|Smart browsing tip If you arrived at this page from a search engine, click here to go to the Spy & CounterSpy home page, which gives you full access to all the free features at our site.|
knowledge and skills to supporters of freedom and fairness.
Copyright 1998 Lee Adams. All rights reserved. Quoting, copying, and distributing is encouraged. (Please credit us as the source.) Links to our home page are welcome. Names of characters, corporations, institutions, organizations, businesses, products, and services used as examples are fictitious, except as otherwise noted herein. No resemblance to actual individuals or entities is otherwise intended or implied.
UNCRACKABLE EMAIL PART 2
Part 1 of this two-part tutorial, you learned about the methods that FBI
surveillance teams use to crack your PGP-encrypted email messages. Many
of those methods involved breaking into your home or office without
your knowledge. Some methods involved electronic devices in a communications
van located a short distance from your home or office across the street
perhaps. (If you haven't read Part 1, you might want to go back and do
so now before reading further. Return to our home page and click on Uncrackable
Uncrackable Email Part 2 describes ways to protect your email privacy and the secrecy of your messages. These methods work against the FBI, BATF, DEA, and other government agencies, including state and local police.
You'll learn step-by-step protocols and countermeasures that you can implement. In some cases, these methods will stop an FBI investigation cold. In other cases, they will only delay it. Much depends on the circumstances of the case. A lot depends on your countersurveillance and antisurveillance skills.
Each solution described in this tutorial is a protocol. You can think of a protocol as a method, a set of guidelines, or an operating procedure.
Flexibility. If your goal is to absolutely prevent the FBI from cracking your PGP-encrypted email, the key to success is flexibility. The content of your email is what counts. The more incriminating the message, the more precautions you should take.
When used properly,
The firewall method...
The firewall method is centered on the way you use your computer. This includes where, when, and how you use your computer. Described here is a step-by-step method for obstructing the FBI. This is a very rigorous protocol. You likely won't need to go to this much trouble very often.
Step 1 Get cleaned up. Scrub your hard disk. The FBI can read deleted files using an undelete utility. The FBI can read file slack, RAM slack written to disk, free space, garbage areas, and the Windows swap file using a sector viewer or hex editor. Return to our main page and click on Security Software for more on this. Although other packages are available, we use Shredder. Then we use Expert Witness and HEdit to check the hard disk afterwards. (From now on we'll refer to your hard disk drive as HDD.)
If you have previously used your computer to work with incriminating data, you should wipe the entire HDD and reinstall the operating system, application software, and user files. If surveillance poses a risk to your liberty, you must install a new hard disk drive. Then disassemble the old HDD, remove the platters, and sand them with coarse-grit sandpaper.
Once you've got your computer sterilized, you'll want to keep it clean. Tidy up after each work session. Thereafter, don't leave your computer unattended.
Step 2 Get unplugged. During sessions when you're working on secret messages, you should take measures to frustrate FBI surveillance. This means physically disconnecting your computer from the AC power supply and from the telephone jack. You'll need a battery-powered computer a laptop, notebook, or subnotebook.
Remaining connected to the AC power supply is risky. Using equipment attached to your power line outside your home or office, the FBI can detect subtle changes in the current as you type on your computer's keyboard.
Likewise, remaining connected to the telephone line is risky. If the FBI has broken in without your knowledge, they may have installed counterfeit programs on your computer. Your computer could be secretly sending data to the surveillance team over your dial-up connection. Just imagine the damage if you were unknowingly using a doctored copy of your favorite word processing program.
Step 3 Go somewhere else. In order to frustrate the FBI's electronic surveillance capabilities, you must relocate away from your usual working area. If you fail to take this step, an FBI video camera can watch your keystrokes. An FBI audio bug can listen to your keystrokes. An FBI communications van parked in the neighborhood can detect both your keystrokes and your display.
Suitable locations for ensuring a surveillance-free environment are park benches, crowded coffee shops, busy fast food outlets, on a hiking trail, at a friend's place, in a borrowed office, at a bus depot waiting area, in an airport lounge, at the beach, and so on. Be creative and unpredictable. The trick is to select a location difficult for FBI agents to watch without you becoming aware.
You may be surprised at what happens the first time you relocate. If you suddenly find people loitering nearby, you may already be under surveillance. (More about this later in the tutorial.)
During your first relocated work session, use PGP to create your secret key ring. Your passphrase should contain random characters. Do not write down your passphrase. If you must, jot down just enough hints to help you remember.
Save copies of the following files from the PGP directory to a diskette Secring.skr, Secring.bak, Pubring.pkr, Pubring.bak, and randseed.bin. For safety, use two diskettes and make two backups. Keep the diskettes on your person. Delete the files from your HDD.
Step 4 Get serious. From now on, you've got a new standard operating procedure. Whenever you need to compose and encrypt a secret message, you must first relocate to a safe area. (You'll soon begin to appear like a busy person who checks in often with your contact software or scheduling software.)
Save the encrypted document to diskette. Delete all working files. Return to your home or office. Then use a different computer to email the encrypted messages.
Using a different computer is vital. It acts like a firewall. It keeps your relocatable computer sterile. Do not connect your relocatable computer to the telephone line. Ever. Do not leave your relocatable computer unattended. Ever. If this means carrying your relocatable computer with you all the time, then so be it.
For ordinary working sessions, it's usually okay to connect your relocatable computer to AC power. However, don't do any sensitive work in this mode. Always disconnect and relocate first. But if absolutely watertight security is your goal, the only time you'll turn on your relocatable computer is when you've relocated. The only time you'll plug it in is to recharge the battery.
When you receive incoming encrypted email on your firewall computer, save it as a text file to diskette. Relocate. Check the diskette with an antivirus program. Load the file into your sterile computer. Decrypt the ciphertext and read the plaintext. Delete the plaintext. Return to your regular work location.
Summary. The firewall method involves nit-picking attention to detail. It is a methodical system for protecting the privacy of your PGP-encrypted email messages. It takes perseverance and patience to beat the FBI at this game. But it's preferable to the alternative. The firewall method will keep you out of the internment camps.
You'll read about other protocols later in this tutorial. But if you choose to use the firewall method, you must follow it rigorously in order for it to be effective. Slip up once and the goons will nail you. They'll snatch your passphrase. They'll learn where you keep your key rings. Then it's interrogation, arrest, indictment, conviction. Or maybe they'll just kick in the door an hour before dawn and ship you off to the camps.
The firewall method is watertight, but it only works if you use it.
The deception method...
Protocol 2 is based on liveware, not software. Liveware refers to you, the human element in the countersurveillance scheme. Protocol 2 takes a human approach. It uses deception.
Most people don't realize that FBI surveillance teams are vulnerable to deception. It's possible to mislead and confuse them. That's because most FBI targets are ordinary Americans with no countersurveillance training. In relative terms, only a few elite units within the FBI encounter hard targets. (A hard target is a trained operative who is actively maintaining secrecy and who will not reveal that he has detected the surveillance team.) So most FBI agents have never confronted a hard target. They never get any practice. They're accustomed to playing tennis with the net down.
Deception provides four ways for you to protect the privacy of your PGP email.
Deception method 1 Decoy. This method involves duping the surveillance team into believing they have cracked your PGP email, when in fact they have uncovered merely a decoy. Your real protocol continues to run undetected in the background. This is called layered security.
The best underground activists worldwide operate in this manner, including guerrilla movements, freedom fighters, and resistance groups. Inside the USA this method is mostly used by criminal groups (so far).
The key to success is carefully and deliberately providing some mildly incriminating evidence for the FBI to find. This decoy data will often dissuade them from investigating further. The FBI will eventually downgrade the 24-hour surveillance to perimeter surveillance, then picket surveillance, and finally intermittent surveillance. They'll keep you on their watch-list and check up on you two or three times a year. They may drop you entirely. Here's how to implement this method.
Step 1 Set up Protocol 1 and then forget about it.
Step 2 Use your firewall computer as your primary computer. Create another set of secret keys. Leave the key ring files and randseed.bin on your HDD. This increases the chances the FBI will recover them during a surreptitious entry. Create and encrypt low-grade messages at your firewall computer. This increases the odds that the FBI will snatch your passphrase.
Step 3 Use this second configuration of PGP as a decoy. Use it to send only low-grade messages. In effect, you are now running two layers of PGP. From time to time you will use Protocol 1 and temporarily relocate in order to encrypt or decrypt high-risk secret messages.
Step 4 If you suspect or detect FBI surveillance, keep up the deception. Perhaps temporarily stop using your relocatable computer. If you use the technique of plausible denial, you increase your chances of completely concealing the fact that you've got a second PGP system.
The principle of plausible denial is well-known in intelligence agencies, urban guerrilla movements, and resistance groups. Plausible denial means cover. Cover is spy-talk for innocent explanation. You must take the precaution of having a plausible, innocent explanation for everything you do. Absolutely everything. Don't ever do anything until you think up a believable excuse for doing it.
Even if the FBI surveillance team discovers the second protocol, you will have purchased yourself some extra time. Use the time to encrypt, conceal, or destroy incriminating data. Use the time to warn other members in your group. Use the time to feed misinformation to the surveillance team.
When systematically applied, the decoy method provides a good first line of defense against an FBI surveillance team.
Deception method 2 Thwarting cryptanalysis. When using Protocol 1, you can utilize deceptive techniques to reduce the chances of your message being cracked by NSA. If the case is serious enough, the FBI will provide NSA with a full set of your encrypted messages.
The cryptanalysis experts at NSA will use Statistical Probability Analysis to begin detecting commonly used phrases, words, punctuation, and layout. The more footholds you give them, the sooner they'll crack your email. Here are three ways to use deception to impede their progress.
Step 1 Disguise the format of your message. Your goal is to camouflage the layout. Insert a random-length paragraph of nonsense at the beginning of each message. You do not want the salutation or other material to appear at always the same location. Your recipients should be alerted to ignore the first paragraph. You can also use a text editor to manually strip off the header and footer from PGP ciphertext. The recipient can likewise use a text editor to manually restore the header and footer so PGP will recognize the text as code to be decrypted.
Step 2 Make your content resistant to heuristic analysis. Heuristic analysis involves informed guessing and trial-and-error. Deliberately run some words together, eliminating the space. Intentionally add or delete punctuation. Occasionally insert a carriage return in the middle of a paragraph. Deliberately introduce spelling errors into your text.
Step 3 Write your message in a "foreign" language. You can do this by using homonyms such as "wood" instead of "would", or "urn" instead of "earn". Use "gnu" or "knew" instead of "new". Use "seas" instead of "seize". Use "mast" instead of "massed". Write numbers and dates out in full, such as "nineteen ninety eight" instead of 1998. Use code words such as competition instead of surveillance, competitor instead of FBI, market survey instead of countersurveillance, and so on. Use noms de guerre instead of real names.
When properly used, these and other anti-cryptanalysis techniques can greatly increase the amount of time it takes the NSA to crack your PGP-encrypted email.
Deception method #3 Diagnostics. You can use PGP to detect the presence of a surveillance team. Countersurveillance experts refer to this as running diagnostics. When performed against pavement artists, it is called dry-cleaning. Here's how it works.
Deliberately encrypt a provocative, bogus series of messages. Your goal is to use content that will elicit an aggressive response from the FBI. If surveillance intensifies, your email may have been cracked or the FBI may simply be reacting to your increased traffic. That's spy-talk for the frequency, volume, and timing of your messages.
On the other hand, you may notice that the surveillance team seems to know where you're going and who you're going to meet with. They arrive before you do. They break into your associate's home or office looking for items you've mentioned in your email. They're conspicuously nearby as you slip a written note to your contact, after mentioning the brushpass in your email.
All these are warning signs that the FBI is reading your PGP-encrypted email. If you're using a decoy setup, switch to Protocol 1 to send secure email. If you're already using Protocol 1, you and your correspondents should create new passphrases. If further diagnostics suggest the FBI is still reading your email, you and your correspondents should reinstall PGP and create a fresh set of key rings and passphrases. Exchange the key rings by face-to-face contact, through live intermediaries, or by human courier.
Tip Anonymous email addresses activated through a cyber café can be used, but only if you set them up before the FBI puts you under surveillance. Go out and do it tomorrow.
When properly applied, diagnostics can keep you one step ahead of an aggressive FBI surveillance team.
Deception method #4 Spoofing. You should routinely send out bogus encrypted messages. Your goal is to mislead and confuse the surveillance team. If the FBI is reading your email, you have an opportunity to confuse and mislead them with misinformation. If the FBI hasn't cracked your email yet, the traffic in bogus messages will provide cover for your authentic messages. If a mission requires an increased number of secret messages, simultaneously reduce your bogus messages, and the FBI won't detect any increased communication activity.
When used systematically, spoofing can level the playing field between you and the FBI surveillance team.
You can boost your
Using deception, you can confuse, mislead, obstruct, and frustrate the surveillance activities of your adversary. Deception can be very effective against an FBI, BATF, or DEA surveillance unit. It is particularly effective against standard police surveillance.
If the deception techniques of Protocol 2 are used in combination with the firewall methods of Protocol 1, you boost your chances of stopping an FBI surveillance team from learning anything at all.
. . .
Copyright ©1998 Lee Adams. All rights reserved except as noted herein. Spy & CounterSpy is published by Here's-how, Right-now! Seminars Inc. How to contact us: Send mail to PO Box 8026, Victoria BC, CANADA V8W 3R7. Email us at reader_service@SPYCOUNTERSPY.com