Learn to use AI like a Pro. Learn More

The Dead Drop: Design a Communications Method Like a Spy

Estimated read time: 1:20

    Learn to use AI like a Pro

    Get the latest AI workflows to boost your productivity and business performance, delivered weekly by expert consultants. Enjoy step-by-step guides, weekly Q&A sessions, and full access to our AI workflow archive.

    Canva Logo
    Claude AI Logo
    Google Gemini Logo
    HeyGen Logo
    Hugging Face Logo
    Microsoft Logo
    OpenAI Logo
    Zapier Logo
    Canva Logo
    Claude AI Logo
    Google Gemini Logo
    HeyGen Logo
    Hugging Face Logo
    Microsoft Logo
    OpenAI Logo
    Zapier Logo

    Summary

    Rob Braxman Tech takes you on an intriguing journey into the world of covert communication reminiscent of spy tactics. The focus is on creating a digital "dead drop" method—a secure way to communicate without leaving behind detectable metadata. The video emphasizes the importance of planning and privacy protection in potential emergency situations and offers practical techniques utilizing technology and strategic thinking for off-grid communication.

      Highlights

      • Learn covert communication like a spy with Rob Braxman! 🕵️‍♂️
      • Master the art of creating a digital "dead drop"—a spy tactic for safe communication! 💻
      • Discover why avoiding conventional communication methods is key to privacy. 🚫📱
      • Explore cutting-edge tools and strategies for secure digital exchanges. 📡
      • Understand the importance of planning ahead for emergency communication. 🔮

      Key Takeaways

      • Plan your communication strategy ahead of time to avoid leaving a digital footprint. 🗺️
      • Using conventional phones or social media can give away your location—dodge them! 🚫📞
      • Secure your communications digitally using tactics inspired by spy tradecraft. 🕵️‍♀️
      • Tools like Linux OS, de-Googled phones, and VPNs are essential for privacy. 🔐
      • Find creative ways to keep your communications private and undetected. 📫

      Overview

      Have you ever wondered how Jason Bourne might communicate if he were to escape off-grid? Rob Braxman Tech offers insights on creating a communication method that stays under the radar—even from government surveillance. In his video, Braxman dives into the fascinating concept of a digital 'dead drop', a method adapted from Cold War spy tactics to send secure and undetectable messages.

        The video highlights the pitfalls of using everyday communication tools like phones and social media, which are vulnerable to tracking and interception. Instead, it suggests alternative technologies and strategies to communicate securely. Viewers are guided through various precautions—like using Linux OS, de-Googled phones, and VPNs—to ensure privacy and reduce the risk of surveillance.

          By emulating spy techniques, like the 'dead drop', anyone can prepare for unforeseen emergencies where keeping communications invisible is crucial. Braxman provides tips on establishing secretive yet reliable communication lines using sophisticated digital tools, ensuring that even the most tech-savvy individuals can stay one step ahead of prying eyes.

