Entries Tagged "dead drops"

Page 1 of 1

The Evolution of Darknets

This is interesting:

To prevent the problems of customer binding, and losing business when darknet markets go down, merchants have begun to leave the specialized and centralized platforms and instead ventured to use widely accessible technology to build their own communications and operational back-ends.

Instead of using websites on the darknet, merchants are now operating invite-only channels on widely available mobile messaging systems like Telegram. This allows the merchant to control the reach of their communication better and be less vulnerable to system take-downs. To further stabilize the connection between merchant and customer, repeat customers are given unique messaging contacts that are independent of shared channels and thus even less likely to be found and taken down. Channels are often operated by automated bots that allow customers to inquire about offers and initiate the purchase, often even allowing a fully bot-driven experience without human intervention on the merchant’s side.

[…]

The other major change is the use of “dead drops” instead of the postal system which has proven vulnerable to tracking and interception. Now, goods are hidden in publicly accessible places like parks and the location is given to the customer on purchase. The customer then goes to the location and picks up the goods. This means that delivery becomes asynchronous for the merchant, he can hide a lot of product in different locations for future, not yet known, purchases. For the client the time to delivery is significantly shorter than waiting for a letter or parcel shipped by traditional means – he has the product in his hands in a matter of hours instead of days. Furthermore this method does not require for the customer to give any personally identifiable information to the merchant, which in turn doesn’t have to safeguard it anymore. Less data means less risk for everyone.

The use of dead drops also significantly reduces the risk of the merchant to be discovered by tracking within the postal system. He does not have to visit any easily to surveil post office or letter box, instead the whole public space becomes his hiding territory.

Cryptocurrencies are still the main means of payment, but due to the higher customer-binding, and vetting process by the merchant, escrows are seldom employed. Usually only multi-party transactions between customer and merchant are established, and often not even that.

[…]

Other than allowing much more secure and efficient business for both sides of the transaction, this has also lead to changes in the organizational structure of merchants:

Instead of the flat hierarchies witnessed with darknet markets, merchants today employ hierarchical structures again. These consist of procurement layer, sales layer, and distribution layer. The people constituting each layer usually do not know the identity of the higher layers nor are ever in personal contact with them. All interaction is digital—messaging systems and cryptocurrencies again, product moves only through dead drops.

The procurement layer purchases product wholesale and smuggles it into the region. It is then sold for cryptocurrency to select people that operate the sales layer. After that transaction the risks of both procurement and sales layer are isolated.

The sales layer divides the product into smaller units and gives the location of those dead drops to the distribution layer. The distribution layer then divides the product again and places typical sales quantities into new dead drops. The location of these dead drops is communicated to the sales layer which then sells these locations to the customers through messaging systems.

To prevent theft by the distribution layer, the sales layer randomly tests dead drops by tasking different members of the distribution layer with picking up product from a dead drop and hiding it somewhere else, after verification of the contents. Usually each unit of product is tagged with a piece of paper containing a unique secret word which is used to prove to the sales layer that a dead drop was found. Members of the distribution layer have to post security – in the form of cryptocurrency – to the sales layer, and they lose part of that security with every dead drop that fails the testing, and with every dead drop they failed to test. So far, no reports of using violence to ensure performance of members of these structures has become known.

This concept of using messaging, cryptocurrency and dead drops even within the merchant structure allows for the members within each layer being completely isolated from each other, and not knowing anything about higher layers at all. There is no trace to follow if a distribution layer member is captured while servicing a dead drop. He will often not even be distinguishable from a regular customer. This makes these structures extremely secure against infiltration, takeover and capture. They are inherently resilient.

[…]

It is because of the use of dead drops and hierarchical structures that we call this kind of organization a Dropgang.

Posted on January 23, 2019 at 6:20 AMView Comments

Cosa Nostra Dead Drops

Good operational security is hard, and often uses manual technologies:

Investigators described how Messina Denaro, 53, disdains telecommunications and relies on handwritten notes, or “pizzini,'” to relay orders. The notes were wadded tight, covered in tape and hidden under rocks or dug into soil until go-betweens retrieved them. The messages were ordered destroyed after being read.

That’s a classic dead drop.

Posted on August 13, 2015 at 6:33 AMView Comments

Cisco Shipping Equipment to Fake Addresses to Foil NSA Interception

Last May, we learned that the NSA intercepts equipment being shipped around the world and installs eavesdropping implants. There were photos of NSA employees opening up a Cisco box. Cisco’s CEO John Chambers personally complained to President Obama about this practice, which is not exactly a selling point for Cisco equipment abroad. Der Spiegel published the more complete document, along with a broader story, in January of this year:

In one recent case, after several months a beacon implanted through supply-chain interdiction called back to the NSA covert infrastructure. The call back provided us access to further exploit the device and survey the network. Upon initiating the survey, SIGINT analysis from TAO/Requirements & Targeting determined that the implanted device was providing even greater access than we had hoped: We knew the devices were bound for the Syrian Telecommunications Establishment (STE) to be used as part of their internet backbone, but what we did not know was that STE’s GSM (cellular) network was also using this backbone. Since the STE GSM network had never before been exploited, this new access represented a real coup.

