Project to Teach Anonymous Communications to the Media

Hey guys just an idea, but in light of the fact that government officials are almost certainly rummaging through phone numbers at will (apparently including prominent journalists) thereby threatening to stifle important journalism, should we consider making a special project with the help of tech savvy types on this forum for the purposes of teaching potential sources of important information how to contact the news-media while remaining anonymous via the internet?

We could then popularize the method so the sources would know how to do it.

It may have limitations, but it might be worthwhile. Some folks might come forward with info that otherwise wouldn’t.

The sources could then provide evidence to corroborate their story and help guide a news investigation without fear of reprisals by the government. (And journalists can’t be forced to divulge sources if they don’t know who they are.)

I’m not sure exactly how it would be done – perhaps a wireless connection from various locations through a proxy.

You give your houaw key (or a portaphone keyed to your house) to Person X, you never know his name. He uses your phone by giving it to Reporter Y, to call Politician Z. Either you leave your house, or he parks out front with a cellphone keyed to your frequency. There's a ton of them. Not just you, but others, from FL to ME. How ya gonna catch 'em all? How can ya prove that it wasn't theft of service?

Good idea to use a voice scrambler, as well...but hey, the more they push, the more thinking folk have to push BACK.

but I suppose there might be other methods.

Any techies out there with any ideas?

And prosecuted by the government for illegally exporting munitions grade encryption technology in the early 1990s, is working on a secure SIP phone product. It's in BETA right now, but it's free. Doesn't work with Skype but it'll work with just about any other SIP based service.
http://www.philzimmermann.com/EN/zfone/index-start.html

said the NSA et al is 30 years ahead of industry technology.

Wonder if the gov can beat it or trace back to the caller some how. But that's got potential.

"The FBI/NSA/CIA equipment was so antiquated that there was NO way they could even go online, or use email"...?

That was what I heard many of them use as the exuse for why they never connected the dots..

hmmmm..curiouser and curiouser

In order to crack the key used for any particular encryption session. The fact that this uses disposable keys (a new key is generated for every session and then destroyed at the end of the session) makes it all the more difficult. I haven't studied the ZRTP protocol or Zimmerman's implementation in detail, but I assume he's chosen a default key length large enough to make cracking non-trivial and yet not overly tax the resoruces of the computing hardware hosting the ZRTP client.

What you've got to remember is that nothing is 100% secure. What one tries to do when striving for security is to put up enough barriers that it is no longer worth the effort to get to whatever is being secured. The flip side to this is that you try to be reasonably secure, without putting up so many barriers that it becomes burdensome to get to or do whatever it is you're interested in securing in the first place. So while I wouldn't count on the NSA not being able to listen in on your conversation, it's reasonable to assume that ZPhone and ZRTP would make it uneconomical to crack every call. And though the NSA may be years ahead in tech, they are not years ahead in quantum computing which would be required to crack arbitrarily large key lengths.

Also, you have to consider that this does nothing to obscure the kind of external or meta data being collected from the phone companies, and even though you're not using a standard phone or cell for ZPhone, you're still generating meta data. As Zimmerman notes in the FAQ:


So in my estimation, as with Zimmerman's previous PGP product, ZPhone is "pretty good privacy" and that's often more than enough, but if you're looking for panaceas, there aren't any.

Now, if you couple ZPhone, with GPG for e-mail (and other things) and Off The Record for instant messaging then you've got a pretty good arsenal for helping to insure that your private communications stay that way. Just remember though, the fact that you are encrypting your communications itself says something -- that you care enough about what you're sending/saying to have it encrypted. But if you were to encrypt everything, just as you use an envelope for almost everything you send through the mail, that wouldn't be so suspicious. If you could get your whole circle of friends doing it, even better. If everybody did it... Well, then over half the country wouldn't be OK with the NSA datamining their external data.

How could they tap that?

Then sources can speak their mind during their orgasmic meetings,
and the carnal reality of the oldest profession can keep alive
the 4th estate.