Mail Cover

From a FOIAed Department of Transportation document on investigative techniques:

A "mail cover" is the process by which the U.S. Postal Service records any data appearing on the outside cover of any class of mail, sealed or unsealed, or by which a record is made of the contents of unsealed (second-, third-, or fourth-class) mail matter as allowed by law. This "rnail cover" is done to obtain information in the interest of protecting national security, locating a fugitive, or obtaining evidence of commission or attempted commission of a felony crime, or assist in the identification of property, proceeds, or assets forfeitable under law.

Seems to be the paper mail equivalent of a pen register. I'd never heard of the term before.

EDITED TO ADD (5/11): Here is a 2002 NPR interview on mail cover, based on these two articles.

Posted on May 10, 2013 at 6:47 AM • 38 Comments

Comments

JohnMay 10, 2013 7:02 AM

Why does the second quoted string start with the key sequence "r n a i l" rather than "m a i l"? Seems an odd mistake to make.

Dave AronsonMay 10, 2013 7:40 AM

And the proofreader didn't catch it, due to the keming. (http://www.ironicsans.com/2008/02/idea_a_new_typography_term.html)

bf skinnerMay 10, 2013 7:47 AM

an 'r nail' is a code trigger for deep cover agents or subliminal advertising victims. It means either 'execute prime order' or 'buy more toilet paper'

Depending on Bruce's audience we can expect to see wide-scale sabotage or a sudden shortage of toilet paper supplies.

Really now. The laser mind control satellites need to implement standards.

JimMay 10, 2013 7:54 AM

I wonder how often mail gets intentionally sent through the broken mail sorter, which "inadvertently" unseals the contents. I have had some very sensitive mail appear in a "pardon us" wrapper envelope after having been mangled by the sorting machines.

maxCohenMay 10, 2013 7:56 AM

Must sabotage home supply of toilet paper.

Must sabotage home supply of toilet paper.

Must sabotage home supply of toilet paper.

GiantRatMay 10, 2013 8:05 AM

Mail covers are not particularly insidious, and the comparison to them being like a pen register is pretty spot-on. Having worked fairly heavily in both, I'd say it's worth noting that, (almost) as often as not these techniques will shut a case down. "We think bad guy is communicating with known bad people here.... crap.... he isn't.... time to work on something else."

paulMay 10, 2013 8:49 AM

The feature creep in all these methods is remarkable.

"Accidentally" damage an envelope, and its contents become fair game.

Keep recording touchtones after a call is answered, and you can capture phone menu choices, account passwords, transfers and so forth.

Oh, and "just" record the contents of URLs, and get search terms, account names and gosh-all whatever else is appended.

bf skinnerMay 10, 2013 9:02 AM

Really the feebees never needed feature creep or tortured logic to examine US mail. As a part of COINTEL they intercepted and opened ALL first class inbound mail from oversees. Breaking and entering solved their targeted suspect problem.

Daniel OliveMay 10, 2013 9:20 AM

I knew this was possible in the UK from the structure of our interception etc. authorisation laws. It seemed quite hard and difficult to do in practice. Even harder if you know your postman.

I do know of at least one case of (normal, uniform) police officers of a local force tipping off a 'subversive' that Special Branch was interested in them. It's hard to keep information secure once it's common knowledge in the workplace of people who meet your opponent.

wiredogMay 10, 2013 10:47 AM

IIRC, I read about thin in "The Puzzle Palace", or possibly Tom Clancy, many years ago.

Time to go to the Giant and Safeway closest to Langley and set the toilet paper aisles on fire.

Nick PMay 10, 2013 11:41 AM

Yeah, the CIA and others have been doing this as far back as the 50's. CIA guide even published in 1975 that many "survivalists" had in their book collections, including moi.

CIA Flaps and Seals Manual (surreptious mail opening)
http://www.amazon.com/CIA-Flaps-And-Seals-Manual/...

After seeing this, most of the crypto-anarchists and such I knew in the late 90's believed all their mail could have been tampered with. It's unlikely, but a safe assumption. So, they began coming up with techniques to detect it or prevent it.

Here's one tactic
http://totse2.com/totse/en/politics/police/...

A local guy I knew used gel pens. He'd scribe unique material across the envelopes' seals. Then he'd carefully put a piece of tape on it. He might also write something on the tape and put another piece on it. Then, he'd take a picture and send it to other party via Internet. (There could have been wax involved too.... been a long time.) The trick to it is that techniques like steaming the envelop melt and leak gel ink all over the place. At the least, it appears very altered.

