Sheep and Security and Revolting Peasants

Ross Anderson ukcrypto at maillist.ox.ac.uk
Wed, 13 Sep 2000 11:33:56 +0100 

> what he wanted was a quick RIP run through as at the moment
> only mobiles and CBs were being used to co ordinate the "Peasants revolt".
> He said there were quite a few farmers wanting to use email/WAPs, but they
> were concerned about security and legal implications. 

It's a fascinating problem - the extent to which comsec matters, and
can usefully be deployed, in a peasants' revolt.

The first thing that comes to mind is that againt a large and diffuse
command structure, the classic doctrines of command and control
warfare (denial, deception, exploitation) aren't as effective as
they were against Saddam.

The second is that there may be little advantage to Plod in wiretapping.
If the command conversation is as follows:

 Farmer Giles: I hear Tony's going to give a talk at Leeds tonight.
 Driver Bert: OK, I'll get 1000 of the lads driving slowly up the M1

then it's likely to be followed at once by Bert issuing orders down a
telephone tree, which can't really be hidden. (There will always be
some truck drivers with a tachograph tampering charge pending :-)

The third is the doctrine that you keep communications covert until
detected, and then turn on full power to prevent jamming. So the
organizers already known to the police should use crypto by all means,
but they should use other tricks to talk to their people in the field.

This brings me to the fourth thing, which is that the people with the
most experience of defeating police comint are the criminals.  You'll
have to wait until my Security Engineering book comes out in January
for the gory details but the gist is abuse of the phone system. For
example, you hack the PBX at Scotland Yard and get it to reroute your
calls. (Yes, it's been done. So too has South Cambs District Council)

Slightly more legal is to get some prepaid mobiles, set up a long
conference call (hours to days), and throw them away once it's
finished. (Call detail records are only generated when the phone goes
on-hook, and so the cops can't easily do traffic analysis if you keep
the line open. But don't buy Vodafone as they drop all calls after 6
hours.)

Another trick is to route calls through someone who hangs off a big
switchboard. The standard police practice is to trace everyone the
suspect communicates with, then everyone they communicate with, and so
on, and look for people who show up more than once. To make this
recursive search feasible you have to ignore nodes with high
connectivity such as corporate switchboards. Hence the villains' love
of hacked PBXes; but for tactical use a fellow traveller on the
switchboard at the local GPs' surgery, who'll pass messages for you,
works just about as well.

Recommended reading: RV Jones, `Reflections on Intelligence' for
tactics, http://www.thedigest.com/ for the latest on phone fiddles

Ross