[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Possible [Best?] Scenario

Anonymous User scripsit
> Let's say I have a digital cellular phone.  I also have Anonymous Remailers,
> PGP, and over 100 BBS numbers (structured for which day and which hour each
> would be used) so that I can contact and talk to my "Friend."
> Please tell me how the LEA's can find me and understand the transactions
> between us? 

You don't give us enough information.

Are your attackers looking for known parties?
How secure is your cellular?  Do you operate from a known or a guessable 
location?  Is your "Friend" known?  Suspected?  His location, guessable?  

If your location were known it would be a simple matter to monitor 
the area, say put a van just outside your site and wait for cellular 
activity of a strength that suggests your presence.  How likely would it 
be that someone else is using a cellular phone in your presence?  Given 
this, it is probably not difficult to obtain the billing/ESN number for 
your phone, and then obtain detailed traffic information about your 
transmissions.  Given that it is a simple matter to conduct a lower tech 
attack, say tempest, and pick up the conversation as you compose it, end 
running the encryption so to speak.  You think in too shallow a fashion.  
Security is about more than communications security.

Even if yours is perfect, how about your friends.  A tempest attack on 
his site while he is using Word for Windows is just as effective as one 
on you.

Modify this tactic to use a phone which uses several different ESN's at 
random or move your location often and at random.

> If I have several encryption programs, can I 'layer' each document [I PGP the
> file, the I DES the PGP file, then IDEA for the final layer.

Worthless given the above attack.

> Does the NSA have to crack it one layer at a time, or can they bombard it,
> crack the layers in whatever order the supercomputer finds?

Again, unimportant given the cheaper low tech solution.

> If I am missing something, please let me know what I have missed.

Been there, did that.

-uni- (Dark)

073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!