Keeping your data from the FBI

After the terrorist attacks on September 11, 2001, the FBI been given more or less free access to spying around, if you are suspected of being a terrorist, or having any affiliate whatsoever with terrorism. (Aaah.. Haje uses the same computer network (the Internet) as terrorists. That means we can search his computer)

Because of this, here are some guidelines to keeping your data files safe from the FBI:

  1. Invent your own language, and write all your letters and data in this language. Make sure nobody else knows this language, and make sure you don't keep notes about it. Also make sure that, if it has to be based on another language, base it on a Uralic language (instead of a Germanic, Slavic, Baltic or Hellenic language)
  2. ROT-13 encode all your messages. Make sure you do this manually - you never know what kind of logging routine Microsoft has built into Windows
  3. sdrawkcaB etirW
  4. Write your text document in Notepad, (ROT-13 rotated, backwards and in your new language) which doesn't keep those pesky temporary files
  5. PGP encrypt all your file. Do it three times, with different keys, just to be sure.
  6. Compress your file, using WinZip, or whatever other program you fancy. Remember to add a nice password to the ZIP file.
  7. Split your files into several segments (say about 50)
  8. Duplicate the files (so you get double the number of files, 100 in our case) and rename all the file numbers, just to confuse them, you know! Remember which 50 are needed, and which 50 are useless duplicates. Also, remember the correct order of the files. Also: if you omit as much as a single character in the files, your PGP encryption won't decrypt.
  9. Compress your files. Again. (use a new password)
  10. PGP encrypt your file. Again.(use a new password)
  11. Write your file to a 5¼ inch floppy disk (or even a 8" one)
  12. Destruct the computer you used to make the files.
    1. Take it apart completely
    2. Cut all the electric wires you can find
    3. Break all circuit boards
    4. Bend all connectors.
    5. open the hard drive
    6. With a hard tool (preferrably a diamond) scratch the hard drive platters as much as you can. Even better: sandblast the platters. It should look like frosted glass by the time you are finished
    7. demagnitize the harddrives completely
    8. Set it all on fire
  13. Put the floppy in a waterproof safe, and drop it over the Aegean Sea (or some other ocean nobody has heard about) preferrably from an inconspicious-looking cessna

See how easy that was?


(you could of course just use PGP, but that would be rather boring, wouldn't it?)
(...and yes I made this WU up myself. It is not a cut'n'paste job)

-30-

If you are really serious about this, then you should consider building a special computer just for the purpose of viewing and manipulating your sensitive data. A computer without a hard drive. Actually for best results, you will have a hard drive, but it will only be filled with a decoy operating system (Microsoft Windows would be best).

Here is what you will need to get started.

First you will need a computer that can boot from CD-ROM, a TrueX or other fast drive would be a plus, since this drive will be used extensively.

Next you will need to buy one of those removable hard drive caddies that install in a 5.25 inch drive bay. This is where your decoy hard drive is going to be installed.

Next you will need to buy some RAM, a lot of RAM, 1 GB or more is preferable, but 768 MB will also work nicely.

Next get yourself a Superdisk drive, or a Zip drive, this is going to be your only permanent storage, so choose wisely.

Finally you need to make yourself a bootable CD-ROM of your favorite operating system. The easiest way to do that is to pick up a Linux distribution that comes with a "Distro on CD", that includes all the basic tools, and even X-Windows on a bootable CD. Bootable Windows CDs are also quite possible (do a web search, you will find the information).

Now you need to put all of this together. Install Microsoft Windows on your dummy hard drive. Put some games on there, add a few innocent websites to your favorites, and generally make it look like it gets used. After you have this looking good you should pull that hard drive caddie out just a little bit, so it is no longer connected. This is to ensure that you cannot possibly access this drive from your real system.

Your real system is going to boot from the CD-ROM drive, and use a ramdrive for storage. The Zipdrive (or Superdrive), is for making a daily backup of your ramdrive (or whenever you turn off the computer). Your daily backup should be heavily encrypted, and it is very important that you only keep a single disk, never use another disk. You are going to be keeping this disk on your person at all times, you do not want to leave it lying around where any stray FBI agents can discover it.

