05:06 PM

Petraeus Affair: 7 Privacy Techniques To Avoid Trouble

A number of off-the-shelf technologies can help keep online communications private -- but beware the limits.

Who Is Hacking U.S. Banks? 8 Facts
Who Is Hacking U.S. Banks? 8 Facts
(click image for larger view and for slideshow)
Pop quiz: Who said the following?

"We have to rethink our notions of identity and secrecy. ... Every byte left behind reveals information about location, habits, and, by extrapolation, intent and probable behavior. The number of data points that can be collected is virtually limitless -- presenting, of course, both enormous intelligence opportunities and equally large counterintelligence challenges."

Those words belong to former CIA director David H. Petraeus, and were delivered earlier this year at the In-Q-Tel CEO Summit.

It was a "byte left behind," and then some, that ultimately led to Petraeus' resignation from the CIA. Briefly, his mistress and biographer Paula Broadwell sent emails -- allegedly of a threatening nature -- to Jill Kelley, a friend of Petraeus whom she saw as a rival. Tracing back the emails, FBI investigators identified Broadwell, found that she had classified information on her home PC, and also found that she was communicating with a third party using draft Gmail email messages, with both parties separately logging into the site, reading and erasing the previous message, and leaving a new one. Ultimately, the FBI identified Petraeus as the third party in question.

One of the many perplexing questions in this story remains technological: Couldn't the director of the CIA think of a better way to coordinate his liaisons than using a free webmail service? From a bigger-picture standpoint, meanwhile, the scandal raises this security question: Can two people communicate securely online, without a third party being able to intercept their communications, or even see that they're communicating?

Here are seven related facts:

1. Techniques For Swapping Secret Messages Abound.

The techniques for sending secret communications, or indicating a desire to communicate, are endless. There's Magic ink. Creating rudimentary codes to transmit communications via seemingly innocuous messages, such as making only the first letter of a sentence "count." Taping an "X" to your window. Using a "dead drop" to leave a message in a predefined physical location. Leaving coded messages on Craigslist.

2. Burner Phones Make Traceability, Attribution Difficult.

When there's the threat of having your communications traced, every fan of The Wire or Breaking Bad knows about burner cell phones. Buy cell phones using cash, use them to communicate -- by voice or text message -- for a finite period of time, and then replace them with different phones. Anyone trying to follow your trail will have difficulty reconstructing the entire pattern of communication.

3. Numerous Technologies Offer Secure Communications.

Many technologies promise to encrypt digital communications so they can't be intercepted. Use Zip files, encrypted with a passphrase that's been agreed in advance, and swap them via email. Similarly, technologies such as PGP, or the open-source GPG alternative, enable emails to be encrypted, as do a number of other webmail services. Meanwhile, Wickr provides for self-destructing messages, while for secure voice communications, look to Silent Circle from PGP creator Phil Zimmermann for Android and iOS, or Whisper Systems for Android.

Although these services might hide the message, they won't disguise that the sender and receiver have been communicating. For that, the Tor Project's anonymizing networks offer the opportunity to mask the fact that communications are occurring at all.

4. Hide Data In Pictures, Videos.

Another widely used technique for hiding communications involves the practice of steganography. In the digital realm, it means hiding information inside files -- for example, in digital pictures or Sodoku images.

Based on a 2006 Department of Justice criminal complaint filed against eight people who were allegedly working as agents for Russia's foreign intelligence service, known as SVR or "Moscow Center," the practice of steganography might be in widespread use by intelligence agencies. "Moscow Center uses steganographic software that is not commercially available. The software package permits the SVR clandestinely to insert encrypted data in images that are located on publicly-available websites without the data being visible," according to the complaint. "The encrypted data can be removed from the image, and then decrypted, using SVR-provided software."

5. Beware VPNs.

When it comes to hiding the fact that two parties are in communication, beware VPNs. Many Anonymous and LulzSec suspects learned the hard way after using VPN services such as HideMyAss.com that VPN providers keep access records, and tend to comply with court orders requiring them to share those records. In other words, VPNs will secure your communications, but don't count on it to cover your tracks.

6. Avoid Free Webmail Services.

It's a bad idea, as Broadwell and Petraeus discovered, to rely on free webmail services to provide secure communications or cover your tracks. "Webmail providers like Google, Yahoo and Microsoft retain login records (typically for more than a year) that reveal the particular IP addresses a consumer has logged in from," said Christopher Soghoian, principal technologist and senior policy analyst for the ACLU Speech, Privacy and Technology Project, in a blog post.

Those records helped the FBI trace the anonymous emails sent from Broadwell to Kelley back to the sender. "Although Ms. Broadwell took steps to disassociate herself from at least one particular email account, by logging into other email accounts from the same computer (and IP address), she created a data trail that agents were able to use to link the accounts," he said.

7. With Eavesdropping, All Bets Are Off.

There's a big caveat with the use of any digital security tool or technique, whether it's PGP, GPG, Tor, or steganography. Namely, if a third party -- your government, a foreign intelligence service, unscrupulous competitors -- sneaks a keylogger or Trojan application onto your PC, they can see every message or voice communication you initiate or receive, full stop.

That was the beauty of the Flame malware, which was allegedly built by the U.S. government for spying purposes, and which wasn't detectable by antivirus software for a significant length of time after it was first deployed. Using world-class crypto, Flame's creators were able to spoof Microsoft Update and automatically install their software on targeted PCs. For a target that's connected to the Internet, is there any way to reliably defend against that?

Likewise, last year's compromise of digital certificate registrar DigiNotar would have allowed attackers to generate fraudulent digital certificates for Facebook, Google, Microsoft, Skype, Twitter, and WordPress, as well as the CIA, MI6, and Mossad intelligence services, and the Tor Project. As a result, the attackers -- who were likely allied with the Iranian government -- could have launched man-in-the-middle attacks that allowed them to eavesdrop on all communications made through those websites or services, for any country-wide network they controlled.

Curious Choices For Spy Chief

With so much secure communications technology on offer, why did Petraeus choose a hidden Gmail account for coordinating his affair? The likely answer is that because Petraeus' extracurricular activities related solely to the marital, not espionage, realm, he thought simple track covering would suffice. Then again, security also involves a tradeoff between protection and usability -- easier to use typically means less secure, and harder to use means more secure -- and Petraeus and Broadwell might have simply opted for a simple communications technique. "It strikes me that the recent downfall of the CIA director speaks less to his tradecraft than the usability of encryption/anonymity tools," said Canadian privacy researcher Christopher Parsons via Twitter.

Beyond the scarcity of reliable communications techniques that are both secure and invisible, what the Petraeus scandal has also highlighted is that when authorities begin investigating your electronic communications, the game can quickly be over, sometimes with nary a warrant or subpoena being required.

Regardless, with the array of techniques available for clandestine communications, one of the strangest aspects to the scandal -- for many -- remains a spy chief's apparent lack of security finesse when it came to cloaking his own identity.

Recent breaches have tarnished digital certificates, the Web security technology. The new, all-digital Digital Certificates issue of Dark Reading gives five reasons to keep it going. (Free registration required.)

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
11/24/2012 | 2:38:55 AM
re: Petraeus Affair: 7 Privacy Techniques To Avoid Trouble
Best security measure ever: Don't cheat on your spouse.
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.