal spam would not decrypt to anything and the checksum would fail and it would be tossed automatically.
o Somebody could invoke an anti spam law to sue your ass when you were simply sending them a message. Then, you'd have to prove it wasn't spam.
Thoughts (Score:3)
The codec was (re)designed so that most actual spam would decode into a message, even if it was gibberish? Would certainly improve the steganography aspect, I think.LI>
The codec was (re)designed so as to be irreducibly computationally expensive to decode messages, thus making scanning difficult, but on a modern machine decoding
Admittedly I'm not an expert on spamming methods, but it seems to me like most spam appears to be addressed to one recipient anyway, so I don't think the 'one recipient therefore fake spam' correlation holds, as some have suggested.
Honestly, if these ideas were to be implemented (well, the first two, anyway), I don't think they would need to open source the program. That is, one could just as easily be made up with those goals in mind, since a complete rewrite would be necessary anyway.
To me, this seems like a potential way to produce 'ubiquitous encryption.' If the codec was remade so that it was computationally expensive and regular spam decodes without errors, then it would dramatically improve the percentage of encrypted mail.
Or, better yet, since regular spam would decrypt to 'gibberish,' why not have the decrypted output be code for use with an actual cypher? Suddenly I imagine a PGP->Spam encoder and decoder...imagine, every spam message is potentially a PGP message! That'd really mess up carnivore/echelon. It'll probably never happen, though. But the possibility is certainly tantalizing...
Stenography (Score:2)
They're taking your email, and encoding it to look like spam. Hence, evesdroppers will filter it out as junk instead of examining it. (Or evesdroppers will be forced to pay attention to spam.)
This is very similar to stenography--hiding information in a way that you can't prove that it's there unless you already know how to decrypt it.
Now Big Brother will work FOR us--to outlaw spam! (Score:3)
little less time on other mails.
Unless, of course, they can convince the general public that now, not only is spam annoying, it's actually a threat to national security -- nay, an open INVITATION to have a middle eastern terrorist bomb the public library in your home town. This could be the end of legal spam!
And if it's not, then we get cool steganography! Either way, we win!
('course, if they can get the public to buy that, they can get the public to buy pretty much anything, and we might be in big trouble.)
--
DAY LATE AND A BUCK SHORT! (Score:1)
Re:PLAYA HATE AND A BUCK SHOT! BUP BUP! (Score:1)
Always down? (Score:1)
Well, I guess other people have used it otherwise it wouldn't keep showing up. Maybe it's just me. I'll go try again.
First /. effect (Score:2)
Not great steg (Score:2)
But the trouble with such a system is that you have to build a brand new set of rules to have any sort of security. You can't just generate a new set of keys, you have to build a new grammar and phrasebook for the spam text.
Re:fp (Score:1)
cutting-edge announcement . If you are not interested
in our publications and wish to be removed from our
lists, simply do NOT respond and ignore this mail !
This mail is being sent in compliance with Senate bill
2116 ; Title 3 ; Section 303 ! This is NOT unsolicited
bulk mail ! Why work for somebody else when you can
become rich within 10 weeks ! Have you ever noticed
nearly every commercial on television has a
in it plus how long the line-ups are at bank machines
! Well, now is your chance to capitalize on this !
We will help you deliver goods right to the customer's
doorstep and decrease perceived waiting time by 150%
. The best thing about our system is that it is absolutely
risk free for you ! But don't believe us . Mr Simpson
of Alaska tried us and says "My only problem now is
where to park all my cars" . We assure you that we
operate within all applicable laws ! We urge you to
contact us today for your own future financial well-being
! Sign up a friend and you get half off . God Bless
! Dear Web surfer , Your email address has been submitted
to us indicating your interest in our briefing ! This
is a one time mailing there is no need to request removal
if you won't want any more . This mail is being sent
in compliance with Senate bill 2616 , Title 1 ; Section
305 . This is different than anything else you've seen
! Why work for somebody else when you can become rich
in 92 DAYS . Have you ever noticed how long the line-ups
are at bank machines plus people love convenience .
Well, now is your chance to capitalize on this . We
will help you turn your business into an E-BUSINESS
plus process your orders within seconds ! The best
thing about our system is that it is absolutely risk
free for you . But don't believe us . Ms Ames who resides
in Montana tried us and says "I was skeptical but it
worked for me" ! We are licensed to operate in all
states ! You have no reason not to act now ! Sign up
a friend and you get half off . Best regards . Dear
Salaryman ; You made the right decision when you signed
up for our directory . If you are not interested in
our publications and wish to be removed from our lists,
simply do NOT respond and ignore this mail . This mail
is being sent in compliance with Senate bill 1626 ,
Title 8 , Section 301 ! This is NOT unsolicited bulk
mail ! Why work for somebody else when you can become
rich inside 56 days . Have you ever noticed nearly
every commercial on television has a
and nearly every commercial on television has a
on in it . Well, now is your chance to capitalize on
this ! WE will help YOU increase customer response
by 170% and decrease perceived waiting time by 120%
. You can begin at absolutely no cost to you . But
don't believe us . Ms Simpson who resides in Ohio tried
us and says "I was skeptical but it worked for me"
. We are licensed to operate in all states . We BESEECH
you - act now ! Sign up a friend and you'll get a discount
of 40% . Thanks ! Dear Friend ; This letter was specially
selected to be sent to you . If you no longer wish
to receive our publications simply reply with a Subject:
of "REMOVE" and you will immediately be removed from
our mailing list . This mail is being sent in compliance
with Senate bill 1619 ; Title 6 , Section 303 . This
is NOT unsolicited bulk mail ! Why work for somebody
else when you can become rich inside 59 WEEKS . Have
you ever noticed nobody is getting any younger and
most everyone has a cellphone ! Well, now is your chance
to capitalize on this ! We will help you sell more
& process your orders within seconds ! You can begin
at absolutely no cost to you . But don't believe us
! Ms Ames who resides in New Jersey tried us and says
"My only problem now is where to park all my cars"
! This offer is 100% legal . Do not go to sleep without
ordering . Sign up a friend and you get half off !
Warmest regards .
Re:I don't see it... (Score:1)
i know, it's actually run by the government. that way they can monitor your email before you even send it..
Nice idea (Score:2)
Of course, it also runs the risk of your friend discarding the email because he runs a smart spam filter, too. (BTW, John - YHM).
--
Best of both worlds. (Score:2)
-Restil
But there is a fix...combine it with keypairs (Score:3)
Think about it. PGP just turns a message into "gibberish"; a spamified PGP would turn it into (admittedly rather long) halfway intelligible spam messages, only decodable by the recipient.
Now THAT would be cool...
cya
Ethelred [macnews.de]
Re:MAKE BIG $$$ IN YOUR SPARE TIME!!! (Score:2)
That depends on what you mean by "admits". If you look through the Received: headers, specifically the last non-forged one, it's extremely frequent to find the uu.net IP addrs. For example:
Return-Path: <jcrand1975@implus.at>
Delivered-To: no@spam.com
Received: from ntserver.kvadro.ee (mail.kvadro.ee [213.168.23.75]) by shackman.divisionbyzero.com (Postfix) with SMTP id CEAABB9F48 for ; Sat, 18 Nov 2000 12:12:34 -0800 (PST)
Received: from bungee5 (unverified [63.24.141.248]) by ntserver.kvadro.ee (EMWAC SMTPRS 0.83) with SMTP id ; Sat, 18 Nov 2000 21:25:45 +0200
Date: Sat, 18 Nov 2000 21:25:45 +0200
To: jcrand1975@implus.at
From: jcrand1975@implus.at
Comments: Authenticated sender is <jcrand1975@implus.at>
Reply-To: jcrand1975@implus.at
Subject: New - 15-Million Fresh E-Mail Addresses
Message-Id:
You'll notice the last Received: header points to a 63.* addr. Hello uu.net.
By "major isp's", I was referring to ISP's that serve a lot of private cutomers... AOL, Juno, Qwest, MSN, etc. etc. not spine providers and business-centered ISP's like uu.net and mr.net
Plenty of spam can be traced back to AOL dialup IP addrs, and uu.net owns many of the IP addrs that small ISPs use.
This is not to mention the proliferation of non IP logging relaying SMTP servers from major ISPs, most notably @home. Or all the people running relaying sendmail on their redhat boxen.
Re:MAKE BIG $$$ IN YOUR SPARE TIME!!! (Score:3)
Huh. Most of my spam comes from uu.net.
and spoofs the recipient's ID into the From: field,
What's to stop this software from doing the same?
it seems to me that the fake spam would be fairly easy to spot.
It would look just like real spam unless you specifically checked for the type of mangling done by this program (assuming it does leave some kind of fingerprint).
If it looks like spam, but comes from a major ISP, and is delivered to only one person, it is a fairly good guess that it is really a coded message.
No, it's not a good guess. Major ISPs (especially uu.net) send out massive amounts of spam. As for delivered to only one person, most spam forges the To: header, so there isn't any clue in the email itself as to how many people are receiving it. Unless the sniffing system kept a queryable database across all it's nodes, it wouldn't be able to detect the multiple connections from the originating mailserver to it's target mailservers.
Even if there was such a database, the whole point was to make carnivore/echelon apply more logic than just "basic" spam detection. If you make the FBI/NSA have a queryable database of all active tcp connections on the entire internet at all times, then you're achieved your goal.
Coming next: Slashdot mimic! (Score:2)
I'll bet Slashdot offers an even better substrate than spam. Carefully chosen variants of comments about how MS/Microsoft/Microsloth sucks/sux/blows/bites could easily be used to encode a message. Ditto for other "hot words" such as Linux, BSD, JonKatz, Natalie Portman, goatsex, etc. With a little creativity we could probably get something like Spam Mimic working, but with a much more favorable compression ratio. What's even better is that you don't even have to use your own storage. Just post the encoded version to Slashdot and your friend can pick it up any time, while it remains totally indistinguishable from all the other random garbage people (including me) post here.
To: webmaster@spammimic.com (Score:4)
We have an amazing opportunity waiting for you. Because your server has been slashdotted,
we have a special offer just for you at FBNHOSTING.COM. FlyByNite hosting guarantees
uninterrupted web hosting with no possibility of DOS/DDOS/SlashDotting attacks.
Act now! This offer is time limited. Already, your precious users are turning away and surfing
on to your competitor.
W.E. Zell, manager
FBNHOSTING
---
Used real spam in the decoder (Score:5)
I am a scam artist trying to defraud you of your hard-earned money.
---
Re:But, the site is unencrypted! (Score:2)
--
kills spam (Score:4)
THAT would be cool. I'd almost overlook the whole big brother thing if they did that :)
Rader
And the message is... (Score:1)
"And Bababooey to you all !! !!"
Now we don't have to slashdot the site to decode this.
--
Patrick Doyle
OK then.... (Score:1)
new movement.....in order to preserve the quality of Slashdot feedback, every headline must now look like:
SDAFLJQ#$RLWEFQ$FSDFDF#$QVQ $#RFclick [spammimic.com] SADFAS!FEQWsk3n1443R$:FEMK #VL#$ VJLF34knc rk4jnc#$ C%$@
So i hope to get you all signed up pronto.
im leading a new movement (Score:2)
Ugh! (Score:1)
--
How can you tell spam from stenographic encoding? (Score:1)
On the other hand: Looks like spam; smells like spam; gets tossed out like spam.... Did you get the message? Not yet -- just 300 spams -- trashed em all. *urk*
prior art (Score:2)
Re:No Secret Messages So Far (Score:5)
Re:First /. effect (Score:2)
Ahh, if only you could mirror CGIs more easily :)
Google [google.com] does it with ease ....
good start, but need more. (Score:5)
The real value would be if this thing would take any garbage and translate it into something - of about equivalant length garbage. Thus it could be coupled with an encryption format that looked like garbage, to effectively obfuscate your communication.
PGP/GPG does not do a good job as the encryption format. It's got these nice, easy to read, headers that show you that it's a GPG encrypted message. What you need is something that will take in what looks for all the world like garbage and spit out the clear text if you got the right key.
This is a great first step, tho.
Re:SteGAnography (Score:2)
Re:Best of both worlds. (Score:1)
But even this is problematic. This sort of encryption wouldn't be too hard to break (the intelligent folk on this subject have already posted), and the Evil Men in Suits [nsa.gov] would just have more types of fish to look for in their net; so Osama bin Laden isn't about to touch it.
"But isn't the site suggesting that we use this to force the Evil Men in Suits [nsa.gov] to read our spam?" Yes, but this isn't a feasible idea. Once they've broken the code, they'll just look for those search terms (or more likely in this case, phrases); the context in which they occur wouldn't greatly increase the load on their system. Unless we also encrypt things like "Bill Clinton loses SS protection in a few years; wanna start something?" they won't bother looking. And in that case, why not just send it in the clear? Because this method is so transparent, the Evil Men in Suits [nsa.gov] aren't about to spend any extra time on spam, seeing as bin Laden won't transmit using it.
Re:MAKE BIG $$$ IN YOUR SPARE TIME!!! (Score:1)
what like getrich@aol.com or printerink@yahoo.com? I think much spam has from headers which specify a 'major' isp or provider, and also route thru them too.
To work out whether it's sent to more than one person you'd have to keep pretty big logs and compare every mail to every other mail in the logs to see if they're the same. That's increasing the load on a surveillance system even more than just having to process spam.
---
Re:MAKE BIG $$$ IN YOUR SPARE TIME!!! (Score:2)
Re:The only problem is... (Score:2)
(Well not in the implementation listed in this story, but this implementation sucks anyways: who says the site is not run by the NSA? And it doesn't even use https for its encode/decode pages, making it actually easyer to snoop cleartext of any message shrouded this way!)
Re:The only problem is... (Score:2)
Re:More than security -- Jamming Echelon?! (Score:2)
Person A, who is being tapped, calls person B, also being tapped. Then person A puts the phone next to a radio with music that would not appeal to the average FBI agent, or a tape loop containing a pro love, anti war message. Then both go away for a weekend, a week etc.
Pity the poor SOB who has to monitor all the tape recorded during that time.
This also assumed that you had a flat rate phone service.
Making it even better: (Score:2)
Re:May be... (Score:2)
Where that'd come in handy (Score:2)
More than security -- Jamming Echelon?! (Score:2)
A fun form of security is good and all, but they actually have higher aims than that. They want to keep Big Brother busy by forcing him to read spam that might contain whatever naughtiness they're supposed to be watching for.
Their site continues, linking to: Jam Echelon Day [wiretapped.net] and Jam Echelon Day descends into spam farce [zdnet.co.uk]
Re:May be... (Score:2)
Oh, this is TERRIBLE (Score:3)
ARRRRRRRRRRGGGGGGGH!
- JoeShmoe
A Challenge: Find Spam-Flavored "print_self()" (Score:1)
OK, what will impress me is the analog of those "print_self()" C programs.
I can see it now: in the future, I'll get encoded spam that won't ever decode.
Ultimate!
You're all missing the point (Score:3)
Come on, I can't be the only one here who bothered to follow the link and actually read the damn thing.
-Legion
what spam? (Score:1)
Do they give free t-shirts?
--
Umm ... how do we know its doing anything at all? (Score:2)
However, since you have to use the same website to send and recieve the message, it would be much eaisier to generates a random spam, and use the hash of that message to store your real text in a database (a dictionary or map) then when you come back with your e-mail to "decrypt" it could rehash the text and retrieve the message you typed in.
My .02 cents
Re:Slashdotted? Here's what it is: (Score:1)
Mordred
Cause the gub'ment to have to process spam? (Score:1)
So. They spend their time decypting our "private" mail, but the just send the spam to a killfile? And this is supposed to stop that? Perhaps a better thing to do would be to convince spammers to encrypt all of their spam. Then the government would have to decrypt all of that too.
(I'm ignoring the obvious jokes about "processing Spam"...)
This would be cool if... (Score:1)
Re:Stenography (Score:1)
--
Re:Mimic functions (Score:1)
Works both ways... (Score:1)
It's not very well encoded... (Score:1)
A few months ago when this came out, I was curious as to what it was doing...
An hour of two of playing with tcl and neowebscript, and I'd started to decode messages from it. I'm not a cryptographer, so I seriously doubt the algorithm involved will upset the likes of Carnivore et. al. It is an excellent concept, don't get me wrong, now if they can only improve their algorithm...
And, of course, I've no idea where those scripts are, and I'm actually busy these days, so I probably won't reproduce them anytime soon.
"A goldfish was his muse, eternally amused"
Re:MAKE BIG $$$ IN YOUR SPARE TIME!!! (Score:1)
fp (Score:1)
Better Idea! (Score:2)
But really folks...what's wrong with PGP?
--
GENERATE LOTS OF SPAM ON WEEKENDS!!!!! (Score:2)
Which creates a market opportunity: offshore servers that automatically convert ESMTP input into fake spam. Except that to avoid attracting attention, they'd have to rely on open relays, just like real spamsters. And they'd probably also need to generate some real spam themselves....
__________________
Not very secret. (Score:2)
If that's true, this is not a very secure form of encryption. Codebreaking is usually based on searching for the patterns introduced into messages by the linguistic habits of the correspondents. If the encryption key is itself a linguistic pattern, the codebreaker's job is just that much easier. The message is secure only as long as the codebreaker doesn't know which messages are encrypted -- and traffic analysis will tell him that.
__________________
NY Times had something like this (Score:2)
Re:MAKE BIG $$$ IN YOUR SPARE TIME!!! (Score:2)
Try parsing the meaning of what I was saying, instead of making knee-jerk reactions.
MAKE BIG $$$ IN YOUR SPARE TIME!!! (Score:5)
If it looks like spam, but comes from a major ISP, and is delivered to only one person, it is a fairly good guess that it is really a coded message.
The only way to avoid your message being parsed out from somebody who is really looking for it would be to actually spam a few thousand people though the usual spam channels... which means we can all expect lots more messages advertizing pyramid schemes and satelite TV systems in the near future, just so Bin Laden can chat with his pen-pals.
That's just swell.
Um, substituition ciphers aren't exactly safe (Score:3)
I would probably continue using PGP (or don't send stuff through email at all you wouldn't want to be known by others).
Re:im leading a new movement (Score:2)
A troll, using the technology from the article... Amazing that he even *read* the article!
A host is a host from coast to coast, but no one uses a host that's close
this is only cool until: (Score:3)
Then the Spooks this attempts to confound will build its' functionality into their DCS1000's and Echelon apps, putting us right back where we started, except that the spooks will be using a little more processing power and wait a split second longer to see our mail.
This is a nice toy, but not a long term security measure. That's the problem with obscurity- if it has functionality, it can gain popularity. If it gains popularity, the obscurity quickly fades away, rendering it useless.
A host is a host from coast to coast, but no one uses a host that's close
Sending Problem... (Score:2)
When you get a message encoded with Spam Mimic, you'll assume it's spam and delete it. Great idea though.
It's brilliant! With a little refinement to the CGI form (ie., reading decoded text in the Encoding box is inconvenient at best), it's good enough to be a commercial service, IMHO.
The other problem is that when Carnivore et al. start to see spam coming from legitimate, otherwise in use e-mail addresses, then they can start sniffing.
I'm sure the algorithm is fairly simple. Maybe ROT13 letters placed as the first character of every third word or something like that. It's terrifyingly effective, too.
Re:Sending Problem... (Score:2)
Oh.. and we are all pretty convinced security through obscurity is not security, but this was about privacy through obscurity
Heh... It's privacy through being forwarded, with an attached nasty note, to abuse@luser's_isp.com.
This is lame. (Score:2)
Since when is 3rd-party storage ingenious technology.
Just what the world needs,
Great (Score:2)
--nick
Re:I don't see it... (Score:2)
ALL THESE WORLDS ARE YOURS EXCEPT EROS. ATTEMPT NO LANDINGS THERE. USE THEM TOGETHER, USE THEM IN PEACE.
Maybe SETI has been approaching this all wrong?
May be... (Score:3)
It's widely believed that Western governments read (and decrypt) a great deal of Internet mail through systems called Echelon, Carnivore and others. Presumably they have filters which discard spam. Possibly, due to the existence of this little website, they can no longer ignore spam. Even if spammimic only gets 2 hits a day; the fact that it's here might force the snoops to process terabytes of spam -- making them spend a little less time on other mails.
No Secret Messages So Far (Score:2)
I've been cutting-and-pasting the contents of my "SPAM" mail folder into the "decode" page, but haven't gotten anything intelligible yet, except this:
Don't hurt Jon Katz.
I'm not really sure what that means. Will report back if I find further information.
Re:I don't see it... (Score:3)
What I want to know is... (Score:3)
The future is looking bright.
Re:im leading a new movement (Score:3)
Only problem (Score:2)
Re:fp (Score:2)
Your spam message Dear Friend , Your email address has bee... decodes to:
First Post
Re:I don't see it... (Score:2)
Well, kind of a joke, anyway. I really don't think this thing will see wide use, for a variety of reasons, not least of which is that it provides no real security, and requires the user to give them the plaintext of every message.
OK,
- B
--
I don't see it... (Score:3)
WORK AT HOME! FREE RED HOT AMATEUR PUSSY! LOSE 50 LBS IN 10 MINUTES! FREE WEB HOSTING! ACNE CURE! HOT STOCK TIPS! EXTREME FISTING HOUSEWIVES! MAKE MONEY FAST! BISEXUAL COED BITCHES! ACHEIVE (sic) FINANCIAL INDEPENDENCE!
OK,
- B
--
Re:SteGAnography (Score:3)
Regardless, I think you've hit on the point - it's not so much the hiding of information, but more like a denial of service attack, raising the resource threshold for effective large-scale eavesdropping. If they have to watch everything, including the spam, it gets that much harder.
OK,
- B
--
Re:May be... (Score:2)
My sister and I amuse ourselves (childish I know) by inserting random probable keywords in phone conversations. Guess it wastes storage space.
Get Your Own Source Code Here (Score:5)
Even easier (Score:4)
A believable stand-alone spammimic encrypter, coupled with a PGP-type encryption scheme, would be the most effective. A PGP encrypted message looks like gibberish (making it easily detected), but could then be SMed into fake spam. If a spy intercepted the message and de-SMed it he would be left with unintelligible encrypted gibberish. More importantly, if a spy tried to de-SM a real spam he would also get unintelligible gibberish. Thus he would have to somehow figure out whether a message was an SMed encryption or not, and even if successful he couldn't decode it.
Therefore spammimic needs to make their encodes indistinguishable from real spam email to prevent detection. The decoding algorithm should also produce an output for any input (no error messages), and the output for real spams should be indistinguishable from PGPed messages (both look like gibberish, but only one can be decrypted, and only if you have the proper key). The SMed messages also need to be able to accomodate longer messages, and you should be able to use the encrypter on your own machine for privacy.
Of course, smart spies know most people don't send each other spam, so they could still pick people out that way. There ought to be a "Long-inane-rambling" or "shallow political discussion" mimic ^_^
cryptochrome
Their feedback gives their Achilles Heel (Score:2)
Well, duh.
The FBI/CIA/NSA/NRO/HUD can just filter spam into a spammimic pipe and use spammimic's own cpu to circumvent spammimic's value.
Imagine how useful it will be when a terabyte a minute is being pumped into the decode box. Then they get free help spying on your messages and a DoS against spammimic.
You could overcome this by changing the selector pads but then you'd have to have sender and receiver sync on the pad in use, which would have to be sent by some other encryption or channel, which brings back the original problem of not having a super-convenient shrouding method.
--Blair
"This is not a crypto for money transaction."
The only problem is... (Score:3)
Oh no, my poor grandmother! (Score:3)