German politicians think they have come up with a novel way to keep their sensitive documents secret. They’re going to stop using computers.
Okay, okay. They’re not going to completely throw out all of their computers – that would be preposterous.
But concern about electronic surveillance by other countries has become such a big issue in Germany that prominent politicians say they are seriously considering using manual typewriters instead of computers.
So claimed Christian Democrat politician Patrick Sensburg in an interview with the Morgenmagazin (moma) TV show on Monday night.
And if anyone should know about the serious concerns caused by foreign states spying on Germany it’s Sensburg. He is heading up the Bundestag’s parliamentary inquiry into the NSA’s activities on German soil.
Germany is investigating allegations by NSA whistleblower Edward Snowden that the US government bugged Chancellor Angela Merkel’s phone, an issue that has strained relationships and raised trust issues between the White House and Ms Merkel.
And, of course, it doesn’t stop at spying on Angela Merkel. She’s just a particularly well-known individual who happened to be of interest to the US authorities.
So, it’s against that backdrop that Patrick Sensburg told the Morgenmagazin reporter that typewriters would be used to create confidential documents, and – as he stressed to the surprised journalist that he wasn’t joking – the typewriters used should be manual models, not electronic.
If the story sounds familiar, then cast your mind back to last year when Russia said that it too was buying typewriters to avert the threat of cyber-spying.
In the case of Russia`s Federal Protection Service, it ordered 20 typewriters and 600 ink cartridges for the princely sum of $15,000 – clearly that’s a lot more expensive than the typewriter I learnt how to type on as a kid back in the 1970s.
The reason for the expense is that these typewriters are designed specifically for the task of producing classified documents, with each device having its own distinct font (its fingerprint if you like) which will identify it and help to trace back any leak to its source.
But don’t be fooled. The use of typewriters doesn’t mean that someone can’t spy on what you’re doing.
If someone wants to spy on you badly enough, they are not going to be put off by you not using a computer.
Yes, it’s correct that typewriters are not connected to the internet, but there are plenty of low-tech methods to still find out what you have been communicating.
For instance, an agent working undercover as a cleaner in the building being spied upon might be able to grab used typewriter ribbons, or have access to papers that have not been securely shredded.
Furthermore, documents which have been typed out need to be distributed and copied to others who need to see them. Will security teams find it any easier to manage the distribution, sharing and destruction of classified content in paper form than when it is held electronically?
And in the 1980s it was revealed that the Soviet secret police had been spying on the US embassy in Moscow after secretly installing tiny sensors inside bugged typewriters.
At the time, a CBS News report shared details of how it worked:
“The devices picked up the contents of documents typed by embassy secretaries and transmitted them by antennas hidden in the embassy walls. The typewriters used a round ball with numbers and letters around the surface, which revolved before hitting the ribbon against the paper. The bugs could work out each letter typed by detecting how the ball moved.”
An NSA study of the incident, known as project GUNMAN, revealed that the sensors had gone undetected for eight years.
An even more high-tech approach could be the decoding of vibrations using the accelerometers of a mobile phone left close by.
I, for one, don’t think that ditching computers and flying the flag of typewriters as secure communication devices is the answer. That’s just switching one problem for another.
tags
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.
View all postsDecember 24, 2024
December 19, 2024
November 14, 2024