Intimate Partner Threat

Princeton’s Karen Levy has a good article computer security and the intimate partner threat:

When you learn that your privacy has been compromised, the common advice is to prevent additional access—delete your insecure account, open a new one, change your password. This advice is such standard protocol for personal security that it’s almost a no-brainer. But in abusive romantic relationships, disconnection can be extremely fraught. For one, it can put the victim at risk of physical harm: If abusers expect digital access and that access is suddenly closed off, it can lead them to become more violent or intrusive in other ways. It may seem cathartic to delete abusive material, like alarming text messages—but if you don’t preserve that kind of evidence, it can make prosecution more difficult. And closing some kinds of accounts, like social networks, to hide from a determined abuser can cut off social support that survivors desperately need. In some cases, maintaining a digital connection to the abuser may even be legally required (for instance, if the abuser and survivor share joint custody of children).

Threats from intimate partners also change the nature of what it means to be authenticated online. In most contexts, access credentials—like passwords and security questions—are intended to insulate your accounts against access from an adversary. But those mechanisms are often completely ineffective for security in intimate contexts: The abuser can compel disclosure of your password through threats of violence and has access to your devices because you’re in the same physical space. In many cases, the abuser might even own your phone—or might have access to your communications data because you share a family plan. Things like security questions are unlikely to be effective tools for protecting your security, because the abuser knows or can guess at intimate details about your life—where you were born, what your first job was, the name of your pet.

Tags: authentication, computer security, insiders, security questions, social media, threat models

Posted on March 5, 2018 at 11:13 AM • 37 Comments

Comments

Bob • March 5, 2018 11:56 AM

Is it just me that is thinking about how intimate a partner can government agencies be? Or is it one of those “see what you did there” moments hehe

Matt from CT • March 5, 2018 12:51 PM

But those mechanisms are often completely ineffective for
security in intimate contexts:

Remember that for everyone worried about digital voting machines being hacked, who also want to encourage increased vote-by-mail.

There is a reason you need a voting booth for secret ballots to actually be secret.

Jason McNeill • March 5, 2018 12:52 PM

I think in this case, security by obscurity may add some value. For example, if you are developing an app that helps potential victims to avoid unwanted scrutiny by an abuser, you can let an old password be used to show only such activity that the victim wants to reveal. By contrast, the new password would only be known to the victim, and by the victim using the new password in the app, the app would reveal the most up-to-date activity — stuff that use of the old password would not reveal.

John Smith • March 5, 2018 1:10 PM

Levy has many good points in her article.

The very first thing I did years ago when I was in a situation was to get a new email address; this was necessary, because my primary email address was with my ex’s company.

You’ll have to select security questions from a time in your life that the other person isn’t that familiar with, such as memories from your childhood. Enable two-factor authorization wherever you can, and get a pre-paid cell phone with a new number. This will give you some additional control over those accounts.

My ex used to have one way to contact me — my cell phone number — till she started stalking me. I then blocked her numbers. Fortunately she isn’t smart enough to realize that if she uses a different phone, her call won’t be blocked.

Jason McNeill • March 5, 2018 1:38 PM

@John Smith:

Re:

“You’ll have to select security questions from a time in your life that the other person isn’t that familiar with…”

If you are required to use security questions, it’s better to avoid correspondence to your actual real life in the first place. Information about your life or your past can be obtained through social engineering. Any current or former intimate partner would be especially able to have a seemingly innocent conversation with people who know about your life.

If the application lets you create both the question and the answer, then do this:
instead of creating a question like “What was the color of my favorite blanket when I was 6 years old,” simply ask a question that is nonsensical, and answer it with a nonsensical answer, and keep track of both pieces of information for future use.

If the application lets you answer predetermined questions, then provide unpredictable and nonsensical answers. For example, if the application asks you the name of the second pet you ever owned, your answer could be a completely random and unpredictable phrase, instead of a pet name. You would somehow have to keep track of this information in case you ever needed to answer the security questions.

D-503 • March 5, 2018 2:14 PM

“Things like security questions are unlikely to be effective tools for protecting your security, because the abuser knows or can guess at intimate details about your life — where you were born, what your first job was, the name of your pet.”
It’s worth pointing out that all three of those items are a 30 second google search away for me and probably 90% of individuals in the western world. Even if you have no ‘social media’ presence, the odds are that one or more family members do. Also, birthplace and first job are in the public record for most people whether they like it or not.
I’ve seen a lot of ‘security’ questions from banks, health insurers, etc., and they all tend to fall into two categories:
1) Instantly searchable on the internet, unless you have a super common name such as “John Smith”
2) Obscure and arbitrary, such that it’s easy for a computer or hacker to guess, but impossible for a human to remember.
IMHO, anyone suggesting the use of security questions should be taken out and shot. (Just kidding – but seriously, at best, all security questions do is coerce users to create a second, parallel, weaker password. More realistically, security questions are an open door for identity fraudsters.)

echo • March 5, 2018 2:16 PM

I always treat personal security questions as a password field and fill them accordingly. Where this is not possible I use false data.

I never delete abusive material and sometimes where data will disappear from the medium will save and archive data seperately.

I can and have used covert recording within potentially discriminating/abusive meetings with job titles who have a “duty of care”. I do not share this data and reserve it as evidence if necessary for proper consideration by the courts.

This topic frames abusive relationships in a technology context and ignores the social and economic angles. In the UK police all too often “no crime” this kind of incident (which means in some cases you don’t even receive a crime reference number and the complaint disappears down a black hole). Refuges are also woefully underfunded to the point where they are turning victims away.

DaB • March 5, 2018 2:43 PM

There are many potential data security intersections arising in close relationships: shared accounts or billing names which later provide access to private info to a stalker, contacts info for friends of victim, known places of accounts/employment/business relations, vehicle ID info, evil maid type searches while victim is away, use of hidden IoT to monitor, etc. All provide entry points or opportunities for social engineering, electronic/digital hacking, data collection & monitoring. These combine to create extreme vulnerability which is difficult to remedy or protect oneself from. For the victim it’s difficult to start piecemeal down the road of protection w/revealing to the attacker protective measures are being done – & potentially risking escalation of perp’s attacks. It easily can be an all or nothing g situation that takes a lot of secret prep to successfully pull off. Bottom line is changing accessibility of prep to victim’s cell phone, pad & computer is only a small part of what needs to be done & may quickly alert the perp such actions are being taken.

Jason McNeill • March 5, 2018 3:14 PM

@DaB:

Re:

“Bottom line is changing accessibility of prep to victim’s cell phone, pad & computer is only a small part of what needs to be done & may quickly alert the perp such actions are being taken.”

When the very act of increasing security on an existing asset is itself a security threat, a general principle is to obtain new assets and protect the new assets with increased security. In other words, use predictability to your advantage when it comes to the existing assets, and use unpredictability to your advantage when it comes to the new assets.

If you have a cell phone, but your safety would be imperiled by changing the phone number or blocking a caller, then purchase an additional cell phone with a means of payment that cannot be tracked, and keep both phone lines active until you are safe enough to exert control over the first phone line.

The same principle applies elsewhere. In situations involving intimate partner abuse, the victim create the impression in the abuser’s mind that nothing has changed, that it’s business as usual.

Newness and change must be obscured and kept secret in abusive situations.

Namnlös i Amerika • March 5, 2018 4:38 PM

If abusers expect digital access and that access is suddenly closed off, it can lead them to become more violent or intrusive in other ways.

That describes my father to a tee, long after I reached adulthood, had me committed to a mental hospital and drugged “legally” and illegally among other abuses. I was finally given the strength from God to rise up and leave that sexually abusive situation late February, 2016.

Abusers often expect total privacy and freedom online when they surf adult-oriented websites, but they are not willing to afford any privacy online whatsoever to those they abuse at home.

All too often they have the law on their side, and they carry guns while their victims are deprived of the right to bear arms by family allegations of mental illness.

If you have a cell phone, but your safety would be imperiled by changing the phone number or blocking a caller, then purchase an additional cell phone with a means of payment that cannot be tracked, and keep both phone lines active until you are safe enough to exert control over the first phone line.

Those means of payment, “anonymous” pre-paid crebit cards and so forth, are all too often used by the perpetrators of abuse, and abusers often have the ability to track these purchases even when law enforcement authorities cannot. Furthermore, abusers track their victims down by location on their cell phones, and when the victims call emergency dispatch, then the abusers disappear or suddenly change their behavior to appear very calm and gentleman-like when the police arrive to comfort a “distraught” individual, often a woman. The victims become known as “frequent 911 callers,” and the dispatch center places their calls on a very low priority, leaving them further at the mercy of the abusers.

Jimmy • March 5, 2018 6:08 PM

So sad that @Bruce is carrying this pail of sewer water. There are things with are important, things that are trivial, and things which are..or should be…nonstarters. The intersection of partner abuse and technology is entirely a nonstarter. The topic is a media invention designed to generate clicks and create anxiety in order to better control the sheep.

Let me be blunt. There is no such thing as a “good article” on this topic because the topic is a bad idea and people should, if that had any shame, be embarrassed to be associated with it.

Hmm • March 5, 2018 6:44 PM

@ Jimmy

“The intersection of partner abuse and technology is entirely a nonstarter”

Let me be blunt – you’re not going to convince others what they can/can’t think about.

So go start your own blog. Call it “Jimmy’s important stuff”

comment blocked • March 5, 2018 7:05 PM

@D-503

“Also, birthplace and first job are in the public record for most people whether they like it or not.”

What public record contains people’s jobs, first or otherwise?

I’ve had many W-2 (hourly or salaried) jobs in the U.S., and I know of no
publically available source listing them. Tax information is supposed to
be confidential — consider a certain president’s tax returns. (Information
borkers do not count — while they are hardly confidential repositories,
neither are they public records.

@moderator

Blocking of comments with “anonymous” in the name field seems overly broad;
apparently any name containing the substring “anon” gets blocked.

dulaku • March 5, 2018 8:32 PM

@ Jimmy

Care to make an argument instead of a claim? I see a lot of value in being reminded of situations in which standard security assumptions fail – indeed, that pretty much describes every vulnerability that exists in systems that even considered security in their designs. What’s your counterpoint to that?

Hmm • March 5, 2018 10:45 PM

“What public record contains people’s jobs, first or otherwise?”

It’s not so much “listing” that info in public as it is offering that information through credentialed (usually) buyers for various sales/credit/advertising purposes, and it’s supposedly anonymized matrix’ed data for various definitions of anonymous, but researchers keep defeating those anonmizing features with a lot of success..

https://qz.com/213900/the-nine-companies-that-know-more-about-you-than-google-or-facebook/
Older article, 2014, but you get the point. They know quite a little bit.
I’m guessing the problem got worse and not better in the interval.

Spooky • March 5, 2018 11:54 PM

Trust sucks. If only Qubes could isolate me from other people… Oh, wait. 🙂

Reminds me of the old adage, “Be professional, be polite and have a plan to kill everyone you meet…”

Cheers,
Spooky

Bobby • March 6, 2018 12:40 AM

“And closing some kinds of accounts, like social networks, to hide from a determined abuser can cut off social support that survivors desperately need. In some cases, maintaining a digital connection to the abuser may even be legally required (for instance, if the abuser and survivor share joint custody of children). ”

Seems now every “victim” is called “survivor”. So there are plenty of “survivors” of online fraud nowadays..

🙂

Denton Scratch • March 6, 2018 2:52 AM

“In some cases, maintaining a digital connection to the abuser may even be legally required (for instance, if the abuser and survivor share joint custody of children).”

Under what circumstances would that happen? What is meant by ‘digital connection’ here? Does this mean that the law might compel someone to maintain an unwanted Faceache account?

Like, if we have joint custody, then presumably she has my address and phone number; she can call or write, no?

Also: this idea of sharing joint custody with an abusive partner seems troubling in itself.

