Purpose:
There are options for preserving privacy and security that do not rely upon cryptographic technologies. Rather some people choose a selection of workarounds for communicating sensitive information.
Techniques
The most well known techniques include:
- Pseudonyms – a fictitious name used in place of a person’s real name to mask their identity [GLO01]. In the digital arena these could be usernames, social media profiles, web-services accounts (e.g. Dropbox) and email addresses. A pseudonym can be used to send email messages, exchanges files, and post comments on social media. They can be discarded on a regular basis (daily, weekly) or used for a specific activity (e.g. commenting on social media). They do not protect a user third parties identifying their IP address, location, email content, or web browsing behaviours.
- Code words – Similar to shared secrets used in Off-the-record messaging. A code word can be used in face-to-face meetings where each party has knowledge of the word of phrase. Once the code word is revealed the parties engaged in communication have the option to then begin to reveal information they may not have otherwise. Governments, journalists and other organisations use code words and phrases when engaged in secretive operations.
- Burner phones (pre-paid phones) – a pre-paid mobile phone bought with cash and not associated with a real person, as they do not require identification to purchase [EFF01]. Burner phones are thrown away and replaced often. Burner phones are said to be the most secure option for phone communication [CIJ01]. Although, these phones can still be tracked and monitored. Additionally, other phones can be associated with a burner and so it is recommended that all other phones be placed in a metal container (Faraday cage) to ensure that they do not emit signals. Also, calls can still be tapped and recorded so sensitive information should not be exchanged [ARS01].
- Drafts folder – an email drafts folder that is used to communicate using a shared email account that is created using a pseudonym. Messages are written, read and replied to without actually sending information through a network. Participants shared the username and login details that enable them to use a web-based email service as an electronic dropbox [WAS01]. However, the IP address can be traced to the identity of the person logging is as was the case in the Petraeus scandal [ACU01].
Capabilities:
-
Alternatives to cryptographic software – these techniques can be used as alternatives to cryptographic software. They can be considered workarounds to secure communication that may include digital or face-to-face methods.
Surveillance mitigation:
- Privacy – enables private digital communications so that messages cannot be read by third parties. The difference between plaintext and ciphertext has been compared to the postcard and the letter, where plaintext is more like a postcard that anyone can read and ciphertext is akin to placing a message in a sealed envelope. This has been called the ‘analog gap’ [MPE01].
- Anonymity – Real identities can be concealed however there is no guarantee that a user of any of the described methods would not be traceable by other means such as IP address. Anonymity software does not necessarily make one’s actions private; rather any action taken may be done in full public view. Anonymity allows a person to conduct activities without it being attributed to a person’s actual identity (e.g. real name, address, age, etc.). In this case, a pseudonym may be used which prevents the linking of online activity to a specific person. People choose to conduct activities anonymously online for a variety of reasons including citizen activism (petition signing, discussion forums), social interaction, web browsing, online purchases and whistleblowing (someone who exposes misconduct, fraud and illegal activity within an organisation).
Vulnerabilities:
- Human error – using these techniques may not completely hide identity or ensure privacy, as there may be other methods for tracing and monitoring communication such as eavesdropping of face-to-face activities; long-term use of a burner phone is a security risk; or using a direct network connection when using digital alternatives will expose the user’s IP address and location.
Layer of interaction:
Sources:
American Civil Liberties Union (ACU)
1) https://www.aclu.org/blog/free-future/surveillance-and-security-lessons-petraeus-scandal
Ars Techica (ARS)
Electronic Frontier Foundation (EFF)
1) https://ssd.eff.org/en/glossary/burner-phone
The Centre for Investigative Journalism (CIJ)
1) http://www.tcij.org/resources/handbooks/infosec/chapter-7-phones-voicevideo-calls-over-internet
Mailpile (MPE)
1) https://github.com/mailpile/Mailpile/wiki/FAQ-Encryption-&-Security
Washington Post (WAS)