Wednesday, March 13, 2013

Eva's tech


Let's examine some of the equipment and techniques utilized by Eva. Readers will note that the particular unit in this story opted for physical couriers as opposed to electronic transmission (email, chat, phone, radio). While there are certainly methods available for secure transmissions (which we will get to eventually), one must approach the subject from the standpoint of "no such thing as unbreakable security". That being said, you should not allow your operational ability to become crippled due to the paralysis of paranoia. You give due diligence to securing with the best techniques and technology available, and exercise disciplined protocols such as frequent password and key changes, integrity testing and periodic false information seeding.

As to Eva's gear....
She was booting her system with a thumb-drive/usb drive with Liberte linux ( HERE ) installed on it. This allows her to complete her work without creating a data liability in the form of forensic footprints should her laptop be searched at some future date.

You could choose a usb drive for durability, like the Lacie extreme drive above, or one that disguises easily, of which there are many. The benefits of the extreme drive, which can withstand deep water submersion, drops, bumps and even being run over by a truck; make it a suitable choice for caches or go-bags and give the user an otherwise unavailable communication media in a crisis situation.
  
 Once her system is up and running, she inserts the microSD card into the laptop.
She could use the laptop's built in card reader, or an add-on reader if the computer lacks one.
Once her system mounts the microSD she opens the encrypted volume (using the courier level pass-phrase) and adds in her own report. This gives the end user a sort of chain of custody as well as a SALUTE report for Eva's area of operations. The data that is contained inside the encrypted volume is also encrypted so that we have many levels of encryption protecting the data. Eva encrypts her report with the end user's monthly PGP "public key" (meaning only he can open it) and then signs it with her key (to ensure it is authentic and was not tampered with in transit). 
Note that while they are using a difficult to destroy usb drive for their operating system (in this case, Liberte) they chose an easily destroyed microsd for the actual data. There are many programs out there for securely deleting data, but the only sure way in an emergency is to physically destroy the medium - in this case, crush and grind. 

(Encrypted volumes can be setup with THIS, or THIS)

One could opt for a simpler method for passing short messages, but the above method is a crucial tool when moving large data files such as maps, pictures, video files, etc, that an operational unit is going to need on a regular basis.

Again, I would state that this is not a panacea for perfect secrecy, but can be a valuable tool when used in a judicious and disciplined manner. 

Let's also take a quick look at Eva's courier report:
...............................................
DTG (Date time group of report)

S=8 (indicates a Size of 8 personnel)

A=TCP / STOPPING, SEARCHING ALL P & V (indicates an Activity of traffic control point/check point)

L=27th+Broadway (in this case it was Located at the intersection of~)

U=RSF (whatever unit/department/agency involved)

T=16320116 (DTG when activity was observed)

E= MRAPx2, MGx2, SEDANx1, M4x8, GLOCKx8, K9x1, GARRET WANDSx2, BAGGAGE XRAYx1, IED RESIDUE TEST EQUIPx1, RADIOx3 (this would list the observed equipment in use)
....................................................

It's important to note that Eva does not speculate, but only reports what she actually sees. It is a safe guess that there are mounted radios and extra weapons in the vehicles, but the Intel officer reading the report will choose to make that assumption or not.

More to follow...




9 comments:

  1. Enabling the support-tail, you are doing good work and it's appreciated.

    ReplyDelete
  2. Can you recommend a book to take me from where I am now (very basic computer knowledge) to where I understand this sort of thing?

    ReplyDelete
    Replies
    1. Might start here..

      http://www.amazon.com/PGP-GPG-Email-Practical-Paranoid/dp/1593270712/ref=tag_dpp_lp_edpp_ttl_in

      and...

      http://www.amazon.com/How-Anonymous-Online-Step-By-Step-ebook/dp/B00BDVBGQC/ref=sr_1_fkmr1_1?s=books&ie=UTF8&qid=1363309953&sr=1-1-fkmr1&keywords=dummies+encrypt

      Can also find much useful info at the Truecrypt and TAILS websites.

      Delete
  3. IMO encryption tech would be an instant red flag. It has its uses of course. An un-PC author had his book's characters always phone one another and talk about fast food, "two Big Macs and fries" could mean two MRAPs with armed men.

    ReplyDelete
    Replies
    1. I'll presume your comment at AM's site was aimed at me thinking I am a luddite. My point being if you go thru a search and a memory device is found on you that is encrypted you might as well figure you are gonna get the old water up the nose trick. If you are sending encrypted emails that is another red flag "that person needs the old water up the nose trick" marker. But in real time voice or text com I could comm with you about lets say a convoy, "lets go up Sepulvada north of Big street for two big macs with fries." But I understand about maps and other things that encryption that could slow down an intel operation, my point being if you are caught with it, its sponge time.

      Delete
    2. As I said, brevity codes are very useful and have their place; just be open to explore other tools available. Bear in mind that intelligence derived from gathered information drives operations. Is it without risk? Of course not....you just have to plug it into your own "risk/reward" calculator and go from there. Solid trade-craft can take you far...

      Delete
    3. Thanks for your reply. Any chance a smartphone could suffice as part of the hardware?

      Delete
    4. Absolutely...as could an mp3 player/ipod (that a jogger may be wearing) or any number of other benign devices. With all the pervasive tech in our society, you can follow the rule of hiding a "needle in a stack of needles", so to speak...

      Delete
  4. A Date format is useful. I'm not sure what the military standard is, but in computer science there's a standard called ISO 8601, which says a date-time group should look like yyyy-MM-dd hh:mm:ss (2013-04-01 14:11:09, for example). Whatever you choose, make sure everyone in your group abides by it to avoid confusion.

    ReplyDelete