Correction sought

[Ross Anderson]

In my note yesterday I got the date of the University of Michigan
technical report wrong. It appeared in August 2001, thus after rather
than before the USA Today article. It is CITI tech report 01-11:

  Niels Provos and Peter Honeyman,
 "Detecting Steganographic Content on the Internet," August 2001.
  <http://www.citi.umich.edu/techreports/reports/citi-tr-01-11.pdf>

It reports that no steganographic content was found.

I regret the error; thanks to Duncam Campbell and Niels Provos for
pointing it out. 

My main point nonetheless stands: the media are continuing to run this
`mad mullah is a cryptopornographer' story in the face of both
scientific advice, and categorical statements from the FBI that the
hijackers used plaintext email communications rather than any fancy
encryption or anonymity service. The fact that the UK security
services are putting them up to it raises some interesting questions
of public policy.

Ross