The one that interests me is inspired by the Blackhat movie.<p>The premise here is that the donor has an app on their phone. They load their data into the app.<p>Then they go to a mall, down town shopping district, someplace busy and they walk around.<p>When they got home they see a green dot showing the data has been transferred.<p>Somewhere hidden where they were walking is a BT receiver. The app and phone sniffed it out and sent the data as they walked by.<p>Once the data is loaded onto the drop, it’s exported out via a mesh of LORA radios.<p>I don’t know how to get BT radios to pair automatically without ever seeing each other, even between cooperating parties. Or maybe it could work with WiFi Direct. Not really familiar with that.
> Both companies will provide any data they have, including the full contents of any messages, if provided with an appropriate court order.<p>As we have learned, many companies hosting your data do not even require a court order. An urgent-sounding email with an official-looking return address is all that is needed.<p><a href="https://news.ycombinator.com/item?id=30842757">https://news.ycombinator.com/item?id=30842757</a>
I’m kind of surprised no one has mentioned IPFS [0]. IPFS x I2P [1] or IPFS x Tor [2] gets you like at least 60%-75% there (depending on individual skills).<p>[0]: <a href="https://ipfs.tech" rel="nofollow">https://ipfs.tech</a><p>[1]: <a href="https://geti2p.net" rel="nofollow">https://geti2p.net</a><p>[2]: <a href="https://www.torproject.org" rel="nofollow">https://www.torproject.org</a>
I think what we are specifically speaking about here is one where it can be done remotely. Intelligence orgs have had secure(ish) digital dead drops for years. Example:<p><a href="https://www.bbc.com/news/world-europe-16614209" rel="nofollow">https://www.bbc.com/news/world-europe-16614209</a>
I don’t get it. Can’t you just upload the data to an anonymous GitHub repo or other public service? Have a predetermined prefix for the repo name and you can pull it from the firehouse.
Could you encrypt a file with a public key and expose it via web server that another server scrapes later. Maybe with a common url like example.com/deaddrop. The dead drop server would decrypt the scraped file with the private key. You would have plausible deniability because any other site could have a dead drop endpoint with encrypted files. They would be indistinguishable from any others.
My favorite recent one I read was encoding it in the http packet delays. So the content of the server is innocuous but you measure the timings<p>I wonder how many packet sniffers record exact extremely-accurate timestamps, maybe you could even use synchronized gps clocks so even if the saved a millisecond (or better?) timestamp, you send enough packets with enough exact timings that you need to have saved higher resolution
Can't a malicious entity running this system identify decoy messages by the fact that they are conveniently published at intervals divisible by 5 minutes? ie. 17:07:43 then 18:42:44
The ultimate serverless dead drop was a USB thumb drive epoxied into a hole in the wall, with only the port sticking out.<p>The only criteria the thumb drive in the wall fails is "Accessible via Tor to protect against traffic analysis.", however it doesn't need network access at all so I think it is kind of a moot point.<p>There is some minor risk of surveillance on the site, but that can be defeated with a fake mustache or whatever. Also physical security risk, the drive might be designed to damage computers that connect to it via a voltage spike.
One concern I have is the usage of Libsodium. Libsodium is way too popular to be secure. Many non-technical folks seem to think that just because a library has a lot of eyeballs on it, that it's secure. Unfortunately, these libraries are very complex and low level. It's possible to hide backdoors which look just like regular bugs; e.g. stack overflows can seem like accidental bugs. Also, popular libraries can be attacked at the distribution layer to backdoors may not even show up in the source code on GitHub. I've used Libsodium for Node.js in the past and the installation process was suspiciously heavy because it had to build a ton of C bindings. Red flags.