            Chapters

            • 00:00 - 01:00: Introduction and Context The chapter titled 'Introduction and Context' discusses the importance of having a communication plan in case of an emergency, especially when off-grid communication becomes necessary. It frames this preparation as a project for privacy learning, rather than implying an expectation of actually needing to go off-grid. The chapter also references a previous video made by the author, titled 'How to Escape like Jason Bourne,' noting that although the author found it interesting and potential for a series, it did not garner significant viewership.
            • 01:00 - 02:00: Spy Communication Problems In the chapter titled 'Spy Communication Problems,' the protagonist Jason Bourne faces a critical situation where he must leave town abruptly, leaving no time to inform his family. His main challenge is to contact his family to arrange for funds and assistance, but he constantly fails due to surveillance on all known communication channels. Despite multiple attempts, every conventional method he tries is being monitored, leading to repeated failures in reaching his wife.
            • 02:00 - 03:00: Dead Drop Technique Explanation The chapter discusses the importance of having a pre-established method of communication to ensure privacy and avoid creating metadata that could be intercepted by surveillance agencies. The focus is on strategic planning and preparation to develop a communication system that remains undetected by external monitoring. An example method is introduced, serving as a framework for developing similar communication strategies.
            • 03:00 - 04:00: Avoiding Detection by Authorities The chapter explores the espionage technique known as the "Dead Drop," which is employed by spies to transfer information without direct contact. This method is presented as an effective tool not only for espionage but also for understanding privacy and security measures used by governments. The narrative suggests that learning such techniques can be both educational and entertaining, even for those who don't plan to use them, as it provides insight into how authorities might track individuals.
            • 04:00 - 05:00: Digital Dead Drop Methodology The chapter discusses the Digital Dead Drop Methodology, a covert technique used extensively during the Cold War for passing information, instructions, or objects such as film between agents without face-to-face communication. It centers around pre-arranged locations and subtle signals to indicate that a drop needs to be picked up.
            • 05:00 - 06:00: Implementing Digital Communication Protocols This chapter discusses the use of dead drops in digital communication, drawing parallels to espionage techniques where signals and marks are used to avoid direct contact between agents. It illustrates how subtle signals, like gum on a lamp post or chalk marks, can indicate the presence of a package in a dead drop. The chapter explores how these concepts can be translated into digital communication protocols to establish secure lines of communication without direct interaction.
            • 06:00 - 07:00: Using Password Manager as a Dead Drop The chapter titled 'Using Password Manager as a Dead Drop' introduces the concept of using digital means to emulate the traditional espionage technique of dead drops. The transcript indicates that Jason will be taught various technological strategies for digital communication. However, it also warns about common behaviors in everyday life that can quickly reveal one's location, posing risks to privacy and security. These behaviors are referred to as 'big red flags' that should be avoided to maintain anonymity and protect sensitive information.
            • 07:00 - 08:00: Advantages of Using KeyPass XC The chapter discusses the advantages of using KeyPass XC, focusing on security concerns related to telephone communications. It highlights the risks associated with phone calls and SMS, as both are logged into the public switch telephone network (PSTN) and recorded by the government. The text emphasizes the potential vulnerabilities of carrying a phone, such as being tracked through cell tower and Wi-Fi triangulation.
            • 08:00 - 09:00: Establishing a Secure Online Dead Drop This chapter discusses the challenges and methods for establishing a secure online dead drop to avoid government tracking. Jason learns that iPhones can be tracked even when turned off and regular phones contribute to a location history accessible through the Google sensor vault. To evade this surveillance, Jason disposes of his phone, ensuring it's nowhere near his intended location. Additionally, he is advised against purchasing a burner phone to contact his wife, as this could compromise his efforts.
            • 09:00 - 10:00: Emergency Procedure Execution The chapter "Emergency Procedure Execution" delves into the methods employed by authorities to monitor individuals' communications, specifically through phone wiretapping. Historical call records, as part of the public switched data network (PSDN), have long been accessible to agencies like the NSA through programs such as PRISM. The chapter discusses how these systems, previously exposed by Snowden, are augmented by other databases that further enable law enforcement access to telecommunication records.
            • 10:00 - 11:00: Historical Example Usage The chapter discusses how authorities can use databases such as the FBI DCIS to trace and identify unknown callers, specifically through metadata analysis. It explains the process of how a call can be traced back to an individual, like Jason, by identifying patterns and characteristics of the call, even if it is made from a burner phone. The process involves determining if the call was not an accidental 'wrong number' and using cell tower triangulation to pinpoint the phone's approximate location, allowing police to identify the area of the caller within about a half-mile square.
            • 11:00 - 12:00: Enhancing Privacy with Session Apps In this chapter, the focus is on how Jason uses a burner phone to communicate discreetly with his wife, specifying meeting locations. However, there are challenges to maintaining privacy due to the prevalence of tracking technologies such as car trackers and license plate readers in urban areas like Los Angeles.
            • 12:00 - 13:00: Additional Secure Communication Tools The chapter discusses various secure communication tools that can be used to ensure privacy and security. It highlights the presence of surveillance technology such as facial recognition cameras on the streets, making it risky to drive around in a known car. The chapter advises against talking on the internet without precautions, mentioning that even apps like Signal, which offer end-to-end encryption, may not be entirely secure due to new AI technologies that can potentially breach these safeguards.
            • 13:00 - 14:00: Using Tor for Secure Communication The chapter on 'Using Tor for Secure Communication' discusses the vulnerabilities that could arise from using popular operating systems like Windows, Mac OS, iOS, and Android, which might be subjected to client-side scanning. It suggests that the only truly secure devices are those running Linux, de-Googled OS, or outdated versions of mainstream OSes. Additionally, it advises against maintaining a public presence on social media, highlighting the risks associated with commonly used apps that could compromise privacy.
            • 14:00 - 15:00: Conclusion and Product Promotion The chapter provides guidance on maintaining anonymity by avoiding digital payments, which can be tracked by governments. Instead, the use of cash for purchases, such as burner phones, is recommended to prevent surveillance.

