Andrey Bezrukov and Elena Vavilova were Russian spies who operated in the USA for 20 years (this is the basis for "The Americans"); they were caught in 2010. "Compromised," is the new memoir by Peter Strzok, the FBI agent who had their case.
As @mattblaze writes, a throwaway detail in the book resolves a longstanding cryptographic mystery: that of a Cuban "numbers station" that operated for years, including a decade where it behaved very erratically (by numbers station standards).
Some background. Numbers stations - ratio stations in which people (or synthesized voices) read out strings of random numbers - are a means of messages for use with "one-time pads," a cryptographic tool that is, in theory, unbreakable.
3/
One-time pads are collections of random numbers used to encipher messages through simple operations: adding each byte of your message to the next number on the pad. If the pad is truly random, secret and never reused, the code can't be broken.
If your spies are sent abroad with a thick one-time pad, then you can simply broadcast your messages over the entire region in which they operate, and they can use their pads to decipher the messages, while your adversaries just get random numbers
5/
Numbers stations, like the powerful shortwave transmitter in Bauta, Cuba, were used to communicate with Soviet (and, later, Russian) spies in the US in this way.
6/
Though one-time pad messages can't be deciphered, it's still possible to leak information using numbers stations. If a radio station ceases operation every time a spy travels, then your adversary can match the station's operating schedule with suspects' itineraries.
7/
To prevent this "traffic analysis" attack, the station broadcasted dummy traffic (random numbers that WEREN'T encoded messages) every single day, even if the spies were not listening that day.
8/
However, for mysterious reasons - still not understood - the dummy traffic never contained the number nine ("nueve"). That made it easy to tell the real numbers station traffic from the dummy traffic, and from there, it was possible to derive the spies' travel schedules.
9/
Even with this glaring error, it took a DECADE for the FBI to get enough timing information to make their move. That was a whole decade in which the Cuban numbers station was making this weird, stupid blunder.
10/
One-time pads are incredibly powerful, but they're also super-awkward and unforgiving. An error as simple as pad re-use can blow them up, as happened with the notorious Venona affair:
As Blaze writes, "OTPs have long been a favorite of hucksters selling supposedly 'unbreakable' crypto. Remember this story next time someone tries to sell you their super-secure one-time-pad crypto. If actual Russian spies can't use it securely, chances are neither can you."
12/
Blaze was one of the researchers who followed - and recorded! - the Cuban numbers station, and noted the mysterious and telling absence of "nueve" in some of the traffic. He's posted a recording of the station to his site:
I'm touring my new, nationally bestselling novel *The Bezzle*! Catch me in THIS SATURDAY (Apr 27) in MARIN COUNTY, Winnipeg (May 2), Calgary (May 3), Vancouver (May 4), and beyond!
Combine Angelou's "When someone shows you who they are, believe them" with the truism that in politics, "every accusation is a confession" and you get: "Every time someone accuses you of a vice, they're showing you who they are and you should believe them."
1/
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on , my surveillance-free, ad-free, tracker-free blog:
Let's talk about some of those accusations. Remember the moral panic over the CARES Act covid stimulus checks? Hyperventilating mouthpieces for the ruling class were on every cable network, complaining that "no one wants to work anymore."
3/
Corporate crime is underpoliced and underprosecuted. We just choose not to do anything about it. US corporations commit crimes at 20X the rate of humans, and their crimes are far worse than any human crime, but they are almost never prosecuted:
We can't even bear to utter the *words* "corporate crime": instead, we deploy a whole raft of euphemisms like "risk and compliance," and that ole fave, the trusty "white-collar crime":
Using Amazon, or Twitter, or Facebook, or Google, or Doordash, or Uber doesn't make you lazy. Platform capitalism isn't enshittifying because you made the wrong shopping choices.
1/
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on , my surveillance-free, ad-free, tracker-free blog:
Remember, the reason these corporations were able to capture such substantial market-share is that the capital markets saw them as a bet that they could lose money for years, drive out competition, capture their markets.
3/
Here's a silver lining to global monopolies: we're all fighting the same enemy, who uses the same tactics everywhere. The same tools that allow firms to extend their tendrils to every corner of the Earth allows regulators and labor organizers to coordinate their resistance.
1/
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on , my surveillance-free, ad-free, tracker-free blog:
That's a lesson Mercedes is learning. In 2023, Germany's Supply Chain Act went into effect, banning large German corporations from using child labor, violating health and safety standards, and (critically) interfering with union organizers: