1994-09-19 - Re: A Scenario

Header Data

From: Black Unicorn <unicorn@access.digex.net>
To: nobody@c2.org (Anonymous User)
Message Hash: 61625880c4fec1899116f34f74c305dbd3f25676ce3a3faf4d7c3546c1821eb1
Message ID: <199409192201.AA16117@access1.digex.net>
Reply To: <199409191605.JAA02415@zero.c2.org>
UTC Datetime: 1994-09-19 22:03:56 UTC
Raw Date: Mon, 19 Sep 94 15:03:56 PDT

Raw message

From: Black Unicorn <unicorn@access.digex.net>
Date: Mon, 19 Sep 94 15:03:56 PDT
To: nobody@c2.org (Anonymous User)
Subject: Re: A Scenario
In-Reply-To: <199409191605.JAA02415@zero.c2.org>
Message-ID: <199409192201.AA16117@access1.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous User scripsit
> 
> Anonymous User scripsit
> >> 
> >> Let's say I have a digital cellular phone.  I also have Anonymous
> Remailers,
> >> PGP, and over 100 BBS numbers (structured for which day and which hour
> each
> >> would be used) so that I can contact and talk to my "Friend."
> >> Please tell me how the LEA's can find me and understand the transactions
> >> between us? 
> 
> >You don't give us enough information.
> 
> >Are your attackers looking for known parties?
> >How secure is your cellular?  Do you operate from a known or a guessable 
> >location?  Is your "Friend" known?  Suspected?  His location, guessable?  
> >Known?
> 

[Location stuff]

[Your friend could be an idiot stuff]

[You should move around more and vary the ESN]

> 
> In the above scenario, I would never use my voice over the digital cellular

I assumed only data.

> [and I would be always moving {nothing done at home}]...strictly PGP/E-Mail.

So you would compose your messages on a laptop while moving about?  This 
would be my suggestion.  I don't know how well Tempest works on the move, 
I assume it's more difficult, but not impossible.  The LCD screen (some 
have theorized) will make interception more difficult.  The real problem 
is when you compose the message, or when it is actually converted to 
plaintext and read.  These are the cheapest interceptions via tempest, or 
even a video camera over the shoulder.  Remember, once your ESN or ESN's 
are estlablished, it is a simple matter to obtain your transactional 
information remotely (see Digital Telephony bill for the whole argument).

> Even IF the parties are known, can they make their case? [How can they prove
> X sent Y if using PGP and anonymous remailers?] Of course, if one of them
> cooperates, that's different.

If I were trying to make the case I would do it so:

At 5:10 pm, subject A departed in a taxi for the airport with his 
laptop.  Monitoring the subjects known phone information (obtained by 
local close proximity interception) we measured a 26 second call to a 
local unix service provider.  Subject A's account (which was being 
observed) showed mail traffic sent to a known remailer at 5:12pm.  
Subject B's account recieved a encrypted message [If by PGP it would be 
obvious that subject a and subject b were using the same software] at 
6:30pm.  (or perhaps 12:01am if the remailer is trying to foil traffic).  
After receiving the encryped message from a (the same?) remailer, subject 
B left his home and was found near the site of the terrorist bombing.

At the very least this provides a WIDE OPEN door to take a closer look at 
Subject A.  I hope you have never met subject B in person, or have 
anything in your house incriminating.  If yes, you better be ready to 
purjure yourself.

> Can Tempest be used as I'm driving/on a city bus? How expensive is it to
> maintain a Tempest surveillance in this fashion?

Dunno, Dunno.  Probably difficult, doubt that it's impossible.

 This is a positive of
> portable computers and portable communications..no one can pinpoint [even
> remotely] where I'll compose/collect my pgp/e-mail.

Wrong.  It's pretty easy given your phones billing information.  The cell 
site you are working off of at any given moment is currently easy to 
estlablish.  That gives your position within some miles (I assume this 
varies from area to area)  In fact, a cellular phone is probably the 
WORST thing to use if your interested in hiding your location and your 
phone number/ESN is known.  Given the location of the cell your working 
off of, it's probably an easy matter to just track the phone to cell 
signal down with a direction/strength meter or by triangulation.

 I am assuming that I'm
> covering my tracks smartly, and the only thing they have is what they can
> grab over the air, which is PGP, and that gets sent to some BBS [which they
> don't know] for my friend to pick up.

If your friend is monitored, the BBS firewall is useless.
He calls, his call setup information is recorded.  Given a pattern it's 
obvious after a while which 30 BBS's your using.


> The ESNs and the Keep Moving are really helpful, thanks.
> 
> 

Remember, strong crypto is only a tenth the game.

-uni- (Dark)

-- 
073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!




Thread