slate | Using the dead-drop tactic can
certainly reduce the chances that sweeping surveillance dragnets will
gobble up your communications—but it is not exactly secure. The method was used by the planners of the Madrid train bombings
in 2004, which killed 191 people, helping them to operate below the
radar of Big Brother. However, law enforcement agencies over the years
have grown accustomed to terrorists using the dead drop, and
technologies have been developed to help counter it.
An interception tool developed by the networking company Zimbra, for
instance, was specifically designed to help combat email dead drops. Zimbra’s “legal Intercept” technology allows law enforcement agencies to obtain “copies of email messages
that are sent, received, or saved as drafts from targeted accounts.” An
account that is under surveillance, with the help of Zimbra’s
technology, will secretly forward all of its messages, including drafts,
to a “shadow account” used by law enforcement. This may have been how
the FBI was able to keep track of all correspondence being exchanged
between Petraeus and Broadwell.
(It’s also worth noting that archived draft emails stored alongside
sent and received messages on Google’s servers can actually be obtained
by law enforcement with very little effort. Due to the outdated Electronic and Communications and Privacy Act, any content stored in the cloud can be obtained by the government without a warrant if it’s older than six months, as Wired reported last year.)
What this means is that if Petraeus and Broadwell had been savvy
enough to use encryption and anonymity tools, their affair would
probably never have been exposed. If they had taken advantage of PGP encryption,
the FBI would have been able to decipher their randy interactions only
after deploying Trojan-style spyware onto Broadwell’s computer. Further
still, if the lovers had only ever logged into their pseudonymous Gmail
accounts using anonymity tools like Tor, their real IP addresses would have been masked and their identities extremely difficult to uncover.
But then it is unlikely that they ever expected to come under FBI
surveillance. Their crime was a moral one, not a felony, so there was no
real reason to take extra precautions. In any other adulterous
relationship a pseudonym and a dead drop would be more than enough to
keep it clandestine, as my Slate colleague Farhad Manjoo noted in an email.
Broadwell slipped up when she sent the harassing emails—as that, as
far as we know, is what ended up exposing her and Petraeus to
surveillance. Whether the harassment was serious enough to merit email
monitoring is still to be established, as Emily Bazelon writes on “XX Factor.” It goes without saying, however, that the real error
here was ultimately made by Petraeus. If he had stayed faithful to his
wife of 38 years in the first place, he’d still be in charge at the
CIA—and I wouldn’t be writing about how he could have kept his adultery
secret more effectively by using encryption.
