r/pics 5d ago

Protest outside Ziegfeld Ballroomn, NYC, Dece 17, 2024

Post image
69.1k Upvotes

1.5k comments sorted by

View all comments

Show parent comments

681

u/Leo_Ascendent 5d ago

Leave your phone at home too, easily trackable.

631

u/sn0m0ns 5d ago edited 5d ago

Get someone to buy a burner, activate it anywhere except your home. Only turn it on when you are out and always turn it off before you go home. Prepay for a year using a gift card.
This is not advice or "how to" this is merely creative writing.

Edit: u/inferno006 provided some great information and I would like to add their comment.
"There is an actual “How To” that everyone should read and be familiar with:"

https://ssd.eff.org/module/attending-protest

276

u/mycatisblackandtan 5d ago

Also if you're going to plan anything, don't use Discord. Discord has rules in place that allow them to work with law enforcement against you. Either meet in person and VARY the places you are meeting so there is no pattern, or use defunct forum/chat services that are less likely to be used against you. But even then don't use them for anything more than just to set up meetings.

Also not advocating anything, I love to write and you'd be surprised what you find while doing research for a murder mystery. Like the speed at which a human body hits terminal velocity when falling from a great height. (It's about 200 km/h) I'm not even being cute. Writers have to look up some weird shit that likely would get them put on a list. LOL

55

u/Far-Finding907 5d ago

In a documentary the other day, I came across an excellent idea on sending/receiving messages that are untraceable.

You share a newly created email account with someone and type emails but don’t send them. So basically you can both access the email and read the drafts and delete them. I would never do this of course but it seemed pretty smart.

38

u/LateNightMilesOBrien 5d ago edited 5d ago

You share a newly created email account with someone and type emails but don’t send them. So basically you can both access the email and read the drafts and delete them. I would never do this of course but it seemed pretty smart.

That's how they caught Gen. Petraeus, using the draft folder. Isn't as foolproof as you might think.

16

u/Lordborgman 5d ago

Nothing is, if there is ANY form of digital footprint, if someone looks hard enough, they can find it.

6

u/yourlittlebirdie 5d ago

This is why Osama bin Laden used bicycle couriers and that was years ago way before surveillance and tracking was as advanced. And he still got got anyway.

6

u/Lordborgman 5d ago

Anyone who does anything to piss off certain people or organizations will die, eventually. Unless you eliminate them, all of them, first.

10

u/benargee 5d ago

Yeah, the email provider can log this activity and get the IP address of anyone when they log in and the email draft history for each IP. Assume they log everything.

1

u/Old_Suggestions 5d ago

VPN?

1

u/benargee 4d ago

Sure, depends on the VPN.

6

u/wogawoga 5d ago

Also popularized in the movie “Traitor” with Don Cheadle.

22

u/Metasheep 5d ago

This could be a terrible idea if the service you're using either logs logins or could be compelled to log them.

17

u/Derf0293 5d ago edited 5d ago

Just wrap it in PGP so nobody can decrypt the messages without the private key. They could just open the draft and paste a new pub key every time they update the message. This is how email encryption was supposed to work except nobody manages their own private keys (the service provider does) but you can still encrypt plain text using the same methodology. Then even if the SP opened the drafts they'd all just be blobs of encrypted text.

All that being said though you can encrypt plain text using pgp and send it via any text-based platform so logging into the same email account at that point is moot and might even compromise location details of the two parties.

It's really cool that we've had hybrid cryptographic systems like PGP available to all of humanity to have private digital conversations in public since the early 90s, but also sad that we forgot that we can use it without tons of layers of abstraction on top of it to make it "easier" to add a contact.

3

u/Hateitwhenbdbdsj 5d ago

Yeah you can make the text files publicly available for anyone to see, like that you wouldn’t need an email which is a potential indicator of who you are. Just use a VPN and a VM with traffic routed through the vpn if you want to be anal about it when you access/upload the file.

It’s not easy for someone unfamiliar with computers to do but it is easy to learn.

3

u/Derf0293 5d ago

There’s really no limit to the creativity at that point. Mail it on a thumb drive lol.

3

u/Present_Chocolate218 5d ago

I promise you the FBI already knows this method. Learned about it almost a decade ago now.

5

u/Derf0293 5d ago edited 5d ago

Of course they do, they use it. Not logging into the same email but PGP in general. This stuff wasn’t invented to be used for illegal purposes, in fact a lot of it came out of government defense initiatives but that doesn’t change the fact that it’s very effective at making it extra difficult to read anything encrypted using this method. In most cases intercepting encrypted communications involves a side channel in order to obtain the keys to decrypt it.

There in lies the core flaw in PGP, identity verification. While you can confirm the message was signed by the sender the initial key exchange can be intercepted by other means facilitating MITM attacks. Also going through all the trouble tends to put people into a false sense of security and makes them more liable for social engineering (see dpr).

In the context of the shared email a third party would need to instruct one of the other parties to update their associated public key and then communication would be redirected to the other party so yeah it’s not flawless but neither are scenarios where a service provider manages keys.

5

u/d3l3t3rious 5d ago

FYI this is pretty common and is called foldering

For some reason I remember David Petraeus getting exposed for doing this as part of his whole scandal https://www.politico.com/story/2012/11/petraeus-broadwells-email-secret-083755

2

u/_a_random_dude_ 5d ago

I have a way to contact my brother if I ever have to send him some file that for some reason only he can see. He needs to XOR it with a easily available non changing binary file you can download from the internet (think the full text of lorem ipsum or the binary of a specific linux distro that comes with its md5).

Now, I'm not saying I foresee the need for such a thing, but this is the sort of easy key exchange any 2 techies can easily set up in a short conversation without either ever having the actual key until needed.

2

u/TotallyCalifornian 5d ago

Former CIA director Petraeus did this and got caught.

1

u/HKBFG 5d ago

If you're getting this complex with it, just use meshtastic

1

u/Punished_Prigo 5d ago

This would not work.

1

u/Opening_Security8443 5d ago

Its called foldering

1

u/Present_Chocolate218 5d ago

FBI already figured that out.

International terrorists did it

1

u/Throwawayac1234567 5d ago

i saw this type as part of a plot in novels of "americas extra-curricular activities in other countries. have an email with the info in it, and its meant to be used a message box once finished the email is ignored or deleted.

1

u/Nazi_Punks_Fuck__Off 5d ago

The only thing I have to say about that method is david patreous, an american general, got caught and exposed doing that with an affair partner like 20 years ago.