Shostack + Friends Blog

 

Andor Threats: Information Disclosure

What Andor can teach us about Information disclosure threats A screencapture showing the radio

I’m really excited about the second season of Andor, mostly for the amazing storytelling about a rebellion, and I’m enjoying the tech and the threats, too. (This post has no real spoilers, and doesn’t link to anything spoilery.)

A minor plot points revolves around Luthen Rael and Kleya Marki traveling, and they can’t use the radio because of the risk of getting caught.

Many people think about information disclosure threats as being about the content of communication, but they also apply to the existence of communication. It’s nice to see that portrayed on Andor, and I’ll say more about it further down the post, after I finish geeking out over the details. It’s even nicer to see some of the little details they’ve snuck in, like the plugboard and the request for a weather report.

When I first saw the radio, I thought it took a lot of elements from the Enigma machines, but examining it more closely (S2E3 15:50 or so), I think I may have just imagined that. And Starwars.com says it was partially inspired by a telephone operator’s keyboard. Regardless, it’s unlikely that the request for a weather report was an accident. Weather tied into security in all sorts of ways in the Second World War. The British captured German weather boats to steal their Enigma machines. They also used weather reports on the BBC to carry secret messages, using certain words to signal in various ways.

Coming back to information disclosure and secrecy, information disclosure is a key threat to a rebellion, and there’s a variety of ways you can address them, ranging from having messages like “asking for a weather report” which have layered meaning to having messages which are hard to detect because your radios are “fractal,” which might be an allusion to frequency hopping, or your messages could be encrypted. If your messages are hard to detect, they are hard to pick out because there’s lots of cover traffic (such as on a capital planet). But if there’s not a lot of radio traffic, they’ll be easier to see.

It seems like a good idea to encrypt everything. But when encryption is rare, it calls attention to itself. And if you call attention to your messages, eventually, the Empire will find your radios, possibly find the keys, and decrypt all your messages. (There’s no public key cryptography in Star Wars, not because they couldn’t invent it, but because it’s bad for the plot.) When you’re engaged in a revolution may be one of those times when it makes sense to think carefully about your adversary. After all, we know that the threat is the Imperial Security Bureau.

So the rebellion is compartmentalized. We see Luther meeting with various factions, some of whom fail despite his best efforts, and others who he allows to fail. Hmmm, maybe we had too limited an understanding of the adversary. So maybe it doesn’t make sense to focus on the adversary, as tempting as it can seem.

Right now it seems that without Luthen and Kleya the factions are completely separated, making Luthen and Kleya single points of failure, which I expect will be part of next week’s episodes. And speaking of next week’s episodes: You have until Episode 9 of Andor drops to get one fourth off our self pace courses. (Details on our Star Wars day sale are here.)