Subj : Terrorists And Draft Folders
To   : All
From : warmfuzzy
Date : Thu Nov 22 2018 05:35:53

In the Intelligence Community there is a general hush-hush on sources and
methods and I'm not into revealing those things (if I did know some of those
things)---but there is nothing expected against revealing the sources and
methods of terrorists.  One of these methods is the use of a draft folder
where terrorists would register a Gmail account and instead of sending
messages though it that they would write letters to their followers in the
terrorist cell using the saving of messages in the drafts folder rather than
sending a message in the normal way.  The American's have fully come to
understand how the terrorists communicate to one another using this method. 
It has been revealed in a documentary on television so I don't see a need to
keep it secret.  If you think about it it was really quite good thinking (if
their adversary was a standard corporate security firm), however they are
dealing with the No Such Agency who is wise to these types of things.  A
similar method could be used, slightly modifying this old procedure which
would add crypto to the scheme and logons done through TOR, however it is
understood that NSA has the ability to reveal crypto, whether its obfuscated,
encrypted, or otherwise considered "secure." They are the Big Brother with
the big person toys and it can be safely assumed that if you communicate on
the Internet that that communication is available in full in clear text. 
That is what several billion a year can get you.  If you want security it is
best to go old school with couriers.  Yet, even with couriers those who move
the communications around can still be found out and surveillance on those
couriers can lead to the exposure of their employers.  An example of this is
the tagging of Bin Laden's courier who passed traffic between OBL and his
organization.  The weakest link can make a highly secure network very very
exposed.  If you run an e-mail service and you notice behavior as described
above you might want to let your brother know whats going on.  Privacy and
anonymity is great, but it needs to be balanced with the exploiting of
criminals weakest links... if people use lousy security they're open game in
my opinion; not to say that I encourage illegal behavior but rather that I
recognize that with pathetic security there will be someone out there who
wants to mess with you, whether that be a robot malware or an offensive
security operator.  When your sources and methods are exposed, such as with
this case of an Internet dead-drop you really have to consider getting new
kit and practices to counter exposure.  What it comes down to is that there
is a conflict between the investigators and the people of interest, in real
life there is nothing off-limits so expect to have a raging psycho as your
enemy and, being expecting foul-play, to defend yourself against the crazies,
whether that be the terrorists or the agents.  This article was written for
the computer security practitioners---the common people who like their
freedoms---not directed at the agents and terrorists---its for educational
purposes and is in the common knowledge of the scene.

--- Mystic BBS v1.12 A39 2018/04/21 (Linux/64)
 * Origin: Sp00knet Master Hub [PHATstar] (700:100/0)

.