Petraeus CyberClusterFuck: Broadwell used world's dumbest email troll security protocols

From a Washington Post article with more details on the Paula Broadwell cyberstalking: "A person close to Kelley said that investigators have found Broadwell had at least four e-mail accounts under aliases, including 'KelleyPatrol,' 'Tampa,' and the name of another U.S. city. Broadwell avoided using her home computer, sending the messages from cybercafes and other public locations, according to the person close to Kelley and U.S. law enforcement officials."



  1. Sheesh – what a rube. Everyone knows you should use at least ROT13 for communications with the Director of the CIA. For super-top secret stuff you take it up to ROT17.

        1. You underestimate me.

          Look at the first letter of each sentence after you decode it, then decode that word and then you’ll understand.

  2. Are there still cybercafes in the U.S.? I think we call them “Chicago Public Libraries” where I live.

    Also, two burner phones with text messaging. Do your thing. Throw he phones away. Done.

    1. I assure you, most of the places that generals spend their time, people will come and find you if you have such a device on your person. The building itself will know.

      And if that phone is not on you, it’s not secure enough to meet the goal you got it for. That’s a great solution, for you and I, but not for people who spend all their time in our most secure facilities. 

      1. Well, as far as that goes, the general would be better off keeping Little Patton in his pants. That, in and of itself, is an unacceptable security risk. Once Patton is rampaging through Broadwell’s Bavaria (all the way to whatever Pilsen is in this analogy . . .) all bets are off.

  3. used world’s dumbest email troll security protocols

    What were the dumb security protocols she used, specifically?  Not using her home’s Internet connection sounds like a smart move to me.

        1. You could also hop trough a series of tunnels/gateways that criss-cross all over the globe. The time it’d require to subpoena the connection logs from all ISPs along the route is probably nearly infinite.

          1. That wasn’t TOR, which accomplishes anonymity through a series of gateway hops. According to the article, this LulzSec guy was done in by an anonymous proxy service that kept logs (!!!).  There’s no easy way to verify if a service claiming to be an anonymous proxy keeps logs or not, or if it is in fact run by the FBI, which is nearly equivalent.

            Yeah, long-range WiFi antenna. And don’t forget to change your writing style between your anonymous and regular accounts too. I can’t even imagine what would be considered “anonymous enough” if the goal was to post stuff about someone like Petraeus anonymously. Seems only hubris could prompt someone to try.

      1. Not sure if you’re referring to me.  To be clear, my suggestion wouldn’t be to use a next door neighbor’s wifi router, either.

        1. I was agreeing with you and I think those moves mentioned in this article seems smart for an ordinary person to do which is contrary to the title.

    1. I think the point is that she might have made up a more clever gmail account name than “broadwelllovespatraeus@gmail”

  4. I imagine the FBI found the source of the email as a cybercafe, and subpoenaed the cafe’s security video during the time the emails were sent, thus identifying the sender. World’s dumbest, well that would be the guy who emails someone from the house they are robbing (or updates their facebook page and leaves it logged in, which has happened IRL).

        1. Real nice establishment you got here…. It’d be a shame if the proprietor and staff get locked up for a few years as part of a terrorism investigation.

  5. Break up the war on love and humanity already and get those pamphlets on OpenBSD out there in the halls for journos. On people who are X.11 and triceps dorks…under what circumstances will it be important that you put middling mescaline on my bike or door handle monday mornings, anyhow?

  6. I find it amazing that the director of the CIA would not use freely available and public means to secure his communications like Enigmail email encryption and offshore VPN and email like Unspyable. Where do we find these guys and put them in such positions. Of course being so dumb as to get involved in such a thing in the first place speaks volumes in itself.

Comments are closed.