Russian Federal Guard Service "Upgrades" To Electric Typewriters

Razgorov Prikazka writes "The Russian Federal Guard Service (FSO), who are in charge of protecting high level politicians like president Putin (amongst others), are 'upgrading' to electric typewriters for writing sensitive documents. They have found out that computers pose a security risk and this is their answer to it. On first sight this seems like a very pragmatic and cost-efficient thing to do. However, the FSO has its roots in the KGB and those were the ones who placed keystroke loggers on the popular IBM Selectric electric typewriter 40 years ago! So how much safer does this make them?"

How much safer

[schneidafunk]

I suspect having a device that has only one purpose, as compared to a computer, it is much less likely to be compromised and much easier to detect.

Re:

[gl4ss]

I suspect having a device that has only one purpose, as compared to a computer, it is much less likely to be compromised and much easier to detect.

actually it would be very hard to detect. but the attack would have to be pretty local at least initially, or in the supply chain.

and at least it's not networked by default.

however - could just as well upgrade to 8mhz xt's booted from read only media.. and a printer attached.

Re:

[plover]

The attacker would have to physically implant the bug in the machine, which would take training. Once it's in, however, the bug can isn't limited to wired networks or short range technologies like Bluetooth or WiFi. It could use GSM or SMS with nothing more than parts bought at a Radio Shack.

Re:How much safer

[kimvette]

Radio shack still sells parts?

Are you sure you mean Radio Shack? The place where their motto is apparently "You've got questions, we've got blank stares?" THAT Radio Shack?

Re:

[plover]

Surprisingly, yes. There's one in the building next to ours, and we often browse the shop during lunch. They have Seeed Studios Seeeduinos, Arduinos, and various shields including a GSM shield. A friend bought one which he wired to remotely operate an outlet via SMS.

Re:

[Bob the Super Hamste]

Yes they do. Granted they have a bigger selection of phones or RC vehicles it seems. The parts are basically relegated to a few shelf feet off in a back corner of the store, usually the one farthest from the door. At least that is how the one near my house is. I only go there when I want something today and micro center doesn't have it as they tend to be fairly expensive.

Re:

[RenderSeven]

No the Other Radio Shack: "You can get better, but you cant pay more"

Re:

[weeble]

The attacker would have to physically implant the bug in the machine, which would take training. Once it's in, however, the bug can isn't limited to wired networks or short range technologies like Bluetooth or WiFi. It could use GSM or SMS with nothing more than parts bought at a Radio Shack.

Not at all and the technology for monitoring the output for typewriters is decades old.

They can be monitored remotely using the vibration in the office windows or using the fluctuation in the electrical current. Monitoring the vibration in the office windows can be done from across the street or further away.

Re:

[Idbar]

I was thinking, why not mechanical? Wouldn't that save on electricity costs as well?

Re:

[Russ1642]

That's like a totally true story dude.

Re:

[Anonymous Coward]

Bullshit, pencil shavings get into equipment and short circuit things

http://www.snopes.com/business/genius/spacepen.asp [snopes.com]

Re:

[ackthpt]

Bullshit, pencil shavings get into equipment and short circuit things

http://www.snopes.com/business/genius/spacepen.asp [snopes.com]

Me holding up dripping keyboard: "Were you drinking coffee around this thing?"

Secretary: "No."

Were this an ideal world, her nose would have grown out about 2 inches.

Re:

[ColdWetDog]

Wrong body part, methinks.

Bull Shit

[RobertLTux]

http://www.snopes.com/business/genius/spacepen.asp [snopes.com]

1 pencils are a FIRE HAZARD in space
2 the pen in question was developed by Fisher and sold to NASA (and the russian counterpart)

Re:

[cheesybagel]

Actually the fun thing is that a ball point pen works just fine in space.

Re:

[msmonroe]

Yes that's the way I am understanding it as well, there may also be a loss in productivity; Basically the office staff is wasting too much time cruising the internet. We'll see if this is a better solution or not...

Re:

[icebike]

Less likely to be compromises?

It may be easier to detect an electric typewriter, because each key-press triggers one or more solenoids, which emit a small electromagnetic radio signal, detectable through walls.

Further you have the burn requirement of the ribbon, because you can often recover the message from the ribbon, especially single use plastic ribbons.

A smarter choice might have been an purely mechanical typewriter, which emits no radio signal, and has a ribbon that is intended to be used repeatedly,

Re:

[mirix]

Electromechanical typewriters, like the IBM selectric, have no solenoids. They are powered by an electric motor that drives a couple shafts with cams and clutches. The keys are hand powered, and engage the clutches / hit cams/ something along these lines, which in turn rotate and smack the type ball.

