'This goes no further' (YOU HAVE NO PRIVACY)

Following revelations about bugging at the United Nations, is there any way of ensuring that your private conversations stay that way?

News that Kofi Annan and other senior UN figures may have been routinely bugged by US or British security services has caused a huge political row around the world. But it will also have caused alarm among other people in the public eye who deal with sensitive information - or anyone, indeed, who values their privacy.

If the secretary general of the United Nations cannot prevent his private conversations from being listened to by all and sundry, who can?

It seems if someone wants to listen to what you are saying badly enough, there is very little you can do to stop it.

" Technological advances, particularly in the fields of power supply and miniaturisation, mean that its now possible to bug almost anywhere and anything," says Charles Shoebridge, a former counter-terrorism intelligence officer.

" Similar advances have enormously improved anti-bugging capabilities too, and an enormous effort has gone into making communications secure - particularly those of governments and even large commercial organisations.

" However, if security is absolutely critical, it will always pay to assume that a conversation is at least capable of being monitored."

According to security experts, the most common listening device remains the electronic bug.

But government agencies such as the CIA and MI5 have far more advanced systems at their disposal.

Powerful uni-directional microphones can pick up conversations through open windows.

If the window is closed, radio waves or a laser beam can be bounced off the glass. The vibrations detected can be translated into speech. {comment: often referred to as a shotgun mic}

But today's spies are also able to convert conventional phones into bugs without the owners' knowledge.

Experts believe this is the most likely method used to gather information in the UN building.

Mobiles communicate with their base station on a frequency separate from the one used for talking. If you have details of the frequencies and encryption codes being used you can listen in to what is being said in the immediate vicinity of any phone in the network.

According to some reports, intelligence services do not even need to obtain permission from the networks to get their hands on the codes.

So provided it is switched on, a mobile sitting on the desk of a politician or businessman can act as a powerful, undetectable bug.

The technology also exists to convert land line telephones into covert listening devices. {comment: often called infinity mics}

According to one security expert, telephone systems are often fitted with "back doors" enabling them to be activated at a later date to pick up sounds even when the receiver is down.

Telephone conversations are also routinely intercepted by spy satellites. The potency of key word recognition technology is often overstated, but it is still used to scan millions of conversations a day for potentially juicy information. {comment: That statement is incorrect. Key word recognition technology is now startlingly accurate. See speech recognition link following this article.}

Encryption devices, which clip on to the base of mobile phones and scramble the voice data being sent from your phone, are available.

Intelligence is a constant battle between the bugger and the bugged, says Michael Marks, of surveillance-equipment supplier Spymaster, and "at the moment the buggers probably have the upper hand".

Mr Marks' advice to anyone who thinks they may be under surveillance is to ensure their office is swept regularly for bugs, buy an encrypted phone and make sure no one in a meeting has a mobile phone on them.

Another way of making sure you are not being bugged is to use a Faraday cage or shielded tent, which prevents radio waves entering or leaving.

Mobile phone calls are impossible from inside the tent, but no-one will be able to listen to your conversations using bugs or radio wave listening devices.

It will also prevent anyone intercepting radio emissions from computers, preventing them from seeing what you have on screen.

" [A Faraday cage] will stop you doing anything other than having a conversation. It is a very crude, but very secure, way of talking," says Michael Marks.

A more sophisticated - and expensive - method is to build a "clean room" {comment: also called a "Tempested" room}, of the type used by the military, to shield radio waves and electromagnetic signals.

But the hardest part, according to counter-surveillance consultant William Parsons, is trying to convince diplomats and politicians that there is a threat.

"The fact that someone might be listening doesn't actually come into their mind. It is not something that they actually comprehend."

There are a few simple steps anyone can take, Mr Parsons says, to throw would-be eavesdroppers off the scent.

Don't hold sensitive conversations in your office or boardroom. Or rather, give anyone listening enough to think they are getting the full picture and then save anything truly top secret for conversations in unusual locations, such as the basement.

It is better to use the office phone for secret conversations, Mr Parsons says, rather than a home phone, because with 20 or more lines leaving most buildings they are much harder to bug.

Switching on the shower while you talk in the bathroom - a favoured method of celluloid spies - is also unlikely to work, as constant volume noise can easily be filtered out. {comment: see speech recognition link below}

In fact, the only way to truly guarantee privacy, according to most security experts, is to take a walk in the park.