Peter A. • March 6, 2018 2:59 AM

Security questions are just alternate passwords and shall be treated equally – be long enough, random and kept in a password manager.

echo • March 6, 2018 6:35 AM

@jimmy

Bruce is doing a considerable and valuable public service by promoting this topic. The paper is a little akward but it does add weight to relationship abuse issues in the public policy area.

@bobby

“Victim” is a loaded word which can frame people. I also believe a one off minor fraud and relationship abuse are different things. It’s important to differentiate and not belittle people moving on from unfortunate and sometimes deeply damaging situations. I’m saying this is what you meant but tact can sometimes be lost in writing.

Moderator • March 6, 2018 8:27 AM

@Anon Y. Mouse: Please feel free to use Anon Y. Mouse. If the name continues to be blocked, please let me know, and if anyone else uses it, speak up so we can get them to choose another one. The “anon” block is broad and annoying but will continue. It cuts down on the incidence of “Anonymous” and minor variants, and forces a little more creativity in the choice of usernames.

S_J • March 6, 2018 9:20 AM

While this is interesting, it is not really “news”.

And while there is an electronic security/privacy component, this applies to any form of communication, as long as the intimate partner has access to the place-of-residence.

It applied to a former co-worker of mine, whose ex-spouse was not physically abusive during the marriage. But said ex-spouse did abuse the trust of the marriage relationship to open lines of credit in the name of the former co-worker. The ex-spouse used access to the mail delivered to the house to hide these lines of credit. (It would not surprise me to learn that the ex-spouse also created email accounts which appeared to be tied to the former co-worker, and used those to aid-and-abet this behavior.)

This abuse of trust led to financial trouble for the former co-worker, as well as to the dissolution of the marriage.

de la Boetie • March 6, 2018 11:10 AM

Seems to me this is a symptom of a general problem: constructs which work for computers work badly for complex people. This ranges from authentication/password sharing to what a “friend” means.

My feeling about the paper was that it was too focussed on possible technical controls and cooperation from the social media companies (who are part of the problem), and too little about opsec and avoiding over-dependence on tech. Even 2FA isn’t reliable in these circumstances since there have been cases where sleeping fingers have unlocked phones, and you can temporarily use keys without the victim knowing about it, as well as, very likely, being able to trick account recovery mechanisms.

From the harrowing stories I’ve read, you have to be able, in the midst of the maelstrom, to have a clear head in order to construct a different persona which you can migrate over to, particularly in relation to keeping evidence and contemporaneous notes. Most of all, getting a reliable support/advice structure as you exit. Getting backups and having those off-site is a good start, including financial and password records.

Providing real-world answers to security questions is not a good move at any time. For a long while, I’ve been providing unique random strings where they insist on this kind of nonsense.

echo • March 6, 2018 3:24 PM

Retina-X Studios who sold spyware have closed their services. Use of their products by abusers and within other contexts the issue of forced consent is an issue. Outside of a court order I’m unsure what positive benefits this kind of spyware provides.

https://motherboard.vice.com/en_us/article/neqgn8/retina-x-spyware-shuts-down-apps

‘Stalkerware’ Seller Shuts Down Apps ‘Indefinitely’ After Getting Hacked Again
A company that sells spyware or “stalkerware” for everyday users has ceased operations of its handful of apps that monitor computers and cellphones.

Jimmy • March 6, 2018 4:48 PM

@dulaku, @hmmm, @echo

Of course I’m not going to get people to stop thinking and talking about the intersection of technology and partner abuse any more than I am going to get people to stop thinking and talking about the intersection of midget porn and transubstantiation, the intersection of dog barking and car wheels, or the intersection of Taylor Swift and teenage female angst. But they all fit into the same category: trivial concerns. We all should resist the effort to turn every aspect of the human condition into a computer security issue. Not only is it fundamentally dehumanizing, it is more importantly a distraction from where real threats exist. I get that content is king and @Bruce needs something to fill up his blog. Fair enough. But I’ll call a spade a spade.

comment blocked • March 6, 2018 5:31 PM

@moderator

Anon Y. Mouse is still blocked.

If your filter is overly broad, anything with Lebanon or
the many word forms of “canon” would be excluded. Surely
we’ve learned our lessons from Scunthorpe and Sussex?

echo • March 6, 2018 5:59 PM

@jimmy

Both ‘Jason McNeil’ and ‘de la Boetie’ made useful comments with respect to the practical and social support issues of disentagling from a technology trap and situation.

By chance today I read an article on gendered narratives. The article centres around “snap judgment and the taxonomic impulse”. Its focus is more on the narrative and human experience than this topics quoted academic paper and general discussion but does highlight a point which I believe can be lost in the technical-social crossover. I have had reason to consider this psychological process before. There is an article published a few years ago on Luminous Landscape by Alain Brion (?) discussing how we process pictures in a cognitive to emotional direction but this is also a gendered point of view in the sense of composition versus autobiographical memory.

https://www.theguardian.com/news/2018/mar/06/the-male-glance-how-we-fail-to-take-womens-stories-seriously

My view is this academic paper is viewing the issue from the human perspective and reaching out to a technical audience so they can grasp how the particular issue of abuse manifests itself. This is an altogether different magnitude of outcome to psycho-social developmental issues.

Clive Robinson • March 6, 2018 6:05 PM

@ moderator, Anon Y. Mouse,

I don’t know if you know but “anon” is actually a word. That kind of means “soon or shortly” and is most frequently heard in the departing as “See you anon”.

@ comment blocked, echo,

It appears that “canon” would get through OK. But it’s funny you should mention Scunthorp…

Not just the subject of synchronicity in comments has been raised earlier today, but I mentioned to @tyr just a few days ago here the supposed story behind the “Scunthorp problem” as if to prove the point.

But it would also appear that mentioning such things as the Scunthorp Problem is like mentioning the devil 😉 as the old curse or saying goes,

“Speak of the devil and he doth appear”

Which gets shortened these days to just “Speak of the devil” when the subject of a bit of gossip turns up to the water cooler at the same time.

Well it appears that it happens with technology gremlins as well, which we are,finding out, I guess is “why we live in interesting times” 0:)

Security Sam • March 6, 2018 10:56 PM

Like issues of safety and security
Dealing with security and intimacy
Requires rigid rules for chastity
Similar to firewalls for privacy.

Alan Bostick • March 8, 2018 2:13 PM

I don’t feel at risk from my partner, because my partner doesn’t know that my mother’s maiden name was X2W0FsSc, that I was born in the town of P8lknVoi, or that my first pet was named oBN7wayL.

Hmm • March 8, 2018 3:32 PM

Were firewalls as well thought out as waterfalls,
rather pratfalls rolling o’er covered pitfalls,
it might become behooved to “they!” who penses,
we can no longer trust our pfsenses.

vas pup • March 9, 2018 9:05 AM

@D-503:”all security questions do is coerce users to create a second, parallel, weaker password. More realistically, security questions are an open door for identity fraudsters.” Agree 100%.

@all:
Certain smiles aren’t all they’re cracked up to be
https://www.sciencedaily.com/releases/2018/03/180301094847.htm

“The findings provide further evidence for the view that smiles do not necessarily constitute positive nonverbal feedback, and that they may impact social interactions by affecting the physiological reaction of people who perceive them.”

Very useful to remember when communicating with those specified above by D-503 and LEAs as well.

echo • March 9, 2018 12:38 PM

@vas pup

Thanks for this study. This will be a useful addition to my datebase.

I note the gender bias of the study. I personally find smiles and tone matter. If they are not in alignment with the substance friction can develop very fast.

While picking up new ladies glasses from a branded optician the female member of staff I am happy with and who is aware of personal medical issues wasn’t on duty. By chance I was dealing with the manager. The short story is in spite of his assurances (and continuing assurances they had no policy one way or the other wich would impinge on the quality of service I recieved) I did note behind his professional smile some descrepences. One male member of staff was hovering and I insisted on privacy. The manager tried to wave this away but I have experienced this kind of space domination before and said I could insist on it. I am also not wholly persuaded he was committed to following through on my complaint I didn’t like receiving a branded glasses case.

My next appointment was with a state official. She was as genuine as it gets and has a track record of being very helpful. I wasn’t sure I would be meeting her that day and had a new location to deal with plus an unexpected conference was being held at the same time. We actually moved from her workstation to a closed office because they noise was too much. I’m sure it would shock the accountants but half out talk was about nail varnish and eyeliner and what the boundaries of work appropriate clothing were. I am looking forward to our next scheduled meeting because I left feeling happier and more enabled.

No • March 11, 2018 7:57 PM

“Things like security questions are unlikely to be effective tools for protecting your security,”

No, the name of teachers and pets security questions were never likely to be effective
for protecting your security.

Next up, can we have an academic paper with the shocking conclusion that clicking on a dialog box that says you are 18 years or older is not an effective tool? Progress is fun.

Jon (fD) • March 12, 2018 2:33 AM

In short, Mr. Jimmy is wrong. He said, and I quote:

“The intersection of partner abuse and technology is entirely a nonstarter.”

Actually, it is very much a starter. Given a Venn diagram of people who have and enjoy technology and people who are being abused there will be a great deal of intersection.

Sorry about feeding the troll.

Clive Robinson • March 12, 2018 1:05 PM

@ No,

Next up, can we have an academic paper with the shocking conclusion that clicking on a dialog box that says you are 18 years or older is not an effective tool?

As the old saying has it,

On the Internet nobody knows you’re a dog

Which means age or any other thing about you is “unknown” which has caused all sorts of problems that “cut both ways” with mainly agnostic to use technology.

For instance “on line exams” that are not in test centers were –supposadly– plagued with students cheating. So the educational establishments made it a requirement that a students PC got loaded with malware that accesses the camera and microphone…

And guess what some students still know how to cheat it, but others have discovered that the same malware can access the camera and mic at any time. Thus studying in your dorm room can have down sides at “bed, bath and beyond” times…

The battle to work out what or who is on the end of a digital line is difficult to impossible with even a semi-intelligent user who can cheat most things digital. Thus you go after the HCI to hear and see for what you hope is usable “HumInt”…

It’s the same problem as getting attribution for APT type attacks.

Funny how the ICT “industry” was way way ahead of the SigInT / intelligence “community” on this…

And the US politicos in their “inverse wisdom” decided to burn both the Dutch and Israeli SigInt agencies “methods and sources” in the “digital gathering of HumInt” with the Kaspersky and Putin follower Russian investigations…

So now even realy quite uninteligent or unwary people know they have to step out a little more and go find solutions such as “black plastic electrical tape” to go across the camera lens and a pair of cutters to cut the microphone leads… Or if a little smarter tricks with terminal servers or layer zero and below network tricks.

So “God Bless America” and it’s gum flapping politicians for making the world a little less safe…

D-503 • March 14, 2018 7:32 PM

@comment blocked
My apologies for my sloppy wording. I didn’t mean “available from a government source”. I meant “publicly available from the web to anyone – that is, without a paywall or any other kind of wall”.
After reading your comment I did a DuckDuckGo search on myself, somethng I usually don’t do. The results were interesting, if disturbing:
I’m still listed as being a former employee at my first employer, a job I left 30 years ago, before Tim Berners-Lee set up his very first web server. Impressive, but creepy, especially since the first such hit was a third party website that does automated scraping of the rest of the web for personal information. There are many such websites these days.
All my subsequent employers – and there have been a few – list me directly on their own websites.
I understand this isn’t going to be the situation for everyone, especially young people. Many smaller businesses these days use Facebook as their sole web server – disturbing in itself, but very little personal data would be public in that case (Facebook, on the other hand, might know all). Even for outfits that have their own website, websites have a short half-life due to updates, hostile takeovers, and servers going up in flames (metaphorically speaking). On the other hand, there is a very long tail of web pages that never seem to get updated or taken down. Also, many people who have done a job search have posted their resume or CV online at some point (I haven’t, but maybe a third or half of people I know have done so).
One correction to my original comment: it was a 5 minute search, not a 30 second search. The reason being that an international star in the entertainment industry has the same name as I do, so there was a lot of chaff to wade through.

Intimate Partner Threat

Comments

Leave a comment Cancel reply