On Tue, 27 May 2003 22:48:51 EDT, Dean Anderson said:
I've pointed out the spam is a covert channel, with regard to Shannons
theorem.
If the percentage of mail that was spam was low enough that it was in
fact a "covert" channel, we could all declare victory and go home.
What Shannon proved was that you can always get *SOME* covert information
out "under the radar". You can't stop 100% of it.
Of course, you've totally blown the most basic point about covert channels -
they are by definition between two *cooperating* parties getting information
past a security boundary. So for instance, Shannon proves that you can do
things like use steganography or differential timing to encode 200 bytes of
covert info into a 10K message, for a 2% bandwidth channel.
What that *doesnt* do is imply that if I as a spammer send 10K of innocuous
text to you, that you will miraculously spot the 200 bytes of steganographic
spam *WITHOUT LOOKING FOR IT*. Hmm.. this message text is about 1.5K already,
plenty of room for me to have concealed a very clear but hidden message.
And remember - what Shannon was *really* saying was that *somebody* *will*
understand the previous paragraph, even if most of the IETF readership
is collectively scratching their heads. If you don't understand THIS paragraph
you don't understand Shannon's work on covert channels.
pgpXNyGj1kR24.pgp
Description: PGP signature