Trying to Keep Your E-Mails Secret When the C.I.A. Chief Couldn’t


If David H. Petraeus couldn’t keep his affair from prying eyes as director of the Central Intelligence Agency, then how is the average American to keep a secret?

In the past, a spymaster might have placed a flower pot with a red flag on his balcony or drawn a mark on page 20 of his mistress’s newspaper. Instead, Mr. Petraeus used Gmail. And he got caught.

Granted, most people don’t have the Federal Bureau of Investigation sifting through their personal e-mails, but privacy experts say people grossly underestimate how transparent their digital communications have become.

“What people don’t realize is that hacking and spying went mainstream a decade ago,” said Dan Kaminsky, an Internet security researcher. “They think hacking is some difficult thing. Meanwhile, everyone is reading everyone else’s e-mails — girlfriends are reading boyfriends’, bosses are reading employees’ — because it’s just so easy to do.”

Face it: no matter what you are trying to hide in your e-mail in-box or text message folder — be it an extramarital affair or company trade secrets — it is possible that someone will find out. If it involves criminal activity or litigation, the odds increase because the government has search and subpoena powers that can be used to get any and all information, whether it is stored on your computer or, as is more likely these days, stored in the cloud. And lawyers for the other side in a lawsuit can get reams of documents in court-sanctioned discovery.

Still determined? Thought so. You certainly are not alone, as there are legitimate reasons that people want to keep private all types of information and communications that are not suspicious (like the contents of your will, for example, or a chronic illness). In that case, here are your best shots at hiding the skeletons in your digital closet.

KNOW YOUR ADVERSARY. Technically speaking, the undoing of Mr. Petraeus was not the extramarital affair, per se, it was that he misunderstood the threat. He and his mistress/biographer, Paula Broadwell, may have thought the threat was their spouses snooping through their e-mails, not the F.B.I. looking through Google’s e-mail servers.

“Understanding the threat is always the most difficult part of security technology,” said Matthew Blaze, an associate professor of computer and information science at the University of Pennsylvania and a security and cryptography specialist. “If they believed the threat to be a government with the ability to get their login records from a service provider, not just their spouse, they might have acted differently.”

To hide their affair from their spouses, the two reportedly limited their digital communications to a shared Gmail account. They did not send e-mails, but saved messages to the draft folder instead, ostensibly to avoid a digital trail. It is unlikely either of their spouses would have seen it.

But neither took necessary steps to hide their computers’ I.P. addresses. According to published accounts of the affair, Ms. Broadwell exposed the subterfuge when she used the same computer to send harassing e-mails to a woman in Florida, Jill Kelley, who sent them to a friend at the F.B.I.

Authorities matched the digital trail from Ms. Kelley’s e-mails — some had been sent via hotel Wi-Fi networks — to hotel guest lists. In crosschecking lists of hotel guests, they arrived at Ms. Broadwell and her computer, which led them to more e-mail accounts, including the one she shared with Mr. Petraeus.

HIDE YOUR LOCATION The two could have masked their I.P. addresses using Tor, a popular privacy tool that allows anonymous Web browsing. They could have also used a virtual private network, which adds a layer of security to public Wi-Fi networks like the one in your hotel room.

By not doing so, Mr. Blaze said, “they made a fairly elementary mistake.” E-mail providers like Google and Yahoo keep login records, which reveal I.P. addresses, for 18 months, during which they can easily be subpoenaed. The Fourth Amendment requires the authorities to get a warrant from a judge to search physical property. Rules governing e-mail searches are far more lax: Under the 1986 Electronic Communications Privacy Act, a warrant is not required for e-mails six months old or older. Even if e-mails are more recent, the federal government needs a search warrant only for “unopened” e-mail, according to the Department of Justice’s manual for electronic searches. The rest requires only a subpoena.

Google reported that United States law enforcement agencies requested data for 16,281 accounts from January to June of this year, and it complied in 90 percent of cases.

GO OFF THE RECORD At bare minimum, choose the “off the record” feature on Google Talk, Google’s instant messaging client, which ensures that nothing typed is saved or searchable in either person’s Gmail account.

ENCRYPT YOUR MESSAGES E-mail encryption services, like GPG, help protect digital secrets from eavesdroppers. Without an encryption key, any message stored in an in-box, or reached from the cloud, will look like gibberish. The intended recipient must get a key from the sender to read the message. The drawback is that managing those keys — which often involves writing them down — can be cumbersome. And ultimately, even though a message’s contents are unreadable, the frequency of communication is not. That is bound to arouse suspicions.

Wickr, a mobile app, performs a similar service for smartphones, encrypting video, photos and text and erasing deleted files for good. Typically, metadata for deleted files remains on a phone’s hard drive, where forensics specialists and skilled hackers can piece it back together. Wickr erases those files by writing gibberish over the metadata.

SET YOUR SELF-DESTRUCT TIMER Services like 10 Minute Mail allow users to open an e-mail address and send a message, and the address self-destructs 10 minutes later. Wickr also allows users to set a self-destruct timer for mobile communications so they can control how long a recipient can view a file before it disappears. But there is always the chance that your recipient captured screenshots.

DROP THE DRAFT FOLDER IDEA It may sound clever, but saving e-mails in a shared draft folder is no safer than transmitting them. Christopher Soghoian, a policy analyst at the American Civil Liberties Union, noted that this tactic had long been used by terrorists — Khaled Sheikh Mohammed, the mastermind of the 9/11 attacks, and Richard Reid, “the shoe bomber,” among them — and it doesn’t work. E-mails saved to the draft folder are still stored in the cloud. Even if they are deleted, e-mail service providers can be compelled to provide copies.

