Recently we have heard praise for encrypted phone calls, namely, the application Signal by Open Whisper Systems, designed for iPhone and Android. While Signal is one option for cellular calls, we underscore that such tools frustrate mass surveillance, but do not protect users under targeted surveillance.
Ironically, much of the Signal praise comes from journalists, who are more likely to be targeted than average citizens. Every United States adult with a cellphone is subject to broad surveillance under “mass surveillance” programs, remaining anonymous until analysts retrieve their records. This is nothing new. Analysts, investigators, and law enforcement officers may target specific people, however, before calls are made, and there are several vulnerable behaviors—points of targeting—that make attacking encrypted voice data unnecessary. The same may be said for digital data entered by keyboard, keypad, and touchscreen—the modulations, radio waves, and power currents.
To be safe, communicating by cellular phones requires more planning than opening and using an application. And thinking further, alternative methods reduce risk significantly more than encrypted cellular calls. Our aim is to outline, very broadly, why we do not make encrypted phone calls and offer, perhaps in passing, but in good faith for people in our network and dark trades, one communication method that relieves risks in targeted surveillance cases.
Overview of common surveillance technologies
We should have a sense of what investigators, officers, and analysts look for when surveilling targets. To be sure, we are talking about state and private actors, including private intelligence firms, also known as “business intelligence,” “corporate intelligence,” and “strategic intelligence” firms, who service other private companies and state agencies. Not only are these companies stacked with former intelligence officers and military operators, but they behave under little to no public oversight, and they are not subject to the Freedom of Information Act.
As contractors like Blackwater ravaged and plundered in Iraq, security and intelligence firms run open and hostile activities in the United States. (See: Amcor, Global Security Services, Stratfor, Total Intelligence Solutions, S2i, Basis Technology, Biomatrica, Aegis Defense Services, DynCorp, GK Sierra, Kroll, Securitas, Allied Barton, Andrews International, FTI Consulting, K2 Intelligence, Bishop International; plus, software developed by Palantir, Hacking Team, among link analysis (for social media sites), mapping, photo enhancement, database reporting, and visualization software).
In elementary terms, to start, surveillers see targets. In daylight, this amounts to observing in plain sight, with optics (e.g., scope, binoculars), and with camera and video recorders. At night, of course we encounter night vision optics.
And moving to remote technologies—with vans, on streets, and in buildings—targeters see via imagery from ground and air and space devices, such as drones, satellites, planes, and blimps. Local and state police notoriously use drones, along with federal authorities along borders, at checkpoints, and for law enforcement.
In addition, still describing physical emissions, surveillers interpret data from infared signatures, or heat signatures. Here investigators use thermographic cameras that display images using infared radiation.
On a side note, the Chicago rapper Lil Reese has a line from his hit “Beef”: “Infrared, yeah, with love them beams.” In the video, the rapper and friends point at the camera with trigger fingers. Little does he know that infrared is a sensing of invisible radiation wavelengths and not what he meant to sing, which is laser beams in green or red (e.g., the Streamlight TLR-4 Compact WeaponLight and Surefire X400).
Moving to other signatures, we are aware of the many “biometric signatures” people display through static features and movement. The most common is facial recognition (e.g., FBI’s Next Generation Identification System (NGI)), but a side glance at iris scans is relevant for another post. Using the most modern algorithms and software, federal and state authorities are capable of finding people by their facial signature—relations among points at ears, nose, eyes, mouth, chin and cheeks. The technologies using the algorithm include street cameras, building cameras, and specialized eyeglasses with fitted cameras. Brazilian police use eyeglass cameras running facial recognition software, capturing 400 images per second at a distance of 160 feet to 12 miles.
Next, targeters identify people based on the way they walk. This technology is still in development, but has shown promising next to facial recognition. State and private agencies can analyze video imagery and catch samples of trajectories and angles of subjects’ major skeletal joints, resulting in a mathematical model of motion.
Beyond physical signatures, we should be mindful of every “emission” from mechanical and digital devices that emit any repeating waves. To start, simple mechanical devices such as wristwatches emit identifiable sound signatures. The most sensitive microphones can detect and record such sounds, and operators send sound files to analysts, who match with other samples. Operators around the world record a variety of sounds that alert officials about important events: construction equipment, military hardware, and military weapons. Intelligence officers and agents record engine sounds from tanks, planes, and military vehicles. They record the sounds of small arms fire and rockets. With good samples, intelligence analysts can match the exact make and model of mechanical devices.
Assume, for good practice, that every surveillance device known to civilians has every capability mentioned. Satellite imagery is down to a square centimeter. Parabolic microphone is down to a whisper. Drones and planes can pick up facial and gait signatures, plus radio, cellular, and satellite emissions. Public and private agencies likely do not divert these resources to track small targets or soft targets that are easily followed by ground teams, but should such actors want to spend a day or two on important targets, they have the means to do so remotely.
Local law enforcement, for example, may send suspicious activity reports to regional DHS Fusion Centers (i.e., Regional Information Sharing Systems, Homeland Security Information Network, Immigration databases, Financial Crimes Enforcement Network, intelligence center databases). When software pegs specific targets, more invasive surveillance is available. Those reporters and sources handling classified information, a federal crime, will be subject to heightened (targeted) surveillance.
Attackers exploit ‘end points’ first
Operational conditions and circumstances dictate what measures should be taken to communicate. Without testing those conditions and planning for contingencies, subjects are very likely to make mistakes, which in turn makes the encryption of voice data unimportant and unattractive to attackers, who exploit end points first.
Making a call from one’s home, office, business, or other regular place for business is out of the question. A nice example is the famous Supreme Court case “Katz v. United States” in 1967. The defendant, Katz, had discussed gambling wagers on a public pay phone. Federal law enforcement attached an electronic recording device to the exterior of the phone booth without a warrant. Even in 2015 and with the warrant requirement, with extraordinary advancements in surveillance technologies, eavesdropping on phone calls does not take breaking Signal strength, but rather listening to both speakers—in person—during the call.
Communicating via telephone and cellphone requires speaking into the device, whether that is a handheld smartphone or landline. No matter the encryption of voice data, the immediate speech is of course “plaintext” speech and may be recorded in a number of ways. The most common devices are audio recording “bugs” and parabolic microphones. In many circumstances, unless one is in a soundproof room or the middle of a field with about a half-mile radius, one should assume speech is recorded. Remember that constitutional protections like the 4th Amendment trigger for state actors, not private actors, so any private firm wishing to check-in on journalism activity may surveil as they wish.
Sure, there are civil remedies. Prosecute those complaints at extreme expense and time.
The reality of operating is that most resources will be devoted to real-time tracking in close proximity: the other side of the room, the floor above or below, across the street, on the same side of the street, underground, across the room, in the same room. Scooping up large files of encrypted voice data, generated by an application like Signal, is the least of our worries. We simply would not use a phone and bypass that line of security altogether, accomplishing the same tasks with creativity and discipline. Tapping the square on a touchscreen requires no creativity or discipline. To the contrary, adversaries then know exactly where to look and what to target.
Encrypting voice data in a soundproof room
One might be wise to use a soundproof storage unit or a soundproof closet or room at a safehouse. The materials to construct a reasonably sound-resistant room are expensive, but over time and with enough parties using it (e.g., an office with 12 people), the costs may be spread within the risk pool for users.
There is a spectrum of soundproofing materials for expense, quality, ease of use, and effectiveness. Materials include soundproof drywall, soundproof curtains, soundproof paint, soundproof foam panels, sealants and compounds, insulation, thermal insulation, mineral wood, fiberglass, cotton, and custom materials by Roxul and ATS Acoustics. Operators should consider the size of the room and also ease of set up and take down to switch rooms on occasion, such as using several different storage units.
An alternative practice to using phones to communicate in realtime is to exchange encrypted voice data stored on tangible drives, such as external hard drives, USB drives, and SD cards. Having concealable, mobile drives to rotate and hide is advantageous in many conditions. Yet, strictly to counter parabolic microphones and recording devices, video with sound, and emissions from devices (radio, cellular, satellite signals), one may record speech in optimal conditions, then protect transmission with the same encryption strength run by Signal.
We work with voice recorders, such as the Zoom H1. These recorders have SD card slots. In a soundproof room, we record speech, then encrypt the SD card on a tablet or computer never connected to the internet and disconnected from ground power (also setup only on external batteries to avoid ground power monitoring). Depending on distance to the recipient, we then send that card by courier or mail. The recipient enters her soundproof room, decrypts from a tablet or computer similarly situated to an air-gapped computer, and loads on a Zoom recorder for playback, listening on headphones. The recipient, should she need to respond, repeats the process.
Is this practical for all conversations? Of course not. But for longer dialogues when time is not sensitive, one-time messages, and ongoing updates about projects, this method is effective. The method accommodates voice data for encryption keys as well: read off letters or numbers for one-time pads. Plus, instead of sending and receiving from devices that emit signatures each time, using the mail we can diversify addresses, envelopes, drop offs, pick-ups, handwriting, anything to create false leads. And even if an external drive is intercepted, the voice data is encrypted as it is using Signal.
For the foregoing reasons, Signal might perhaps be useful for reducing risk of criminal attacks, such as identify theft, but our particular reporters and trainers doing business are better served and protected using soundproof rooms and voice recorders. Ideally, any overseas assignments should incorporate this method, as other governments do not mirror our privacy protections in law enforcement.
An appeal to authority, paradoxically since we criticize the spread of tools by public figures, is in order. Of the dozens of former intelligence officers and military operators in our network, none use encrypted email, encrypted calls, or the Tor browser, citing the end point vulnerabilities. Some do not carry cellular phones at all. None used PGP when it came out in the 1990s, when they operated then.
This push for Signal may likely be a secondary morbidity of age and education. Just like Lil Reese mistook infrared sensing for laser beams, it appears media workers mistakenly equate “operational security” with a list of digital tools, championed by public figures, when intelligence practice is more about behaviors prior to sending and receiving information: on the one hand, the moments of “writing” are crucial, and, on the other hand, the transit is less important.
Content posted to MyMPN open blogs is the opinion of the author alone, and should not be attributed to MintPress News.