Covert Channel Signals for Meetings or Dead Letter Drops

Covert Channel Signals for Dead Drops or Physical Meetings

Unless you have established a regular schedule for checking to see if anything has been left in a Dead Letter Drop, its use will usually require some sort of Covert Channel Signal.

In spy fiction and in real life espionage cases, such signals usually involve something inconspicuous, which the other person can notice without stopping and reading a note e.g. a window with curtains, a venetian blind or a light switched on or off, a chalk mark, or thumb tack on the pavement or on a bit of street furniture like a litter bin or telegraph pole, leaving a car parked in a certain parking space, or literally flying a flag. etc.

There may need to be different signals to communicate that there is something at the Dead Drop to be picked up, that the Dead Drop is suspected of being under surveillance, that an alternative Dead Drop should be used instead, or that an urgent Physical Meeting is needed..

Obviously all sorts of misunderstandings and errors can happen, especially if this users of the Dead Drop ave not practiced the technique much, or at all.

Internet Covert Channel Signals

Covert Chanel Signals can be as simple as changing one bit in a computer file from a Zero to a One (or vice versa), and pre-arranging,in secret, what this means, and when and where such a signal is valid, so there are lots of possibilities offered by the internet or telecommunications systems.

The Geo-cachers, of course, can use a website with email and rss syndication feed or even SMS text message notification, to announce to the world that a new cache has been created, ir filled. The internet provides lots of possible Covert Channel Signal,e.g. the fact that a message mentioning a pre-arranged code word or phrase is posted to a public discussion forum or to an email account , perhaps disguised as spam / junk mail advertising etc.

The internet and the world wide web offers a plethora of free email accounts, free disk space for file sharing, free web blogs etc. which can be used relatively anonymously, by more than one person (if the username and password details are shared, to provide such a Dead Drop facility for sending messages covertly. The legalities of snooping on file transfers which are not specifically "electronic communications" like email, is a bit unclear under UK law, but if you are under suspicion,the chances are that it will happen, even if it cannot be used directly as evidence in court. N.B. in the UK, the use of electronic intercept cannot be used as evidence in Court (it can obviously be used for investigations), but the use of Communications traffic Data and anayses can be used in Court.

Multi-user blogging or forum software can legitimately provide an excuse for different people to log into the system, at different times, from different IP addresses, in order to browse and "edit" articles "for publication". Provided that some blog articles or forum messages are actually published, an act which in itself might be a Covert Channel Signal, then such activity may not raise any suspicions.

N.B. If editing an external blog,or uploading file to say,, a photo file sharing service, is prohibited or unusual, in your corporate of government office, then it might draw attention to you as a potential whistleblower leak suspect.

These internet techniques have probably superceded the use of small adverts in the Personal Columns of printed newspapers and magazines, although offering something for sale via , say, the Loot Classified Ads website, or via phone, might still be a useful technique sometimes.

Deliberately Missed Phone Calls

One old Covert Channel technique , which is under surveillance automatically by the telrcomms companies (fto see if there is a problem with the infrastructure in a particular area, or to investigate possible loss of revenue) and therefore also by state authorities is the old technique of letting a telephone ring a certain number of times, before ringing off.

This dates back to the earliest fays of the landline telephone, and can be used to convey standard, pre-arranged messages such as "I am catching the train home in the next few minutes, start cooking dinner" etc., It has the advantage of not costing any money, as phone calls are not usually charged until the receiving party picks up and answers the call,. This technique is popular in Africa, where it sometimes called "beeping" of "flashing".Many poor people make use of it, exploiting the Caller ID feature of even missed phone calls, to identify which phone has just "beeped" you for free, to such an extent that a system of etiquette has evolved e.g. it is not considered to be ethical to "beep" someone who you know has very little or no mobile phone credit - the "beep" may be free, but not if it signals "phone me back as soon as possible".

In the UK, people are usually rich enough not to be so worried about this, but from a whistleblower / journalist / activist contact anonymity point of view, it might be better not reply to such a Covert Channel signal, except via a different Covert Channel method, ideally, not immediately upon receipt of the first Cover Channel tipoff message.

However, the European Union Data Retention Directive, and the previous UK Government Voluntary Code of Practice, (under the Anti-terrorism, Crime and Security Act 2001), specifically mentions retaining "failed call attempts", so this is all likely to be automatically logged for at least a year.

Since you can never be sure if or, or how thoroughly, an Answerphone or Voice Mailbox message is ever erased, then it might be best to avoid using these as Dead Drops for messages, unless you can disguise your voice and have a pre-arranged series of code phrases, which sound innocuous.

About this blog

We know that there are decent, honest, trustworthy individual politicians, civil servants, law enforcement, intelligence agency personnel and broadcast, print and internet journalists etc., who often feel powerless or trapped in the system. They need the assistance of external, detailed, informed, public scrutiny to help them to resist deliberate or unthinking policies, which erode our freedoms and liberties.

Some of these people will, in the public interest, act as whistleblowers, and may try to leak documents or information to the mainstream media, or to political blog websites etc.

Here are some Spy Blog "Hints and Tips", giving some basic preecautions, and some more obscure technical tips, which both whistleblowers, journalists, and bloggers need to be aware of, in order to help preserve the anonymity of whisteleblowing or other journalistic sources, especially in the United Kingdom, but applicable in other countries as well.

Whistleblower anonymity may not always be possible, or even necessary, forever into the future, but it is usuially crucial during at least the early stages of a "leak", whilst it is being evaluated by others, to see if it merits wider publication and publicity.

Email & PGP Contact

Please feel free to email your views about this blog, or news about the issues it tries to comment on.


Our PGP public encryption key is available for those correspondents who wish to send us news or information in confidence, and also for those of you who value your privacy, even if you have got nothing to hide.

You can download a free copy of the PGP encryption software from
(available for most of the common computer operating systems, and also in various Open Source versions like GPG).

We look forward to the day when UK Government Legislation, Press Releases and Emails etc. are Digitally Signed so that we can be assured that they are not fakes. Trusting that the digitally signed content makes any sense, is another matter entirely.


Tag Cloud

CryptoParty London

CryptoParty London

Most months there is a CryptoParty London event. where some of these Hints and Tips and other techniques are demonstrated and taught.

Usually at:

Juju's Bar and Stage 15 Hanbury St, E1 6QR, London

Follow on Twitter: @CryptoPartyLDN

Syndicate this site (XML):


Campaign Button Links

Watching Them, Watching Us, UK Public CCTV Surveillance Regulation Campaign
UK Public CCTV Surveillance Regulation Campaign

NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card
NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card and National Identity Register centralised database.

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.
Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid_150.jpg - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Peaceful resistance to the curtailment of our rights to Free Assembly and Free Speech in the SOCPA Designated Area around Parliament Square and beyond

Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

Petition to the European Commission and European Parliament against their vague Data Retention plans
Data Retention is No Solution Petition to the European Commission and European Parliament against their vague Data Retention plans.

Open Rights Group

renew for freedom - renew your passport in 2006
Renew For Freedom - renew your Passport in the Summer Autumn of 2006.

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network
Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Tor - the onion routing network
Anonymous Blogging with Wordpress and Tor - useful Guide published by Global Voices Advocacy with step by step software configuration screenshots (updated March 10th 2009).

Amnesty International's campaign

BlogSafer - wiki with multilingual guides to anonymous blogging

NGO in a box - Security Edition privacy and security software tools

Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

Reporters Without Borders - Reporters Sans Frontières - campaign for journalists 'and bloggers' freedom in repressive countries and war zones.

Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

wikileaks_logo_low.jpg - the controversial "uncensorable, anonymous whistleblowing" website based currently in Sweden.

Public Concern at Work - "(PCaW) is the independent authority on public interest whistleblowing. Established as a charity in 1993 following a series of scandals and disasters, PCaW has played a leading role in putting whistleblowing on the governance agenda and in developing legislation in the UK and abroad. All our work is informed by the free advice we offer to people with whistleblowing dilemmas and the professional support we provide to enlightened organisations."