In Part 1 of this two-part tutorial, you learned about the methods that FBI
surveillance teams use to crack your PGP-encrypted email messages. Many of those
methods involved breaking into your home or office without your knowledge. Some
methods involved electronic devices in a communications van located a short
distance from your home or office – across the street perhaps. (If you haven’t
read Part 1, you might want to go back and do so now before reading further.
Return to our home page and click on Uncrackable Email 1.)
Uncrackable Email Part 2 describes ways to protect your email privacy – and the
secrecy of your messages. These methods work against the FBI, BATF, DEA, and
other government agencies, including state and local police.
You’ll learn step-by-step protocols and countermeasures that you can implement.
In some cases, these methods will stop an FBI investigation cold. In other
cases, they will only delay it. Much depends on the circumstances of the case. A
lot depends on your countersurveillance and antisurveillance skills.
Each solution described in this tutorial is a protocol. You can think of a
protocol as a method, a set of guidelines, or an operating procedure.
Flexibility. If your goal is to absolutely prevent the FBI from cracking your
PGP-encrypted email, the key to success is flexibility. The content of your
email is what counts. The more incriminating the message, the more precautions
you should take.
When used properly, the firewall method can completely frustrate an FBI
Protocol 1: The firewall method…
The firewall method is centered on the way you use your computer. This includes
where, when, and how you use your computer. Described here is a step-by-step
method for obstructing the FBI. This is a very rigorous protocol. You likely
won’t need to go to this much trouble very often.
Step 1 – Get cleaned up. Scrub your hard disk. The FBI can read deleted files
using an undelete utility. The FBI can read file slack, RAM slack written to
disk, free space, garbage areas, and the Windows swap file using a sector viewer
or hex editor. Return to our main page and click on Security Software for more
on this. Although other packages are available, we use Shredder(TM). Then we use
Expert Witness(TM) and HEdit(TM) to check the hard disk afterwards. (From now on
we’ll refer to your hard disk drive as HDD.)
If you have previously used your computer to work with incriminating data, you
should wipe the entire HDD and reinstall the operating system, application
software, and user files. If surveillance poses a risk to your liberty, you must
install a new hard disk drive. Then disassemble the old HDD, remove the
platters, and sand them with coarse-grit sandpaper.
Once you’ve got your computer sterilized, you’ll want to keep it clean. Tidy up
after each work session. Thereafter, don’t leave your computer unattended.
Step 2 – Get unplugged. During sessions when you’re working on secret messages,
you should take measures to frustrate FBI surveillance. This means physically
disconnecting your computer from the AC power supply and from the telephone
jack. You’ll need a battery-powered computer – a laptop, notebook, or
Remaining connected to the AC power supply is risky. Using equipment attached to
your power line outside your home or office, the FBI can detect subtle changes
in the current as you type on your computer’s keyboard.
Likewise, remaining connected to the telephone line is risky. If the FBI has
broken in without your knowledge, they may have installed counterfeit programs
on your computer. Your computer could be secretly sending data to the
surveillance team over your dial-up connection. Just imagine the damage if you
were unknowingly using a doctored copy of your favorite word processing program.
Step 3 – Go somewhere else. In order to frustrate the FBI’s electronic
surveillance capabilities, you must relocate away from your usual working area.
If you fail to take this step, an FBI video camera can watch your keystrokes. An
FBI audio bug can listen to your keystrokes. An FBI communications van parked in
the neighborhood can detect both your keystrokes and your display.
Suitable locations for ensuring a surveillance-free environment are park
benches, crowded coffee shops, busy fast food outlets, on a hiking trail, at a
friend’s place, in a borrowed office, at a bus depot waiting area, in an airport
lounge, at the beach, and so on. Be creative and unpredictable. The trick is to
select a location difficult for FBI agents to watch without you becoming aware.
You may be surprised at what happens the first time you relocate. If you
suddenly find people loitering nearby, you may already be under surveillance.
(More about this later in the tutorial.)
During your first relocated work session, use PGP to create your secret key
ring. Your passphrase should contain random characters. Do not write down your
passphrase. If you must, jot down just enough hints to help you remember.
Save copies of the following files from the PGP directory to a diskette –
Secring.skr, Secring.bak, Pubring.pkr, Pubring.bak, and randseed.bin. For
safety, use two diskettes and make two backups. Keep the diskettes on your
person. Delete the files from your HDD.
Step 4 – Get serious. From now on, you’ve got a new standard operating
procedure. Whenever you need to compose and encrypt a secret message, you must
first relocate to a safe area. (You’ll soon begin to appear like a busy person
who checks in often with your contact software or scheduling software.)
Save the encrypted document to diskette. Delete all working files. Return to
your home or office. Then use a different computer to email the encrypted
Using a different computer is vital. It acts like a firewall. It keeps your
relocatable computer sterile. Do not connect your relocatable computer to the
telephone line. Ever. Do not leave your relocatable computer unattended. Ever.
