1

Say I live in a western country and suspect a foriegn businessperson is trying to bribe local officials. I am provided with 3 options to report: snail mail, email and SMS. For my threat model, I am worried about acts of vengeance from the foriegn government, and by providing evidence, I am revealing my identity to the receiver.

Which option should I go for and which is the worst option?

How about email vs SMS? Suppose I trust the email provider (protonmail or tutanota) / telecom not to be malicious.

  • For email, transport encryption is optional and mail server in the middle can read your mail.
  • For SMS, it suffers from downgrade attack and depends on the telecom to do the encryption correctly.

Does the above defects still matter in modern usage?

  • 2
    You might want to consider setting up a new webmail account just for this purpose, and only access the webmail account through TOR (e.g. via Tails). – mti2935 Oct 31 '21 at 21:38

2 Answers2

1

With snail mail, you do not have any assurance of receipt, although it is impossible to trace the sender.

With SMS, you have zero protection at any point, and the transmission is traceable and not encrypted.

With a sufficiently secure email service, you get encryption, anonymity, and confirmation of receipt and even return communication that will not compromise your identity.

schroeder
  • 129,372
  • 55
  • 299
  • 340
0

IMHO there are different points here.

  1. do you accept to reveal your identity to the recipient of the message?

    If you do not, sending the message is rather useless, because anonymous informations received by governmental service usually are throwned to the bin with no further action.

    If you do, do you trust them not to reveal your identity to your adversary?

  2. The remaining part of this post only focuses on message interception.

    The safer is indeed snail mail. It is a paradox because it is the easiest to do (anyone can open a letter), but post services are generaly trusted to respect their confidentiality obligation. On most countries, you can even ask the postal service (for a fee) to give you back a reception proof.

    SMS should be avoided. The message is required to be short, cannot easily handle attachements, and it is sent in plain text from the sender to the receiver. Worse, it can only be sent to a personnal phone, so not only you have to trust a service, but you have to know a portable phone number of a staff member.

    email is in between. Provided you use a TLS/SSL channel (either Webmail or SMTP) the message is encrypted up to your mail provider. If you can trust them the risk of interception is actually low. The downside is that even if certificates allow to legally sign a message, they are not of common use, so the risk that the message will be processed as an anonymous one (and then silently dropped) is high.

    But in some countries, national security services have settled HTTP(S) sites allowing citizen to signal abnormal activities. If it exists in your own country it is probably the best channel.

Serge Ballesta
  • 26,693
  • 4
  • 44
  • 89