            The Dead Drop: Design a Communications Method Like a Spy Transcription

            • 00:00 - 00:30 in an emergency do you have a plan in place so you can communicate if you needed to go off- grid think of this as more of a prepper project so you can use it for privacy learning you don't actually need to think you'll be off grid a couple of years ago I made a video titled how to escape like Jason Bourne I thought it would have made an interesting series but apparently my viewers thought otherwise and it did not get a lot of views what is interesting
            • 00:30 - 01:00 in that scenario was that the protagonist Jason Bourne had to go out of town quickly and without warning and there was no time to communicate with family and in the early stages the main problem was that he needed to talk to family to get funds and get help well as that video shows if you watch it Jason fails over and over because just about every Normy channel of communication is being watched he tries multiple ways to reach his wife and he constantly fails and the reason he fails over and over is
            • 01:00 - 01:30 that there was no pre-established way to communicate he needed to have planned like a prepper and have a method established in advance my premise here is to plan a way of communicating that does not create metadata thus any kind of surveillance even by three-letter agencies will not suggest that a communication was made so I will teach you an example method you could use this as a framework for what to do
            • 01:30 - 02:00 the basis of this is covert tradecraft and the starting technique is called the Dead Drop In other words this is a technique used by spies so if they think it is effective we should learn how to do it too are you interested this could be a fun exercise even if you're not expecting to use this it is actually a lesson in privacy since you can learn how government might find you stay right there
            • 02:00 - 02:30 the Dead Drop was a covert method that was used quite extensively during the Cold War to pass information instructions or objects like film between agents the idea of a dead drop was that it does not use face-to-face Communications the technique is based on having pre-arranged locations and a signal was sent that a drop needed to be picked up the signals are subtle and
            • 02:30 - 03:00 common so that no one suspects anything unusual for example there could be gum on a lamp poost a chalk Mark or a particular car is positioned differently then one agent drops the package in the Dead Drop for example a hole in a concrete wall and then later without any physical encounter the second agent will pick up the package this is what I want to emulate as a model for establish lishing a line
            • 03:00 - 03:30 of communications but to do it digitally so we will teach Jason a few technological tricks so he can emulate this dead drop digitally but first Jason needs some basic guidance what will not work there are behaviors we perform in normal life that will Zuck you in a big way and reveal your location quickly so here are some big red flags to be aware
            • 03:30 - 04:00 of number one no phones no phone calling no SMS it should be obvious that any phone call is logged into the pstn the public switch telephone Network and every SMS text message has a copy kept by the government so this may be redundant information but it needed to be stated up front Jason alone carrying a phone could be subject to cell tower triangulation Wi-Fi triangulation and on
            • 04:00 - 04:30 an iPhone location tracking even with the phone off also with a regular phone locations are tracked in the Google sensor Vault so a history of locations can be pretty easily acquired by the government so Jason has to drop his phone in the garbage hopefully not near where he intends to be number two no burner phone Jason must not purchase a burner phone to call wife this will fail the
            • 04:30 - 05:00 reason is that the authorities will simply wiretap all the phones of the people Jason knows how do they do this very easily they look at the records of Jason's calls historically in the psdn a history of all calls has been passed to the No Such Agency for a long time using the prison program that Snowden already revealed in addition additional databases make this avail able to every law enforcement officer
            • 05:00 - 05:30 via the FBI dcis database if an unknown phone number calls Jason's wife then that metadata will already reveal that it's Jason calling especially if the call is not a short wrong number kind of call the authorities would also quickly know it is a burner phone and then the approximate location will already be known since it would be cell tower triangulated so the police would know it's a small area maybe 1/2 M square or
            • 05:30 - 06:00 less number three no car maybe Jason uses the burner phone to tell his wife where to meet him so if the wife takes her car to the location well it should be a simple matter for authorities to put a tracker on the car even an air tag and they will follow her but for both Jason and his wife the streets of large cities like Los Angeles have like license plate readers everywhere there's
            • 06:00 - 06:30 a ton where I am then the streets here also have cameras that gives tickets out using facial recognition so driving around in a known car is a big no no number four no talking on the internet the most obvious methods of course would be to use apps like signal because you think you have into an encryption however the new AI see what you see technology would authorities to
            • 06:30 - 07:00 see what you see and interrogate your computer's AI so any new device using Windows Mac OS iOS Google Android could be subject to client side scanning the only devices that would be safe would be those using Linux and a de Googled Os or some old version of those popular osses it should also be obvious that a public presence on social media is a big no no many of these apps will try your
            • 07:00 - 07:30 location number five no credit cards no PayPal no venmo any kind of digital payment will automatically signal where you are to a government the transaction will indicate the vendor and that vendor could be where you just tried to purchase a burner phone a store with a surveillance camera so just like in the movies you can use these prep
            • 07:30 - 08:00 work fortunately because we're here to have fun we can pre-plan our Escape Plan and there are certain strategic technologies that have to be in place ahead of time number one Linux OS for Jason's wife there has to be access to a Linux computer in the house preferably it should be a device that's commonly used because a sudden change in device during a crisis is metadata that shows some pattern
            • 08:00 - 08:30 so let's say that Jason's wife is using a Windows computer perhaps it can be configured as a dual boot computer so it can be started with Linux for this exercise you do not want to run Linux in a virtual machine and the reason is that the new see what you see technology or client side scanning can see the screen and can see the Linux window from The Host Windows or Mac OS
            • 08:30 - 09:00 so it should be running Standalone Linux number two the Google phone for Jason it would be really handy if his daily driver phone is running a the gooogle OS phone like a Brax 3 here's why these phones do not report location to any party so the threats of a Google sensor Vault does not exist next to neutralize the cell tower triangulation just remove the SIM card and throw it away in fact I would not use a SIM card in it from then on Wi-Fi only from there
            • 09:00 - 09:30 then the phone will actually be safe number three Cash in crypto you will need cash to make quick moves so it should always be critical to carry a large enough sum of money for emergencies nowadays the average young person will not even carry 10 bucks it is an essential part of prepping to change this bad habit if you're even smarter you would have cash stashed secretly away elsewhere so you can get
            • 09:30 - 10:00 some in case of an emergency can't be at your house since you should expect your house to be surveilled the easy alternative is to have some amount of Bitcoin available to you while it is hard to spend large amounts of Bitcoin online small amounts are still doable and can keep you surviving number four countering facial recognition unfortunately you do not even have to verify your face in front of a camera to avoid facial recognition there too many cameras around including even being in
            • 10:00 - 10:30 the background of a photo taken for social media so the solution is to have new habits have sunglasses a hat and in Winter perhaps a scarf just some quick way to change your appearance or a face mask to make people think you have covid number five Voice surveillance Jason and his family needs to be aware of the possibility of voice surveillance for example Alexa Echo devices should be eliminated in emergencies everyone in
            • 10:30 - 11:00 the family should be aware that TVs can be turned into microphones and someone can listen in and you better dump your ring cameras there's a laser listening device that can be pointed at glass windows from outside and it can be used to listen to sounds inside a house the laser picks up Sound Vibrations number six VPN I would also be aware that a powerful opponent can easily hack your Wi-Fi and be on your network so you have
            • 11:00 - 11:30 to almost assume that your house could be like a public network the solution is to put all your devices on a VPN or to simplify it further put your entire network on a VPN router the VPN encrypts the traffic so even someone on the local area cannot intercept it number seven password manager I leave this for last but this will actually be key you need to learn to regularly use a password manager because later this is what we
            • 11:30 - 12:00 will use as the dead drop package later I will explain why this is actually a pretty easy way to get sophisticated without having to learn complicated tricks the Dead Drop procedure number one the package the First Tool in our Dead Drop Arsenal is the password manager database which will be our drop package for this example I
