Communication Plan

Signaling

If you setup a dead-drop for emergency use, you could check it periodically. But even periodically checking something on the internet is a correlation attack. Another tradecraft technique used with dead-drops is called "Signalling". With a physical dead drop, you would have a more public location where you could signal that something was placed in the dead-drop.

For an example, let's say we've selected a dead drop location for between someone in deep cover and his handler. The person in deep cover is under surveillance, and doesn't want to check the dead drop location often so as not to get caught. If he loses his tail too frequently, the surveillance team will start to ramp up their surveillance. Preferably the surveillance team will not consider anything suspect until the tail is lost and there's no way to know where he's going.

So when the handler wants to deliver something, he needs to tell the person in deep cover that the dead drop contains a delivery. If the person in deep cover always takes the same route to work, then all the handler has to do is put something out of place on the route. It would be pre-determined beforehand, and very specific. For example, if a green sticky note gets placed on a road sign on the route, then you should check the dead drop. If it's a red sticky, lost your tail and bug out. If it's blue, then it means we need to meet.

Every time the person in deep cover drives by the pre-determined road sign, he would watch for a sticky note on that road sign. The same thing can be done on the internet, instead of in the physical space.

Let's say you've selected a birdwatching forum, and thread as a dead drop location. Instead of checking daily with Tails on a public Wi-fi, we will instead look at something more benign. Let's say that have a Facebook account that is connected to your family. Everybody in the family will check the account every day directly on the page, so as not to rely on the Facebook algorithm to show you everything your family says. If you post the word "Funky", then everybody knows the check the dead drop, or bug out, or whatever else you want to signal.

PACE Plan

Now we can discuss a communications plan. The common format for a communications plan is called a PACE plan. Usually a PACE plan is used in the context of radios, but it works in internet communication plans as well.

PACE stands for: Primary Alternate Contingency Emergency

The purpose of a PACE plan is to have several fallback lines of communication in case one goes down. For radios, a frequency getting jammed would trigger a move to the next frequency or line of communication.

Each letter would stand for a communication channel, or multiple communication channels. Let's examine an example plan.

Primary: Facebook Alternate: Telegram Contingency: The Greyman Network Emergency: Dead-drop on birdwatching forum Safe location: Uncle's house in the country

Command to switch to Greyman Network: Let's move to Alabama Command to check dead-drop: When are we going to celebrate April Fools again? Command to drop everything and go to safe location IMMEDIATELY: When will Half Life 2 come out?

With this example, most communications would be on Facebook or Telegram. However, if somebody wants to talk about something more spicy and don't want Facebook or Telegram reading the conversation, you would say "Let's move to Alabama", and everybody would go the the Greyman Network temporarily for a conversation. Then you have the dead-drop for things you want absolute security on, and the danger word to tell everyone to bug out. Very simple to understand and there's only 8 lines. You can also include several lines for a one time pad and fit everything on one single letter size paper sheet.

You will still have to practice some of these skills with your family, especially using Tails and One Time Pads. How intensive your PACE plan is, is up to your and what you think you can swing with the people on that plan.