Covert Channel Signals for Meetings or Dead Letter Drops
Covert Channel Signals for Dead Drops or Physical Meetings
In spy fiction and in real life espionage cases, such signals usually involve something inconspicuous, which the other person can notice without stopping and reading a note e.g. a window with curtains, a venetian blind or a light switched on or off, a chalk mark, or thumb tack on the pavement or on a bit of street furniture like a litter bin or telegraph pole, leaving a car parked in a certain parking space, or literally flying a flag. etc.
There may need to be different signals to communicate that there is something at the Dead Drop to be picked up, that the Dead Drop is suspected of being under surveillance, that an alternative Dead Drop should be used instead, or that an urgent Physical Meeting is needed..
Obviously all sorts of misunderstandings and errors can happen, especially if this users of the Dead Drop ave not practiced the technique much, or at all.
Internet Covert Channel Signals
Covert Chanel Signals can be as simple as changing one bit in a computer file from a Zero to a One (or vice versa), and pre-arranging,in secret, what this means, and when and where such a signal is valid, so there are lots of possibilities offered by the internet or telecommunications systems.
The Geo-cachers, of course, can use a website with email and rss syndication feed or even SMS text message notification, to announce to the world that a new cache has been created, ir filled. The internet provides lots of possible Covert Channel Signal,e.g. the fact that a message mentioning a pre-arranged code word or phrase is posted to a public discussion forum or to an email account , perhaps disguised as spam / junk mail advertising etc.
The internet and the world wide web offers a plethora of free email accounts, free disk space for file sharing, free web blogs etc. which can be used relatively anonymously, by more than one person (if the username and password details are shared, to provide such a Dead Drop facility for sending messages covertly. The legalities of snooping on file transfers which are not specifically "electronic communications" like email, is a bit unclear under UK law, but if you are under suspicion,the chances are that it will happen, even if it cannot be used directly as evidence in court. N.B. in the UK, the use of electronic intercept cannot be used as evidence in Court (it can obviously be used for investigations), but the use of Communications traffic Data and anayses can be used in Court.
Multi-user blogging or forum software can legitimately provide an excuse for different people to log into the system, at different times, from different IP addresses, in order to browse and "edit" articles "for publication". Provided that some blog articles or forum messages are actually published, an act which in itself might be a Covert Channel Signal, then such activity may not raise any suspicions.
N.B. If editing an external blog,or uploading file to say,, a photo file sharing service, is prohibited or unusual, in your corporate of government office, then it might draw attention to you as a potential whistleblower leak suspect.
These internet techniques have probably superceded the use of small adverts in the Personal Columns of printed newspapers and magazines, although offering something for sale via , say, the Loot Classified Ads website, or via phone, might still be a useful technique sometimes.
Deliberately Missed Phone Calls
One old Covert Channel technique , which is under surveillance automatically by the telrcomms companies (fto see if there is a problem with the infrastructure in a particular area, or to investigate possible loss of revenue) and therefore also by state authorities is the old technique of letting a telephone ring a certain number of times, before ringing off.
This dates back to the earliest fays of the landline telephone, and can be used to convey standard, pre-arranged messages such as "I am catching the train home in the next few minutes, start cooking dinner" etc., It has the advantage of not costing any money, as phone calls are not usually charged until the receiving party picks up and answers the call,. This technique is popular in Africa, where it sometimes called "beeping" of "flashing".Many poor people make use of it, exploiting the Caller ID feature of even missed phone calls, to identify which phone has just "beeped" you for free, to such an extent that a system of etiquette has evolved e.g. it is not considered to be ethical to "beep" someone who you know has very little or no mobile phone credit - the "beep" may be free, but not if it signals "phone me back as soon as possible".
In the UK, people are usually rich enough not to be so worried about this, but from a whistleblower / journalist / activist contact anonymity point of view, it might be better not reply to such a Covert Channel signal, except via a different Covert Channel method, ideally, not immediately upon receipt of the first Cover Channel tipoff message.
However, the European Union Data Retention Directive, and the previous UK Government Voluntary Code of Practice, (under the Anti-terrorism, Crime and Security Act 2001), specifically mentions retaining "failed call attempts", so this is all likely to be automatically logged for at least a year.
Since you can never be sure if or, or how thoroughly, an Answerphone or Voice Mailbox message is ever erased, then it might be best to avoid using these as Dead Drops for messages, unless you can disguise your voice and have a pre-arranged series of code phrases, which sound innocuous.