            • 12:00 - 12:30 will use the password manager keypass XC for Android look for a version called keypass to Android so I advise that you install this on all your computers and phones most will have the capability to work with keypass in some way keypass keeps its credentials in a database file with a kdbx extension the interesting thing about a keypass kdbx file is that it is completely encrypted and the key
            • 12:30 - 13:00 is based on your master password assuming your password is sufficiently long like 12 to 15 characters with upper lower numbers and special characters then it should be pretty uncrackable in our lifetimes now here's the other interesting detail while keypass is used primarily to store passwords there is absolutely no reason you can use it to keep any information you want you can use it to keep notes give instru CS to family keep crypto seeds give secret
            • 13:00 - 13:30 contact info Etc so our premise is that we will use a password manager to pass Ultra secret messages again when you save your entries in keypass XC it saves it to a database kdbx you could create a separate kdbx file for emergency use or you could put your instructions in your regular password manager and hopefully your family will know know how to get into
            • 13:30 - 14:00 your password manager so discuss this in advance here's another interesting detail you really don't have to be afraid of putting a kdbx file somewhere on the internet because it's unhackable anyway but you don't want to be obvious with this either by putting it in Google Drive or or by passing it as a Gmail attachment remember that Google Drive and Gmail are tied to a Google ID which is attached to you the other thing about a password manager is that it is in
            • 14:00 - 14:30 common use so if you're always using a password manager then there wouldn't be any metadata suggesting some new Behavior second a password is protected in the US by the Fourth Amendment you definitely cannot be required to reveal it to anyone the Dead Drop site the idea of a dead drop site is that it should be easily accessible by all for example Jason is running around somewhere possibly without a computer or even a phone so there may not be access to
            • 14:30 - 15:00 Advanced technological tools or to do anything sophisticated he may even be forced to use a normal phone though without a SIM card as his computer so Jason and his wife needs to First establish basic Communications without getting too sophisticated my recommendation is to put instructions for the first Dead Drop site in their regular password manager database itself so think ahead now and plan it and then put it into effect you need to find some
            • 15:00 - 15:30 Internet site that will allow you to upload a file the site must not require Toof Factor authentication since Jason will not have a SIM card nor access to any other account and the account should not expire one potential easy solution is if you have some web mail-based email account for this example I will use bmail bmail can be accessed directly from a browser and on like Gmail it will
            • 15:30 - 16:00 never force you to give two Factor authentication then what I would do is to create a message to yourself as I show here let's see how we can use this and then the message will have an attachment and the attachment will be the password manager kdbx file now instead of sending this I will just leave the message in the draft folder by saving it this then will be our starting point this kdbx file can be downloaded from any location and can be the packaging for the drop
            • 16:00 - 16:30 the drop in an emergency the first thing I would do as Json then would be to download the keypass file and open it on my device then I would edit the Emergency entry I made on the password manager file and then I would pass the new message I want for example I can explain what has happened and what you intend to do and what your immediate needs are then I would upload that same cage dbx file up to the drafts folder
            • 16:30 - 17:00 again let's create a sample scenario here on keypass XC I will create a new mail and then include the kdbx file as an attachment and then I will hit save and not send the pickup assuming your wife has read the emergency instructions in the password manager file before she will know how to read it again when you turn up missing and then she can log into the web mail of the same email email address so both you and your wife
            • 17:00 - 17:30 will access the same email account but neither of you will mail out any new mail just so you know any new message on email will be easily detected if that email is being tracked but if no external mail is sent like that being saved in a draft folder then there is no danger if you accidentally email the message to yourself instead of saving it to draft no danger as intra domain mail does not leave the server so your wife
            • 17:30 - 18:00 should see a new updated draft message in the draft folder this she can then download and open up on her hopefully Linux device and then read the Emergency entry using keypass XC variants now I want to make clear that a variant to this method was used by General Petraeus back in the day when he was having an affair they used to pass messages to each other using the email draft method but in this case we don't
