Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Deep Throat: The Outer Edges

leave a comment »

Jz etgstrj Wtmfvl! X lsg pmj lsgzlv fs!

SOURCES

The FBI surveillance of 2 months of the AP’s phone traffic reminded me much of the heady days when Nixon and Hoover cornered the market on domestic spying. Now this is not to say that I think the current White House administration is in fact as demented about surveillance as Hoover or Nixon but I do think that it has been feeling more insecure about it’s ability to govern the way it wants to because of leaking. Take from that statement what you may but let me further say that once you have the ability to do something you tend to rationalize about doing it if that thing is perceived at all to be wrong. In the case of grabbing two whole months of ALL of the traffic for AP to “investigate” leaks I think the FBI/DOJ/WH et al rationalized quite a bit to just go ahead and do it and the consequences as well as the law be damned.

In a world where Wikileaks has opened up the floodgates to all kinds of materials being leaked whether or not they are relevant to any wrongdoing, I am sure the governments of the world have shifted back to the cold war mentalities of protecting everything they can with classifications and more secrecy. The current environment has the government scared, the advocates rallying, and the leakers becoming more plentiful and the motives for leaking myriad. In many cases though the leak is more motivated by personal gains in esteem by others (perceived) and perhaps even financial at times for those who are getting paid for information. Once in a while though, you get the leak that would seem to be the right thing to do. This is the case where someone leaks the misdeeds of the government or a corporation for the good of the many. Unfortunately though, in the cases of the leaks of late, it has been more a prestige motive or a political motive than outrage at some wrong doing.

Either way however, the leaking seems to have prompted a response on the part of the government that would have been a justified “leak” had someone given it to the media. The wholesale surveillance and fishing expedition on reporters, news services, and in the end, leakers who may or may not have relationships with those reporters. Sources have always been a core to the news business and the constitutional protections on freedom of the press have been an integral part to our democracy. This move by the Obama administration and the DOJ/FBI not only seems to be quite the overreach but also a not so subtle warning to both leakers and the press that they are playing hard ball. It seems that journalism has become just another casualty of the surveillance culture that the government now has it’s finger on and control over.

It is thusly that I bring this topic to the blog in hopes to enlighten the reporters as well as the leakers out there on some OPSEC and Tradecraft that could make their leaking more secure even if the government decides that they should cull all of the media’s access for months if not years. All “sources” out there are now subject to having their anonymity blown by such action as the surveillance of the AP phone logs whether or not they are in fact leaking information that they shouldn’t be according to their employers or governments. If I were a source I would now certainly think twice about giving any information to anyone unless I had taken great pains to insure the transactions are secure if not in person and unseen like in the clip at the top of the page from “All The Presidents Men” Such interactions though all require a certain care that must be learned as they may not come as second nature to many unless you are just a paranoid to begin with. However, there are many technical countermeasures and tricks that one can learn if you look in the right places for the information.

SURVEILLANCE

Surveillance is as old as the hills but now it is augmented by so much digital methodology that it seems rather quaint at times to consider that someone may in fact be following you. Today one can carry out an effective surveillance on an unknowing target by merely booting up a program and connecting to a system that shows you the GPS coordinates of where you are. This is of course so readily available now because we all have taken to having our own personal GPS unit on us at all times in the form of a cell phone. Since we have made it so easy not only with GPS but also tweeting, Facebooking, Tumblr-ing, and generally streaming every second of our lives online (exceedingly poor opsec kids) it is surprising to me at least that we don’t see many more cases in the courts where freely given personal details online were the source of the probable cause to arrest someone if not the actual proof in a case of committing a crime. Basically  we have given up much of our privacy already to little brother and sooner or later BIG BROTHER will re-legislate to allow themselves more access to the same streams. When this happens we need to all worry, but for now they will be happy to just secretly wiretap or to secretly subpoena your records and use them that way.

Still though, there are times when surveillance still means a guy with a camera or a team of people following you around. For those times I suggest that you start to learn countermeasures for surveillance. The book linked is a good start to understand not only surveillance techniques but also the direct actions you can take to defeat it. Of course once again I have to remind you that you need to have good OPSEC (Operational Security) and Tradecraft in the first place (like presence of mind to not have your phone with you and on for a GPS location lock) to also obfuscate your position and prevent being watched. Remember, if you don’t want to be compromised you have to be mindful of the threatscape. This of course also goes for the digital landscape as well, you have to know how to prevent data leakage in order to keep things secret.

TRADECRAFT

So you want to keep things a secret? Well then you have to learn how to take due care in everything you do. If you are looking to compartmentalize your life it can be done but you have to be mindful all the time of making slips that could unravel all your best laid plans. You need to study “Tradecraft” which is an espionage term and is not something that is just picked up, you have to practice it in order for it to work. If you want to leak information or you want to keep a a portion of your life secret then you need to learn from the links below to secure yourself. Online this means doing such simple things as using encryption on emails that you do not want Google or the DOJ to read or by using an encryption product on your phone or your chat sessions. What it comes down to is your security is what you make of it. If you do not do the work then you aren’t secure. Remember that all of your lives now are broadcast through internet, phones, cameras and the like and none of those things do you actually own, you pay for a service and the data you send is not really yours once you hit send in many cases.

What was once thought to be true, primarily that you have privacy in your effects and papers is no longer really the case where digital media is concerned. The courts have taken different approaches and interpretations on “papers and effects” where computers and the internet are concerned. One apt analogy is the old garbage on the sidewalk scenario. Once you put your garbage on the sidewalk for pickup it is no longer considered private. You are basically putting it out there for anyone to grab including the government or LEA’s. The same idea is being floated in the terms and agreements with digital media. If you send an email to someone is it really private? Does the carrier (Google say) have any mandate to consider your data private when it sits on their servers that they “rent” you? It’s their asset right? Unless you take pains to protect that email with encryption then you are just as much putting it on the sidewalk as the garbage according to some interpretations.

Overall, you need not be a leaker to take up these precautions and protect your privacy. This incident with the AP records though only shows you just how far a reach the DOJ is willing to take on records like these. Of course if you have been paying attention over the years since 9/11 you would know that many NSL’s (National Security Letters) were sent to the likes of Google and other places demanding end users records and forbidding the company any redress to tell the end user or to fight the demand because the request was considered “CLASSIFIED” by the government and law enforcement. So, if the government can just do that, classify it, and make it disappear what else are they likely to do when they want to have a looksee at your chat logs huh? The electronic spook genie is out of the bottle and running amok. It’s up to you to prevent it from running rough shod over you.

K.

Reading resources:

TRADECRAFT

OPSEC

CRYPTO

DROPBOXES & DEAD DROPS

COUNTER SURVEILLANCE TECHNIQUES

ENCRYPTED CHAT

BURN PHONES

THE DARK NET

FACE TO FACE MEETING OPERATIONAL SECURITY

TSCM

TOR (THE ONION ROUTER)

I2P (ANONYMOUS PROXY)

IPREDATOR (PROXY)

BURN COMPUTERS/TABLETS

ALTERNATE IDENTITIES AND LEGENDS

BIOMETRIC DEFEATING CLOTHING

CELL BLOCKING BAGS/CONTAINERS

OFF THE RECORD MESSAGING (OTR)

SILENT CIRCLE CELL AND MESSAGING CLIENT

 

Written by Krypt3ia

2013/05/21 at 19:45

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: