Created
November 30, 2013 00:43
-
-
Save grugq/7713916 to your computer and use it in GitHub Desktop.
The text from: http://dee.su/uploads/baal.html On Underground Communications
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-----BEGIN PGP SIGNED MESSAGE----- | |
Hash: SHA512 | |
Undercover communication | |
It should be obvious by now, that the only way to communicate | |
stealthily and securely is to avoid raising suspicion to the | |
level at which the authorities might consider it worthwhile | |
to put you under active surveillance (e.g., park a van with | |
TEMPEST equipment by your apartment). | |
It has long been my view that, if the authorities have enough information | |
on you to enable them to park a surveillance van outside your home, then | |
you have failed utterly, and the battle is already lost. | |
Notwithstanding that, I still had to laugh at the story posted in Slashdot | |
the other day about he kid who was being investigated who noticed that, when | |
searching for WiFi connections, one of the SSIDs was "FBI SURVEILLANCE VAN". | |
Moreover, the medium for such a communication must be the Internet, | |
since since it is the only publicly available medium that has seen | |
any serious development of anonymous and/or secure communication. | |
Agreed. | |
Let's go over some specific methods of clandestine information | |
exchange over the net: | |
Encrypted e-mail | |
Although apparently secure, this method puts the communicating | |
parties at great risk of detection. E-mail servers are centralized, | |
and accounts are easily associated with message transmission times | |
and locations. Once a single member of the communication network | |
becomes suspect, the whole network is immediately exposed. This | |
holds for all similar server-dependent protocols. | |
Encrypted email does not prevent traffic analysis; it merely prevents anyone | |
from trivially discovering the message contents. If you can be located, you | |
can be compelled to decrypt your messages, whether through legal threats or | |
the authorities simply beating the passphrase out of you -- so-called | |
"rubberhose cryptography". | |
The only way this can be avoided, is to periodically change one's encryption | |
sub-key. If the old encryption sub-keys are securely destroyed, then the | |
previous message traffic encrypted with those keys is not recoverable. Keys | |
can be changed according to one's level of paranoia -- weekly, bi-monthly, | |
monthly, quarterly, or randomly. | |
E-mail accessed exclusively over onion routing | |
This is a much better approach than just e-mail, but it is still | |
susceptible to traffic analysis, and to control of the communication | |
channel by an external party. | |
Agreed. | |
Usenet posts | |
This is a good approach to clandestine communication. Since Usenet | |
is a distributed system, traffic analysis is non-trivial, and | |
messages can be steganographically hidden inside innocent-looking | |
posts (e.g., SPAM) in some high-traffic unmoderated group. Many users | |
will read the message, oblivious to its true contents -- thus protecting | |
the message recipient from scrutiny. | |
While I agree that the distributed nature of Usenet makes traffic analysis | |
non-trivial, I completely disagree with the use of steganography to protect | |
your traffic. For starters, the authorities are not unaware of the existence | |
of steganography -- as such, it is really suitable only for rendering your | |
message traffic oblivious to the greater public. Also, by disguising it as | |
spam, it may be filtered-out by some news providers. | |
If you're going to secure your messages, then the best way to do so is to | |
use strong encryption. The best way to hide strongly-encrypted messages is | |
to post them to a newsgroup where strongly encrypted messages make-up | |
virtually all of the traffic in the group. If you're looking for such a | |
secure, high-traffic group, you really need look no further than | |
alt.anonymous.messages (a.a.m.) -- it was designed for this very purpose. | |
Furthermore, as I relate in the example case below, any real volume of PGP- | |
encrypted traffic in newsgroups other than alt.anonymous.messages /will/ be | |
noticed. | |
One of the most frequent uses for alt.anonymous.messages is as the target of | |
nymserver reply-blocks. Use of such reply-blocks renders any nymserver email | |
address untraceable, as the encrypted mail can be picked-up from any news- | |
server that carries alt.anonymous.messages. Furthermore, there are utilities | |
(e.g.aamfetch, available from sourceforge) that can be used to fetch all | |
one's messages from alt.anonymous.messages making it impossible to determine | |
precisely what messages are being retrieved. | |
Nymserver accounts are setup/maintained by sending specially-constructed | |
email messages to the nymserver. If these messages are sent via a chain of | |
mixmaster remailers, even the nymserver operator cannot determine who owns | |
a particular nymserver account, even if they were to start keeping logs, | |
perhaps at the insistence of the authorities. If one uses a randomly-chosen | |
chain of mixmaster remailers, then it is not possible to the authorities to | |
compromise the remailers you are using -- in order to trace you, they would | |
have to effectively compromise the entire mixmaster network. | |
Accordingly, the only way a nymserver account holder can then be traced is | |
through their reply-block associated with the account. If the reply block | |
points to alt.anonymous.messages (a.a.m.), then the authorities will reach | |
a dead-end. They will not be able to trace the nym account owner, nor will | |
they be able to read their message traffic. | |
Now, you might ask: "Just how secure is this setup?" | |
You'd be surprised at just how effective it is -- it was enough to thwart a | |
combined investigation by the FBI and the Australian Federal Police (AFP), | |
the Queensland Police Service (QPS), Europol, Interpol, The Department of | |
Internal affairs New Zealand, and the Toronto Police Service. | |
Let me tell you a little story.... | |
In just a few days, it will be exactly 3 1/2 years ago, that the American | |
Federal Bureau of Investigation (FBI), the Australian Federal Police (AFP) | |
and the Australian Queensland Police Service announced the existence of | |
"Operation Achilles" which led to the breakup of what they claimed was one | |
of the largest child pornography rings uncovered up to that time. | |
The individuals comprising this pedophile ring called themselves "the group" | |
and they believed themselves untouchable, beyond the reach of the police. | |
(For many of them, -- one-half to two-thirds, depending on which affidavit | |
you believe -- this did, indeed, turn out to be the case. This includes the | |
ringleader, who is known by the handle Yardbird.) | |
The number of persons reportedly involved varied -- one affidavit stated | |
that there were 61 persons involved, another 45, and yet another 48. All in | |
all, there were 22 persons arrested: 2 in the UK, 4 in Germany, 2 in | |
Australia, and 14 in the U.S. | |
The FBI podcast, "Inside the FBI" states that the number of persons involved | |
was 60, of which 22 were positively identified. You can listen to the podcast | |
and read the transcript at the following URL: | |
https://www.fbi.gov/news/podcasts/inside/operation-achilles.mp3/view | |
Another superb source of information is the so-called "Castleman Affidavit"-- | |
this affidavit was used to justify the arrest of group member Daniel Castleman. | |
The Castleman affidavit explains the group's methodology (or modus operandi) | |
in detail. | |
It can be seen at: http://www.rep-am.com/newsdocuments/affidavit.pdf | |
Another good source of information is: | |
http://www.policyb.org/downloads/Operation_Achilles.pdf | |
Depending on which affidavit you believe, only about 1/3 to 1/2 of the | |
alleged members of this pedophile ring were ever identified and apprehended. | |
As I said earlier, the alleged leader of this ring used the nic "Yardbird". | |
Yardbird made a re-appearance on Usenet in both 2009 and 2010 on the date | |
corresponding to the first and second anniversaries of the busts in 2008. | |
His intent was to show that he was still free, and to answer people's | |
questions. | |
One of the most important things Yardbird stated were that everyone in the | |
group who used Tor and remailers remained free, while those who relied on | |
services such as Privacy.LI were arrested and convicted. | |
Yardbird further commented that several members of the group, including his | |
second-in-command Christopher Stubbings (Helen) and Gary Lakey (Eggplant) | |
were Privacy.LI users -- in fact he stated that they used it for everything. | |
(Helen is currently serving a 25-year sentence in the UK, while Eggplant is | |
serving life in an Arizona prison.) | |
Eggplant literally became notorious because of his constant promotion of | |
Privacy.LI -- he continually boasted that he could not be caught because | |
Privacy.LI did not keep logs, and they were located outside of U.S. | |
jurisdiction. | |
I pointed out to anyone who would listen that services such as Privacy.LI | |
