“Paralleling:” Investigative Money Laundering (and politics: WaPo, rebuttal to Sterling)

To some investigators, “parallel” is a verb — the fine art of hiding where you really got information by engineering a “chance” discovery.

Did an illegal wiretap indicate a drug shipment en route? Parallel it by tipping off the local police to stop the car on a pretense, and “just happen” to have a drug dog.

The article treats this as news, but it’s really not.

During WWII, the Allied forces used “parallel construction” to conceal their Enigma decryption capability. When a German submarine transmitted its position, they’d have ships send out three or four spotter aircraft… one of which would “just happen” to fly over the submarine.

No doubt the idea goes back even further than WWII, too. I seem to recall Walsingham using it, but I can’t find the citation.

From a counterintelligence perspective, the opposition’s use of “parallel construction” to conceal their methods must always be kept in mind. The obvious, visible way they learned what they did is not necessarily the real one.

It may be possible to detect the original source of the leak, and pierce the “paralleling” veil, using a sort of graph analysis. While each compromise will have an obvious, proximate cause, there are always connections to the real point of compromise. Real points of compromise may therefore tend to have at least weak links to more compromises (on average) than other defending points.

For spy novel fans, I speculate that it was just this sort of analysis which undid Magnus Pym in le Carre’s “A Perfect Spy.”

Politics: It looks like their participation in SnowdenLeaks was the last straw. The Washington Post has been purchased by Jeff “I did Big Data before it was cool” Bezos, right after he cozied up to the CIA and earned himself a $800M contract to do their cloud computing. http://www.washingtonpost.com/national/washington-post-to-be-sold-to-jeff-bezos/2013/08/05/ca537c9e-fe0c-11e2-9711-3708310f6f4d_story.html

Doctrow posted a rebuttal of Sterling’s argument that most electronic civil rights defenders are indignant “mostly because they weren’t consulted… they are electronic first, and civil as a very distant second. They’d be utterly thrilled to have the NSA’s vast technical power at their own command.” (https://medium.com/geek-empire-1/a1ebd2b4a0e5)

Doctrow points out that the EFF and cypherpunks have been aware of and doing their best to work against mass surveillance from the beginning, so WTF mate?. (http://boingboing.net/2013/08/05/how-sterlings-the-ecuadori.html)

I’d point out that the EFF and cypherpunks are a relatively small contingent, whereas the number of people who thought “sure, laws will keep the data-slurpers in check” is vastly larger. But even among the hardk0re, I have my doubts…

A while back I was hanging out with some people who would fall into the latter category. Someone, figuring us for security types, asked for help with their security. An “unknown hacker” was messing with this person’s phone and more or less ruining their life. While the person was smart enough not to have brought their phone, I assumed it was a smartphone, told them to go spend $20 on a brand new phone and SIM, and then give the number out to as few people as possible.

As the person left, I found myself chastised by the others — “look, giving out advice isn’t our job, etc.”

I’ve also been to my fair share of security conferences, and noticed something… a heavy bias towards the attack side. Good information on defending yourself? Verry hard to come by. Want to feel helpless, like anyone there can pwn any device you have? Boy, have you come to the right place!

In all fairness, the modern world really is held together by duct tape and a collective agreement to ignore the man behind the curtain. Yet even the massive drama around the CryptoParties (which saw the founder of that effort pushed out) seems to suggest an unspoken or unconscious hostility to the defensive side.

(This is not to discount the EFF’s great work with the Surveillance Self Defense series.)

Which is part of the reason I try to point out what to do to defend yourself from many of the exploits & flaws I cover.


” documents reviewed by Reuters show that law enforcement agents have been directed to conceal how such investigations truly begin – not only from defense lawyers but also sometimes from prosecutors and judges.

The undated documents show that federal agents are trained to “recreate” the investigative trail to effectively cover up where the information originated[…]

The document specifically directs agents to omit the SOD’s involvement from investigative reports, affidavits, discussions with prosecutors and courtroom testimony. Agents are instructed to then use “normal investigative techniques to recreate the information provided by SOD.”[…]

trying to “recreate” an investigative trail is not only legal but a technique that is used almost daily.

A former federal agent in the northeastern United States who received such tips from SOD described the process. “You’d be told only, ‘Be at a certain truck stop at a certain time and look for a certain vehicle.’ And so we’d alert the state police to find an excuse to stop that vehicle, and then have a drug dog search it,” the agent said.


After an arrest was made, agents then pretended that their investigation began with the traffic stop, not with the SOD tip, the former agent said. The training document reviewed by Reuters refers to this process as “parallel construction.”[…]

“Parallel construction is a law enforcement technique we use every day,” one official said. “It’s decades old, a bedrock concept.”

A dozen current or former federal agents interviewed by Reuters confirmed they had used parallel construction during their careers. Most defended the practice; some said they understood why those outside law enforcement might be concerned.

“It’s just like laundering money – you work it backwards to make it clean,” said Finn Selander”

%d bloggers like this: