Comments: Spooks' corner: listening to typing, Spycatcher, and talking to Tolkachev

The fact that people may have information that maybe of value to other people suggest that there are relative to both parties safe zones to exploit the information. These safe zones where each party exploits their valued information freely are their weak spots. The Russians apartment, the Americans home, and any place considered private or uninteresting to others. Cryptos use and deployment suggest that one party is not destroying the safe zones of the other and not a hot war but rather a cold one. A hot war removes the safe zones from the other party and protects your own. We (Americans) are in a hot war that we have failed to recognize. We are not destroying enough of the enemies safe zones and we are defending enough of our own safe zones. We never invested enough time or money in our cold wars turning the funding and validation process on and off based on emotion. Preventive measures are not our forte as witnessed by Katrina. If we where able to learn from the Dutch and the efforts they deployed after Rotterdam was destroyed from flood surge we might have learned to prevent the loss of New Orleans. If we had learned that proactive spy networks are cheaper than armies we might have prevented Islamic Terrorist Activity. We had teams doing the work prior to the war but the leadership lacked the longterm vision to use the information. We are replicating this mistake with China with the belief that trade will stop their aggression. The Soviet Union became convinced that a police state was not functional and competetive so they changed from within. China has no reason to change, but is given every excuse to escalate from a state as bad as Stalins USSR. So the preventive measures to protect a valued resource would not allow the CIA handlers to waste the life of the spy. In general a crypto system will be usable if the information is of value the greater the value the greater the users access to the system. The US Presidential football is always availible day and night.

Posted by jim at September 11, 2005 10:30 AM

Hi Ian,

as you can imagine, us folks at love these kind of articles. Keep 'm coming...

Posted by BigMac at September 11, 2005 03:13 PM

Two months ago there was a documentary about the Tolkachev case in the Russian state TV (where, of course, Tolkachev and the Americans were the villains and the KGB-guys the heroes).
It was quite consistent with the CIA account, but it also mentioned a detail that is interesting and important from a security engineering point of view:
When Tolkachev was already under suspicion, the KGB tried all sorts of things (including messing with his working schedule, jamming radio communications etc.) to interfere with whatever means of secret communications he employed in order to force him (and his american counterparts) to resort to less secure means of communication.

Sidenote and finance-layer curiosity: they filmed him a lot beginning with 1983 or 1984 up to (and including) his arrest in order to have -- as the CIA account puts it -- airtight evidence. A lot of that material was shown in the documentary, including the capture of the CIA operative, several meetings, and a funny episode where Tolkachev got suddenly scared of the huge sums of cash he was not able to spend securely and burned the money in his dacha, carefully saving the rubber-band rings (which turned out to be West-German) for kitchen purposes (for closing jelly jars, AFAIR). He was far more comfortable with immediate reward in goods, because in the USSR money couldn't buy everything, but a lot of unaccounted-for cash was quite dangerous to have.

It is a very often overlooked aspect of secure communication channels that they need to be reliable and available. There is a large number of supposedly secure systems full of various alarm- and self-destruction mechanisms which are relatively easily triggered. These are most efficiently defeated by DoS attatcks, followed by attacking the less secure alternatives to which the frustrated users are resorting.

As for keyboard sniffing, I attended a very entertaining lecture about various means of surveillance, where it was demonstrated that keystrokes are practically impossible to conceal: it's electromagnetic ratiation, acoustic noise, mechanical waves travelling through the building (yepp, a pick-up microphone attached to the wall in the basement can perfectly "hear" keystrokes in a seventh-floor office) and other impulse-like (and hence very wide-spectrum) signals. It was said that "the israelis" (witout further qualification) trained people to type on custom-layout keyboards whose layout changed regularly and was kept a deep secret. It's actually more than a simple substitution cipher, as the patterns of typing (delays between keystrokes) are also messed up, and it was claimed to be resistant to statistical attacks for about two weeks of typing, when the layout was changed. Now, my cousine worked as a programmer for the israeli air force, but the stories she told me indicated, as she put it that airforce IT was a complete mess and the only reason it didn't matter was because the arabs were in an even bigger mess. Not only didn't they have special keyboards, but they had virus problems, self-installed software, etc. on regular windows boxen. But I guess, the story was about some other "israelis".

Posted by Daniel A. Nagy at September 11, 2005 04:54 PM

Oh, we had a far better toy than this RAFTER device on the eastern side of the iron curtain. :-)
In my fourth year at the Technical University of Budapest in 1998, when studiing directional antenna design, our prof showed us a very detailed map of Budapest from 1983 with red dots all over it. As he explained, these were the locations at which people listened to RFE (US Congress-sponsored propaganda-radio), collected by three vans roaming the city, using the same effect (LO emissions). I had no reason to doubt the accuracy of the map, for our apartment did have a nice red dot over it and indeed, my dad regularly listened to RFE.
The complete scanning of the city took two or three days depending on the traffic conditions, and was repeated at regular intervals.
Our prof proudly showed us that he is NOT on the map, because he hacked up a symmetric mixer (with a transformer tapped in the middle) so that his LO didn't emit back through the receiver antenna.

Also, it is worth noting that the radiation from LOs is regularly used by marketers to assess the numbers of viewers of certain television programs. It works both for cable and regular TV. It is very easy to determine who is watching what channel and it is far cheaper and far more reliable than surveys.

Posted by Daniel A. Nagy at September 11, 2005 05:07 PM
Post a comment

Remember personal info?

Hit Preview to see your comment.
MT::App::Comments=HASH(0x56311948dc40) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/ line 125.