Almost every day I go through the spam filter for this blog. Invariably there are dozens if not hundreds of comments that I still need to at least skim (I once found a post from a colleague stuck in there, so I take the extra step just in case it happens again).
One thing I’ve been noticing is small messages that contain two or three sets of five to ten digits (which stand out from the C1Al1S - PR0N PR0N PR0N LINK LINK LINK type ads). These intrigue me, as there is a generated email address (typical for spam), usually without any, or at most one links, one of the big things that the spam filters check.
I have been speculating since I first started getting these comments that something a little more nefarious than typical spam was happening here. It seemed to me that those series of numbers were either a key to something or a pointer to something… but definitely not spam in the usual sense. So, after a while I started ignoring them, deleting them with all the other spam.
But for some reason today I started thinking about those messages again, and realized what an ingenious method of communication this could be. With many blogs having RSS feeds available for the comments, anyone could be watching any number of blogs for a post with the right series of digits in it, or right passage from the right nick. This makes me think about the spycraft stories about Solviet and US agents during the cold war. Things like putting a smudge of dirt on the lower left corner of a particular street sign to indicate if a meeting was necessary.
So, a simplistic protocol for this type of communication:
Pre-agreed upon items:
nick(s), blog(s), and key phrase(s) or digit series (could be progressive)
Initiating the communication:
One party writes a blog comment on one (or more) of the select blogs, using a preselected nick and keyphrase, then either putting some ciphered data into the message, or possibly a pointer or flag of some kind.
Receiving the communication:
The other party watches the blog for a message from the appropriate nick, with a correct keyphrase in it. When one is found it takes and deciphers the attached message.
This is form of communication could be used not only on blogs, but also in forums, though it is a little harder technically to do (but not conceptually), or any other open site on the web… Flickr and Steganography anyone?
I am sure that cryptographic researchers have been aware of this type of communication potential since the advent of the intarwebs, but it something I had not thought of before, and it fascinates me how open the communication pathways truly are. I am even more intrigued when I think about the NSA probably having technology available to detect this type of stuff, and the amount of work THAT would have to do.
Ben | 16-Aug-06 at 3:02 am | Permalink
You may have watched War Games one too many times.. Just m4yb3. - ben @ http://rubyonrailsblog.com/
Weller Jenn | 06-Dec-07 at 12:33 pm | Permalink
Wow man, you have serious issues! Lol. But honestly you are right, nowadays the most unusual way of communicating stuff is going on. The problem is that the RSS feeds are obviously available for mobile phones and PDAs therefore is easy to communicate by using someone else’s blog. Anyways good post. Secret Code: Good Post (lol).
Jenn
Developing in Ruby