Charles Shoebridge says: "It remains the case today as it has always been, that probably the best way to avoid being eavesdropped is to pass information during a long, unpredictable and unannounced walk in the big outdoors.

"Word of mouth is always preferable to any form of electronic communication - assuming the information's recipient is entirely trustworthy, of course."

Some may think that this stuff is rather far out and does not affect you, personally. As an IT security consultant, I can assure you that it does affect you.

As part of my ongoing security education, I occasionally attend various phreak (hacker) meetings, to keep up with what they are doing. It's also called know thine enemy. At one such meeting about six years ago, one of the group took us out to his car after the meeting and showed us the shotgun mic that he had built from parts. This is a mic that can detect conversations through glass windows at a significant distance.

It was composed of a breadboard circuit, attached to a piece of plywood, a pair of headphones and a very strange looking contraption attached to a shoulder stock and included a tri-pod mount. On the shoulder stock, were mounted three cylindrical objects. The first was a standard rifle scope, for spotting. The second was another rifle scope, with what looked like a black piece of plastic over the primary (front) lens and a small plastic box taped to the eyepiece. The third was a medium power infrared laser (capable of projecting a reflectively detectible beam of coherent light over 2 miles) that he had acquired as salvage. The supposedly black piece of plastic was actually a filter that only allowed the frequency of light put out by the laser, to pass. The plastic box taped to the eyepiece contained the infrared detector and amplifier. There was a speaker laying in the seat next to the breadboard, that would be connected later.

Wires ran everywhere. The breadboard was connected to the car battery, as was the laser. The detector was attached, by a long wire, to the breadboard. The headphones were attached to the breadboard. After a few moments to get the wires untangled and connected. He pointed the laser at a tall building roughly a mile away. It was about 9:00 PM and he explained that he was scanning all of the windows where there were lights on, for sound. After a few moments, he stopped and connected the speaker. He then re-aimed at the selected window and we listened to a Mexican janitor hitting on a maid (without too much success, I might add). Because it was hand held and only braced against the roof of the car, the sound faded in and out, but it would have remained stable if he had it mounted on a tri-pod. He scanned the building for a few more moments and found a radio that had been left on in a darkened office. Then, he swung it around toward a traffic light about a quarter mile away and focused on each of the cars stopped at the light. You could plainly hear the car radios playing or the conversations going on inside the cars. Finally, he swung it around to the glass door of the building that we had just emerged from, about 75 feet away and we could hear the conversation of two people standing just outside the door.

I knew that the government and large detective agencies had such things. But, it blew my socks off to realize that this very effective long-range shotgun mic had been built from salvage, by a kid who was probably no more than 20 years old and whom I wouldn't trust to run my credit card through the Kroger's credit card reader in plain sight, which brings up another point. He proudly told the group that his purpose for building that device, was to get credit card numbers, to use to register AOL accounts. (Hackers often use stolen credit card numbers to register anonymously with AOL and then cancel the AOL account before the trial period expires and the card is actually charged. This makes it much more difficult to trace the hacker.)

Interestingly, I never saw that hacker at any future meetings. Maybe the NSA had him disappear.

As for the key word recognition technology, I refer you to some published research from the University of Southern California. Keep in mind, that if the government allows something like this to be published, it's only because they know that they already have something much better. Here is the QuickTime audio/video presentation of the Berger-Liaw Neural Network Speaker Independent Speech Recognition System. Here is the press release. This study was published in 1999. Today, dependable, high quality speech recognition is not only possible, but in broad use.

As a final note, I would encourage everyone to get and use PGP (Pretty Good Privacy). It is free for individual, non-commercial use and can be found at, http://www.pgp.com/products/freeware.html. With PGP, you publish your public encryption key to a public keyserver, for the world to see. You retain securely, your decryption key. Anyone may encrypt a file or email to you, using your public key, but only you can decrypt that file. The encryption is considered to be industrial strength and if you select the highest level of encryption and a sufficiently long key length, even governments cannot break it without expending extensive time and effort (we're talking months or even years). I personally use it, even for sending trivial messages, whenever the recipient has a published public key. You can also use it to electronically sign documents and that signature is more secure than a document signed in ink, since any change to any part of the signed electronic document will invalidate the signature and it is virtually impossible to forge a PGP signature.

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.