I had an interesting thought this morning while shaving: could spam be used as a communication method for a large, distributed secret organization?
There are two variants possible: hide your message inside plain text using typical cryptographic means or inside images using techniques such as stenography, or send your message as an encrypted blob of data that is otherwise unintelligible.
I received a curious message that got this thought process rolling. The SMTP mail header contains a bunch of HTML strings that got stuffed into Message-id lines. Normally I’d think this was just incompetent message formatting – spam generators often screw up like this. However the body text contains 17,776 characters like this:
This is a very curious message indeed. It originated from IP address 18.104.22.168 which is part of the Comcast network. The owner (I don’t know who it is specifically) is running a web server that claims to be Apache and serves up blank pages. There is no SSH server and no telnet server. The mail server claims to be a Microsoft server but I doubt it.
So continues my conspiracy thinking: its apparently easy enough to send spam; a seemingly endless stream of offers of Viagra and Rolex watches and such in my mailbox demonstrates that. Its even easier to receive spam; do you know anyone who doesn’t get it?
Let’s pretend you are a secret agent in the field, working under cover. I’m headquarters, wanting to relay important information to you. I create the secret message, embed it in an offer for a hot new stock pick, and send it off to millions of people. Only you would know how to decode the secret message, everyone else would simply delete it. Anyone observing the message traffic might not see a one-to-one communication method, they’d see a broadcast of junk to nobody in particular.
If you wanted to communicate covertly at a distance, wouldn’t this be a good way to do it? It’s sort of like hiding in plain sight.
More likely, its just spam. But maybe not. :^)