Of course, as usual, I am not talking about writing down the secrets in a message and sending it :)
A simple sniffer program can be used to see everything you sent from another machine over the network (your dad can do this for example :) ) Or if you are connected over a wireless link at home or at work, this is clearly easy.
I am thinking more of a normal behavior, that we can make, well, a little bit useful !
Anyone on your list can see your state, right ?
If you are using MSN at work, it is very normal to change your availability every few minutes (your boss is with you in the room, going out for lunch, for a meeting, leaving work and will be unavailable, or off-line, etc). So, this is our media: your online status.
Let's say you are online 10 hours. In MSN, for example, there are 7 states: Online, Busy, Away, ...
You can change the state every 30 mins, and it will not look strange (Just don't make it exactly 30 minutes, 30 +/- 5 minutes). So there are 20 slots in all (10 hrs*2).
How many combinations you can say in a single day: 7 to the power 20 !
That's: 720 = 79,792,266,297,612,001 (google for this number, you will find many hits ! Weird!).
So, simply, you can send, for example, a credit card, with expiry and code. Or your SSN (of course this might be your boss's SSN that you peeked at, but that will be plain wrong, right?).
Working example:
The credit card number is: 1234-5678-9012-3456
Write it in base 7: = 521020405131521400 (see below on how to do that)
Let's take the following mapping: Online = 6, Busy = 5, Be right back = 4, Away = 3, On the phone = 2, Out for Lunch = 1, Offline = 0
Therefore, in the first 30 minutes: "Busy", next 30 minutes "On the phone", then "Lunch", then "offline", then "Phone", ... got it?
Your friend at home, or whatever, will write down every state he sees, all day, then he has the list of numbers (in base 7), he will convert it back to decimal, and voila, here is the secret transferred :)
Base Conversion:
Changing things from base to base is easy (specially if they are binary, hexadecimal, or of course decimal: Windows calculator can do it for you). But for our case, 7 is a little boring, and it will need the calculator beside you, and you will do it in a minute.
I am not sure if anyone wants to see how to do the conversion, if so, tell me and I will post it in another post here.
Brief example: convert 123 from decimal to base 7:
123 divided by 7 = 17 remainder 4 (then 4 is the first number on the right)
17 divided by 7 = 2 remainder 3
2 divided by 7 = 0 remainder 2
Then the result is 234
Converting it back:
2*7^2 + 3*7^1 + 4*7^0 = 123 (easy...)
Enjoy Instant Messaging :)
Saturday, September 1, 2007
Sending Secrets using IM applications (MSN, Yahoo, Skype, ICQ, etc)
Subscribe to:
Post Comments (Atom)
2 comments:
If u r using linux (ubuntu specifically, as i'm using it) u can use Gaim Internet messenger to let it log friends' status conversions... instead of writing down every status change... then u need not stay looking at ur friends' status all day to know the credit card number
open Gaim messenger-> tools -> preferences -> logging tab, and check "Log all status changes to system log"
That's a better way to do it of course.
However, don't forget that we are still limited by normal behavior patters. In other words, we cannot ask the sender to change his state every 5 seconds, because we have an automated way to write down the changes. It will look suspicious.
Otherwise, GAIM will for sure make it easier.
By the way, GAIM if found in other linux releases as well (not ubuntu specific). I have it on fedora (FC6-7)
Post a Comment