If this means carrying your relocatable computer with you all the time, then so
For ordinary working sessions, it’s usually okay to connect your relocatable
computer to AC power. However, don’t do any sensitive work in this mode. Always
disconnect and relocate first. But if absolutely watertight security is your
goal, the only time you’ll turn on your relocatable computer is when you’ve
relocated. The only time you’ll plug it in is to recharge the battery.
When you receive incoming encrypted email on your firewall computer, save it as
a text file to diskette. Relocate. Check the diskette with an antivirus program.
Load the file into your sterile computer. Decrypt the ciphertext and read the
plaintext. Delete the plaintext. Return to your regular work location.
Summary. The firewall method involves nit-picking attention to detail. It is a
methodical system for protecting the privacy of your PGP-encrypted email
messages. It takes perseverance and patience to beat the FBI at this game. But
it’s preferable to the alternative. The firewall method will keep you out of the
You’ll read about other protocols later in this tutorial. But if you choose to
use the firewall method, you must follow it rigorously in order for it to be
effective. Slip up once and the goons will nail you. They’ll snatch your
passphrase. They’ll learn where you keep your key rings. Then it’s
interrogation, arrest, indictment, conviction. Or maybe they’ll just kick in the
door an hour before dawn and ship you off to the camps.
The firewall method is watertight, but it only works if you use it.
Protocol 2: The deception method…
Protocol 2 is based on liveware, not software. Liveware refers to you, the human
element in the countersurveillance scheme. Protocol 2 takes a human approach. It
Most people don’t realize that FBI surveillance teams are vulnerable to
deception. It’s possible to mislead and confuse them. That’s because most FBI
targets are ordinary Americans with no countersurveillance training. In relative
terms, only a few elite units within the FBI encounter hard targets. (A hard
target is a trained operative who is actively maintaining secrecy and who will
not reveal that he has detected the surveillance team.) So most FBI agents have
never confronted a hard target. They never get any practice. They’re accustomed
to playing tennis with the net down.
Deception provides four ways for you to protect the privacy of your PGP email.
Deception method 1 – Decoy. This method involves duping the surveillance team
into believing they have cracked your PGP email, when in fact they have
uncovered merely a decoy. Your real protocol continues to run undetected in the
background. This is called layered security.
The best underground activists worldwide operate in this manner, including
guerrilla movements, freedom fighters, and resistance groups. Inside the USA
this method is mostly used by criminal groups (so far).
The key to success is carefully and deliberately providing some mildly
incriminating evidence for the FBI to find. This decoy data will often dissuade
them from investigating further. The FBI will eventually downgrade the 24-hour
surveillance to perimeter surveillance, then picket surveillance, and finally
intermittent surveillance. They’ll keep you on their watch-list and check up on
you two or three times a year. They may drop you entirely. Here’s how to
implement this method.
Step 1 – Set up Protocol 1 and then forget about it.
Step 2 – Use your firewall computer as your primary computer. Create another set
of secret keys. Leave the key ring files and randseed.bin on your HDD. This
increases the chances the FBI will recover them during a surreptitious entry.
Create and encrypt low-grade messages at your firewall computer. This increases
the odds that the FBI will snatch your passphrase.
Step 3 – Use this second configuration of PGP as a decoy. Use it to send only
low-grade messages. In effect, you are now running two layers of PGP. From time
to time you will use Protocol 1 and temporarily relocate in order to encrypt or
decrypt high-risk secret messages.
Step 4 – If you suspect or detect FBI surveillance, keep up the deception.
Perhaps temporarily stop using your relocatable computer. If you use the
technique of plausible denial, you increase your chances of completely
concealing the fact that you’ve got a second PGP system.
The principle of plausible denial is well-known in intelligence agencies, urban
guerrilla movements, and resistance groups. Plausible denial means cover. Cover
is spy-talk for innocent explanation. You must take the precaution of having a
plausible, innocent explanation for everything you do. Absolutely everything.
Don’t ever do anything until you think up a believable excuse for doing it.
Even if the FBI surveillance team discovers the second protocol, you will have
purchased yourself some extra time. Use the time to encrypt, conceal, or destroy
incriminating data. Use the time to warn other members in your group. Use the
time to feed misinformation to the surveillance team.
When systematically applied, the decoy method provides a good first line of
defense against an FBI surveillance team.
Deception method 2 – Thwarting cryptanalysis. When using Protocol 1, you can
utilize deceptive techniques to reduce the chances of your message being cracked
by NSA. If the case is serious enough, the FBI will provide NSA with a full set
of your encrypted messages.
The cryptanalysis experts at NSA will use Statistical Probability Analysis to
begin detecting commonly used phrases, words, punctuation, and layout. The more
footholds you give them, the sooner they’ll crack your email. Here are three
ways to use deception to impede their progress.
Step 1 – Disguise the format of your message. Your goal is to camouflage the
layout. Insert a random-length paragraph of nonsense at the beginning of each
message. You do not want the salutation or other material to appear at always
the same location. Your recipients should be alerted to ignore the first
paragraph. You can also use a text editor to manually strip off the header and
footer from PGP ciphertext. The recipient can likewise use a text editor to
manually restore the header and footer so PGP will recognize the text as code to
Step 2 – Make your content resistant to heuristic analysis. Heuristic analysis
involves informed guessing and trial-and-error. Deliberately run some words
together, eliminating the space. Intentionally add or delete punctuation.
Occasionally insert a carriage return in the middle of a paragraph. Deliberately
introduce spelling errors into your text.
Step 3 – Write your message in a “foreign” language. You can do this by using
homonyms such as “wood” instead of “would”, or “urn” instead of “earn”. Use
“gnu” or “knew” instead of “new”. Use “seas” instead of “seize”. Use “mast”
instead of “massed”. Write numbers and dates out in full, such as “nineteen
ninety eight” instead of 1998. Use code words such as competition instead of
surveillance, competitor instead of FBI, market survey instead of
countersurveillance, and so on. Use noms de guerre instead of real names.
When properly used, these and other anti-cryptanalysis techniques can greatly
increase the amount of time it takes the NSA to crack your PGP-encrypted email.
Deception method #3 – Diagnostics. You can use PGP to detect the presence of a
surveillance team. Countersurveillance experts refer to this as running
diagnostics. When performed against pavement artists, it is called dry-cleaning.
Here’s how it works.
Deliberately encrypt a provocative, bogus series of messages. Your goal is to
use content that will elicit an aggressive response from the FBI. If
surveillance intensifies, your email may have been cracked – or the FBI may
simply be reacting to your increased traffic. That’s spy-talk for the frequency,
volume, and timing of your messages.
On the other hand, you may notice that the surveillance team seems to know where
you’re going and who you’re going to meet with. They arrive before you do. They
break into your associate’s home or office looking for items you’ve mentioned in
your email. They’re conspicuously nearby as you slip a written note to your
contact, after mentioning the brushpass in your email.
All these are warning signs that the FBI is reading your PGP-encrypted email. If
you’re using a decoy setup, switch to Protocol 1 to send secure email. If you’re
already using Protocol 1, you and your correspondents should create new
passphrases. If further diagnostics suggest the FBI is still reading your email,
you and your correspondents should reinstall PGP and create a fresh set of key
rings and passphrases. Exchange the key rings by face-to-face contact, through
live intermediaries, or by human courier.
Tip – Anonymous email addresses activated through a cyber café can be used, but
only if you set them up before the FBI puts you under surveillance. Go out and
do it tomorrow.
When properly applied, diagnostics can keep you one step ahead of an aggressive
FBI surveillance team.
Deception method #4 – Spoofing. You should routinely send out bogus encrypted
messages. Your goal is to mislead and confuse the surveillance team. If the FBI
is reading your email, you have an opportunity to confuse and mislead them with
misinformation. If the FBI hasn’t cracked your email yet, the traffic in bogus
messages will provide cover for your authentic messages. If a mission requires
an increased number of secret messages, simultaneously reduce your bogus
messages, and the FBI won’t detect any increased communication activity.
When used systematically, spoofing can level the playing field between you and
the FBI surveillance team.
You can boost your chances of stopping an FBI surveillance team from learning
anything at all.
Using deception, you can confuse, mislead, obstruct, and frustrate the
surveillance activities of your adversary. Deception can be very effective
against an FBI, BATF, or DEA surveillance unit. It is particularly effective
against standard police surveillance.
If the deception techniques of Protocol 2 are used in combination with the
firewall methods of Protocol 1, you boost your chances of stopping an FBI
surveillance team from learning anything at all.
–original by: spy&counterspy, ascii conv. by: mrf
Copyright 1998 Lee Adams. All rights reserved. Quoting, copying, and
distributing is encouraged. (Please credit us as the source.) Links to our
home page are welcome. Names of characters, corporations, institutions,
organizations, businesses, products, and services used as examples are
fictitious, except as otherwise noted herein. No resemblance to actual
individuals or entities is otherwise intended or implied.
Everything contained within this website is strictly provided for entertainment purposes only.
ANY PERSON THAT USES THESE PROCEDURES TAKES ALL RESPONSIBILITY FROM ANY HARM OR LEGAL ACTION THAT MAY ARISE.
The website owner does not support ANY information posted on this website.
Nothing contained within this site should be construed as legal, medical, or any other professional advice, on any subject matter. agoraroad.com does not assume and hereby disclaims any liability to any party for any loss, damage, or disruption caused by errors or omissions, whether such errors or omissions result from accident, negligence, or any other cause. You are taking full responsibility for your actions. A visitor to this site uses the site at his or her own risk.