You could replace the motor with a gerbil or something, and it would be entirely mechanical.

Re:

[shutdown -p now]

You could replace the motor with a gerbil or something

The way Russian army works, this would probably be the first-month conscript.

Re:

[nozzo]

^ Feck

Re:

[ackthpt]

I suspect having a device that has only one purpose, as compared to a computer, it is much less likely to be compromised and much easier to detect.

^This.

^That.

^The other thing.

^ Down with this sort of thing

^Poppadom?

Re:How much safer

[hawguy]

I don't think they got seriously more secure than using a computer with physically destroyed USB and ethernet ports.

I think it's hard to reliably destroy the USB ports for someone that has physical access to the machine and is motivated to get data off - USB is integrated into the core logic chips on the motherboard, so even if you destroy the actual ports, someone could tap into the traces on the motherboard to access the port. Though I guess if he has that much access to the machine, he'd just find a way to write it unencrypted to the hard drive and would take the hard drive with him. (I know there are operating system controls that make it hard to use USB ports or write data where it shouldn't go, but those controls can be bypassed)

If he can find a way to run a binary on the machine, then it's even easier to get data off -- he can just have his app flash QR codes on the screen at 15 frames per second and record it with a camera to get a 45kbyte/sec stream of data. With a good camera and a high res screen he can probably achieve much higher bitrates.

Re:

[mirix]

I can't say I've ever seen a (c) on a Russian chip, ever.

Usually just a part number, date code, and almost always the manufacturer's symbol.

But all that is neither here nor there. Mechanical, and electromechanical typewriters... have no chips. Any chip would be out of place, russian made or not.

cost.

[gandhi_2]

It's probably cheaper than trying to out-bid American hipsters for old Remington typewriters.

Re:

[Hartree]

Darn. There goes my chance to get rich. All 3 of mine are Royal typewriters.

Re:

[mendax]

Hey! I have an old manual typewriter (K-Mart brand but might be a Royal on the inside) and I'm not a hipster. For one thing, I wear my hair short and when I grew a beard I couldn't get rid of it quickly enough. Second, I'm a registered Republican.... (but I usually vote for Democrats). However, I learned to touch type (that's to type without looking at the keyboard) on a manual typewriter so, unlike most of you kids here, I know how to properly use it.

Safer than an Internet Connected Computer?

[Anonymous Coward]

To place a keylogger on a typewriter you need physical access to the typewriter... to place a keylogger on a computer you need the internet...

I can see the advantage...

Physical access?

[sjbe]

To place a keylogger on a typewriter you need physical access to the typewriter... to place a keylogger on a computer you need the internet...

And if said computer is never connected to any networks how do you propose to install said keylogger?

Re:

[FranTaylor]

to place a keylogger on a computer you need the internet

Only if you buy your keyloggers at radio shack!

And if said computer is never connected to any networks how do you propose to install said keylogger?

With a screwdriver perhaps?

Re:

[kelarius]

Then what's the point of having the computer if all you're doing is printing reports with it? Do you want to be able to play Galaga and hope noone notices?

Ever used a typewriter?

[sjbe]

Then what's the point of having the computer if all you're doing is printing reports with it?

You've never actually tried to type something on a typewriter have you? No one who has used both a word processor and a typewriter would possibly ask such a ridiculous question.

Re:Physical access?

[Bill, Shooter of Bul]

Stuxnet jumped the air gap just fine via jump drives and other sneakernet tech.

Re:

[davester666]

USB device, CD/DVD/Floppy, however they transfer documents.

Re:

[pellik]

That's where social engineering comes in. You call up the grunt employees and start saying big words like 'firmware update' until they just start doing whatever you tell them to.

Nothing is safe

[Anonymous Coward]

When your opponent has access to your hardware, you've already lost. That's true whether its a mechanical typewriter, electric typewriter, or a computer.

Re:

[Anonymous Coward]

you entirely count out physical and mechanical counter measures, such as tamper evidence, tamper resistance, locking service covers/disassembly points, etc...

you can also do "least access" with hardware, as in secure everything except what the user needs to function, such as screens and keyboards, and lock access to the rest.

access to hardware is also vauge. What kind of access? unsupervised access? how long?

There are many things you can do to deter physical attacks, where you can expect the hardware to be

Keep it simple

[fustakrakich]

No written communications. This whole writing and reading thing is overrated, and apparently can be dangerous.

Re:

[Anonymous Coward]

"Conversation was invented by humans to reveal secrets. We use it to sweet talk our way into people's business. You know who has safe conversations? Ants. They talk by vomiting chemicals into each other’s mouths. They get right down to brass tacks. Bleh! Which way’s the picnic? Bleh! That way. Humans are more evolved. We spy."

Re:

[magic maverick]

Why do *insert cop type here* travel in threes?

One to do the writin', one to do the readin', and one to keep an eye on the two intellectuals.

Here's the NSA historical document

[Anonymous Coward]

http://www.nsa.gov/public_info/_files/cryptologic_histories/Learning_from_the_Enemy.pdf

Re:Here's the NSA historical document

[plover]

Thanks, AC, for the link. Very interesting story!

In an ironic twist, I present this paragraph from page 23 of the report:

"Eight months after the GUNMAN discovery, the story broke in the press. By highlighting the damage, press coverage helped to focus the attention of the U.S. government on improving the security of its information."

Perhaps Ed Snowden or Bradley Manning can present this in their trials.

Re:

[plover]

If Manning only released relevant information of wrong doing, he might get some sympathy.

He actually has a lot of sympathy from a lot of people. I'm not exactly pleased with what he did, especially the betrayal of trust, and so I very much agree with his prosecution.

But I'm also interested in history, and the documents are an interesting look at our country from a perspective we rarely get to see. When you line up the State Department negotiations with the info that made the nightly news, you can see a lot of things more clearly.

This isn't that different than the Venona decrypts revealing the n

So Awesome

[Sparticus789]

I was driving by Fort Meade today and I heard a collective scream of "PUUUUUTTTTTIIIIINNNNNNNNNNNNN!!!" coming from the NSA headquarters. Every single PRISM employee screamed in agony.

Sound

[Dan East]

I remember reading a slashdot story years ago where researchers were able to determine which keys on a computer keyboard were pressed just by the sound they produced mechanically. I would think it would be even easier to use this technique against a typewriter.

Re:Sound

[Dan East]

Wow, I'm citing 8 year old Slashdot stories.
http://it.slashdot.org/story/05/09/13/1644259/keyboard-sound-aids-password-cracking [slashdot.org]

Re:

[operagost]

So is the front page.

Physical bug needed

[Roger W Moore]

You still need to physically get a bug into the room where the typewriter is. I imagine this is a lot harder and certainly carries far more personal risk than siting half way around the world and connecting via the net.

Re:

[Razgorov Prikazka]

RTFA.

[...]reports about Dmitry Medvedev being listened in on during his visit to the G20 summit in London[...]

Apparently the whole listening in to things is somehow covered in the spy-training curriculum. Who would have guessed that huh? </sarcasm>

Re:

[plover]

In a related story (also quite old), researchers were able to pick up enough leaked RF to read a USB keyboard from an adjacent room. Again, you have to get physically close, but not necessarily into the exact room.

Re:

[Razgorov Prikazka]

In a related story to that, some researchers had a proof of concept that they could filter out the keyboardstrokes from a power line. Everytime a button on a usb-keyboard is pressed in it will give off some 'fingerprint' on the grounded bit. They somehow got information out of that. Then again, this was in a controlled lab-environment, where the power source was completely stripped of any distortion and the return was examined for little changes. Nevertheless I thought it was quite clever.
I dont think that

Re:

[Dan East]

No you don't. Devices have existed for decades which reflect a laser beam off of a glass window to pick up vibrations. Basically a window acts like a giant microphone diagram and vibrates as sound waves inside the room strike it

Re:

[lxs]

*diaphragm.

Unless your windows are decorated with annotated drawings of microphones. Which would make you my hero.

Re:

[Bob the Super Hamste]

You should have seen some of the windows at my place of work. No diagrams of microphones but after running out of white board space (we even took all the movable ones from around the rest of the floor) we migrated to drawing diagrams on the windows. By the end of that project the room was reminiscent of the movie "A Beautiful Mind"

Re:

[tftp]

Devices have existed for decades which reflect a laser beam off of a glass window to pick up vibrations.

That's probably why a SCIF has no windows. Look at the Pentagon. Most of the rooms are inside the building.

Re:

[cffrost]

I remember reading a slashdot story years ago where researchers were able to determine which keys on a computer keyboard were pressed just by the sound they produced mechanically. I would think it would be even easier to use this technique against a typewriter.

That technique is called "acoustic cryptanalysis" [wikipedia.org] — though if these documents are typed in plaintext, it might be more accurately described as "acoustic transcription."

Re:

[plover]

Except it turned out not to be the case when the Soviets were bugging the U.S. Embassy's typewriters. CBS News had learned about the original typewriter bugging from a leaker, and in their reporting sought out an expert to explain how the bugs worked. The expert guessed that it was an audio bug. But this technique was refuted in the NSA paper "Learning from the Enemy" [nsa.gov], on page 18:

"In an article entitled "Tapping the Keys," a bugging expert offered the following explanation of the Soviet bug:

The Soviets must have taken advantage of the way the Selectric types. A metal ball covered with characters spins so that the appropriate character strikes the paper and then spins back to its starting point. The time it takes to accomplish the rotation to each letter is different. A lowtech listening device planted in the room could transmit the sounds of a typing Selectric to a computer. The computer could then easily measure the time intervals between each key stroke and the character being put on the paper, and thus determine which character had been tapped.

[ ], an engineer in the COMSEC organization, who was involved in reverse engineering the GUNMAN bug, explained that the press had a good idea, but it was inaccurate: "IBM Selectric typewriters used a spinning ball to get the right character on the paper. The bug was not based on sound or timing." [ ] further elaborated: "The Soviets were very good with metal. Housing the bug in a metal bar was ingenious. The bar was difficult to open and it really concealed the bug from inspection." [ ], an engineer from R9 who also worked on this project, agreed:

To the naked eye, the bar looked like a single unit. You could not see that it could be opened. The use of low power and short transmission bursts also made it difficult to detect this bug. The bug contained integrated circuits that were very advanced for that time period. The implant was really very sophisticated."

Elsewhere in the paper, the NSA explains the bug was hidden in a metal bar, and magnetically detected the ball moving mechanis

Not all typewriters are ball-type

[davidwr]

The Ball-type IBM Selectric typewriters had a flaw that made it easy to tell what was being said just by the sound and delay between characters. You didn't even have to have the listening device in the typewriter, it could be across the room if it was "directional" enough.

While you could probably decode a lever-type typewriter's activity from just a good sound recording, it's probably much harder.

Oh, and as for trying to decode an inkjet- or thermal- electric typewriters just by the noise, "good luck with that."

Of course, today, if you can plant spy equipment in the room where the person is typing and you are good and well-funded, you don't need to rely on the noise the typewriter makes. Or, to put it another way, if you have a determined adversary who is significantly better than you, it's probably "game over" before the game even begins.

Mylar ink tape

[Anonymous Coward]

A record of all keystrokes is stored on the mylar ink tape used in the Selectric. You need to incinerate the ink cartridge after use to keep things secure.

Re:

[Joiseybill]

+1's The older tech was a lot easier to track. Basic stuff I did to my babysitters/brother at around 7 years of age: .. on the typewriter carriage, imprints and ink carry through, especially if you have a letter like "o" or "p" that can cut through paper on a hard mechanical stroke. .. read back the ribbon (sometimes 2-color red/black), sometimes even a correction white ribbon. >> destroy or one-time use ribbons Sure, until the budget gets tight, then those ribbons get re-wound. Depending on

Re:

[mlts]

I remember some electric typewriters using a wheel. Perhaps if the typewriter would spin the wheel at random so the distance between where the current letter is versus where it needs to go would be random (and thus unusable assuming a good RNG.) When someone is typing, it could also vary speed as well, so going from an "A" to a "B" may be the same time as going to something spaced 180 degrees away, or may not.

Add to that a small RAM buffer that scrubs data after it gets typed, and that would be decently s

Easy to answer

[Idarubicin]

However, the FSO has its roots in the KGB and those were the ones who placed keystroke loggers on the popular IBM Selectric electric typewriter 40 years ago! So how much safer does this make them?

"Somewhat".

If your adversary has physical access to any piece of hardware, it's impossible to secure. Period. One can install a keystroke logger on a modern computer keyboard as well. Switching to non-networked, 'dumb', electric typewriters doesn't block this avenue for attack.

On the other hand, depending on the typewriter's features, it will be very difficult or impossible to remotely compromise, or to compromise using non-hardware approaches. Entire classes of attacks are rendered irrelevant.

To be fair, this does introduce some new potential avenues for attack--increased physical document handling means additional risks related to moving and securing bits of paper.

Re:

[plover]

When you go that old school, you have to be sure to shred your carbon paper, too.

I'm not sure if my son has ever seen a sheet of carbon paper.

Re:

[GodfatherofSoul]

Ditto!

Re:

[Bob the Super Hamste]

Mine has, but then there are still some places that send out paper forms that need to be filled out in duplicate (don't ask me why they haven't moved to 1970s technology). I give left over carbon paper to my kids to draw with.

Cylons

[thatDBA]

Can Toasters type ?

Gotta Love Ruskie's Pragmatism

[luis_a_espinal]

"The Russian Federal Guard Service (FSO), who are in charge of protecting high level politicians like president Putin (amongst others), are 'upgrading' to electric typewriters for writing sensitive documents. They have found out that computers pose a security risk and this is their answer to it. On first sight this seems like a very pragmatic and cost-efficient thing to do.

This kind of reminds me of the Colonial solution to Cylon infiltration in the re-imagined BSG TV series. Obviously not perfect, but also simple and good enough. It is not something we in the U.S. - with so much resources to waste (and fall into further debt) would think about.

However, the FSO has its roots in the KGB and those were the ones who placed keystroke loggers on the popular IBM Selectric electric typewriter 40 years ago! So how much safer does this make them?"

It makes them safer from UNWANTED/EXTERNAL infiltration. Infiltration by them is just fine. In the world of political/military security and intelligence, safety does not mean impenetrability. It means resilient to infiltration that you do not want. This is a completely different requirement from the requirement of "safety" as understood in the commercial/private sector.

All US TLAs ...

[PPH]

... should adopt this. It will make spotting people like Snowden easier. Just look for the carbon paper smudges on his fingers. On the other hand, it will make them stand out at DEFCON [slashdot.org] when they break out their travel typewriters to make reports. And don't forget all of them lining up to use the bank of payphones in the lobby to call in reports.

Anyone else remember...

[TheCarp]

A while back someone did some research and published it on keystroke logging via audio capture. They found they were able to reliably determine what someone was typing just from the sound of their typing. I have to imagine that would work here.

http://www.berkeley.edu/news/media/releases/2005/09/14_key.shtml [berkeley.edu]

Though, maybe they also run white noise generators in the office?

Protect the ribbons

[T.E.D.]

In this modern era many people forget that typewriters had a *huge* security hole. The ink ribbons they used, in the right hands, were practically a "tape backup" of everything typed at that typewriter.

Re:

[EkriirkE]

Moreso carbon deposit ribbons like what selectric used, the cloth & ink ones usually reversed and re-typed over previous letters several times before needing replacement

Re:

[mlts]

I remember in the mid-1980s, some "word processors" which used dot-matrix printers, so one can type a line, backspace/edit that line, then once they hit return, the line gets printed, and that's that.

Maybe something similar, but using an inkjet printer instead?

Of course, there is always the issue of modern electronic devices having the ability to hide functionality a lot easier from than a mechanical device, but it might be a useful compromise.

It's not as unsecure as you'd think

[chemosh6969]

Unlike a computer, a typewriter isn't going to get a keylogger installed by clicking on a link that's on a piece of paper. They're also within a security group, so there's some decent security going on with them. They aren't just leaving them out in unlocked buildings all day.

Re:

[ponraul]

You don't need to install a keylogger, it already has one built in; the ribbon.

Re:

[tftp]

You don't need to install a keylogger, it already has one built in; the ribbon.

It's a known vulnerability, and as such it is trivial to defeat. Just keep the used but still good ribbon in a safe, along with the originals and other secret documents. A worn out ribbon will be incinerated. On top of that, keep the equipment in a locked room, under guard. Those are simple technical measures that can be easily understood and implemented, as opposed to dealing a custom virus that may be embedded in one of the

Good in one sense

[GodfatherofSoul]

I bet it improves the error rate. I learned to type on electric typewriters. As PCs took over for word processing, my error rate has gotten terrible. On an electric typewriter, making one mistake is a pain in the butt to fix, even with the ones that have the built-in correction tape.

Re:

[Mr. Freeman]

You just XXXX wind up with XX lots of XXXXXXXXXXXXXX typed-over words instead.

Re:

[plover]

You're missing the bigger picture. Typing error rates only matter on actual letter-at-a-time typewriters (regardless of any correction technology.) Once word processors arrived, though, the error rate ceased to have any meaning. If you can maintain 80 WPM while making 10 errors that you went back and corrected, you are twice as productive as someone who can type 40 WPM with no errors.

Typing teachers harped on error rates long after the point where they made sense. We have to remember they were "typing"

The ultimate vulnerability

[gmuslera]

... is always people. Even if is just by stupidity (like going to one of those meetings with a cellphone), but could be plain malice, double agents or blackmailed "safe" people (and with all the data of the world you have plenty of material to blackmail anyone).

And thats the most worrying thing about NSA and associates snooping, you are getting 5 millon extra vulnerabilities [salon.com] in everything that surrounds all your data.

Pigeons

[cute_orc]

I think it is right time to train pigeons.

Now all you need are two typewriters that are...

[aristotle-dude]

joined by quantum entanglement and you can send messages across vast distances like they do in Fringe across universes.

Is this really much safer

[phorm]

Than using a computer with no network connection?
I mean, you'd probably want to make sure it has no wifi, etc, but that could also be accomplished by putting it in a faraday cage of some sort.

How will the documents be distributed?

[ponraul]

Typing them on an Underwood won't make it any more secure, if the documents are scanned and emailed.

Old School:

[Hartree]

I think I'd go with a manual in that situation, since electromechanical typewriters and teletypes have their own problems.

There was a lot of shielding and filtering put into crypto systems that used teletypes to avoid leaking information out the power leads, or radiating it directly.

I recall there being tempest rated versions of electric typewriters to avoid this. But a manual typewriter is an easy way around it.

Because it's obscure

[Plumpaquatsch]

If the DOD can't find COBOL programmers to fix their accounting system, who'll still be able to install a key-logger in a electric typewriter?

human beings are the security issue

[FranTaylor]

Technology is just papering over the basic truism that the humans are the weakness in any security system.

It is in their very nature to be inquisitive about the unknown, hiding secrets is intrinsically difficult for humans, given their social behavior. The human mind is not a secure vault, it can be tricked or forced or otherwise convinced to reveal its secrets in a wide variety of ways.

All of the technology for secrecy is moot when people simply open up and communicate directly with each other.

For example

Answer to question:

[vikingpower]

a lot. At least for the time being, and at least within the current "security" context. A lot.

cracked in 2005

[RalfM]

They really need to do more research. Listening to key boards to detect what's written [berkeley.edu] was shown possible 8 years ago...

Ralf

Re:

[kurt555gs]

UEFI?

Re:

[ackthpt]

Pre-flight instructions for passengers about to depart Russian airports:

Please turn off all electronic devices, including mobile phones, laptop computers, tablet computers and electric typewriters...

Re:

[Anonymous Coward]

Would you believe that Maxwell Smart (agent 86) figured that out years ago while working for Control. Not only computers but shoe phones pose a security risk. That's why we have Cell phone and not Shoe phones. The only way to have secure communications is to use the "Cone of Silence" when discussing anything of importance.

Re:

[JustOK]

WHAT?

Re:

[gmanterry]

Apparently it was funny 40 years ago.

Trust me it was.

Re:

[JustOK]

WHAT ?

Re:

[RenderSeven]

Not the only way! If the Cone Of Silence was broken, they also had the Cough Code.

(Oh Max, you're twice the agent 43 is)

Re:

[Sparticus789]

Can you tell me about the HOSTS file too?

Re:

[oPless]

The Game.

You have lost it.

Re:

[Sparticus789]

The system you describe is used by many intelligence agencies and is also known as a one-time pad. However, those are only used for the most sensitive of information. My guess would be that these typewriters are not meant to replace one-time pads, but are being used so that when someone needs to write a report (say a report on the Russian intelligence gathering from Yahoo.ru, Google.ru, etc.) that they can only present the information on paper with no electronic record that can be stolen by a low-level co

Re:

[Mr. Freeman]

Actually, one-time pads have been used for quite mundane information. You can easily convert a teletypewriter to make use of one-time-tape. The US and the Soviets did exactly this in order to establish a secure line between both governments. This method is preferred for the following reasons:
- It is the only crypto algorithm that has been proven to be secure. (Others are simply "likely" secure, but may contain undiscovered flaws and are not mathematically provably secure.)
- It's dirt simple. The hardware to

Re:

[Mr. Freeman]

I should have been more clear. Any information going over that link would be encrypted, whether it was important or not, simply because it would be more difficult to start and stop the crypto system all the time.

Re:

[mlts]

OTPs are very useful these days, and they can be used in other ways as well.

For the highest security of information, just XOR the data with the pad and send it on.

For data that doesn't need that much security, it allows a Diffie-Hellman key exchange with both sides XORing the critical parts of the exchange with the OTP stream. Then, the session key is used for bulk stuff with a conventional symmetric algorithm. This isn't as secure as a OTP, but it allows for data to be sent without burning up the bits on