            • 18:00 - 18:30 have any readable message since the only thing being uploaded is an encrypted password manager database so our approach has more deniability here's a variant I want to introduce though the idea is that the account should not be obvious what I don't like about the email method is it's obvious since it would be tied to your family's purchases the more obscure way but requires a little bit more training is to set up a pseudo Anonymous
            • 18:30 - 19:00 account on social media and upload a file there again using Services I run I will use bra me as an example though you can really use any platform that accepts a file to upload as long as they allow a pseudo Anonymous identity and no TFA on braby you can set up a free account it's there forever and you can upload a file to your my files folder assuming you're using or a VPN to access
            • 19:00 - 19:30 the platform then no one should know who the account belongs to even from metadata all you have to do is to put the login information with that username and password in the platform and in this example brme will be the drop location in the password manager emergency notes and you can then pass a new file upload on that account when needed if you want to be more obscure you could rename the file from database.
            • 19:30 - 20:00 kdbx to database. bin or something so at least it wouldn't be obvious what it is but this could add complexity and depends on how techy your family is next step next Once the communication is established I would actually switch Communications to another method and if the equipment allows it I would recommend the session app session is excellent for
            • 20:00 - 20:30 communications by whistleblowers for example it is an endtoend encrypted app that I've been recommending as better than signal you can't use signal if you're on the run without a SIM card but session does not require a phone number and it works on all operating systems the unique thing about the session app is that it is the best I found at hiding metadata for me the session Communications occur over an onion
            • 20:30 - 21:00 routing Network like T session uses the loket network and no identifiers are used that can imply who the parties are in a conversation so for a permanent method I would have more complex conversations on session you can pass the initial session ID in the key pass password manager in the original drop and then you can continue talking in a more secure way after that you can even keep deleting session when
            • 21:00 - 21:30 you want it hidden and then reinstall it when you want to that's a good technique for example if traveling abroad nothing on the phone to compromise you virtual phone I'll mention this on the side as being relevant here if you have a bra virtual phone account it can be called by another SIP device directly without going through the pstn it's basically like extension to extension calling I have a video demonstrating this so between two bra virtual phone accounts
            • 21:30 - 22:00 quiet communication can occur and because it's not tied to cell towers there is no Side location a VPN should be sufficient protection to hide locations and even in Crypt traffic there should be no record of the call just like there is no record of calls doing extension to extension calling in an office using tour while Jason's wife is just fine using a VPN at home Jason himself should stick mostly to using tour a quick tour browser can be used on
            • 22:00 - 22:30 Brave using the tour window option on Android you can use the app called Orbot for someone on the Run Jason would be like Snowden and Snowden has stated that he uses Linux Tales OS which communicates over tour asai suggested I'm not necessarily expecting any of my followers to be on the run but it is important preper knowledge to to have ahead of time it
            • 22:30 - 23:00 also informs you of techniques that show where privacy breaches are and how to evade them folks this channel is supported solely by this community thank you to those that support us on patreon locals and YouTube memberships I don't acknowledge you publicly for privacy reasons but you are appreciated most of you support us by using our products and services our most recent product is the Brax 3 phone which
            • 23:00 - 23:30 will be available shortly this phone is invisible to Big Tech and is a primary privacy tool it is available on indiegogo.com for now and later on Brax tech.net we have other products that are available on our store the key one is the bra virtual phone you can have multiple numbers that require no ID or kyc we have the bra mail service which allows for unlimited aliases and many obscured domains we have bitvpn and the
            • 23:30 - 24:00 bra router VPN and Tor router all these products are on our store on Brax me join the over 100,000 people who are part of our community and talk about privacy issues daily thank you for watching and see you next time