[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Introduction: Telephone traffic analysis



I stumbled upon this great explanation of telephone traffic analysis and
thought I'd share it with the list:

Remember also, as far as security goes, that individuals always have the
ability to add their own encryption to a system.  But I would argue that
encryption is also of minimal protection against a knowledgable telephone
company or government with message traffic flow tracking capability.  This is a
capability that every phone company has since they use it to generate your bill
every month.

Consider the following:

Some undesirable activity (to the govt or phoneco) is happening.  The
govt/phoneco (govco) is able to identify one or more persons involved. (now
known as targets.)

Targets:            *1*         *2*         *3*


They track and compare the frequency of calling patterns made by the targets.
Now they know the "calling circle" of the targets.  They expand the tracking
pattern and start looking for cross overs.

Targets:            *1*         *2*         *3*
                   / | \       / | \         |
Level 1:          A  B  C     D  E  A        F

When they start to find a commonality (by Phone # or account holder(s)) they
can begin to build the list of those persons most often called within the
identified target group. In the above 'A' is common to targets *1* and *2*,
thereby implying that the "group" is composed of *1*, *2*, and 'A'.  Those most
often  called are the "key communicators", regardless of any formal or informal
organization or public presence.

By iterating this process recursively the entire organization and any
supporting sympathizers can eventually be located. Both by members of the
target group and by others outside the group who may not have any knowledge of
other members of the group or even of themselves being in a group. Further,
since all phone numbers are tied in the planning databases to physical
locations and to billing addresses, enough data can be gathered to completely
locate and identify (for further evidence research and cross referencing)
members and supporters.

Notice that this works even in those cases where no formal organization exists.

Notice that this works regardless of whether the communications in question are
encrypted or not.

Applying this means that a movement, or any organized or coordinated activity
could be disrupted by proper targeting of those who are the true key
communicators.  Actions as simple and subtle as cutting off phone service,
placing bad credit reports, starting a tax audit, getting the person a better
paying job in a different area, etc., etc. could all be just as effective as
outright arrest and harassment.  If they don't work, then things would
escalate.

So consider this as well and don't rely just on encryption to keep yourself
secure.


-- Lucky Green <[email protected]>  PGP public key by finger