Cell Phone Opsec

Here's an article on making secret phone calls with cell phones.

His step-by-step instructions for making a clandestine phone call are as follows:

  1. Analyze your daily movements, paying special attention to anchor points (basis of operation like home or work) and dormant periods in schedules (8-12 p.m. or when cell phones aren't changing locations);

  2. Leave your daily cell phone behind during dormant periods and purchase a prepaid no-contract cell phone ("burner phone");

  3. After storing burner phone in a Faraday bag, activate it using a clean computer connected to a public Wi-Fi network;

  4. Encrypt the cell phone number using a onetime pad (OTP) system and rename an image file with the encrypted code. Using Tor to hide your web traffic, post the image to an agreed upon anonymous Twitter account, which signals a communications request to your partner;

  5. Leave cell phone behind, avoid anchor points, and receive phone call from partner on burner phone at 9:30 p.m.­ -- or another pre-arranged "dormant" time­ -- on the following day;

  6. Wipe down and destroy handset.

Note that it actually makes sense to use a one-time pad in this instance. The message is a ten-digit number, and a one-time pad is easier, faster, and cleaner than using any computer encryption program.

Posted on April 7, 2015 at 9:27 AM • 77 Comments

Comments

wiredogApril 7, 2015 10:18 AM

One time use phone, one time pad, and one time laptop. Or a laptop that is cleaned after use, which probably takes a couple hours. All so you can receive a phone call tomorrow. Wouldn't using the one time pad to encrypt an email sent through Tor be easier, faster, and less expensive?

TinkerApril 7, 2015 10:26 AM

Why not just use a WiFi only tablet and use Encrypted Talk/Text over Data? In large cities, you have ubiquitous WiFi. Your work has WiFi. Your home has WiFi. Put a burner phone in your car for emergencies (battery out / Faraday when not in use).

arfnarfApril 7, 2015 10:26 AM

I think there's a step missing:

7 Make sure the person you are contacting also uses the same precautions.

It's likely your contact is also under surveillance and if they don't follow the same protocol then they are likely already compromised. And, anyway, how can you be really sure that they aren't?

JackyApril 7, 2015 10:53 AM

I don't fully understand why you need a Faraday? When the battery is taken out of the mobile, what do you expect from a Faraday?

alfredoApril 7, 2015 10:59 AM

1) Do not use a credit card to purchase the phone

2) Faraday cage? why? it's anomalous behavior, easy to locate. You must act as normal as possible.

3) This does not makes any sense. Just use OTP to encrypt text, that's what all intelligence agencies do.

65535April 7, 2015 11:14 AM

That is an interesting post. There probably is a way of leaving out the Tor part and using multiple phones and multiple times.

The real OPSEC problem is buying the phone for cash and the phone cards without being photographed at the store [cashier's cams and such]. But, I am sure it can be done.

Next, is the contact chaining problem [OPSEC problem of you phone mates]. Your name and number should not be in anyone’s contact list that uses a phone with a plan and the attached phone number, bank account number and PII information.

It probably works best in large metropolitan areas where the Stingrays will have difficulty pinning your exact phone – but they can only block it... if they block the right phone number.

Also, someone knowledgeable about Financial OPSEC should chime in and give some helpful pointers on keep'g the transactions opaque.

Last, it still would be nice to have voice encryption. I am sure it can be done I just don’t know the best way.

ThothApril 7, 2015 11:19 AM

Regarding One-Time Pad, assuming the encryption keystream uses standard ASCII letters (a-z, A-Z, 0-9) to encrypt a phone number which is also in standard ASCII as mentioned, a 10 character ASCII letter set as phone number gives 10 bytes which would be 80 bits of strength considering the key and message are of the same length. 80 bits of strength is not too bad but making the message much harder to bruteforce, I would recommend upping it to 128 bits at least which is 16 ASCII chars / 16 bytes.

In order to achieve at least 16 bytes / 128 bit strength, you set the first byte as the message length flag and pad the rest of the message randomly to reach 16 bytes (which is 5 more random bytes since you have 10 bytes of phone number and 1 byte flag). The flag is created by converting from decimal representation of the number to binary whereas the rest of the random pads and messages are done in ASCII representation to binary.

Taking a 10 digit phone number as an example "0959432047", you have 10 numbers and the flag would be in binary string "00001010". You convert the phone number from ASCII to binary as "00110000 00111001 00110101 00111001 00110100 00110011 00110010 00110000 00110100 00110111". Let's say the random 5 padding ASCII would be "a6dge" in binary string of "01100001 00110110 01100100 01100111 01100101" and you arrange the flag first, the message in the center and the pads at the back as in binary string form of "00001010 00110000 00111001 00110101 00111001 00110100 00110011 00110010 00110000 00110100 00110111 01100001 00110110 01100100 01100111 01100101", you would effectively have 128 bits of message data and you now need a 128 bit keystream thus making it 2^128 (excluding birthday attacks) of work. Since the padding bytes are randomly added, the actual message length are not known and is hardly distinguishable from the message so the flag is less predictable (although tempting to attack) thus making statistical analysis on such a fixed length block message much harder.

This usage can be somewhat overkill but it may make the life of cracking the One-Time Pad much much harder if your phone call really matters (life-death situation).

At least what is offered here is a format for OTP usage (instead of trying to guess and make one on the fly while struggling to maintain contact) in a much more secure manner.

As I have always pointed out, One-Time Pad relies on three critical components to be secure namely the randomness of the keystream, the uniqueness of the keystream and the length of the key/message to prevent bruteforce (best used in a fixed length block message format proposed above to throw off statistical analysis).

Of course other anonymity tools can be somewhat more convenient but more options is way better.

KusuriyaApril 7, 2015 11:41 AM

@alfredo, Faraday cages are pretty normal in todays western houses, they are more commonly referred to as "Microwave Ovens".

Clive RobinsonApril 7, 2015 11:46 AM

Why go to the hassle of buying a new burner phone?

There are plenty of little shops filled with "second hand" units, that nobody is going to blink twice at you paying cash for an older phone and one of those pre-pay cards.

Use it once or twice and either chuck it in the street trash or leave it on a public transport, or pub/bar seat/bench. High chance is it will be used by either the person that finds it or someone they know till the credit's gone, and then it'll probably end up in another shop to be sold on again "no questions asked". It might even end up in Africa, the Middle East or west Asia...

So why go to the grief and hassle of buying a new phone which requires CC / Photo ID / Address, not because they are "legaly required" in most places, it's just so they can sell your details on for 10 Bucks...

For instance this PM I had reason to walk down most of the length of "Brick Lane" just on the east edge of the City of London. I saw atleast 15 places where "cash no questions" pre pay phone cards were on sale, and most of those places had or could get second hand phones, do repairs and unlocking... oh and sell you a "Kebab wrap" as well...

Carl SwansonApril 7, 2015 11:47 AM

Uhh couldn't you just wear a trench coat and a pair of groucho glasses and then just use a payphone?

JohnApril 7, 2015 11:52 AM

@Thoth - You're over thinking the key strength entirely too much. A 10 digit phone number has at MOST only 34 bits of information (log to base 2 of 10000000000 or 33.219). So the OTP is perfectly fine. And the actual phone number is likely to have even less entropy (area code not being all possible numbers from 000 to 999, etc).

zbootApril 7, 2015 12:10 PM

It's surprising how many commenters suggest using a one-time pad to encrypt a full email conversation.

OTP is great for short messages, sucks for long ones. Using OTP for long messages tends to stress the human element of the encryption process leading to reuse and other weaknesses.

Using electronics to do the encryption for you defeats the purpose of the OTP recommendation in the first place.

Clive RobinsonApril 7, 2015 12:19 PM

@ Kusuriya,

Faraday cages are pretty normal in todays western houses, they are more commonly referred to as "Microwave Ovens".

Oh dear please don't say that because it's not true.

Microwave ovens use very frequency selective "quaterwave lines" around the door and vent slits, and might manage 40-60dB of antenuation at that frequence they are designed for. Which is more than sufficient to reduce the leakage power to safe levels for "Health and Safety" (see NRPB limits).

Mobile phones however work with more than a 70dB fade margin and at compleatly different frequencies to the microwave oven.

Thus there is a good chance depending on orientation and distance to the cell mast, that if you put your phone in and SMS or ring it it will have sufficient signal to respond...

If you look back on this blog a month or so you will see a longish discussion on home made faraday shields that did not work.

65535April 7, 2015 12:30 PM

@ Clive
“…plenty of little shops filled with "second hand" units, that nobody is going to blink twice at you paying cash for an older phone and one of those pre-pay cards.”

Good point.

Do you have any more financial OPSEC ideas?

Btw, I just did a quick net search and found that some new pre-paid phones come in at 10 USD => 6.7 GBP. 120 unit card 20 USD => 13.4 GBP. Can your little shops beat that price?

GrokApril 7, 2015 1:10 PM

Thoth;

Bit lengths/entropy/one time pads.
I think your misunderstanding a one time pad. Almost any pad key you use will give a 10digit number; There is a mapping from the crypt text to every phone number as you brute force the keys. When do you know you've cracked it by brute force and when it is a false positive that yields another phone number?

You can't "guess the OTP" on the fly either. Your recipient will need it to decrypt. The beauty of the OTP is that any valid message of the same length can be in there depending on the key. So for the same crypt text you could have any phone number its just different keys.

HermanApril 7, 2015 1:36 PM

The cost will run up rather quickly.

Rather go old skool and get your friend to buy a copy of the same Penguin paperback book you got, then go to a library computer and publish a numbers list on Twitter.

AngolaApril 7, 2015 2:18 PM

@Jacky, alfredo
You can't possibly know what's inside the phone, there could be a tracking device with a separate battery. And then, there are these new phones with non-removable batteries.

Like all security measures, it's useless until it becomes useful, but that one isn't too far fetched.

Aunt TildaApril 7, 2015 2:43 PM

Whilst on the subject of phone OPSEC, someone in the last squid post was complaining about the way whispersystems have been locking their users into google services and forcing them to register with some California-based (NSA-friendly) IT company. Well, it turns out a textsecure fork is already out: SMSSecure.

The good:
-It can be downloaded from F-Droid
-It doesn't require any Google code
-It doesn't force users to register with a USA-based company

The bad:
-It suffers from the inherent weaknesses of SMS as a protocol

Nick PApril 7, 2015 2:57 PM

@ Clive

Remember that our hardware guy mentioned the Chinese phones last time we discussed this stuff. He had one dumb phone for notifications and one with batteries out for calls. The calls were in short bursts. He told Wael he used Chinese phones with Spreadtrum chipset that allowed IMEI spoofing. I decided to see if any were still around.

This phone uses that chipset. More phones. There's also a YouTube vid of a guy going into "engineer mode" on a similar phone to change both SIM's IMEI's. The chipset company is described here. I'd go with a dumber one but... both would be subject to similar attacks these days and more horsepower = more countermeasures.

EvanApril 7, 2015 3:35 PM

General comment: when buying the burner phone, do like the drug dealers do and have someone do it for you to avoid showing up on the security tapes. A kid or a homeless person would do it if you paid them double what the phone cost (so a $10 prepaid phone will set you back $30) and not be able to provide much help to investigators.

@Herman: that doesn't work if the two of you aren't located in the same town.

@Aunt Tilda: Not registering with a US company is meaningless in this day and age. The US intelligence community has shown a willingness to: pressure US hardware and software companies to include secret backdoors, seize products during shipment to compromise them manually if they can't force compliance, set up false front companies overseas with no ties to American capital to set up backdoors in foreign companies, pressure foreign governments to share intelligence on their own domestic companies, and if all else fails, exploit and hack foreign companies servers themselves to obtain expansive intelligence assets against civilians in friendly countries. Any records about you on any computer anywhere must be presumed to be within the reach, if not the possession, of the NSA and its ilk.

sam the spam manApril 7, 2015 4:26 PM

pleb, please. you didn't even use voice encryption! NSA has voice matching technology. yeah, and what about the cameras at the store? or even covering the camera of the phone, if it has one?

aApril 7, 2015 7:08 PM

@Aunt Tilda

There are significantly less security risks associated with downloading TextSecure/Redphone from Google Play Store than there are downloading it (or a fork) directly or using a less reliable Play Store replacement. There has been no evidence that there's any real security issue with maintaining these apps with the Play Store and it's only for the sake of purism that people want to avoid it.

It's not that big a deal to make a gmail account. It doesn't have to be tied to anything important. Make a google account only to use with your phone and nothing else and and turn off all google syncing options and there really is no issue. In your very post you expose that you and others are willing to make serious security trade-offs in order to be pure and "boycott" Google. Why would you want to still be using SMS when Textsecure offers a less-limited, cheaper, and much more secure messaging protocol?

If you don't want your phone tied to an evil NSA-cooperating corporation then you've already failed the moment you started a phone plan as all the major cell providers fit this description. The question is how to use these services while remaining secure. With Textsecure/Redphone/Signal, this is actually an obtainable goal. And it's all open-source and free (the clients and the servers they use). Why you would fall back on a less secure protocol because of some need to boycott Google is beyond me. I'm with you, Google is evil and one should interact with them as cautiously as possible, but the idea (that seems to be part of the thought process of Google boycott advocates) that Google could be somehow clandestinely modifying apps like Textsecure with backdoors just isn't true. There are things in place to keep this from being possible.

ThothApril 7, 2015 7:47 PM

@John, Grok
What I wrote does not take into consideration of entropy in terms of log to base 2.

Grok, how would you know the plaintext is an ASCII phone number ? Maybe I could have placed something else although assuming that a user uses an ASCII phone number directly from what I wrote and a lot of assumptions were made when writing especially in terms of the format of the data contents. What I propose is to simply solve the instance of a short OTP message/keystream pair just in case someone using a phone number of 7 numerical characters (it exists) gets guessed and to encapsulate the data contents in a fixed length block to make realizing patterns more difficult.

If you want to "overthink" the problem, you could extend my scheme to pad it really randomly (not in terms of alpha-numerics but in terms of pure binary randomness) and also pad the front and the back of the data content variably. Of course that is too much for most people to handle so if the problem is with the alpha-numerics providing low entropy or it is guessable as a phone number, there are many ways to cover it up.

I still recommend if there is a need for hard-core security, OTP won't be the best choice as it is usually misused and misunderstood in terms of security.

Something interesting noted is if I use any other stream cipher (let's say Salsa) to encrypt a phone number and the opposition knows it is a phone number (7 numerical figures), the resulting ciphertext (same length as the plaintext) would still be pretty short and with the advantage of knowing the nature of the message as a 7 numeric phone number, I would likely be able to bruteforce it and exclude any non-numerics since a streaming cipher system handles data in bitstreams :) .

NSAIApril 7, 2015 7:49 PM

" Lyons, 22, knew something about banks because he was once a teller and had security training. He didn't leave fingerprints, didn't draw attention to himself by waving a gun around and ditched his clothes after each heist.

But he didn't count on the FBI using his cell phone against him.

In the case of holdups in Butler and Hermitage, agents examined cell tower records to reconstruct his path as he drove down Interstate 79 back to his apartment on Saw Mill Run Boulevard. He didn't know it, but the phone acted like a homing signal everywhere he went." http://old.post-gazette.com/localnews/20030722mainstreet0722p7.asp

Saw him in action, saw him in half.

"In Shadowrun, Fourth Edition, the Matrix rules have changed, thanks to the setting's constant evolution and a drive to match real world technological developments. After the second Matrix crash in 2064, Matrix technology was moved away from the wired network and led into a wireless technology. The most noticeable difference between the Matrix in the 2070s and the earlier editions is that wireless technology has become completely ubiquitous. Communications and Matrix access is provided through wi-fi nodes placed throughout the infrastructure of just about every city on Earth, fulfilling a service similar to contemporary cell towers—but as these nodes are as numerous as telephone poles, only a tiny percentage of their range is necessary. The nodes of all electronic devices a person carries are connected in a similar manner, creating a Personal Area Network (PAN). People access their PAN with their Commlink, a combination personal computer/cell phone/PDA/wireless device available either as an implant or a head-mounted display. This access can be the total sensory immersion common to cyberpunk fiction, or a sensory enhancement by which the virtual features of one's physical surroundings can be perceived and manipulated. The Matrix of the 2070s is thus not only a virtual reality, but an augmented or mixed reality. Cyberdecks are obsolete, so "deckers" have once again become "hackers". In turn, the otaku of previous versions (deckers who did not need decks to access the Matrix) have been reworked into technomancers, who possess an innate connection to the Matrix that permits them to access the wireless network without hardware." https://en.wikipedia.org/wiki/Shadowrun

It'll only work without hardware if you use your mind. If you don't mind it doesn't matter.

LePhonesApril 7, 2015 8:05 PM

Drug dealers where I live never use voice, because it can be recorded then played back to you in court. Their houses and vehicles are always bugged with listening devices too so it's a big no-no to say anything over a phone regardless if it's end to end encrypted. It would be better if this clandestine network instead texted each other over OTR/TextSecure using prearranged code words to verify each other's identity. Everything else would remain the same, except buy your used Android phones off Craigslist for cash.

Nick PApril 7, 2015 8:15 PM

@ a

"The question is how to use these services while remaining secure. With Textsecure/Redphone/Signal, this is actually an obtainable goal."

Not at all. Those two apps only protect you against passive eavesdroppers with no attacks on Android, your firmware, or your hardware. That's a considerable number of threats ranging from low to medium talent. Not the ones I worry about, though. They're more sophisticated. Securing a mobile phone takes a lot of hard work. Otherwise, it's back to penetrate and patch with the former on a winning streak across the board.

Did I mention the chip design costs tens of millions with the resultant phone subject to lawsuits covering up to 250,000 patents? (Depending on features.) There was a reason my original device was a clunky, VOIP VPN made from diverse, COTS parts.

AlexApril 7, 2015 8:40 PM

@Clive Robinson, no way.
Leaving phone in any public place leaks your fingeprints on the phone's surface. Used phones should be burned instead.

ThothApril 7, 2015 8:59 PM

@Alex
Chances of someone going to pick up your phone and pass around is very high. As long as more people touches the phone, it gets more complex to handle. I believe that is Clive's thought process.

Nick PApril 7, 2015 9:31 PM

@ Alex, Thoth

You could wipe it off in a public restroom before chunking it. At that point, you don't have to actually be touching it. Many ways to go about that part.

SpookyApril 7, 2015 10:14 PM

Nice, simple system for a single cell convo. Some thoughts...

* If this is a delayed one-time message exchange and there is already an existing requirement for a OTP (transferred manually in meat space, as many bytes as needed) either Alice or Bob could publish a message XOR'd with the OTP (and Base64 encoded) on the pre-arranged Twitter account using a clean machine with a spoofed MAC on public wifi. No need to risk cell network access at all.

* If ongoing data transmission is needed, use the number of bytes required from your OTP as the key to a suitable block cipher and post away. The name of a new Twitter account could be included with each encypted message, so no account gets used more than once (but since the account name is known plaintext, vary its location within the uniform message block every time).

* Getting near the public wifi network without showing up on some retailer's security cameras (where the time and date data could be correlated with your periods of access on the public wifi network or that network's carrier) may be a challenge. Public transportation (buses, trains) often contain cameras to deter crimes against the driver and passengers. Red light cameras at intersections may be logging the license plate number of your POV by default. Most retailers that offer free wifi also run a large number of cash transactions and generally have a register camera (to deter fraud as well as robberies) and possibly a front door camera and parking lot camera (which may be aimed through the glass of their shop window). Some of these devices are obvious but many of them are sufficiently small or well-disguised as to be invisible. All of them create a record of your movement through the area that can eventually be matched with your access. So, walking might be preferable to driving and a light disguise (typical hoodie plus sun glasses, lightweight computer concealed under the hoodie; NO backpacks) would probably be wise. There are a variety of directional antennas that could help you access the public network from well off the premises, but do avoid drawing attention to yourself. People see things. ;-)


--Spooky

FigureitoutApril 7, 2015 10:43 PM

The OPSEC is "pretty good" ie: most practical, probably will work many times; however far from being "the ultimate". The main reason you'd need "the ultimate" is some kind of shipment...

But this will vary from person to person and place to place, OPSEC is personal to you and what you need to run securely. You need someone equally paranoid to even make it worth it or they'll screw you or you're basically talking to yourself...

The advice on BEING MINDFUL of your schedule and what technology is on your person is probably the most important. OPSEC is a state of mind you apply to many simple things, not some opaque technical thing. This is...everything. Your person, your schedule is you, it's what you do, it's your personal operations. Your weak spots are your home, work, gym, hobbies, etc.; it's where creeps will begin to build patterns.

Keeping that in mind, you can see that approaching secure OPSEC is something that takes a long damn time and extreme planning for all the possible situations and if something fails you need to act immediately on "failsafes" or "bailouts" quickly and destroy that evidence or get away quickly.

There's so much surveillance these days that doesn't allow for this "cleanliness" of operations that once you become aware and trying to operate securely you've probably already been compromised and/or patterns stored and one can simply "following the DNA crumbs" back to you if need be. One example I'll state is microwave/IR sensors in public bathrooms, it's all a "switch-based" system, and LED's that let you know there's a sensor there can be disabled w/ a simple jumper. These switches could turn on all kinds of surveillance tech, especially if it has an obvious power line. So written messages should generally be handed off instead of spoken (only a few people would be willing to do this and not make it super awkward, some for fun eh? lol).

Technically speaking, the best OPSEC tools are simple, either work or they don't, and don't take in a bunch of user-identifying input to work. Electrically, there's a lot of such devices that can be made.

Urban areas (very large ones) are the best for [electrical] OPSEC as I can just get a random hotel room (every single hotel room needs to be surveilled, and the fact you're going there should be shielded typically w/ immediate check-ins) and use a 2.4GHz high gain yagi antenna and connect to wifi network 1-2 miles away from the safety of my room via all the typical PC OPSEC and send off some agreed upon messages in an agreed upon location.

These things get so hilarious and hairy real quick. But I suppose there can be some "foundational basics" that begin to rise up and can be implemented easier for low cost.

65535 RE: Financial OPSEC
--If you got the money, you can afford some good protection so long as you do it. In fact if money isn't a problem, you should be able to have very strong OPSEC. Simplified version is finding a store that sells prepaid credit cards. They can run from $25-$500, this should cover many throwaway phones, parts/components for an offline device, or even full on computers (multiple ones). You can do the whole get someone else to buy them (which again, if you got the money to blow, do it; just don't get an undercover cop to do it) or just buy a bunch. Then register them all over the place, fake names, etc. It works. There was a flaw in the exact one I was using lol, allowed one to see my account, and the speed w/ which it was patched made me feel "ok".

