Wireless Dead Drop
Dead drops have gone high tech:
Russia's Federal Security Service (FSB) has opened an investigation into a spying device discovered in Moscow, the service said Monday.
The FSB said it had confiscated a fake rock containing electronic equipment used for espionage on January 23, and had uncovered a ring of four British spies who worked under diplomatic cover, funding human rights organizations operating in Russia.
BBC had this to say:
The old idea of the dead-drop ('letterboxes' the British tend to call them) - by the oak tree next to the lamppost in such-and-such a park etc - has given way to hand-held computers and short-range transmitters.
Just transmit your info at the rock and your 'friends' will download it next day. No need for codes and wireless sets at midnight anymore.
Transferring information to and from spies has always been risky. It's interesting to see modern technology help with this problem.
Phil Karn wrote to me in e-mail:
My first reaction: what a clever idea! It's about time spycraft went hi-tech. I'd like to know if special hardware was used, or if it was good old 802.11. Special forms of spread-spectrum modulation and oddball frequencies could make the RF hard to detect, but then your spies run the risk of being caught with highly specialized hardware. 802.11 is almost universal, so it's inherently less suspicious. Randomize your MAC address, change the SSID frequently and encrypt at multiple layers. Store sensitive files encrypted, without headers, in the free area of a laptop's hard drive so they're not likely to be found in forensic analysis. Keep all keys physically separate from encrypted data.
Even better, hide your wireless dead drop in plain sight by making it an open, public access point with an Internet connection so the sight of random people loitering with open laptops won't be at all unusual.
To keep the counterespionage people from wiretapping the hotspot's ISP and performing traffic analysis, hang a PC off the access point and use it as a local drop box so the communications in question never go to the ISP.
I am reminded of a dead drop technique used by, I think, the 9/11 terrorists. They used Hotmail (or some other anonymous e-mail service) accounts, but instead of e-mailing messages to each other, one would save a message as "draft" and the recipient would retrieve it from the same account later. I thought that was pretty clever, actually.
Posted on January 31, 2006 at 7:17 AM • 36 Comments