Now Cisco is taking matters into its own hands, offering to ship equipment to fake addresses in an effort to avoid NSA interception.

I don’t think we have even begun to understand the long-term damage the NSA has done to the US tech industry.

Slashdot thread.

Posted on March 20, 2015 at 6:56 AMView Comments

Dead Drop from the 1870s

Hats:

De Blowitz was staying at the Kaiserhof. Each day his confederate went there for lunch and dinner. The two never acknowledged one another, but they hung their hats on neighboring pegs. At the end of the meal the confederate departed with de Blowitz’s hat, and de Blowitz innocently took the confederate’s. The communications were hidden in the hat’s lining.

Posted on March 11, 2013 at 12:58 PMView Comments

E-Mail Security in the Wake of Petraeus

I’ve been reading lots of articles discussing how little e-mail and Internet privacy we actually have in the U.S. This is a good one to start with:

The FBI obliged—apparently obtaining subpoenas for Internet Protocol logs, which allowed them to connect the sender’s anonymous Google Mail account to others accessed from the same computers, accounts that belonged to Petraeus biographer Paula Broadwell. The bureau could then subpoena guest records from hotels, tracking the WiFi networks, and confirm that they matched Broadwell’s travel history. None of this would have required judicial approval—let alone a Fourth Amendment search warrant based on probable cause.

While we don’t know the investigators’ other methods, the FBI has an impressive arsenal of tools to track Broadwell’s digital footprints—all without a warrant. On a mere showing of “relevance,” they can obtain a court order for cell phone location records, providing a detailed history of her movements, as well as all people she called. Little wonder that law enforcement requests to cell providers have exploded—with a staggering 1.3 million demands for user data just last year, according to major carriers.

An order under this same weak standard could reveal all her e-mail correspondents and Web surfing activity. With the rapid decline of data storage costs, an ever larger treasure trove is routinely retained for ever longer time periods by phone and Internet companies.

Had the FBI chosen to pursue this investigation as a counterintelligence inquiry rather than a cyberstalking case, much of that data could have been obtained without even a subpoena. National Security Letters, secret tools for obtaining sensitive financial and telecommunications records, require only the say-so of an FBI field office chief.

And:

While the details of this investigation that have leaked thus far provide us all a fascinating glimpse into the usually sensitive methods used by FBI agents, this should also serve as a warning, by demonstrating the extent to which the government can pierce the veil of communications anonymity without ever having to obtain a search warrant or other court order from a neutral judge.

The guest lists from hotels, IP login records, as well as the creative request to email providers for “information about other accounts that have logged in from this IP address” are all forms of data that the government can obtain with a subpoena. There is no independent review, no check against abuse, and further, the target of the subpoena will often never learn that the government obtained data (unless charges are filed, or, as in this particular case, government officials eagerly leak details of the investigation to the press). Unfortunately, our existing surveillance laws really only protect the “what” being communicated; the government’s powers to determine “who” communicated remain largely unchecked.

This is good, too.

The EFF tries to explain the relevant laws. Summary: they’re confusing, and they don’t protect us very much.

My favorite quote is from the New York Times:

Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington, said the chain of unexpected disclosures was not unusual in computer-centric cases.

“It’s a particular problem with cyberinvestigations ­—they rapidly become open-ended because there’s such a huge quantity of information available and it’s so easily searchable,” he said, adding, “If the C.I.A. director can get caught, it’s pretty much open season on everyone else.”

And a day later:

“If the director of central intelligence isn’t able to successfully keep his emails private, what chance do I have?” said Kurt Opsahl, a senior staff attorney at the Electronic Frontier Foundation, a digital-liberties advocacy group.

In more words:

But there’s another, more important lesson to be gleaned from this tale of a biographer run amok. Broadwell’s debacle confirms something that some privacy experts have been warning about for years: Government surveillance of ordinary citizens is now cheaper and easier than ever before. Without needing to go before a judge, the government can gather vast amounts of information about us with minimal expenditure of manpower. We used to be able to count on a certain amount of privacy protection simply because invading our privacy was hard work. That is no longer the case. Our always-on, Internet-connected, cellphone-enabled lives are an open door to Big Brother.

Remember that this problem is bigger than Petraeus. The FBI goes after electronic records all the time:

In Google’s semi-annual transparency report released Tuesday, the company stated that it received 20,938 requests from governments around the world for its users’ private data in the first six months of 2012. Nearly 8,000 of those requests came from the U.S. government, and 7,172 of them were fulfilled to some degree, an increase of 26% from the prior six months, according to Google’s stats.

So what’s the answer? Would they have been safe if they’d used Tor or a regular old VPN? Silent Circle? Something else? This article attempts to give advice; this is the article’s most important caveat:

DON’T MESS UP It is hard to pull off one of these steps, let alone all of them all the time. It takes just one mistake ­—forgetting to use Tor, leaving your encryption keys where someone can find them, connecting to an airport Wi-Fi just once ­—to ruin you.

“Robust tools for privacy and anonymity exist, but they are not integrated in a way that makes them easy to use,” Mr. Blaze warned. “We’ve all made the mistake of accidentally hitting ‘Reply All.’ Well, if you’re trying to hide your e-mails or account or I.P. address, there are a thousand other mistakes you can make.”

In the end, Mr. Kaminsky noted, if the F.B.I. is after your e-mails, it will find a way to read them. In that case, any attempt to stand in its way may just lull you into a false sense of security.

Some people think that if something is difficult to do, “it has security benefits, but that’s all fake—everything is logged,” said Mr. Kaminsky. “The reality is if you don’t want something to show up on the front page of The New York Times, then don’t say it.”

The real answer is to rein in the FBI, of course:

If we don’t take steps to rein in the burgeoning surveillance state now, there’s no guarantee we’ll even be aware of the ways in which control is exercised through this information architecture. We will all remain exposed but the extent of our exposure, and the potential damage done to democracy, is likely to remain invisible.

More here:

“Hopefully this [case] will be a wake-up call for Congress that the Stored Communications Act is old and busted,” Mr Fakhoury says.

I don’t see any chance of that happening anytime soon.

EDITED TO ADD (12/12): E-mail security might not have mattered.

Posted on November 19, 2012 at 12:40 PMView Comments

Webmail as Dead Drop

I noticed this amongst the details of the Petraeus scandal:

Petraeus and Broadwell apparently used a trick, known to terrorists and teenagers alike, to conceal their email traffic, one of the law enforcement officials said.

Rather than transmitting emails to the other’s inbox, they composed at least some messages and instead of transmitting them, left them in a draft folder or in an electronic “dropbox,” the official said. Then the other person could log onto the same account and read the draft emails there. This avoids creating an email trail that is easier to trace.

I remember that the 9/11 terrorists did this.

Posted on November 14, 2012 at 12:28 PMView Comments

Wireless Dead Drop

Dead drops have gone high tech:

Russia’s Federal Security Service (FSB) has opened an investigation into a spying device discovered in Moscow, the service said Monday.

The FSB said it had confiscated a fake rock containing electronic equipment used for espionage on January 23, and had uncovered a ring of four British spies who worked under diplomatic cover, funding human rights organizations operating in Russia.

BBC had this to say:

The old idea of the dead-drop (‘letterboxes’ the British tend to call them) – by the oak tree next to the lamppost in such-and-such a park etc – has given way to hand-held computers and short-range transmitters.

Just transmit your info at the rock and your ‘friends’ will download it next day. No need for codes and wireless sets at midnight anymore.

Transferring information to and from spies has always been risky. It’s interesting to see modern technology help with this problem.

Phil Karn wrote to me in e-mail:

My first reaction: what a clever idea! It’s about time spycraft went hi-tech. I’d like to know if special hardware was used, or if it was good old 802.11. Special forms of spread-spectrum modulation and oddball frequencies could make the RF hard to detect, but then your spies run the risk of being caught with highly specialized hardware. 802.11 is almost universal, so it’s inherently less suspicious. Randomize your MAC address, change the SSID frequently and encrypt at multiple layers. Store sensitive files encrypted, without headers, in the free area of a laptop’s hard drive so they’re not likely to be found in forensic analysis. Keep all keys physically separate from encrypted data.

Even better, hide your wireless dead drop in plain sight by making it an open, public access point with an Internet connection so the sight of random people loitering with open laptops won’t be at all unusual.

To keep the counterespionage people from wiretapping the hotspot’s ISP and performing traffic analysis, hang a PC off the access point and use it as a local drop box so the communications in question never go to the ISP.

I am reminded of a dead drop technique used by, I think, the 9/11 terrorists. They used Hotmail (or some other anonymous e-mail service) accounts, but instead of e-mailing messages to each other, one would save a message as “draft” and the recipient would retrieve it from the same account later. I thought that was pretty clever, actually.

Posted on January 31, 2006 at 7:17 AMView Comments

Sidebar photo of Bruce Schneier by Joe MacInnis.