You should next rig a hidden security switch for your computer. This can be as simple as a hidden switch that shuts down the power if the door is opened. But I have a more elegant solution. My solution requires five switches. The first is a pressure switch underneath the case of your computer, wired so that moving the computer (even slightly), will turn it off. That, however, is not your main protection. Your main protection is going to be inside your monitor. You are going to crack open your monitor case and wire up a set of switches to the monitor power button, and one of the other buttons on the monitor. You are going to wire them in such a manner that if you turn the monitor on, it will turn the computer off, unless you also press the second button as well. You can flip your switches everytime you walk away from the computer, if someone walks up and turns on the monitor, the system will shut down. Finally you are going to put another pressure switch under the monitor, and then another in the back where the monitor plugs into the video card. If anyone messes with this computer in any way it will shut down, erasing everything in its ramdrive, leaving no evidence at all.

Now you have a working system, that does not hold any data after it is powered off. You should practice your emergency measures (or what to do if the FBI really does show up). Basically all you have to do is eject your system disk (and put it with the rest of the system disks that it came with), push that hard drive caddy back in place, and make your backup disk vanish.

The only problem is making your backup disk vanish. There are several solutions to that problem. The first is to have a whole box of disks all written with the same file name as your real backup disk, and encrypted data. Simply toss your disk in the box, and hope they waste years trying to decode the information on the wrong disks. You are going to want to handle all of these disks frequently, so your fingerprints won't give away the identity of the true disk.

The next solution is to eat the disk. You don't have to eat the entire disk, just crack it open and pull out the little black disk inside that holds the actual data, and eat that. The final solution is to burn the disk. Keep a little torch on your desk, and melt the disk at the first sign of trouble. Burning the disk is safest (as far as data recovery goes), But eating it, or tossing it into a box of decoys can be accomplished much faster (you know, while they are breaking down the door).

Or, if you are less serious about hiding your data (or more serious, depends on how you look at it), you may want to consider the following tips.

First of all, never use text files, they are the obvious first place to look for your information. If you do use text files, then encrypt them, zip them with a password, then rename the zip file to a .sys file (or other system file), and hide it somewhere in your system.

Do you remember how the evil Professor in Maniac Mansion hid the lock combination in the high score table of the video game? Well you can do this as well. Install MAME on your computer, and play all the games at least once (you may want to have a batch file do this, as there are nearly 4000 games). Then pick a game with a nice juicy high score table, and play it over and over again until you have entered all the needed data into the high score table. Then copy your NVRAM folder, uninstall MAME, and then reinstall it. Your data is safely stored in the high score table of one of 3800 games, with little chance of anyone finding it.

Hide text data inside of image files. There are several ways of doing this. The first is simply to open up an image file with a text editor, and type your text right in the center of it. This usually won't kill the image file, so it will still display. But this method is very easy to spot if the file is examined. The next way is to hide the text inside the actual picture. Pick a nice juicy picture, and zoom in to it at the pixel level and draw your message right into the picture itself. You would be wise to do it in a color that is visually identical to the background. The text will be all but invisible, but you can pull it up using an image editing program, but only because you know exactly where it is. The final way to to this is to make an animated gif that hides the data in an undisplayed frame, you can then get your data back by opening up the picture in an image editing program (this technique does not hold up well to scrutiny). When using any photo technique it is important to hide your real pictures in with thousands of decoys, to further slow down any examination of them (you might as well encrypt them as well). You may also want to consider running filters over all your images, filters that you can reverse later to get your original picture back (this is kind of like encrypting a picture).

You can also effectively hide data inside of sound files, mpeg files, and all sorts of other multimedia files. It can be as simple as hiding your 15 second audio message inside of one of 8,000 MP3 files, and hoping they don't bother to listen to all of them (a good way to do this is to record your message at a miniscule volume level at the end of a track, it would just sound like dead air unless you turned the volume all the way up.

Be creative. You can hide your data inside of source code, inside config files, you name it, and you can hide it there. You can even hide your data inside of E2 nodes (comment it out, and it doesn't appear to normal readers, yet it is still there when you go to edit your node).

If your data is truly of earth shattering importance, you may want to consider combining every method I have mentioned (and the ones in SharQ's writeup as well). How far you go, is up to you.

I really don't think it's necessary to go to the great lengths discussed in the previous two writeups. It certainly won't hurt and, if you've got the time, patience, and resources, then by all means, be as paranoid as you can be. But I personally wouldn't go quite so far.

