Industry News

Are typewriters really the way to stop cyberspying? Germany seems to think so

typewriter

German politicians think they have come up with a novel way to keep their sensitive documents secret. They’re going to stop using computers.

Okay, okay. They’re not going to completely throw out all of their computers – that would be preposterous.

But concern about electronic surveillance by other countries has become such a big issue in Germany that prominent politicians say they are seriously considering using manual typewriters instead of computers.

So claimed Christian Democrat politician Patrick Sensburg in an interview with the Morgenmagazin (moma) TV show on Monday night.

And if anyone should know about the serious concerns caused by foreign states spying on Germany it’s Sensburg. He is heading up the Bundestag’s parliamentary inquiry into the NSA’s activities on German soil.

Germany is investigating allegations by NSA whistleblower Edward Snowden that the US government bugged Chancellor Angela Merkel’s phone, an issue that has strained relationships and raised trust issues between the White House and Ms Merkel.

And, of course, it doesn’t stop at spying on Angela Merkel. She’s just a particularly well-known individual who happened to be of interest to the US authorities.

So, it’s against that backdrop that Patrick Sensburg told the Morgenmagazin reporter that typewriters would be used to create confidential documents, and – as he stressed to the surprised journalist that he wasn’t joking – the typewriters used should be manual models, not electronic.

If the story sounds familiar, then cast your mind back to last year when Russia said that it too was buying typewriters to avert the threat of cyber-spying.

In the case of Russia’s Federal Protection Service, it ordered 20 typewriters and 600 ink cartridges for the princely sum of $15,000 – clearly that’s a lot more expensive than the typewriter I learnt how to type on as a kid back in the 1970s.

The reason for the expense is that these typewriters are designed specifically for the task of producing classified documents, with each device having its own distinct font (its fingerprint if you like) which will identify it and help to trace back any leak to its source.

But don’t be fooled. The use of typewriters doesn’t mean that someone can’t spy on what you’re doing.

If someone wants to spy on you badly enough, they are not going to be put off by you not using a computer.

Yes, it’s correct that typewriters are not connected to the internet, but there are plenty of low-tech methods to still find out what you have been communicating.

For instance, an agent working undercover as a cleaner in the building being spied upon might be able to grab used typewriter ribbons, or have access to papers that have not been securely shredded.

Furthermore, documents which have been typed out need to be distributed and copied to others who need to see them. Will security teams find it any easier to manage the distribution, sharing and destruction of classified content in paper form than when it is held electronically?

And in the 1980s it was revealed that the Soviet secret police had been spying on the US embassy in Moscow after secretly installing tiny sensors inside bugged typewriters.

At the time, a CBS News report shared details of how it worked:

“The devices picked up the contents of documents typed by embassy secretaries and transmitted them by antennas hidden in the embassy walls. The typewriters used a round ball with numbers and letters around the surface, which revolved before hitting the ribbon against the paper. The bugs could work out each letter typed by detecting how the ball moved.”

An NSA study of the incident, known as project GUNMAN, revealed that the sensors had gone undetected for eight years.

An even more high-tech approach could be the decoding of vibrations using the accelerometers of a mobile phone left close by.

I, for one, don’t think that ditching computers and flying the flag of typewriters as secure communication devices is the answer. That’s just switching one problem for another.

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

4 Comments

Click here to post a comment

Your email address will not be published. Required fields are marked *

  • Unshredded documents (or even shredded ones if you don’t shred them really carefully… the shredded Stasi files are currently being puzzled together) are always a risk.

    But the other two attack methods are a bit easier to counter: Use a textile ribbon instead of a carbon one, re-ink it when it’s running out, and reuse it until it’s starting to fall apart, and don’t use an electric typewriter (and dispose of the ribbon securely)

    It’s PRETTY hard to bug an old mechanical typewriter – theoretically you could wire up something that will track the movement of every lever, but it would be pretty hard to do so unnoticed. And you’d have to use a battery-powered bug, as obviously there’s no mains power to hook up to.

    All in all, using a mechanical typewriter will shift the focus towards hiring spies again to get you a copy of the document – it’s the only cost-effective solution. Which makes the Russian way of fingerprinting typewriters even more genius :-)

  • Back in 1965 before the era of personal computers, Dr Richard Beeching was employed by the UK government to sort out the railways. To keep his report secret while it was being developed, his staff used typewriters AND the ribbons were shredded EVERY DAY. Anyone using typewriters today should already know about the possibility of data leakage from unshredded typewrtier tibbons, just as Dr Beeching did 50 years ago.

  • Coming from the country that threw away close to 200 computers because they were infected by Conficker, more eye rolling than any real surprise.

  • Re: “I, for one, don’t think that ditching computers and flying the flag of typewriters as secure communication devices is the answer. That’s just switching one problem for another.”

    Well put. That’s really all there is to it – everything else you covered (e.g., the Russia example) I remember too. I seem to remember that Germany already suggested this but that might be the time blur I’ve had in more recent times. Either way, regardless of how it is done, if it is desired, it will be done. After all, the Internet didn’t exist when WW2 was raging on, did it? Not for a few more decades before ARPANET showed up (which of course was not designed with security in mind and that is the problem too often because even things designed with security in mind, can have security issues including serious issues). Yet, there was spying going on then, wasn’t there? Of course there was and along with it was codebreaking (and.. what do we have now? Right).

    As for the topic here: I have a fond memory of typewriters… the sounds they made and the keys… I don’t know what it is but I have the same liking for IBM Model-M keyboards and dot matrix printers. But to think that going to typewriters is going to solve the problem, is interesting indeed. It isn’t going backwards but it is going sideways. Basically it is trying to avoid the symptoms rather than the problem (which is a problem that will not go away – spying will always exist). That usually is a flawed approach and certainly will not solve the problem.