-
January 24th, 2009 10:13 PM
#1
Junior Member
monitoring a 'drop box'
what is the general consensus here of this technique for privacy (not anonymity) when there can be a delay in your message being read?
"Uninterceptable electronic messages"
http://thesleeperagent.blogspot.com/...-for-2009.html
http://jimthompson.org/wp/2006/04/29...ual-dead-drop/
Webmail account if you had full SSL session encryption not just SSL-secured login and you can attach files too.
It still would circumvent the SMTP and email header traffic monitoring.
Actually is there anyway this can be monitored?
I'm sure the big webmail providers yahoo, hotmail, gmail have some sort of monitoring of this? Anyone?
-
January 24th, 2009 11:13 PM
#2
Well,
I would guess that if you have an e-mail account that is accessed from different places/providers and never actually sends any mail it would tend to stand out, particularly if it was growing in size (due to the saved drafts).
If you were going to get it to work you would have to create innocuous "normal" traffic to avoid appearing abnormal. I would probably go to shopping and software providers sites and check the boxes to get e-mail notifications.
If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?
-
January 24th, 2009 11:45 PM
#3
Junior Member
uninterceptable
 Originally Posted by nihil
Well,
create innocuous "normal" traffic to avoid appearing abnormal.
nihil,
agreed.
To keep things uninterceptable setup accounts at a half dozen of sites and then snail mail a list of sites to your colleague with instructions to only use each registered account once for 3 messages only. Delete each draft message once it is read by the other party.
Delete the account 2 days of receiving the last message, and then use the next registered account at another website on the list.
Even if you choose not to use GnuPG encryption you still will have SSL during transfer to a private message box that won't leave that server.
When you are setting up these email accounts you could also send innocuous emails to things asking dumb customer questions about a product so you have sent emails in your SENT box. And like you said also sign up for a couple of email lists for things like airline deals of the week or something or some club events weekly mailing list in Las Vegas.
-
January 25th, 2009 12:56 AM
#4
Come to think of it, the best source of regular incoming mail is to sign up with a few jobfinding sites and opt for e-mail notification.
Also, quite a few people i know have "disposable" e-mail accounts that they use for registering with websites and the like, so a small volume of outgoing mail is not uncommon, provided that you have the other traffic.
If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?
Similar Threads
-
By str34m3r in forum The Security Tutorials Forum
Replies: 16
Last Post: September 25th, 2006, 02:20 AM
-
By tenzenryu in forum The Security Tutorials Forum
Replies: 7
Last Post: July 11th, 2005, 03:57 AM
-
By coderecycle in forum Newbie Security Questions
Replies: 4
Last Post: October 3rd, 2004, 06:02 PM
-
By gore in forum Newbie Security Questions
Replies: 11
Last Post: December 29th, 2003, 07:01 AM
-
By Natasha69 in forum *nix Security Discussions
Replies: 1
Last Post: November 8th, 2002, 08:45 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
Forum Rules
|
|
Reply With Quote
Bookmarks