If I had some extremely sensitive data that I absolutely did not want to fall into anyone's hands (the FBI included), I would try to memorize it. Of course, this won't work for certain things, such as binary data (unless you've got an incredible memory). If memorization is not an option, then I'd take the following steps:

  1. Good, strong crypto
  2. These days, public key encryption is very easy to use and also very secure. As long as you've got a good strong passphrase, a key of at least 2,048 bits or more, and an algorithm that can generate purely random numbers, the chances that anyone, even a government agency like the FBI, will be able to crack your encryption are very, very slim. Almost zero.

    PGP is well-suited for this and, depending on the version you use and your system configuration, can generate very pure random numbers by measuring the latency between pseudo-random keypresses or mouse movements and filtering out any discernible natural pattern (this is a simplistic description, but you get the idea).

    However, do remember that you can be subpoenaed and, depending on this situation, you may be legally required to provide the court with your encryption passphrase or key. This is a very grey area of the law, although the U.S. Constitution does give you the right not to testify against yourself (if you're a U.S. citizen and are charged with a crime in the U.S., that is).

  3. The old "Electromagnetic Doorframe" trick1
  4. Electromagnets are fairly simple devices, and easy to build. This is an idea that I've blatantly stolen from the excellent book Cryptonomicon, by Neal Stephenson. It's quite simple. Make sure that your sensitive data is stored (encrypted, of course) only on magnetic media (hard drives, floppy disks, etc. -- not CD-ROMs). Then keep all of this magnetic media in a single room that has only one door and, preferably, no windows.

    Disassemble the doorframe leading into the room and rig up a good strong electromagnet all the way around it. Wire the magnet to the building's electrical system and also, preferably, to some sort of backup power-source. Leave it on all the time, and be careful not to carry any magnetic media through it that you don't want to have scrambled.

    This won't guarantee that your data is safe, but it will do a good job of scrambling your data thoroughly if anyone tries to carry your computer out the door. This combined with good strong crypto may just be enough to keep prying eyes away. That said, it's still a good idea not to store anything anywhere, if at all possible; but when you absolutely have to, a disk-scrambling electromagnet will be a big help in keeping people out of your secret data.

  5. Don't get caught
  6. Perhaps not quite as easy as it sounds, but seriously: try your best not to bring attention to yourself. Don't give the FBI (or anyone else) a reason to want your secret data. Be as invisible as possible. This shouldn't be your only form of security (everyone knows security through obscurity really isn't security), but you should keep a low profile in addition to taking the steps mentioned above to ensure that your secrets stay secret.

Of course, there are other concerns than just protecting your stored data. Van Eck Phreaking is easier and easier to do these days, so you may want to take steps to prevent that as well. It's also not unheard of for encryption algorithms or random number generation algorithms to contain flaws that make it easier for crackers to decrypt your data.

So be careful, and trust no one. And no software.


1shazamed has pointed me to a very informative paper that explains why an electromagnet -- even an extremely strong one -- will not always be effective at erasing magnetic media to such an extent that the data is impossible to recover. You can read the paper here: http://www.usenix.org/publications/library/proceedings/sec96/full_papers/gutmann/

A more sophisticated (though still rather simple) way of storing (sensitive) data in an image file would be to include the data on the lower bit planes of the image. This would make the text, image, or animation (in the case of a .gif or some such animation) completely invisible no matter how much you zoom or tweak the image, unless you knew to reduce the bit depth to say, 2 bits at which point the hidden data would show.

See steganography for more details.

It is true that destruction of the machine and media is necessary for true protection. This also means that the data will be lost, but if the data is that incriminating then it would have to be destroyed to save you from punishment.

The quickest way to destroy all media is not to take the machine apart and systematically damage everything beyond repair, but to take everything out in one go. Note: some of these methods are dangerous, and are not recommended, these are here purely as an example of a method of achieving total security.

  1. Rig the machine to self destroy – set up explosives around the machine (the charge doesn't need to be large to destroy all chance of recovery) and all related media with some form of remote detonator (such as one you can use when you realise that the FBI are on their way – garage door opener perhaps). Have your machine in a place likely to contain dangerous household chemicals - petrol, gas canisters, fertilisers etc. - like a shed or detached garage, then these chemicals will catch fire (assuming you set up to), aiding the damage and helping it to look like an accident. The resulting explosion and fire might look suspicious, however they would not be able to prove anything.

  • Keep a second machine in the house for normal use. Connect it to the internet and use it to buy things from Amazon. Have an email account (for purely innocent uses) and make sure the machine is used for various other things. This will make the real machine which has just been destroyed look like an old machine which was not used.
  • Do not connect your real machine to the internet, or any other form of outside connection, this means that the need for security on the machine is far less, something such as PGP would do, since the idea is to stop anyone getting at the machine in the first place.
  • Have some way of getting to your real machine which doesn't involve you being seen (underground is an obvious method). This avoids suspicious movements around.
  • As has already been said, do not draw attention to yourself, this can help to avoid any more drastic action. Being seen as a good member of the community helps, so hold a job which carries respect (law enforcement, fire department etc). Involve yourself in community events so there are people to speak out for you should you be caught.
  • Have a good home security system, proximity devices, guard dogs, guards if they can be afforded. You are less likely to be surprised this way. Do not have a partner, or hired help, they might confess, or stumble upon something they shouldn't.
  • Know your rights, do not allow them access unless they have the appropriate orders. Hire a very good lawyer.
  • Obviously this is all a bit far fetched, but it is very difficult to hide what you might be doing completely.

    Sad but true: None of the above methods have a chance of working. Strong encryption, separate storage of data media, total destruction of the computer -- zero, zilch, nada, nothing, zip, gornicht. These are all excellent hi tech countermeasures -- but the problem is lo tech, not hi tech!

    ThinkGeek.com will sell you a keystroke logger (the "Key Katcher", currently only $79.99 + shipping!) in a small plug. If I used one on your computer, you (being paranoid) woud notice it because it's too big -- it contains two plugs. How big do you think these have to be? How small could TheBooBooKitty make one?

    It's really that easy. In the ongoing case of Nicodemo S. Scarfo, the FBI did even less: it appears they installed key logging software on his PC, to capture his PGP passphrase. Hardware would doubtless also be doable (perhaps requiring some additional effort, i.e. at greater expense). Nothing in PGP or in security precautions helps against this type of attack -- computers not doing "what they are supposed to be doing".

    You can achieve some measure of security, e.g. if you post a guard around your computer at all times. Assuming no wired (or etherial) access to your computer, the only problem is that of physical access to the system; a highly-motivated guard can significantly reduce the possibility of unmonitored physical access. (Hopefully not too) Late addition by APE'EM (the Association of Paranoids for Ensuring Effective Means): It doesn't help to post highly-motivated guards. You'll have to ensure they are extremely highly paid and have no blackmailable spots in their past -- or the FBI will just pay them to look the other way. We're talking lo tech, after all!

    Or, of course, you can do what I do: I don't live in the U. S. of A.. The FBI doesn't try to read my data. The CIA (among others) do that.


    Also, don't forget to wrap tin foil around your head at all times! They can SUCK the passphrases out of your brane with an electro-magnetic vacuum cleaner!

    IMO, the secret to keeping your data safe is a combination of both high-tech and lo-tech. I will discuss techniques to truly avoid data that you own being discovered by most means available to a government, criminal or law enforcement agency, save them torturing you. Before I start, bear in mind this is written in the mindset that the government, GCHQ and all the hounds of hell are after your data. No paranoia is too deep, no conspiracy theory too outlandish. Better write more and have you ignore half of it than write less and it be half complete.

    First up, do not rely on the Constitution (or equivalent) to protect you in any way shape or form. Do not rely on any law of any kind, they will shift like sandbanks and turn on you like attack dogs pretty damn quick. Here in Britain the Regulation of Investigatory Powers Act makes it legal for the government to demand your decryption key or passphrase, refusal punishable by 2 years imprisonment. Bear in mind that they probably have your web access logged somewhere, so if you visit crypto sites every day they WILL have several nice juicy supercomputers waiting just for you before they break down your door. So first up, we'll go with high-tech methods.

    The Machine
    Making the wild assumption that you will be using a computer for your datastore and not a mathematically gifted rodent in a cardboard box, choosing the right machine for the job can be hard. For pure data storage and communications, a minimal setup is needed. A laptop is a VERY good idea, easy to hide and easy to transport. Typical specs are as low or as high as you want, they need only to be able to store as much data as you have, communicate with the internet (if necessary) and run the programs you need. If you want to avoid having your calls tapped (at least temporarily) buy an acoustic coupler and connect it to the modem. They connection rate is slow, 300 baud typical, but you can connect it directly to the handset on a phonebox, so you can drive into the middle of nowhere, get your mail, transmit some data, and screech (or stealthily creep) away into the night. Avoid wireless communication at ALL COSTS. I doubt I have to explain why. If you plan on keeping your data really secret, follow the guide above to making a secure computer with the use of ramdisks and CD-ROM drives. Bootable linux CDs abound, the largest being the SuSE Live! Evaluation CDs.

    Ideally, linux should be your operating system of choice. Windows does too much secret logging to be called a secure OS, whereas linux has distributions designed with security in mind. On a related topic, the NSA-endorsed secure linux distribution is actually a good distro, but your using it boils down to how much you trust the NSA not to bury something in the source code. The linux OSDN community is active, but reading through the entire linux source for backdoors is heavy going. Whatever you choose, keep it simple and clean. More programs means more swap file use, which may endanger your data.

    It is highly advisable to build in several safeguards that would make recovery of your data difficult. If you are at all skilled in programming or electronics, your task should not be difficult. For example, you may be forced to give up your login passwords etc to the machine. However, you could (for example) add a small program that expected you to hold down a few specific keys immediately after login. If this was not accomplished, the program would begin a secure delete or wipe of all your files, and then (most importantly) erase all traces of itself. It can then never be proven that there was ever any data to begin with unless they take out your hard-drive and examine it forensically instead of accessing your machine directly. If you are very good with electronics or know someone who is, you may build a short-range radio-frequency transmitter/receiver device. If your computer were activated beyond the range of this signal, all data is destroyed. Once again, this could be defeated by forensic techniques. Using explosives to physically destroy your computer is a little extreme, and could be construed as an attempt to murder law enforcement officials (which is waaay worse than computer crime). Simpler stuff like magnesium ribbon or the wonderful substance Thermite can burn your disks to cinders in seconds, and can be activated by electric charges.

    Cryptography
    If you are using your computer as a communications device, use PGP to encrypt all of your external communications. Do NOT keep mail archives, even encrypted, unless you desperately need to do so. It is advisable to use PGP 2.6.3i, as it contains only the core modules, is fully peer-tested (no real vulnerabilities found in pre-V6 releases), and has no 'bloat' modules like firewalls and built-in eggtimers and god knows what else. Plus, you can run it on a *very* low-spec machine, which if you computer is a pure datastore it may very well be. If you are truly paranoid, seek out the CryptoKnights Templar (CKT) versions of PGP, which support truly ridiculous keysizes and would try even theoretical machines like Quantum Computers. Also attempt to get ahold of PGPfone, for encrypting voice communications on-the-fly. This application is extremely effective if you get it working, because cryptanalysis routines work less well against a datastream that may have errors in it, like a telephone line would introduce. Using sound instead of text also cuts out half of the techniques a cryptographer would use to crack your code. For safety's sake, encrypting twice is always a good plan. For the record, encrypting and then compressing under PGP is utterly useless - PGP compresses data BEFORE encrypting it anyway. If possible, avoid using new and user-friendly mail clients like Netscape or Outlook, they are closed-source and probably leave logs and traces all over the place. Really, there is no need for a PGP key of greater than 4096 bits, other than giving yourself RSI by banging on the keys for half an hour. It can take over half an hour for even a modern PC to generate a 10,000 bit (CKT PGP supports such a staggering size) key.

    If your machine is also a store of sensitive or illegal information (such as accounts records or DeCSS) then you should use a symmetric encryption cypher, such as AES, Twofish,CAST or Serpent. If possible obtain standalone encrypt/decrypt executables, and keep them well seperate from the data itself. Knowing which algorithm was used to encrypt can aid a cryptographer in breaking your codes. If you cannot find or create from source code standalones, later versions of PGP do allow use of conventional symmetric encryption. In these circumstances it is a very good idea to compress your data first, as this defeats several common cryptanalysis techniques and cuts down your opponent's mathematical toolbox. Use the maximum keysize available, and preferably encrypt two or three times with different keys and passphrases. This may seem like overkill, but bear in mind that the Director of the NSA went on record saying PGP was virtually uncrackable, even for the NSA. Why would he say this on public record? I will let your paranoia do the thinking.

    Store your keys on a disk, keep the passphrases in your head. As mentioned, it is highly advisable to keep this disk either on your person or *very* well concealed, but not in your house or place of work. Seperate court orders (at least in the UK) are required for every property, and a magistrate here will not grant six orders for every place you visited in the last month month. I do not advise the above suggestion of hiding it amongst thirty nearly identical disks. They *will* check them all, and if they are all encrypted they will make you tell them which one it is. If you have many keys (as you should) it may be a good idea to stash these in seperate places. Giving it to a friend to hold onto is a bad idea, it puts them at as much risk as you and they are unlikely to hold out under the kind of pressure a criminal organisation or government can apply when they want something. It is also not a good idea to simply store your keys on a CD for instance. If you have a 650mb disc with your keys on, it wont take long to find. Fill it up with anything and everything you like, and hide your key within a file somewhere in there. True they will check and will probably find it in the end, but why make life easy on them. Using the black art of steganography to hide your key in an image is a great idea, especially on a CD containing maybe over 2000 images. Steganographise a load of random sequences too that look like keys, it is possible to analyse images for steganographic signatures. Physically writing your key in an image may sound like a good idea, but you try writing out 256 characters with the Pen tool. Using that for passphrases may work though.

    The Law
    As stated earlier, the crooked arm of the law can array against you just about anything. In modern society if it doesnt make the papers it never happened, and a determined government can ensure that this remains the case. You may have to prove, in court, that you do NOT know the keys and do NOT know where they are. Doing this is somewhat difficult, as it reverses the common innocent-until-proven-guilty method. If you have several keys on seperate discs in seperate places, giving up all but one or two will yield the authorities little, but may show you as being a co-operative suspect and save you somewhat. I do not claim to be a legal expert though, so I will leave this section shortened. If anyone has greater insight into the intricacies of privacy laws, please add them to this node.

    In amplification of TheBooBooKitty's writeup of how to keep information off magnetic media, and therefore unable to be caught and processed for analysis, I present this information.

    There are significant risks to using even volatile storage for computing with sensitive information.

    TheBooBooKitty's idea for a computer which a) stores everything in ram or on CD and b) switches off whenever someone tampers with it relies on the technical falsity (but practical truth) that ram loses information stored on it when it is no longer being refreshed. As we shall see, prying eyes can still access information from supposedly volatile types of storage.

    Every cell of RAM contains a thin oxide which forms the capacitor dielectric. Despite refinements in the processes of manufacturing electronics over the last few years, even a perfect oxide is subject to small fluctuations when an electric field is applied. Sodium is by far the most common contaminant -- it is small (and therefore mobile), found virtually everywhere, and possesses a positive charge. Changes in the oxide are in the form of impurities (sodium and dopants) migrating toward the negative pole of the electric field (positive ions being attracted to negative poles and vice versa).

    Impression of the impurities is a cumulative effect in that the longer a bit is stored in RAM, the more forceful the impression on the capacitor.

    A datum stored for one second probably causes no detectable change in the state of the ram, measured immediately after power loss. Storage for one minute is probably detectable and ten minutes certainly is. Time and a lack of electric field cause these changes to dissipate. Low temperatures increase the retention time of these changes; RAM stored at -60 could have a retention time of months, while high temperatures accelerate the speed of dissipation. Dissipation of stress, when not affected by temperature, occurs at effectively the same rate as impression.

    Since the data forms a deeper impression the longer it is held in RAM, rapid rewriting of new information over old information is ineffectual for obliterating long-stored information from RAM.
    The solution to this conundrum of the paranoid is therefore rapid flipping of data. Leaving data alone for less than one second should be sufficient to leave no discernable trace of sensitive data. In modern operating systems, this rapid, constant access also has the added side effect of ensuring that the data never is paged to disk.

    And any thanks to everyone who's helped me correct the errors with this writeup.

    Log in or register to write something here or to contact authors.