Linked by runjorel on Thu 13th Jan 2011 19:35 UTC
Linux "At the end of 2010, the 'open-source' software movement, whose activists tend to be fringe academics and ponytailed computer geeks, found an unusual ally: the Russian government. Vladimir Putin signed a 20-page executive order requiring all public institutions in Russia to replace proprietary software, developed by companies like Microsoft and Adobe, with free open-source alternatives by 2015."
Thread beginning with comment 457857
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Comment by robojerk
by Nth_Man on Fri 14th Jan 2011 10:14 UTC in reply to "RE[2]: Comment by robojerk"
Nth_Man
Member since:
2010-05-16

"Please enlighten me how that "salty" network engineer would monitor even Skype traffic, for example? Of course, Skype might have nothing to do with "sensitive areas", but how is it different from any other closed source application leaking encrypted traffic into your network?


Because anything on a non-standard port or even (and depending on the port) using a non-standard protocol on a standardised port would be firewalled.
"
It's clear that you cand send encrypted data through standard ports, through standard protocols.

"Steganography" is such a clear example that anyone can understand it, for example a program can embed secrets in a simple email! Inside typical images!

Reply Parent Score: 1

RE[4]: Comment by robojerk
by Laurence on Fri 14th Jan 2011 13:58 in reply to "RE[3]: Comment by robojerk"
Laurence Member since:
2007-03-26

"Steganography" is such a clear example that anyone can understand it, for example a program can embed secrets in a simple email! Inside typical images!


But then how are you going to e-mail that without building a micro-mail server? You can't guarantee that Outlook is going to be installed on those systems and nor would you want those e-mails logged on Exchange or any 3rd party SMTP / IMAP servers.

So you're now having to hope that network admins don't detect e-mail traffic from unauthorised mail servers.


I wouldn't expect every network admin to spot such traffic, but you can't argue that no administrators world-wide could have spotted it.

Reply Parent Score: 2

RE[5]: Comment by robojerk
by Nth_Man on Sat 15th Jan 2011 11:35 in reply to "RE[4]: Comment by robojerk"
Nth_Man Member since:
2010-05-16

You said

But then how are you going to e-mail that without building a micro-mail server?

like if we were talking only about "steganography in emails done by machines automatically".

Let's see if it's understood again: you said
Because anything on a non-standard port or even (and depending on the port) using a non-standard protocol on a standardised port would be firewalled. "

and I said that
it's clear that you cand send encrypted data through standard ports, through standard protocols.

And put "Steganography" as an example of sending encrypted data through standard ports, through standard protocols, going not firewalled. Of course there are more ways.

The key in the discussion is that you can send hidden data, even through firewalls.

Reply Parent Score: 1