were for /privacy/ -- not for anonymity. In an ideal situation, one needs | |
both to be private as well as anonymous. Essentially, what Privacy.LI | |
supplied was a type of VPN service, providing an encrypted tunnel for data | |
to travel between two endpoints--the customer's computer being one endpoint, | |
while the Privacy.LI servers provided the other. While there was a degree of | |
privacy, there was NO anonymity at all--so it really didn't come as a | |
surprise that Privacy.LI's customers were among those arrested. It is also | |
worthy of note that Privacy.LI earned a 2005 entry in cryptographer Bruce | |
Schneier's "doghouse" as I pointed out more than once. | |
See: http://www.schneier.com/blog/archives/2005/07/the_doghouse_pr.html | |
As I pointed out repeatedly, NO service operator is going to go to prison to | |
protect the identity of his customers -- every last one of them will roll | |
over on you, if given the opportunity. | |
You might ask, "How was the existence of 'the group' discovered?" | |
Simple. Through one of the oldest investigative techniques of all -- the | |
informer. The Australian police arrested a man on totally unrelated child | |
pornography charges -- presumably as part of a plea deal, he revealed the | |
existence of 'the group' and handed over a PGP public/private keypair and | |
password. | |
Now, it is worthy of note that the Department of Internal Affairs of New | |
Zealand had earlier informed the Australian police of the existence of PGP- | |
encrypted traffic in a number of Usenet newsgroups. | |
These messages, from users with handles like "Big Block" and Subject: lines | |
like "New Car Contracts" were rather odd, to say the least. I also noticed | |
some of these--it was quite clear that there were a group of people | |
communicating in private, but obviously there was no way to determine /who/ | |
was communicating, or /what/ they were communicating about. | |
If the Australian police had not had a lucky break, by arresting one of the | |
members of the group on totally unrelated child pornography charges, they | |
would, in all likelihood, /still/ be in the dark about what was going on. | |
Having acquired from the informer the current group PGP public/private | |
keypair, and its passphrase meant that the police could assume this group | |
member's identity, and furthermore, read all the encrypted traffic posted by | |
members of the group. | |
So it was that Constable Brenden Power of the Queensland Police Service used | |
this assumed identity from August 31, 2006 through December 15, 2007. | |
Constable Power spent almost 18 months working out of FBI HQ in Washington, | |
DC while working on this case. | |
In many ways, this case was unprecedented. No similar pedophile ring had | |
ever previously employed the types of security measures that this group did; | |
also unprecedented was the information provided by the informant, who gave | |
the police the tools needed to infiltrate the group--without the informant's | |
help, they could _never_ have succeeded. | |
Once the group was penetrated, the police were able to take advantage of a | |
few factors: | |
1) They had the informant's computer, with all its email, PGP keys and the | |
like. This provided a history, which made it easier to continue the | |
impersonation. | |
2) By the time it was penetrated, the group had been operating for about 5 | |
years. By this time, the group had jelled into a community -- people were | |
familiar with each other, they often let their guards down, and would | |
sometimes reveal tidbits of personal information. This is especially the | |
case when they thought their messages were secure, and beyond the ability | |
of the police to intercept--they would say things that they would *never* | |
say in the open. | |
So, as you can see, the group was pretty much an of open book to the police; | |
they were completely and thoroughly penetrated. Despite that, however, the | |
majority of the group were _still_ able to remain at large, and were neither | |
positively identified nor arrested. | |
This is due to the privacy tools (i.e. tor, nymservers, remailers) that were | |
employed. Even with everything else being an open book, those using these | |
tools still managed to elude capture. | |
By now, you're probably thinking, "Why is he going on about pedophiles?" | |
"Pedophiles are disgusting! They should all be shot!" | |
Leaving aside my personal feelings about pedophiles, I brought up this case | |
as an example for several reasons: | |
1) Child pornography is a serious crime in virtually every jurisdiction. | |
As this example demonstrates, police will work together, even across | |
national boundaries, to investigate these crimes. They are willing | |
to invest considerable time, manpower and money in pursuit of these | |
suspects. The only other crimes which usually merit this type of | |
approach are drug/gun-running or terrorism. The level of effort | |
expended in pursuing this group can be seen in that even FBI | |
executive assistant director J. Stephen Tidwell was involved. | |
Normally one would not expect FBI personnel that highly placed | |
to be involved -- this shows the level of importance placed on | |
this particular investigation. (A year or so after the busts, | |
Yardbird himself expressed astonishment that the FBI would | |
consider his group such a priority.) | |
2) This case is the only one that I'm aware of, where suspects were | |
using sophisticated tools like PGP, Tor, anonymous remailers and | |
nymservers. | |
3) This case underscores the effectiveness of these tools even against | |
well-funded, powerful opponents like the FBI, Europol, and Interpol. | |
(N.B.: FWIW, those who were caught used either inappropriate and/or | |
ineffective tools and techniques to protect themselves. | |
4) I fully understand most people's disgust at the types of crimes/ | |
criminals being discussed here. That said, it is important to | |
remember that one simply cannot design a system that provides | |
protection for one class of people, but denies it for another. | |
You can't, for example, deploy a system that provides privacy/ | |
anonymity for political dissidents, or whistle blowers, and yet | |
denies it to pedophiles -- either *everyone* is safe, or NO ONE | |
is safe. This may not be palatable, but these are the facts. | |
Final Thoughts | |
============== | |
While this case shows the strengths of the current technologies, it | |
nevertheless underscores that the human element cannot be disregarded. It | |
must continually be borne in mind that the weakest element in /any/ security | |
system is the human element. This has been true since before Sun Tzu wrote | |
his immortal treatise, The Art of War about 2500 years ago. It is, in fact, | |
for this reason that Sun Tzu is still studied in military academies to this | |
very day. It is not for nothing that Sun Tzu devoted an entire chapter in | |
his seminal work to the use of spies. | |
As we have seen, infiltration is still a highly effective tactic. The group | |
was particularly susceptible to this, as the members were unknown to each | |
other, by deliberate design. If someone were to be apprehended, they could | |
be forced to turn over PGP private keys, passphrases, etc. These can then be | |
used by the authorities to PGP-sign messages, which normally would be taken | |
as proof that the messages in question are genuine and untampered-with. This | |
is likely what happened in the case of the group. | |
Traditionally, espionage cells have been made up of only a handful of persons, | |
each known to the other -- the idea behind this was to limit the damage in | |
the case of the cell being either penetrated or exposed. | |
The only types of organizations that cannot be penetrated by the authorities | |
are those close-knit, bound by blood or other kinship ties. The only possible | |
recourse for the authorities in these cases is to try to turn someone on the | |
inside against his fellows. | |
Baal <[email protected]> | |
PGP Key: http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=0x1E92C0E8 | |
PGP Key Fingerprint: 40E4 E9BB D084 22D5 3DE9 66B8 08E3 638C 1E92 C0E8 | |
Retired Lecturer, Encryption and Data Security, Pedo U, Usenet Campus | |
- -- | |
Sed quis custodiet ipsos Custodes?" -- "Who will watch the Watchmen?" | |
-- Juvenal, Satires, VI, 347. circa 128 AD | |
If you accept that freedom of speech is important, then you are going to | |
have to defend the indefensible. -- Neil Gaiman | |
He that would make his own liberty secure must guard even his enemy from | |
oppression. | |
-- Thomas Paine | |
-----BEGIN PGP SIGNATURE----- | |
iQEcBAEBCgAGBQJOVwOSAAoJEAjjY4weksDowfgH/0YD0y+/rb8yeDemIgHiVKob | |
Jz8PX9njZKADBxAREMwqGjwZ2tfOr7HDouB/moHE0ZtBvjYmON3LJZFueb661DuA | |
8AP5tFfJgHx95JKbt/4WWwsKzs534izVnjrL1IW1GdOuVDuooWvBJK50+b9n58p1 | |
o3Pq8N00vGwRAOXwX5ltMJ98zUzDlkVXNMPbs19u8lFdqQNoTVSYYm9rvxcVtqrK | |
MJ/T4oozZz1/RryiOC8wGyEvl5GMAFr0pcFUegIIpjIpMpxXM2d8cqp3yPxXYU6+ | |
ZWmLQbkdgyhkRAOOIMPFWXC0+WKcy6A+xuK0bEyb7ZaJz0ibKAeo0BOgD+IqwlQ= | |
=/sG0 | |
-----END PGP SIGNATURE----- |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment