

DeadSwap, a clandestine offline file sharing system - tricknik
http://www.deadswap.net

======
a-priori
So in other words, all someone has to do is hijack the SMS gateway (or fake an
SMS from that number), pose as a "rabbit" and get the information delivered
straight to them?

~~~
tricknik
Yes, just like real spy rings, if you get infiltrated you are dead. That is
rather the point of the game, to teach you how to be clandestine. Better learn
now so you're not fumbling the drop when it counts.

~~~
a-priori
But unlike real spy rings, this one is centralized. By how they've described
it on that site, everyone must trust the SMS gateway to give them orders, so
the gateway becomes a single point of failure.

~~~
tricknik
No, each ring has their own gateway, just like they have their dead letter
box, etc.

~~~
calcnerd256
Right, meaning each ring is centralized.

~~~
tricknik
Which is exactly like a real world Dead Drop, and in the same way that a dead
letterbox can be changed when the ring fears discovery, so can the deadSwap
gateway. I'm not sure what you aare suggesting, if you could suggest a
decentralized way a spy ring might exchange a drop, please let me know.

~~~
calcnerd256
I thought that when you said "no" you were responding to the whole adverb
phrase, not just to the "unlike" adjective phrase. I was correcting that "no"

------
kogir
First, it isn't clear how you request a specific item or file from the
network. You can request the USB stick, but who knows what will be on it.

Second, SMS traffic is already tracked for billing purposes, and is tied to a
phone number with a billing address (most of the time). It'd be even easier to
identify the users of this network than most online networks. You wouldn't
know what was being traded without intercepting the USB stick, but still.

~~~
tricknik
Communication regarding file requests are on the Wiki, which is on the USB
stick itself. As for your privacy questions, see the section "privacy" and
"handbook," deadSwap trains people to be clandestine, it is the behaviour of
the people, not the technology that makes the network work, or not.

------
keefe
So, the contents of the usb are public and thus need to be encrypted, why not
trade IP addresses for FTP servers on Tor?

------
omouse
_The coordination of the passing-on of the stick is done through an anonymous
SMS gateway, meaning that the system does not require Internet availability
and also that, with certain precautions, it can be a very private system that
is quite difficult to monitor._

Huh?

------
gojomo
"Hey! Budget renewal time is coming around and we in the cyber-enforcement
division haven't made a record number of busts this year."

"Load some USB sticks with contraband and handoff to fallguys through
DeadSwap. A dozen arrests should look good."

~~~
zandorg
Not only that, you might end up meeting some guy with an axe!

~~~
tricknik
The guy wih the axe doesn't really need deadSwap to find somebody to chop up,
he could use craigslist

------
icey
aka sneakernet 2.0

~~~
amalcon
This seems to be one of the cases where 2.0 has regressed. I can't see any
advantage of this over a more standard sneakernet, without any SMS
involvement.

~~~
tricknik
The advantage is that it you don't know who else is using the network. It is a
sneaker-darknet.

~~~
amalcon
While it is true that you'd need to know _fewer_ people, everyone would still
need to know everyone else indirectly in order to be admitted in the first
place. This is a requirement for the security of the network from
infiltrators: someone already on the network would necessarily need to provide
you with a "secret" of some form.

By contrast, with a more standard sneakernet, you'd need to know everyone
you're in direct contact with -- but that number is typically kept fairly low
for social reasons anyway. Data would be distributed more widely by passing
through several intermediaries: Bob copies all of Alice's data, then Carol
copies Bob's, and now Carol has Alice's data without necessarily having met.
This is how people used to pirate software before network access was so
common, and it actually worked pretty well.

Want to know who to blame for all the old games asking you to "look up this
word in the instruction manual"? It's people doing this.

~~~
tricknik
That you need to know fewer people is significant, and even more so is that
you not meet in person that is why the "Dead Drop", "Dead Letter Box", etc is
such a common tactic in espionage. deadSwap is a file sharing system/ urban
game based on the concept. When done correctly it is very effective and very
difficult to sting, thus it has been a standard in spycraft for decades.

