{"id":8225,"date":"2015-04-07T09:36:17","date_gmt":"2015-04-07T13:36:17","guid":{"rendered":"https:\/\/www.kaspersky.co.za\/blog\/?p=8225"},"modified":"2020-02-26T18:53:58","modified_gmt":"2020-02-26T16:53:58","slug":"art-making-anonymous-calls","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.za\/blog\/art-making-anonymous-calls\/8225\/","title":{"rendered":"The convoluted art of making private and anonymous phone calls"},"content":{"rendered":"<p>Photographer Curtis Wallen\u2019s latest exhibit, \u201cProposition For An On Demand Clandestine Communication Network,\u201d opened in a Brooklyn art-house Sunday. The work explored what it would take for a normal person to make a completely private and anonymous phone call <a href=\"https:\/\/threatpost.com\/bruce-schneier-technology-magnifies-power-in-surveillance-era\/105365\" target=\"_blank\" rel=\"noopener nofollow\">in the age of ubiquitous Internet surveillance<\/a>.<\/p>\n<p>Ultimately, Wallen\u2019s exhibit is an incredibly convoluted set of instructions that, theoretically speaking, can be followed in order to make a single phone call outside the scope of government surveillance. While Wallen is not a security expert by trade, he did buy a fake driver\u2019s license, Social Security number, insurance card, and cable bill on Tor with Bitcoin in order to create a working fake identity, Aaron Brown, back in 2013.<\/p>\n<p>In other words, he has relevant experience in <a href=\"https:\/\/www.kaspersky.co.za\/blog\/demystifying-tor\/\" target=\"_blank\" rel=\"noopener\">the world of privacy and anonymity<\/a>. Of course, his techniques are subject to technical analysis and their efficacy is debatable, but, in this case, art is about the journey and this journey is an absurd one. <a href=\"http:\/\/fastcompany.com\/3044637\/secret-phone-network\" target=\"_blank\" rel=\"noopener nofollow\">Fast Company first reported on Wallen\u2019s project late last month<\/a>.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">The absurd lengths one man went to in order to make a completely private phone call: <a href=\"http:\/\/t.co\/i0yZJjtryK\" target=\"_blank\" rel=\"noopener nofollow\">http:\/\/t.co\/i0yZJjtryK<\/a> <a href=\"http:\/\/t.co\/a6sauhJRxH\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/a6sauhJRxH<\/a><\/p>\n<p>\u2014 Fast Company (@FastCompany) <a href=\"https:\/\/twitter.com\/FastCompany\/status\/584083588389478402?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">April 3, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>So, how did Wallen go about making a clandestine phone call?<\/p>\n<p>First, he purchased a Faraday Cage-style evidence bag. These bags protect their contents against electronic manipulation with a mesh-work of conductive metals. In theory, outside signals cannot penetrate a Faraday Cage and, therefore, cannot communicate with a mobile phone placed inside of a Faraday Cage.<\/p>\n<p>Once he had his bag, Wallen went to a Rite Aid and purchased a pre-paid, contract-less cell phone, perhaps better known as a \u201cburner\u201d phone. Presumably he purchased the burner with cash rather than a traceable credit or debit card. He then placed the burner phone inside the evidence bag.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Artist @curtiswallen\u2019s take on how to make a completely #anonymous and #private phone call:<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2FSjF1&amp;text=Artist+%40curtiswallen%26%238217%3Bs+take+on+how+to+make+a+completely+%23anonymous+and+%23private+phone+call%3A\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>Behaviorally speaking, Wallen told Fast Company that he analyzed his daily movements before the experiment looking for anchor points and other times when his phone would not change locations, which he calls dormant periods. It\u2019s well established that accurately identifying a subject is trivial when you have access to that person\u2019s daily location information.<\/p>\n<p>Anecdotally speaking, nearly all of us have a fairly standard procedure of daily movements. We wake up, we go to work, we sit at work all day and we go home. Generally speaking, no other person travels from our exact home to our exact place of work. These are our anchor points.<\/p>\n<p>When it was time to activate his burner, Wallen left his actual, daily-use phone at an anchor point during a dormant period. He himself then departed from his anchor point with his burner phone in his Faraday bag. While it\u2019s not totally clear, he could have increased his chances of remaining anonymous by travelling by foot or by public transport out of sight of surveillance cameras to avoid systems that track license plates.<\/p>\n<div id=\"attachment_8228\" style=\"width: 760px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/103\/2015\/04\/06041052\/curtis-wallan-artwork-1.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-8228\" class=\"wp-image-8228 size-full\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/103\/2015\/04\/06041052\/curtis-wallan-artwork-1.jpg\" alt=\"How To Make Private and Anonymous Phone Calls\" width=\"750\" height=\"600\"><\/a><p id=\"caption-attachment-8228\" class=\"wp-caption-text\"><a href=\"http:\/\/curtiswallen.com\/p2cn-dossier\/\" target=\"_blank\" rel=\"noopener nofollow\">Curtis Wallen artwork<\/a><\/p><\/div>\n<p>He then connected to the Internet on a public Wi-Fi access point and used a computer with a clean operating system (think <a href=\"https:\/\/threatpost.com\/protesters-crypto-partiers-rally-against-surveillance-at-u-s-capitol\/102711\" target=\"_blank\" rel=\"noopener nofollow\">Tails operating system<\/a> or maybe a properly configured <a href=\"https:\/\/threatpost.com\/chrome-adds-ability-to-force-ephemeral-mode\/105273\" target=\"_blank\" rel=\"noopener nofollow\">Chromebook in ephemeral mode<\/a>) to go through the actual activation procedure.<\/p>\n<p>In this way, the phone is not attached to anyone\u2019s name or billing information and there is, in theory, no way of connecting its registration to someone\u2019s personal computer. In addition, the service provider for his real cell phone has no record of his traveling to the place where the phone was activated. Once it was set up, Wallen left the phone in a non-anchor point inside the Faraday Bag.<\/p>\n<div class=\"pullquote\">Central to good privacy, is eliminating or reducing anomalies that would pop up on surveillance radars, like robust encryption<\/div>\n<p>Once the phone is activated, there is the problem of coordinating the actual phone call. Wallen used a <a href=\"https:\/\/www.kaspersky.co.za\/blog\/cameron-against-encryption\/\" target=\"_blank\" rel=\"noopener\">cryptological system<\/a> called One-Time Pad to encrypt a message containing the burner phone\u2019s number and a time for the caller to call the burner phone.<\/p>\n<p>It\u2019s important that the call be made during a dormant time so it appears that Wallen is at home or work with his actual, daily use cell phone. It seems that he leaves his real phone behind to throw off his location.<\/p>\n<p>Only the message\u2019s intended recipient would have <a href=\"https:\/\/www.kaspersky.co.za\/blog\/the-wonders-of-hashing\/\" target=\"_blank\" rel=\"noopener\">the key to decrypt the One-Time Pad encrypted message<\/a>. Wallen then signed into the Tor anonymity network, signed into an anonymous Twitter account and posted the encrypted message. The person who would call the burner then decrypted the message and called the number posted at the given time.<\/p>\n<p>\u201cCentral to good privacy, is eliminating or reducing anomalies that would pop up on surveillance radars, like robust encryption,\u201d Wallen told Fast Company. \u201cSo, I\u2019ve prearranged an account where I\u2019m going to post an encrypted message, and that message comes in the form of a \u2018random\u2019 filename, someone can see that image posted to a public Twitter account, and write down the filename \u2014 to decrypt by hand \u2014 without ever actually loading the image.\u201d<\/p>\n<div id=\"attachment_8229\" style=\"width: 760px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/103\/2015\/04\/06041050\/curtis-wallan-artwork-2.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-8229\" class=\"wp-image-8229 size-full\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/103\/2015\/04\/06041050\/curtis-wallan-artwork-2.jpg\" alt=\"How To Make Private and Anonymous Phone Calls\" width=\"750\" height=\"600\"><\/a><p id=\"caption-attachment-8229\" class=\"wp-caption-text\"><a href=\"http:\/\/curtiswallen.com\/p2cn-dossier\/\" target=\"_blank\" rel=\"noopener nofollow\">Curtis Wallen artwork<\/a><\/p><\/div>\n<p>Wallen would travel back to where he left the burner phone at the appointed time and answer the incoming call. Once that call ended, Wallen wiped (presumably for fingerprints and data) and destroyed the burner phone.<\/p>\n<p>That, apparently, is how you make a clandestine phone call.<\/p>\n<p>Wallen consulted a famous security researcher, best known by his handle \u201cThe grugq,\u201d who described the process as technically \u201csecure, but probably fragile in practice\u201d and \u201cpossibly too complex and too fragile for real world use.\u201d In other words, Wallen\u2019s system could work, technically speaking, but it\u2019s a ridiculous work-around.<\/p>\n<p>In case you\u2019re wondering the kinds of surveillance we are talking about avoiding, John Oliver dropped an excellent explanation of how NSA surveillance works on this week\u2019s episode of Last Week Tonight. Enjoy.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/XEVlyP4_11M?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A New York artist made an exhibition out of making a single private and anonymous cell phone call outside the scope of government spying. Here&#8217;s how he did it:<\/p>\n","protected":false},"author":42,"featured_media":8230,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[9],"tags":[1052,1053,423,218,43,914,768],"class_list":{"0":"post-8225","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-tips","8":"tag-anonymity","9":"tag-art","10":"tag-mobile-devices","11":"tag-mobile-security","12":"tag-privacy","13":"tag-private-data","14":"tag-surveillance"},"hreflang":[{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/art-making-anonymous-calls\/8225\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/art-making-anonymous-calls\/5617\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/art-making-anonymous-calls\/5755\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/art-making-anonymous-calls\/7465\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/art-making-anonymous-calls\/8225\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/art-making-anonymous-calls\/7291\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/art-making-anonymous-calls\/7465\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/art-making-anonymous-calls\/8225\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.za\/blog\/tag\/anonymity\/","name":"anonymity"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/8225","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/users\/42"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/comments?post=8225"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/8225\/revisions"}],"predecessor-version":[{"id":26516,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/8225\/revisions\/26516"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media\/8230"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media?parent=8225"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/categories?post=8225"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/tags?post=8225"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}