3

If an individual creates an email account with false personal information, then shares the email address and password with another person or persons, could they use saves drafts of emails to communicate securely?

Since most websites and email servers would record ip addresses of those who logged in, you would have to trick it into thinking you are each logging in from the same ip even if across the world.

What also matters is how the email server handles saved drafts of emails. If you change a draft or delete it does the server preserve the drafts if they are never sent?

I would think that since no email is sent to another email address that it would be less noticeable if two people or more logged into the same email account and used drafts to communicate. There is also the possibility of attaching files to the draft as well.

M. Aykens
  • 31
  • 1
  • 2
  • I suppose this method could be used in conjunction with actual cryptography so that the saved drafts would appear to be garbled characters to anyone who looked at them, requiring a key to decrypt that only sender and receiver have. – M. Aykens Oct 06 '17 at 20:47
  • it all depends on what you want to be secure *from* - mostly this method is used to prevent messages from being sent through monitored networks – schroeder Oct 07 '17 at 11:03

3 Answers3

3

It's not a good idea. Also, that trick is older and more popular than you might think.

As with any security-through-obscurity pattern, it only works if the adversaries aren't aware of it. But since saving emails as drafts instead of sending them has been popular among criminals, terrorists and even found its way into pop culture, that technique rather attracts attention and certainly doesn't add security.

E.g., one popular case was the Petraeus and Broadwell affair:

The CIA director and his biographer had a shared Gmail account and wrote some of their personal missives as draft emails, which were left in a draft folder or an electronic, "dropbox".

[...]

Al Qaeda terrorists began using the technique years ago. It allowed them to exchange information without sending traceable emails. An account would be opened by one conspirator and a draft email written and saved. The account could then be opened by a co-conspirator with access anywhere in the world, who could read the draft email and delete it.

The process meant the information had never been sent in the form of an email, making the electronic trail weaker. The technique has since been copied by teenagers in many countries to avoid having their emails monitored by their parents.

(Source)

If you change a draft or delete it does the server preserve the drafts if they are never sent?

There is no way of knowing if deleted drafts are preserved, so better assume they are kept. Also, getting behind this trick might be as easy as searching the provider's database for email accounts that produce high amounts of drafts but rarely actually send emails.

Instead, encrypt your emails. There are plenty of cryptographically secure technologies, free providers and VPN services to do so anonymously and securely.

Arminius
  • 44,242
  • 14
  • 143
  • 138
1

What you're suggesting certainly has precedent, though I would suggest that there are far more effective ways to clandestinely communicate in present day. There are options such as Signal which uses secure end-to-end encryption, or Ricochet which utilizes Tor hidden services.

Utilizing a method such as you've suggested brings too many complications with it. As you point out the login would likely need to be from the same IP address (or similar geographic location) to avoid the service provider from potentially blocking the login from an unknown IP address. To do this you may need to set up some sort of VPN account or SOCKS proxy that you'd both need to share. You now have an untrusted third party in the mix. As you point out, how the provider deals with drafts is also a consideration.

Granted, all of this really depends on your threat model and who you're ultimately trying to hide communication from. What you've suggested is certainly feasible if the proper conditions are in place but I think you'd be better off utilizing another method.

DKNUCKLES
  • 9,247
  • 2
  • 37
  • 48
1

What's your definition of "communicating securely"?

If you want to encrypt the texts you're writing, then using encrypted email or a secure messenger service would probably be the better choice. Using webmail drafts is no use in this scenario, as these might be stored in clear text.

If you want to hide the fact that you are communicating, then hiding behind the TOR Network is more reliable than depending on the webmail provider not storing or giving away your IP address. IP spoofing is highly unlikely in this scenario (as you would want to receive the answers from the server).

Bottom line: While you could communicate over email drafts, there are certainly more secure ways to do so.

Lukas
  • 3,158
  • 1
  • 15
  • 20