Another trick I learned from JJ Luna is to disguise the purpose of the mail to make it look innocent. Luna suggested clipping out a bunch of coupons or sales adds from magazines. Surround the important contents of the envelope, like money or a letter, with these. People taking a quick peek will think it's just old people or friends mailing each other discounts. This trick worked for years, although idk if it still does.

Don't forget that old school can work too. I've combined an above method with invisible ink (chemical, IR, or UV). There's also microdots for those who want to have fun with it. The old way of sending microdots was to hide them under the stamp itself. The contents of the envelope were innocent and what security guy removes the stamp? Far as I know, a microdot still contains more information than most barcodes of similar size but one could use QRCodes/hueCodes in place of microdot.

NobodySpecialMay 10, 2013 11:55 AM

@Daniel Olive
However in the UK it would rely on the ruthless totalitarian efficiency of the post office

Reality CheckMay 10, 2013 12:34 PM

@wiredog - There was even a sci-fi short story about this type of thing long ago (don't recall author but it may have been by Niven, or Asimov or in one of the anthologies he editted). Gist of story was that person who suspected their mail was being opened developed a nano-camera and impregnated a chewing gum wrapper with them, and placed gum wrapper in emvelp addressed to himself. Post office worker opened the mail, waved the wrapper around to show colleagues and ridiculing person for sending gum wrapper in mail. Nano cameras recorded the scene and person then was able to take action against government for interrcepting their mail. was

ThunderbirdMay 10, 2013 1:20 PM

The SF story mentioned by Mr. Check was actually based on the premise that some OTHER government agency was intercepting mail in bulk and scanning it, and they were caught by the postal inspectors. I thought it would be a snap to get a citation for it, but no dice. Not sure this intertubes thing is going to catch on....

NueroMay 10, 2013 2:07 PM

Amongst our weaponry are such diverse elements as fear, surprise, ruthless efficiency, an almost fanatical devotion to the Postmaster general.

In real life the post office investigation branch had/have a fairly fearsome reputation they also handle internal investigations for Bruce's employer a hangover from the GPO Days.

On a security note the UK’s last postmaster general was John Stone house who was a spy for the StB

ModeratorMay 10, 2013 2:38 PM

Squid posts generally go up sometime between 4 and 6 PM Eastern (after the rest of the week's posts are done). Wait for it, please....

Clive RobinsonMay 10, 2013 5:10 PM

@ Moderator,

Wait for it please....

Thankfully most posters unlike Violet Elizabeth Bott [1] will wait patiently :-)

[1] Violet Elizabeth was "just" William's nemissis and could strike fear and trepidation in the heart of anyone who had cause to deny her what she wanted when she wanted it with the dire threat of "I'll scream and scream untill I make myself sick, you know I will".

Martin CohnMay 10, 2013 6:01 PM

Note that while it's the Postal Inspection Service that administers mail covers, it's the Letter Carrier or PO Box Clerk at the destinating office who actually copies the information. That's the only place in the mailstream it's feasible to identify all types of mail for a single address.

Most of the time the mail isn't photocopied - only the sender, addressee, mail class, and postmark (if any) are hand copied to a form and mailed to the Inspector. The mailpiece is long gone when the Inspector gets info about it. It takes a special request to photocopy mail - like presence of non-Western writing - that has to be approved by a disinterested civilian at an Inspection Service Operations Support Group (ISOSG).

Ask your mailman, chances are someone in your local PO has done a mailcover at some point.

Bruce ClementMay 11, 2013 1:03 AM

Nothing new here "In July 1655 the Post Office was put under the direct government control of John Thurloe, a Secretary of State, and best known to history as Cromwell's spymaster general. Previous English governments had tried to prevent conspirators communicating, Thurloe preferred to deliver their post having surreptitiously read it." Wikipedia

Coyne TibbetsMay 12, 2013 8:38 AM

I read something some time ago about the use of bright light and tomography techniques to read closed mail; even within "security" printed envelopes. Long enough ago now that it has probably since been adapted for routine scanning of all mail. Opening mail to read it is so passe.

da mailsMay 12, 2013 1:59 PM

most often a mail cover if that term is even used in house, is used soley to record for the customer, ie, they have complained of non deliverie

John P.May 12, 2013 4:55 PM

A "mail cover" operation goes back to at least the 1970s. Various early books on computer crime, including (IIRC) one by SRI's Donn B. Parker, discuss the use of "mail cover" to collect data on ordinary citizens, and to store that data in electronic databases, which was a new phenomenon at the time. Alan F. Westin of Columbia may also have written on this.

Schneier's face appeared in my toast!May 13, 2013 1:18 AM

Why not send a piece of mail containing a piece of paper with only a QRCode, directed towards a site you're monitoring in real time via Tor and see which IP addresses hit it other than the intended recipient.

Blaise PascalMay 13, 2013 10:47 AM

I'm not sure I get half the comments here.

I gathered, from the section that Bruce is quoting, that a mail cover does not allow the Government to read your mail, only to record information visible without breaking any seals. If I received a first-class letter from my mother, for instance, a mail cover would allow them to record the return address, the address where it was sent, the postmark, and presumably anything she wrote on the envelope itself. They could not, however, open the envelope and read the letter itself.

So all the discussion of surreptitious unsealing and resealing of mail, of ways of detecting when the mail has been unsealed, or of concealing messages in the face of adverse unsealing of mail seem, to me, rather beside the point here.

Am I missing something?

name.withheld.for.obvious.reasonsMay 13, 2013 3:47 PM

Interestingly enough this topic intersects with the controversy over GPS and cell phone tracking data collection. As analogous, let's look at it from a "Information Source Point, Location, and composite data perspective" and its relevance to constitutional egis.

When using postal mail (this applies to the context in which the original mail service--thanks Benjamin) the idea that any single source document from myself (irrespective of the source location) is "tag-able" must be considered against the methods and means of the day. You cannot provide legal attribution to a concept or process that you cannot have knowledge of...there is no legal priori. But that is what the courts are arguing, albeit indirectly, when making the case concerning privacy and information that is associated with "your person". Let's examine this by way of example:

The year is 1879 (100 years after the ratification of the constitution and bill or rights).

Postal records, whether generated from a Pittsburgh or Detroit office could not at the time be correlated; if I carried my mail while on travel after having left Pittsburgh and then decided to mail documents or letters when I arrived in Detroit--would this information be logged? Even if one could track the origination point and attach the source (i.e. the sender) to and from any destination, the ability to correlate all relevant correspondence from any one individual would have been considered a near impossibility. Even if there was a central postal registry for all mail records, the ability to perform a many-to-many mapping would seem like weird science.

My argument here is that the law, in the 4th amendment, was designed to prevent the government from establishing facts about you...why?

Because tyrants can use this information to develop associations, quash dissent, and rule unopposed. Wake the freak up people.

Mr AnonymousMay 13, 2013 10:47 PM

@Blaise Pascal

You are correct. Inspectors need a search warrant to open mail.

Let me add that anyone worrying about the Post Office spying on you - is equivalent to worrying that Bozo the Clown is spying on you.

Why, yes. I am a Postal Worker, how did you guess?

Dirk PraetMay 17, 2013 3:57 AM

@ bf skinner, @ Bruce

Congratulations on an operation executed to perfection: CNN is reporting that Venezuelan officials say they will confront a toilet paper shortage by importing 50 million rolls to meet demand. So has The Onion.

Can you however call in for re-conditioning the operative responsible for my area ? Judging from the unspeakable things that happened in the toilets of the pub around the corner yesterday evening, I suspect he has totally lost it or has gone rogue.

A.AdamsMay 18, 2013 4:17 PM

A message printed as an optical latent image onto undeveloped silver gelatin print paper, below the electron sensitivity threshold for silver halide crystals, encapsulated in a light-tight inner sleeve inside the outer mailing envelop.

Any attempt to open the envelop without knowledge of light sensitive media inside will irrepairably fog the paper, and any attempt to develop the paper without the needed additional flash exposure required to overcome the silver halide crystal hysterisis will result in a blank white sheet of paper.

Not that I've ever done this, mind you.

Clive RobinsonMay 18, 2013 11:22 PM

@ A.Adams,

With regards sending undeveloped images.

I don't know the specific details but the Russian's used to send secret information in a similar way for many years. However I have been told the practice stopped due to the increasing use of X-Ray equipment in postal sorting centers.

I guess if you can find a way to avoid the high intensity radiation [1] mail scanners looking for bombs and irradiating to kill anthrax and electronics etc [2] it would still be a viable method.

[1] According to the EPA [2] the level of radiation used is around 2,000,000 times that of a chest X-Ray and is quite sufficient to damage not just the paper used in letters, but gem stones, as well as causing new chemicals to be formed all with sofar unknown health risks to the recipients [3].

[2] http://www.epa.gov/radiation/sources/...

[3] This gives food for thought over a potential movie plot of : Terrorists discover a new binary weapon using two inert chemicals that when mixed together and high intensity radiated forms a highly potent skin absorbed nerve agent.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..