Some idea I was thinking of posting, which I guess I will (meh doesn't matter). Is just having a package mailed randomly to a neighbor, then walking over and showing them the receipt and how you made a typo on the ordering form. This would avoid specific targeting on your address and avoid having to personally set-up a P.O. Box.

WaelApril 7, 2015 11:33 PM

@Nick P,

Remember that our hardware guy mentioned

I still wouldn't trust it. You might as well use this phone ;) or better yet, use this one. Put eight of them in parallel and you have a byte :)

WaelApril 8, 2015 1:50 AM

I like step #4. There is one small problem with the OTP. How do you "securely" agree on one with a person who's in a remote area?

Joker_vDApril 8, 2015 3:40 AM

@Thoth

What if we actually assume, more reasonably, that a phone number is ten digits, that is, an element of {0,1,...,9}^10 , and so is the one-time pad — just ten digits? The proposed encryption function is E(M, K) = E((m1,m2,...,m10), (k1,k2,...,k10)) = (m1 + k1, m2 + k2, ..., m10 + k10), where "+" is understood as integer addition modulo 10. Correspondingly, D(C, K) = D((c1,c2,...,c10), (k1,k2,...,k10)) = (c1 - k1, c2 - k2, ..., c10 - k10), where "-" is understood as integer subtraction modulo 10.

BarneyApril 8, 2015 4:52 AM

Thoth wrote "This usage can be somewhat overkill but it may make the life of cracking the One-Time Pad much much harder if your phone call really matters (life-death situation)."

A one time pad is impossible to crack if used correctly. There is no need and no way to make it 'harder'.

OTP is not often used because there are practical issues that make it difficult to use correctly, not because it isn't strong enough.

BarneyApril 8, 2015 4:56 AM

I think Joker_vD has suggested a perfectly good version of an OTP. They pad should be destroyed immediately after use.

If the pad is a genuine random sequence of digits then the encrypted message will look exactly like a random sequence of digits to anyone who intercepts it and doesn't have the pad (because that's what it is). There is no possible computation they can do to crack the message.

Nick PApril 8, 2015 5:22 AM

@ Wael

Phones like that are why I have to watch out for you. Clearly, anyone using that second telephone should be aware of the U.K.'s interception equipment tailored to that device. A certain group that put a high price on privacy came to its end partly due to reliance on the same equipment.

Clive RobinsonApril 8, 2015 5:43 AM

@ Alex,

Leaving phone in any public place leaks your fingeprints on the phone's surface. Used phones should be burned instead.

It also leaves your skin / hair / earwax DNA as well, but if you don't know how to either stop that contamination or clean it off then I guess you need to practice more fundemental types of OpSec because the use of any physical object has the same basic issues.

However the "one time use" of a phone is suspicious as is using phones with odd electronic ID numbers (SIM or Hardware of phone).

It's fairly simple to trace back --through the Phone DBs Telco's are required to keep-- to find phones that have not been moving, placing calls or network connected for the past few hours / days / weeks etc. This alone makes them highly suspicious and is thus very poor OpSec as I've indicated before "drug dealers" at the more sophisticated level than street pushers are well aware of this, and "Bash, Burn n Bury" is not the way they go about things (pusher level usually do as told or cease to be). Likewise various group leaders and other people that have "drone issues" in the Middle East are passing phones on for the same reason as even the press are now reporting...

OpSec with electronic communications is very difficult at the best of times as the "fake rocks in Moscow Parks" showed. Trying to do it with physical objects is likewise hard. When it means using both as in this case the issues don't increase by simple summing but tend to multiply or worse.

If I could remember the link, I posted on this blog a few years back to @Nick P, I'd repost it. It was to a UK newspaper article where the senior staff had tried to practice minimal OpSec with a small "phone pool" and had found that they were just not upto the task...

OpSec is tough at the best of times when nothing is "on the line" but when it means a visit by a drone or black Ops squad because you have become "a person of interest" then you have to have a certain mind set where it does not quickly lead to "rabbit in the headlight" paralysis or worse "long gun fever".

As I've pointed out on a number of occasions people have to be trained in "field craft" and if you know the cafes or bars to sit outside you can often spot those being trained, either to "shake a tail" or "doggedly follow the footsteps". The reason for this is they concentrate to much on only the opponent not the crowd, and thus stick out like the proverbial sore thumb to a watchfull face in the crowd.

Back long prior to 9/11 I was told "If you can spot a tail either you are very good or they are not, either way you've failed.". There was of course a couple of other options back then which was they were trying to "drive you" or they were using you to train others, but the basic premise was still true, "You've Failed" and become a person of interest at some point and thus from then on "Carry the mark of Caine" untill you die.

However these days there is another option, you only have to be told the size of the "No Fly List" to realise that you can become a person of interest through a typo or other misfortune of chance.

Either way it's fairly easy to see that there are now way way more people of interest than there are skilled counter terror/ intelligence personel to investigate. And even when it's not chance, the chances are you will only get a minimal observation by unskilled personnel such as low end LEO's or worse contractors. So you do these days even though you may remain "listed" you do have a chance of "fading from view" as even the press has noticed and commented on quite vociferously post Boston Marathon Bombing.

WaelApril 8, 2015 6:12 AM

@Nick P,

Time to pluck a Pegeon... And I like the "British Suicide Pegeon Weapon" piece they wrote! Who was it that posted something about Jihadist Chickens here the other day?

@Clive Robinson,

It also leaves your skin / hair / earwax DNA as well

How deep in your ear do you stick the phone? :) Now there's an idea! Go fishing for used Q-Tips and lace the phone with some earwax before dumping it. For more security, use animal ear wax, some animal hairs and... I guess you know where I am going with this :)

Clive RobinsonApril 8, 2015 6:18 AM

@ Nick P, Wael,

Who in their right mind would not think "carrier pigeons" would become targets.

Look at it this way, they are a valuable sorce of known to be edible protein and much prized for their taste, and get shot quite often in continental Europe in peace time. In war when food is scarce the chances of them not being caught and eaten would I think be a lot lower than in peace time...

A funny but true story for you,

Some years ago a group of british "pigeon fanciers" held a race with a starting place in rural France. On the morning of the start the fanciers assembled with several hundred much prized and quite valuable (to fanciers) birds in a small field surounded by hedgerows. At the proposed time the birds were released. Almost immediately there was the sound of shot guns letting rip as the "local peasantry" --as they became called-- who had been hiding behind the hedgerows shot the birds from the skies, to fill their cooking pots.... Much was made of the incident because one of the locals was supposadly fairly high up in the local police force, and another a close relative of the town mayor. Suffice it to say that Limousin is still off of certain pigeon fanciers list of holiday places...
For those who might enjoy pigeon stew, I have an authentic recipe from friends who live a quite contented but "well fed" retirement in Limousin living on their --very small-- farm enjoying the "fruits of wood, field and hedgerow"...

Clive RobinsonApril 8, 2015 6:37 AM

@ Wael,

Nature did not design Q-tips, which if you read the warning on the packaging are specificaly not designed for poking in bodily orifices...

So many millennia ago nature designed the ear to use wax as both a protective lubricant and importantly a conveyor of dead skin, and other detritus out of the ear cannal into the "wing nut" on the side of your head you put your phone against...

Occasionaly natures system goes badly wrong as in the case of "sand deafness" where the wax instead concreats the detritus into a solid plug, which needs to be syringed out.

One thing that always reminds me of the human ability to convince it's self of "magical solutions" and "pixie dust thinking" is "ear candles"...

WaelApril 8, 2015 6:43 AM

@Clive Robinson, @ Nick P,

they are a valuable sorce of known to be edible protein

And an unknown to be drinkable protein as well! Ask king Farouk ;)

That's a funny story to us... A tragic moment in life to the fanciers! Oh well, I have the best Pegeon receipe; I ate four of them for dinner last weak :)

KyathosApril 8, 2015 6:44 AM

@Aunt Tilda: Thanks for the SMSSecure heads-up. I've been looking for something like this for months!

WaelApril 8, 2015 7:01 AM

@Clive Robinson,

Nature did not design Q-tips [...] So many millennia ago nature designed

There is no such thing as "Nature" :) Nature doesn't design didly sh*t... Ok, I take that back, perhaps it designed a Fruit Fly :) Speaking of insects, wax protects the ears from insects getting in.

"wing nut" on the side of your head

Are you giving me another alias (Wing-nut on the Side of your Head Sockpuppet), now that the first one died?

Aunt TildaApril 8, 2015 7:03 AM

@ a

Of course Google doesn't introduce backdoors into open-source APKs. The point is, they don't need to.

With regard to the NSA and my phone plan, it's a bit like going out on your own late at night. There is always the risk some nutter could try to rape me, but that doesn't mean I walk around with my panties around my ankles.

MikeApril 8, 2015 8:01 AM

Hi just for the poor people, instead of burning the phones or buying a new one maybe? an option would be to use a phone where you know howto change the IMEI on the actual phone instead.
The phones that pops into mind would be older blackberries and chinese phones with chipset
MTK6582 or MTK what ever chipset might work
Just my 6 cents

MikeApril 8, 2015 8:05 AM

Btw, there is a tool for MTK phones that lets you adjust alot of stuff among others it makes you tune the fm radio to what ever frq and it clearly shows that its dsp based
the chipset is an advanced one, it carries, gps,wifi,gm and i think bluetooth
its called MTK6628 has anyone tingled with the fm thingy to see if it can tune into other frq then 88-108 etc would be intresting to know
73

MikeApril 8, 2015 8:06 AM

Btw, there is a tool (playstore mtk engine shortcut) for MTK phones that lets you adjust alot of stuff among others it makes you tune the fm radio to what ever frq and it clearly shows that its dsp based
the chipset is an advanced one, it carries, gps,wifi,fm and i think bluetooth
its called MTK6628 has anyone tingled with the fm thingy to see if it can tune into other frq then 88-108 etc would be intresting to know
73

Replicant userApril 8, 2015 9:18 AM

@a:
"boycotting evil google"

I for one have made a big effort to keep google (and others) away from my phone, not because I'm trying to make a cute political statement but simply to try and protect the privacy of my own communications. I'm chuffed that someone has made a fork of textsecure without the lock-ins.

dittybopperApril 8, 2015 9:55 AM

@Wael: You can mail OTP's in tamper-evident packaging. So long as you can tell that the container has been opened and that the pads have been accessed, security is preserved. You can use an extra guarantee by overnight mail: That leaves precious little "slack" in the delivery schedule for an organization to seize, examine, and re-package the pads convincingly without delaying the shipment. If your package is late

Alternatively, you could pass them via a dead-drop, or even pass them in person.

For very small pads, the kind you would use for passing a phone number securely, or limited size text-type messages (which is where manual OTPs really shine), they can be made extremely small in size and can be disguised as nearly anything.

One important thing that doesn't get mentioned often enough though is that if you are to preserve the security of the pads forever, they must never be generated or used on an electronic device. My preference is to use a handful of 10-sided dice to generate the groups, and a manual (non-electronic, non-electric) typewriter to make the pads themselves. If you don't have one, you can write them down manually. After you are done generating the pads, you burn the ribbon and the carbon paper if you used it (rare these days). Carbonless paper is the preferred method, though, and if you use 3 part blank carbonless forms, you don't even need a ribbon. Burn the top paper, and use the two carbonless copies as your encrypt/decrypt pads.

hermanApril 8, 2015 12:17 PM

The nice thing about using a printed book/magazine code, is that you need not mail the book to the other party, you only need to send him a clue as to which book to buy.

RickyApril 8, 2015 1:03 PM

Alex • April 7, 2015 8:40 PM
@Clive Robinson, no way.
Leaving phone in any public place leaks your fingeprints on the phone's surface. Used phones should be burned instead.

public places are also full of spy ahem security camera that may correlate facials to abnormal cellphone usage patterns.... lol ... while you unknowingly trespass marked physical assets.... worst case scenerio "they" allowed only one coincidence per year.

dittybopperApril 8, 2015 2:08 PM

@herman, the problem with a book code is that they are relatively insecure. The principles for breaking them are well known and have been for centuries.

They can, however, be used in combination with other manual techniques in order to make a relatively secure manual system. You could, for example, in conjunction with an OTP, though traditionally you'd simply encrypt the message letter-by-letter.

If I were going to come up with a system that used a book, I'd want to use something like the old telegraph code books for their brevity: They compress entire phrases and sentences into a single code group, which is great if you are encrypting and decrypting manually. And of course you would need to further encrypt the messages, either by OTP or by some complex combination of fractionation, transposition and substitution.

Unfortunately, such code books are scarce these days. A dictionary can be used, and in some circumstances may shorten the message somewhat. For example, the dictionary on my desk has 1147 pages, with 2 or 3 columns per page, so a message such as:

MEETING POSTPONED UNTIL THURSDAY

Could be encrypted like this:

060115 073926 101627 096632

Those numbers equating to the 15th word on page 601 (with leading zeroes for all page numbers less than 1,000 so all groups have the same length), the 26th word on page 739, the 27th word on page 1016, and the 32nd word on page 966. Instead of 29 letters, we have just 24 numbers, a significant reduction in length.

Numbers also let us do some neat things, like encrypt manually using Modulo 10 arithmetic. This could be an OTP page, or it could also be some manual algorithm to generate a pseudorandom sequence of numbers. Let's say you have this random pad:

18094 21148 44234 52795 22366

We add them together, without carrying:

06011 50739 26101 62709 6632
18094 21148 44234 52795 22366
----- ----- ----- ----- -----
14005 71877 60335 14494 88686

We could transmit it just like that if it was a true OTP. If we used a pseudorandom sequence we generated, it's probably a good idea to add another step like transposition. This is a simplified version of that using a key word:

SPLAT
43215
-----
14005
71877
60335
14494
88686

Reading the columns off in keyword order, we get:

07398 08346 41048 17618 57546

Decryption is the reverse of the process.

If the requirement is for absolute security now and forever, and storage isn't a problem, I'd use a one time pad. If the situation is such that you can't use an OTP, the elements of the key and algorithm to generate both pseudorandom sequences for the substitution and the transposition need to be memorable, yet complex enough that a low amount of traffic isn't breakable.

AlexApril 8, 2015 3:11 PM

Wow...a lot of people apparently haven't done this type of work before... which makes me worry because this is second nature to me. Not sure if that says something about me or the rest of you.

First, there's a place called "the bad part of town." Virtually every city/town has one. If you're in a new city, start by looking for Obamacare offices / Spanish-sounding convenience stores / Martin Luther King Blvd / etc. In larger cities, look for Asiantown. You can get anything/everything you want there. No cameras, cash-only, no records, no questions asked. They also have some nice prices on watches and handbags too.

As far as OTPs, use an agreed-upon translation of the Bible. Hotels are awesome for this! There's always a Gideon's, and if you're staying at a Marriott, a Book of Mormon. Simply bury your info in "Sermon Notes". There's no shortage of them out on Google. I'll leave it up to you to figure out how you'd best implement it. It looks innocent enough and if anyone gives you grief claim they're discriminating against your religion. This is how some of the US-based Islamic terrorists get stuff done, at least the ones I've actually seen in action.

Also, if you really want to be "off the grid" -- 2-way radios still rule. The 900MHz spread-spectrum, frequency-hopping radios out there are reasonably secure and the frequency-hopping makes reconstruction of the data difficult. There's plenty of other places to play on the radio spectrum as well, both legal and illegal. I can't condone playing where you're not licensed...but... it depends what you're doing and your own determination of risk. Usually someone who has 1) just robbed a bank and 2) carrying a firearm, isn't worried about getting in trouble for 3)speeding and 4)evading arrest and/or detention.

Marcos El MaloApril 8, 2015 3:47 PM

Regarding used phone acquisition, might not counter-espionage agencies seed shops with compromised cheap/used phones? Now the covert operator has the additional overhead of ascertaining that his or her phone is clean, if they even have that capability in the field. Seems problematic since one would have no idea of the level of their security and anonymity.

Nick PApril 8, 2015 4:02 PM

@ dittybopper

"You can mail OTP's in tamper-evident packaging."

Shouldn't be trusted unless you have evidence that a pro can't beat it. Many tamper-evident techniques have been defeated by security researchers.

dittybopperApril 8, 2015 4:08 PM

@Alex, I'm not sure what you mean about using an OTP based on Bible verses: Those are not random, and an OTP *MUST* be random, and unpublished (ie., unknown to the adversary), and they must be destroyed immediately after use. You can't do that if there are tens of thousands of copies out there.

As for the radios, it's ironic in this day and age that simple 2 way radios are actually more inherently secure than cellphones. It's easier to casually eavesdrop on them, but that can work to your advantage. You *KNOW* someone is probably listening, so you'll use extra caution, and you can use code names and phrases to conceal what you are doing. Your location can't be determined easily without specialized equipment within range of your transmission, and if you communicate and no one is monitoring it *RIGHT*THEN*, the information is lost forever. It's not like cellphone call and ping records that can be retrieved later on.

You don't even have to go through the trouble of using the 900 MHz frequency hopping radios, which won't protect your communications against a competent SIGINT organization. A relatively short amount of monitoring with a wideband receiver would allow them to deduce the hopping sequence. Useful against the nosy neighbors and local constabulary. Less so against the big boys.

I actually think communicating over HF is a viable option these days, especially for scheduled medium range (ie., 10 to 300 miles) communications. The equipment is cheap, small, and by exploiting Near Vertical Incidence Skywave techniques you can minimize the danger of the Duffies getting a fix on you. The only downside is the size of the antennas, but they can be a simple low wire thrown into the trees. I've often found a spot, thrown a random length wire into the trees, made a ham radio contact, and reeled the wire back up in less time than it took for me to type this post. And of course, the person receiving the message doesn't have to worry about being DF'ed, so they can monitor from their home location.

The main idea being that if you transmit, you don't want to stay in that area. Send your traffic, then move.


65535April 8, 2015 4:56 PM

@ Figureitout

“Simplified version is finding a store that sells prepaid credit cards. They can run from $25-$500, this should cover many throwaway phones, parts/components for an offline device, or even full on computers (multiple ones). You can do the whole get someone else to buy them (which again, if you got the money to blow, do it; just don't get an undercover cop to do it) or just buy a bunch. Then register them all over the place, fake names, etc. It works. ”

Yes, I agree, it can be done with multiple phones and enough money.

“Urban areas (very large ones) are the best for [electrical] OPSEC as I can just get a random hotel room (every single hotel room needs to be surveilled, and the fact you're going there should be shielded typically w/ immediate check-ins) and use a 2.4GHz high gain yagi antenna and connect to wifi network 1-2 miles away from the safety of my room via all the typical PC OPSEC and send off some agreed upon messages in an agreed upon location.”

Good observation. In high density urban areas you could easily get lost in the clutter of cell phone transmission. The only thing I would suggest is buying a cell w/out GPS units. Those units can be very accurate.

I believe that some of the very low cost cell phone doesn’t have GPS [just signal strength sensors, RF transceivers and algorithms].

I can see the above article and comments are interesting and could be useful to political dissidents and even some lawyers [plus others].

NSAIApril 8, 2015 8:43 PM

"We were drowning in toll records," a former intelligence official said.

The DEA asked the Pentagon for help. The military responded with a pair of supercomputers and intelligence analysts who had experience tracking the communication patterns of Soviet military units. "What they discovered was that the incident of a communication was perhaps as important as the content of a communication," a former Justice Department official said.
http://www.usatoday.com/story/news/2015/04/07/dea-bulk-telephone-surveillance-operation/70808616/

In other words...connect the dots and legal pads in the right hands with clipboards could give the supercomputer a run for its money. Update: We are drowning in red ink and are low on water and wisdom too.

"Weeping, Gilgamesh approaches a series of gods to ask for their aid; turned down by two gods, he is pitied by Enki, god of fresh water and of wisdom. Enki conjures Enkidu in the form of a phantom, so that Gilgamesh can see his friend and learn about life in the underworld. Enkidu informs him that people who die childless fare poorly, while the more sons they have the better off they are, thanks to the offerings their sons make for them on earth. The poem breaks off with the sobering information that unburied corpses find no rest in the netherworld, while "the one whose shade has no one to make funerary offerings ... eats scrapings from the pot and crusts of bread thrown away in the street.""
http://www.lostmag.com/issue34/assyriology.php

The phones are useless. Maybe the phantoms will come up with a solution. Until then the best you can do is beer and fresh bread, both of which are also getting rarer. Debt is getting higher and more flooding expected.

Dirk PraetApril 8, 2015 9:06 PM

... Encrypt the cell phone number using a onetime pad (OTP) system and rename an image file with the encrypted code. Using Tor to hide your web traffic, post the image to an agreed upon anonymous Twitter account, which signals a communications request to your partner; ...

I would actually hide the encrypted number in a stego image instead of renaming it.

However secure a truely random OTP may be, one can also consider using a nym account to post it to alt.anonymous.messages through a Tor onion SMTP-service and a chain of type 2 mixmaster remailers. Mixnym.net and dizum.nl have good instructions for setting up an account and sending/receiving messages.

Those who need a simple GUI can use QuickSilver Lite and its companion program QuickSilver AAM. The latter supports in-line NNTP retrieval over Tor as well as easy sorting of a.a.a. messages through hsub/esub headers. Works on Windows and Linux/Wine. Alternatively, you can run it from Whonix for some added anonimity and privacy (instructions here). @Nick P may even like the Qubes + Whonix combination.

Admittedly a bit daunting for non-technical users but common practice for old-school cypherpunks. Those who prefer the convenience of a phone or tablet are kinda screwed too ...

@ Marcos El Malo

Regarding used phone acquisition, might not counter-espionage agencies seed shops with compromised cheap/used phones?

Probably more cumbersome for them than putting in place agreements with Apple, Google, Microsoft and major carriers to seed shops all over the globe with compromised high-end phones 8-)

@ dittybopper

My preference is to use a handful of 10-sided dice to generate the groups,

A lot of people use dice. I have always preferred scrabble tiles, but find both methods kinda tedious, especially when you have to generate a large number of pads. Unless you're up against state or high-end corporate actors, you may as well use something like OneTime that draws from /dev/random.

@ Wael

There is one small problem with the OTP. How do you "securely" agree on one with a person who's in a remote area?

You can use the method I described above or fax it between two selected shops in both areas. Should be safe unless someone is listening in on both lines and using a fax demodulator.

Marcos El MaloApril 8, 2015 10:13 PM

@Dirk

Why would a counter espionage agency need any such agreement with phone manufacturers? They can buy cheap phones that are commonly used as burner phones in bulk, modify the hardware or firmware, scuff them up a little, and then send an agent out to sell them to the little mom & pop used phone kiosks 5 at a time until they've salted a city.

In case I wasn't clear, I'm specifically addressing the idea of paying cash at out of the way shops and/or paying someone to make the transaction for you.

What made me think of this was the purported way Stuxnet jumped an airgap: via USB stick probably bought at a little street stall. The agency or agencies responsible saw to it that the markets in the area were stocked with compromised USB sticks. One eventually made it into the centrifuge facility and compromised the internal network.

FigureitoutApril 8, 2015 10:47 PM

Alex RE: 900MHz radios
--Finally! People somehow think that using the same surveilled medium will have different results when it's all surveilled thru the wire, all data captured; RF you simply cannot be sure. I've got solutions which I may make available eventually, potentially on crowded 433 MHz (doubtful, short range most likely; but very easy to work w/), and some more involved setups. Had a go (I was doing rapid fast development, that became an utter failure as I was moving files across, eventually it got to somehow needing to compile w/ my USB stick in and then a power issue I've never dealt w/ before, which froze the PC and heated up the dev board. Deleted. Going to have another go (and double check the circuit to try and find this power issue) and just dedicate it to a sensor project). Some of the problems I think is I was getting compile limitations (code amount limits as I'm not paying anything, and don't want to go crawling on my knees for support), and there was mentions of some bugs on older revs. I wanted source of this firmware that had the RF protocol working nicely, good UI, could successfully pair, TX and RX; but could not find it and briefly looked into 8051 binary disassembly and was quickly discouraged w/ horror stories and "it's impossible" or "don't even think of trying this". As is, it could still provide an "out of band" authentication solution, but would need a nice big antenna (which it's nice and has a good antenna connector too). But what I wanted is to connect the board to your PC and open up just a text box, write your message on your PC, then "send it" to your board, then push button to actually send.

dittybopper
You *KNOW* someone is probably listening
--Lol, *maybe* scooping up data (you couldn't even store all the RF, we'd run out of power), but it would probably be slightly corrupted (or could be, easily); sounds like you're a ham, you should know just how fragile RF is and that even knowing the frequency and even seeing it, you can't just receive the actual info. Guess it's assumed by me that what one would be doing is constantly switching modes, frequencies, times, and locations. So even if you snagged it, you wouldn't get full picture (and likely an OTP).

Do you have your radio tuned to 900MHz right now? Some protocols can be so fast now, you would need some very nice equipment to even get a noticeable rise in the noise floor. Do you have software that would work flawlessly decoding the data on all bands? Man no lol; maybe you have your DSP and error-correcting algorithms tuned precisely to a certain protocol on a sliver of a band.

I hope another one of my "dumbass" tests isn't in order (something like stating I'm going to transmit in this location, this frequency, this mode, can you get it?--Next try when I don't give you any of that info.), this is a lot easier said on the keyboard than doing w/ an unknown protocol and schedule. Getting external intel on the protocols (internet searching), well that's cheating eh?

Bottom line, even on the "mainstream" band of 900MHz, I'd take that many times over even very strong internet-based solutions as the data is on the wire and sliced/diced and surveilled who even knows how much 100% sure; there's not all of the problems associated w/ getting a clean RF signal.

65535
--Another reason I'm using these temp. credit cards is if someone gets the card numbers they're not good very long; so the carders can suck it too w/ bunch of numbers that have no money anymore. Investigators could just get 100's of these $25 cards and use one separately on a bunch of sites, then wait for a bite. Then you can search that site more.

As far as RF environment in a city, think all the car motors, and all the wifi networks packed in every apartment, all the phones, car radios, then all the electrical noise, then the buildings creating these insane environments for waves to bounce around.

As far as fully verifying a phone to not have GPS, we can't even verify all the chips everywhere, SoC's. Just note when you turn it on and what you say into it (probably best to text OTP's as audio DSP is getting really really good...).

Dirk Praet RE: Whonix-Qubes
--Yeah, some "Hugh Jass" here, that was his/her setup. Liked it, seemed pretty strong. My main concern was needing a HDD (persistence) and it'd have to be a fairly modern laptop/PC (4+ GB RAM bare minimum for Qubes, which it's not the RAM I'm really worried about...).

65535April 9, 2015 12:23 AM

@ NSAI

The DEA appears to have a criminal element embedded in their system akin to the criminals they were tracking. Lying to Judges and defense attorneys is clearly illegal. This is very troubling.

[USA Today]

“The DEA obtained those records using administrative subpoenas that allow the agency to collect records "relevant or material to" federal drug investigations. Officials acknowledged it was an expansive interpretation of that authority but one that was not likely to be challenged because unlike search warrants, DEA subpoenas do not require a judge's approval. "We knew we were stretching the definition," a former official involved in the process said… To keep the program secret, the DEA sought not to use the information as evidence in criminal prosecutions or in its justification for warrants or other searches. Instead, its Special Operations Division passed the data to field agents as tips to help them find new targets or focus existing investigations, a process approved by Justice Department... Many of those tips were classified because the DEA phone searches drew on other intelligence data. That practice sparked a furor when the Reuters news agency reported in 2013 that the DEA trained agents to conceal the sources of those tips from judges and defense lawyers…”

http://www.usatoday.com/story/news/2015/04/07/dea-bulk-telephone-surveillance-operation/70808616/

@ Figureitout

"As far as RF environment in a city, think all the car motors, and all the wifi networks packed in every apartment, all the phones, car radios, then all the electrical noise, then the buildings creating these insane environments for waves to bounce around."

How true that is. Think about all of the auto tire sensors that are embedded in each wheel to measure tire pressure [These valve stem pressure gauges are four to a car and use RF for transmission for the most part]. That is a lot of noise.

"As far as fully verifying a phone to not have GPS, we can't even verify all the chips everywhere, SoC's. Just note when you turn it on and what you say into it (probably best to text OTP's as audio DSP is getting really really good...)."

Good observation. I wonder how to find out if a burner phone has GPS [other than getting the manual].

I would guess if the phone has a camera and/or “image stabilization” mechanism it probably also has GPS – who knows. Are there any 'cell phone GPS experts' on this board willing to take a stab at this question?

Dirk PraetApril 9, 2015 9:32 AM

@ Marcos El Malo

Why would a counter espionage agency need any such agreement with phone manufacturers?

I was referring to "lawful access" as well as embedded spyware that carriers and manufacturers are providing to governments and big data corporations. When hiding from a determined and resourceful state actor, using a smartphone for any sensitive voice/text communication is probably a bad idea, even when encrypted (Signal/RedPhone/TextSecure).

The point I was trying to make is that it is probably harder for an agency to effectively poison the supply chain of cheap and secondhand "dumb" phones (or flash drives) than it is to monitor iPhone, Android and Windows Phone activity in a targeted area. Hence it makes sense to work around that problem by having access to the encryption keys of the world's largest SIM manufacturer(s). Remember Gemalto ?

Comm CzechApril 9, 2015 11:17 AM

It's hard to account for the popularity of modern phones.

Personally, I favor the theory that high, medium *and* low sunspot activity causes the crazy gas (which someone has apparently been spraying on people since the beginning of recorded history) to be bombarded with stupid waves -- which obviously (just turn one on) emanate from television sets. This causes the crazy gas (which normally only causes people to do their *usual* insane shit) to induce sudden manic compulsions to either (a) broadcast pictures of their food, their cats and/or their dicks; or (b) communicate with each other about blowing other people up by blowing themselves up.

That's why I decided to *not* own a cellphone (or a television set), *always* sit facing the door, and spend my golden years (hours? minutes?) oiling this rabbit-eared Greener and huffing down as much weed as possible.

Alternatively, I could just be posting this to covertly broadcast -- INSERT LOTS OF CAPS AND EXCLAMATION POINTS HERE!!!!!!!!!!!! -- enough semi-suspicious stuff that the government won't suspect that I'm actually perfectly normal, and thus must represent some sort of danger.

Sure, I'm still waving a flag by not owning a cellphone, but I counter that by yelling back at my nonexistent television set, so I'm pretty sure the Department of Dance Monkey Dance isn't onto me yet.

dittybopperApril 9, 2015 1:53 PM

@figureitout - Yes, I'm a ham, and if you haven't guessed by my chosen alias, a former SIGINT professional (a "ditty bopper" is a Morse interceptor).

Given what hams can do now with software defined receivers and software like CW Skimmer, I would not be in the least shocked to discover the NSA has the capability to monitor tens of megahertz at a time with enough fine-grained access in both frequency and time domains to be able to analyze the frequency hopping pattern of pretty much any system you might come up with. And I'd be surprised if the equipment to do so was larger than a suitcase.

Plus, people already figured out how to monitor those eXRS radios:

http://forums.radioreference.com/general-scanning-discussion/155012-receiving-900mhz-trisquare-exrs-fhss-radios-your-scanner.html

FigureitoutApril 9, 2015 8:15 PM

65535 RE: GPS
--Yep, would like to hear an expert's opinion. Some people have made hobbyist ones, haven't delved much in that area personally, just read. But on modern smartphones, it makes the issue so much harder and cloudy (just like asking someone about a SoC they know, don't have enough time or space to tell you what you need to know, and sometimes the data hides in stacks one hasn't popped for awhile and only comes out w/ poking around when one remembers some random issue/quirk).

dittybopper
--No I didn't know about the history of your name, I assumed it was a twist on "teenybopper" which is something quite different lol...

Never played w/ CW Skimmer, looks pretty good, but I messed w/ CwGet and had a bad time testing how terrible it is lol ("eeetttetetettetet" that's about it; the problem gets hard when you consider speed and adding context our brains do automatically). And of course I'm aware of SDR and the security threat (and defense tool) it represents; it is still subject to reality of physics and has very real limits. Yes, you can (and I have) used an $8 device and some sick software to look at signals and you can work out certain ones based on their waveform (and look them up). There's many many freaky ones that stumps basically everyone on /r/rtlsdr, don't even know how that's being received or what it is...I don't believe in the reliability and all the pre-"encrypted" data that won't ever make any sense.

Who ever said FHSS was the only way of encoding data?! Man, there's a "few" more...It needs to do more...way more...

And it's not even fair b/c of the FCC forcing every commercial manufacturer to register *every* product and get privileged access to it. But even still, it's very trivial, messing w/ programming small radios, to tweak the protocol or important areas to cause it to not be received; you can try though lol...

RE: eXRS radios
--Yeah, the guy got the # of frequencies of wrong (probably guessing first) and still doesn't know the remaining what 650? Better get to work lol...That can be changed probably pretty easily eh? You can't be nearly 100% sure like you can w/ packets in a wire today (though if those wires are unshielded...nevermind lol).

JoeApril 10, 2015 12:52 AM

-pleb, please. you didn't even use voice encryption! NSA has voice matching technology.


This is very true! Voice matching technology is how they identified Jihadi John without seeing his face. So this whole privacy exercise is a massive fail without voice encryption.

AlexApril 10, 2015 2:09 PM

@dittybopper: I can confirm that the gov't does indeed use SDR-based spectrum recorders. When you've got a near-unlimited budget, you can afford anything, including the hard drives needed to store that much. I'm not sure how many of them they have, nor which agencies have them, nor how they use them (fixed/mobile/etc), but I have seen reports referencing them.

I still maintain the trick is to keep a low profile and blend in. If using ham frequencies, you could talk about your shack and antennas all day long and no one would think anything of it. Build yourself a code sheet based on ham terms & such and you'd probably be good.

@joe: I'd argue you should be using multiple, sequential layers of encryption/codes whenever possible. You want as many layers of defense between you and your adversary. It also prevents the use of rainbow tables & such. This isn't any different than medieval warfare. Many of the same principles still exist today.

Ultimately...if it can be made by man, it can be destroyed by another man. No way around that. Whether it's the Berlin Wall, DVD CSS, or something else.

WaelApril 11, 2015 2:12 AM

@dittybopper,

You can mail OTP's in tamper-evident packaging.

Although I believe they can tamper with it and reseal it or perform a slight act of interdiction when stuff is sent from the post office, one can put small canaries inside the package for this sort of detection.

Alternatively, you could pass them via a dead-drop, or even pass them in person.

That’ll work in some situations, but not others. I guess there isn't a general solution approach for an OpSec process. It’s gotta be tailored for the situation.

you burn the ribbon and the carbon pape

Out with it @dittybopper! You’ve done this before and got caught so you learned a lesson! Not many people think to this level of details :) I am also inclined to believe that you are as you claim; a former SIGINT professional, so perhaps it’s more likely you caught a person of interest that forgot to burn the residual evidence?

WaelApril 11, 2015 2:18 AM

@Dirk Praet,

unless someone is listening in on both lines and using...

As opposed to listening in on only one line? I am not sure I understand this part.

Clive RobinsonApril 11, 2015 4:09 AM

@ dittybobber, Wael,

you burn the ribbon and the carbon paper

Hmm not sufficient, the hard rubber roller that you strike through on carries a residual image of the last charecters typed. Thus you need to type a couple of pages of meaningless stuff afterwards to prevent/reduce analysis of it's surface.

I've mentioned this before and also about having a glass top to your desk to write on, as residual images happen on all sorts of softer surfaces and can be read off in similar ways to the ESDA test for images that show what's been written on other sheets in a pad etc.

ianfMay 25, 2015 11:45 AM

@Marcos El Malo:

… the purported way Stuxnet jumped an airgap: via USB stick probably bought at a little street stall. (…) agencies responsible saw to it that the markets in the area were stocked with compromised USB sticks. One eventually made it into the centrifuge facility and compromised the internal network.

This is much too ineffective an infection method to have been employed… it'd have required continuously saturating the thumb drive market in several localities in & around Natanz for a long time to be assured of success. An enormous "commercial footprint" easily traceable to some key suppliers. We don't know for sure, but in all probability the Stuxnet code was surreptitiously implanted on some (specifically targeted) plant engineers'/ contractors' thumb drives - while they attended conferences & stayed overnight in hotels etc. If not knowingly carried into the plant by an agent with just-enough security clearance to gain access to one Windows desktop's USB port.

Johnny Come LatelyMay 26, 2015 6:54 PM

Lots of problems with this.

First and foremost: In the mid 2000's they made it so the phone carriers didn't have to pay inter-lata charges if they routed all voice traffic over the internet, so everything is a voip call and all of it is monitored and recorded.

Second: Encryption is questionable at best. Most importantly, if you think anything publicly available without registration with the government is going to protect you, think again.

Third: Tor is compromised, just look at what they were able to do with silk road.

Fourth: Faraday bags aren't even faraday tech and they don't work reliably at close range. Test them yourself if you don't believe me. I have found something that actually does work and is actual working faraday technology. PrivacyCase.com they're asking more than everyone else, but their product actually works. They had it lab tested, we've tested it ourselves and the thing doesn't leak, period. No cellular, no wi-fi, no GPS... Nothing.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.