left right politics showbiz tech invest good life gossip fun hot
Mother Jones Hot Air Huffpo Variety Engadget Seeking Alpha Lifehacker TheSuperficial Daily Beast reddit
Daily Kos Michelle Malkin Politico Billboard Boing Boing TheBigPicture Luxist TMZ.com Fark BuzzFeed
ThinkProgress RightWingNews First Read CNN Showbiz Gizmodo FT Alphaville Joystiq Perez Hilton 4chan memorandum
Crooks+Liars Power Line CNN ticker E! Online Techcrunch Josh Brown Kotaku gamer Bastardly Post Secret Techmeme
TalkngPtsMemo Ameri..Thinker Swampland TV Guide Ars Technica 24/7 Wall St. TreeHugger Egotastic hascheezburgr Drudge
The Raw Story NewsBusters The Caucus Ent. News Mashable bloggingstocks Consumerist PinkIsTheNew dooce digg
Wonkette Wizbang fishbowlDC HlywdWiretap Google blog DealBook lifehack.org CelebrityBaby Someth'nAwful trends
Atrios Taki Magazine WashWhisprs DeadlnHllywd Read/Write Jeff Matthews 43folders GoFugYourself Neatorama PSFK
Firedoglake Big Hollywood The Fix MSN Ent. OReilly Radar PhilsStockWorld Autoblog Page Six Cool Hunter BBC
Young Turks IMAO Capital Gains Rot'nTomatoes GigaOM Daily Rec'ng Deadspin BestWeekEver stereogum Timespop
Americablog AceOfSpades Open Secrets Cinematical ProBlogger Zero Hedge DownloadSqd Dlisted CuteOverload media eye
Politicususa Redstate WikiLeaks law Cool Tools Bespoke MediaZone PopSugar Dilbert blog TVNewser
CounterPunch Jawa Report econ law.alltop Scobleizer BtwTheHedges Deviant ArtHollyw'dTuna gapingvoid BuzzMachine
TalkLeft Patterico EconLog Volokh Consp. Apple Blog Minyanville Gothamist x17online DailyGrail MediaGazer
Feministing Townhall.com Freakonomics Legal Insurrec.. Valleywag Fast Money Curbed DailyBlabber Prof. Hex Steve Rubel
PolitAnimal OutsideBeltwy CrookedTimbr Conglomerate mozillaZine RealClearMkts FabSugar Gawker OvrheardinNY MediaBlgNRO
Truthdig Moonbattery MarginalRevo SportsLawBlog Smashing W$J Mktbeat Gridskipper Radar Last.fm Threat Level
Alternet RealClearPoli crime W$J Law BlogTechdirt AbnormalRtrns Material Defamer kottke.org Seth's blog
Media Matters Instapundit CrimeblogsBalkinizationMAKE RandomRoger Sartorialist Jossip PumpkinChuckin mediamatters
The Nation Hugh Hewitt All Crime Credit Slips SrchEngLand Stock Advisors Drink'nMadeEasy Just Jared Maps Mania Newshounds
Maddow Blog PJ Media Smoking Gun FindLaw VentureBeat Slope of Hope Mark Cuban Celebitchy CollegeHumor FAIR

Thursday, February 2, 2006

How to punk the NSA and figure out if they are reading your email

Here's a quick and easy method security expert, Richard Smith, came up with to see if one's email messages are being read by someone else (like the NSA):

The steps are:

1. Set up a Hotmail account.
2. Set up a second email account with a non-U.S. provider. (eg. Rediffmail.com)
3. Send messages between the two accounts which might be interesting to the NSA.
4. In each message, include a unique URL to a Web server that you have access to its server logs. This URL should only be known by you and not linked to from any other Web page. The text of the message should encourage an NSA monitor to visit the URL.
5. If the server log file ever shows this URL being accessed, then you know that you are being snooped on. The IP address of the access can also provide clues about who is doing the snooping.

The punk'd part requires one more step. Telling them you caught them spying. Therefore on the webpage of the unique URL you would write or better yet have an image file requiring human viewing. It could say something polite like: "Dear NSA - You've been Punk'd." Of course, you can insert your own text and graphics to personalize your punk'd page.

The trick is to make your fake "terrorist" email a sweet enough honeypot for the NSA to investigate and then check the link. Mr. Smith offered these practical suggestions:

  • Include other links in a message to known AQ message boards

  • Include a fake CC: to Mohamed Atta's old email address (el-amir@tu-harburg.de)

  • Send the message from an SMTP server in Iraq, Afghanistan, etc.

  • Use a fake return address from a known terrorist organization

  • Use a ziplip or hushmail account.

Here are a few more suggestions:

  • Mine the List of Terrorists, Terrorist Organizations, & Narcotics Traffickers for keywords. It is kept by The Office of Foreign Assets Control ("OFAC") of the US Department of the Treasury which administers and enforces economic and trade sanctions based on US foreign policy and national security goals against targeted foreign countries, terrorists, international narcotics traffickers, and those engaged in activities related to the proliferation of weapons of mass destruction.

  • Included the handle of the infamous al-Qaeda hacker: "Irhabi 007" or some of his old websites: www.irhabi007.ca & www.irhabi007.tv

  • Send email between two free foreign email providers that might route their mail through the US or over a US network. For example, from Canada to S. America.

  • Include a link(s) from an RSS feed of a Chechen guerrilla fighter website.

The NSA, of course, is not the only national intelligence agency interested in reading private email. This technique could be used to catch other eavesdroppers depending on how the email is baited and sent.

Who is snooping on my email? [ComputerBytesMan.com, Richard Smith, Dec. 23, 2005]
Eavesdropping 101: What Can The NSA Do? [ACLU, Jan. 31, 2006]

List of Terrorists, Terrorist Organizatons, & Narcotics Traffickers [TJN, May 28, 2004]
Chechen Guerrilla Fighter Website [TJN, Nov. 23, 2005]
Serving No Good - Anti-Semitic Website Hides in Singapore [TJN, Jan. 27, 2004]

Calculated Risk

MishTalk - Mike Shedlock

Paul Krugman - NY Times

The Big Picture - Barry Ritholtz

naked capitalism - Yves Smith

Pragmatic Capitalism

Washington's Blog

Safe Haven

Paper Economy

The Daily Reckoning - Australia