USE ONLY A DESIGNATED DEVICE Security experts suggest using a separate, designated device for sensitive communications. Of course, few things say philanderer, or meth dealer for that matter, like a second cellphone. (Watch “Breaking Bad.”)

GET AN ALIBI Then there is the obvious problem of having to explain to someone why you are carrying a pager or suddenly so knowledgeable about encryption technologies. “The sneakier you are, the weirder you look,” said Mr. Kaminsky.

DON’T MESS UP It is hard to pull off one of these steps, let alone all of them all the time. It takes just one mistake — forgetting to use Tor, leaving your encryption keys where someone can find them, connecting to an airport Wi-Fi just once — to ruin you.

“Robust tools for privacy and anonymity exist, but they are not integrated in a way that makes them easy to use,” Mr. Blaze warned. “We’ve all made the mistake of accidentally hitting ‘Reply All.’ Well, if you’re trying to hide your e-mails or account or I.P. address, there are a thousand other mistakes you can make.”

In the end, Mr. Kaminsky noted, if the F.B.I. is after your e-mails, it will find a way to read them. In that case, any attempt to stand in their way may just lull you into a false sense of security.

Some people think that if something is difficult to do, “it has security benefits, but that’s all fake — everything is logged,” said Mr. Kaminsky. “The reality is if you don’t want something to show up on the front page of The New York Times, then don’t say it.”

via Trying to Keep Your E-Mails Secret When the C.I.A. Chief Couldn’t – NYTimes.com.

via Trying to Keep Your E-Mails Secret When the C.I.A. Chief Couldn’t – NYTimes.com.

Advertisements

About Old Boy

Love the past and the future but live in the present

Posted on November 17, 2012, in Crime, Government, International affairs, USA and tagged , , , , , , . Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

FLOW ART STATION

THE CONTEMPORARY MAGAZINE

21st Century Films

Film Analysis, Essays, and Short Stories

swo8

Music means something

Discobar Bizar

Welkom op de blog van Discobar Bizar. Druk gerust wat op de andere knoppen ook, of lees het aangrijpende verhaal van Hurricane Willem nu je hier bent. Welcome to the blog of Discobar Bizar, feel free to push some of the other buttons, or to read the gripping story of Hurricane Willem whilst you are here!

Playing by My Own Rules

Cancer Messed with the Wrong Hellion

manologo

pienso y recuerdo...luego, existo

When the Whippoorwill sings

Queer Supernatural Romance and Horror Erotica

Noellie's Place

Life is brutal at times but always offers beauty and love to soften the blows if you open your hearts eye

After Credits Corner

There's a million films I haven't seen. Just you wait...

Reel Time Flicks

Film reviews and news, everyone's a critic! Welcome to the drinking blog with a film problem.

Baz Allen

Archive

Silents, Please!

interesting avenues in silent film history

Superduque

Mi patria es todo el mundo.

WRITE THEM ALL.

THOUGHTS. FEELINGS. MEMORIES.

Budget Traveler

Travel Guide, Blog & Reviews

The Conglomerate Lode

Mining thoughts, opinions, and experiences that enter the eyes the front door to the grey matter

La Audacia de Aquiles

"El Mundo Visible es Sólo un Pretexto" / "The Visible World is Just a Pretext".-

CINESPIRIA

Shining a light on the deep recesses of film history

Dr. Grob's Animation Review

The animation film review site

Genç Yazarlar Kulübü

Edebiyat burda, kahve tadında.

Alfred Eaker's The BlueMahler

Alfred Eaker's art (painting & film), reviews and essays. BlueMahler is a performance art character first created by Eaker at the John Herron School of Art in the early 1980s.

Master Mix Movies

One Movie at a Time

Jason's Movie Blog

A Movie Blog for the Latest Movie Reviews, Trailers, and More

Purple Pants

Presenting Life Delicacies with a Pinch of Salt

La Page @Mélie

Contre le blues, le meilleur remède, c'est le rock...!

simple Ula

I want to be rich. Rich in love, rich in health, rich in laughter, rich in adventure and rich in knowledge. You?

I didn't have my glasses on....

A trip through life with fingers crossed and eternal optimism.

Prestridge²

Independent journalism on the things we love - money, film and the arts

smithartonline

Art, education and ruminations

Exclusivito

Confessions of a book-traveller

Kitchen Scenes

Performance Art Based Video & Film

My Life as an Artist (2)

Smile! You’re at the best WordPress.com site ever

Paperback Cinema

Never judge a book by its movie.

CURNBLOG

Movies, thoughts, thoughts about movies.

Widdershins Worlds

WRITING LESBIAN FICTION, SCIENCE FICTION, AND FANTASY, SINCE THE 20TH CENTURY

SKYLINE REPORTS

comedy magazine

Flicks and Pieces

Film & TV Reviews, News & Musings

MovieBabble

The Casual Way to Discuss Movies

seriesdefilms

Pour ceux qui se font des films en séries!

Plain, Simple Tom Reviews

Musings on film and TV, old and new.

Rarest Kind of Best

Talking about children's books and films. Useful information for parents.

Outspoken and Freckled

Kellee writes about classic & modern film, retro TV... and life's adventures, with a sassy Irish passion.

MILLENNIAL MOVIES

MOVIES FROM A MILLENNIAL PERSPECTIVE

%d bloggers like this: