{"id":268,"date":"2017-01-17T18:59:11","date_gmt":"2017-01-17T18:59:11","guid":{"rendered":"http:\/\/blog.totallynotmalware.net\/?p=268"},"modified":"2017-04-17T21:30:12","modified_gmt":"2017-04-17T21:30:12","slug":"popsec-operational-security-lessons-learned-from-archer","status":"publish","type":"post","link":"http:\/\/blog.totallynotmalware.net\/?p=268","title":{"rendered":"POPSEC: Operational Security Lessons Learned from Archer"},"content":{"rendered":"

Please consider subscribing to my Patreon<\/a>.<\/em><\/p>\n

Sterling Archer is a well-known, widely loved secret agent whose methods are… unconventional. Despite having a background in covert and clandestine operations, he manages to fuck up on a pretty consistent basis, often with hilarious and disastrous results. Fortunately, the multitude of mistakes made by him and his cohort provide a wealth of learning opportunities for those of us who watch.<\/p>\n

Lesson 1:\u00a0Op First, Drinks After<\/p>\n

\"\"<\/p>\n

Archer is notorious for his love of Glengoolie Blue Label… or literally anything else with an alcohol content greater than or equal to that found in NyQuil. While Sterling’s reputation for being a boozehound certainly\u00a0sets the stage for some entertaining and hilariously catastrophic scenarios, the truth is that if you’re actually trying to keep secrets, and accomplish anything either covert or clandestine, you may actually want to skip the Scotch until it’s time to celebrate your success. Drinking can slow your reflexes, dull\u00a0your situational awareness, and strip away your inhibitions in ways which may endanger both you, your colleagues, and your operation. Additionally, even after your operation is complete, it is wise to remember that alcohol lowers inhibitions, and it is best to drink in moderation so as to keep your wits about you when in mixed company.<\/p>\n

Lesson 2: Cocaine is Probably a No?<\/p>\n

\"\"<\/p>\n

I mean, do whatever you want, but if we’re being honest, cocaine basically never leads to good life choices, and that goes double when you actually have good reason to keep your mouth shut about literally\u00a0anything. Additionally, if you’re trying to fly under any sort of radar, it’s generally a good call to avoid carrying anything super illegal which isn’t directly related to completing your task at hand. In fact, you may actually want to expand this general rule to also include illicit substances which are not cocaine, including but not limited to: opiates, amphetamines, and probably even weed, even if possession is legal in your state. While there are doubtless exceptions to this rule, in general it is probably best\u00a0to stick to No-Doze and Jolt for your upper fix.<\/p>\n

Lesson\u00a03: Maybe\u00a0Don’t Sleep with Fellow Operatives<\/p>\n

\"\"<\/p>\n

Relationships are messy. Workplace relationships are about eleventy times messier than your normal level of messy, especially if at least one person in the relationship has had multiple workplace relationships. Ongoing relationships impact the judgement of those engaging in them, and catastrophic relationship-ending events can damage, if not outright destroy, the trust necessary for running a successful operation. It’s true that we spend a lot of time in close quarters with those with whom we collaborate, but there are enough fish in the sea that it’s probably worthwhile to turn our gaze outside of the goldfish bowl of our affinity groups or other organizational collectives.<\/p>\n

Lesson\u00a04: Brag Less<\/p>\n

\"\"<\/p>\n

Yeah, okay, Burt Reynolds IS pretty cool, but that doesn’t mean you should brag to him about being recognizable\u00a0because you’re “the world’s most dangerous spy.” In fact, you probably shouldn’t actually tell people you’re a secret agent. Or admit to it when asked. Or cop to it when accused. There are varying schools of thought on\u00a0how best to go about denying your involvement in anything secretive, but general consensus is don’t discuss things outside of the very limited context needed in order to complete operations, and don’t give any indication that you’re up to anything remarkable or interesting. It’s important to note that lying is not most people’s strong suit, so employing tactics like misdirection instead of relying on outright falsehoods may be a more viable option, especially in the long term. When in doubt, speak at great length on a dull subject, then\u00a0politely excuse yourself once your conversation partner’s eyes have safely glazed over from boredom.<\/p>\n

Lesson\u00a05: Leave Your Personal Shit at Home<\/p>\n

\"\"<\/p>\n

While your personal issues may not be “parachuting into Russia under\u00a0pretext of committing a political assassination to find out whether a high-ranking KGB operative is your father”-level bad, Archer’s profoundly poor decisions in this realm serve as an excellent reminder of how our personal issues can negatively impact both our safety and our odds of completing our objectives if we are unable to set them aside to focus on our work. We all have problems in our personal lives, but if you\u00a0are unable to set them aside and focus on your projects, the responsible choice is to recuse yourself from your work until you\u00a0are able to focus on it without allowing your distraction to put yourself, your peers, and your operation at risk.<\/p>\n

Lesson\u00a06: Take Briefings Seriously<\/p>\n

\"\"<\/p>\n

While it may be tempting to zone out during briefings, or only skim over relevant documents and\/or communiques, it’s important to remember that minutiae can be the deciding factors in whether or not a mission is successful. Pirate King Archer has a wonderful resource in Noah, but Sterling’s unwillingness to listen or learn proves his undoing. In fact, this is a recurrent theme throughout Archer’s misadventures: time after time, Sterling’s missions and his personal safety are compromised by his cavalier attitude towards obtaining and retaining relevant information. Never underestimate the value of preemptive research when undertaking something risky. It’s generally better to have unnecessary information than it is to suffer from a lack thereof: the more information you have, the better prepared you are if things don’t go according to plan.<\/p>\n

Lesson\u00a07: Don’t Be Distracted by a Pretty Face<\/p>\n

\"\"<\/p>\n

While it may be tempting to allow yourself to be distracted by an attractive person, it is important to remember that at best, a pretty face is just that: a distraction. At worst, an attractive person may be an actual adversary<\/a> using your sexuality to neutralize you, and\u00a0lure you into divulging sensitive information. Mercedes Moreno falls in the middle when she uses her\u00a0sex appeal to divert and neutralize Archer so her mother can continue sneaking people across the border into the US. There are cases where it is both possible and pragmatic\u00a0to use these tactics to your advantage. Playing along may allow you extract information from an adversary or to seed disinformation, but this tactic should never be undertaken lightly. Instead, this should be done deliberately\u00a0and with every possible precaution in place, including an extraction plan for when the job is done and the faux relationship ceases to be useful to your aims.<\/p>\n

Lesson\u00a08: Don’t Reuse Aliases<\/p>\n

\"\"\"\"<\/p>\n

Archer habitually reuses the same pseudonym, despite using different cover stories each time. We never actually see this bite Sterling in the ass (except for when he’s called on it in meetings, and subsequently uses the name “Rando” instead of his usual “Randy,”) it’s important to keep in mind that reusing a pseudonym can compromise your identity and your operation. If you’re going to use pseudonyms, it is best practice to use names which are both plausible and disposable, rather than reusing names, or using ostentatious handles. It’s unlikely that anyone will remember Emily Jones based solely on her name, but highly likely that people will take note of (and remember) Mariah Carey or Catherine Catastrophe. Retiring pseudonyms after use is still crucial. There is still always a chance that people will remember even an unremarkable name, and it is wise to compartmentalize both actions pertaining to an operation, and operations themselves, whenever possible.<\/p>\n

Lesson\u00a09: Never Trust Someone Offering You “Unhackable” Security<\/p>\n

\"\"<\/p>\n

The first thing you should know is that, given an adversary with sufficient skill and resources, there is no such thing as “unhackable.” Since “unhackable” is an impossible objective to achieve, it stands to reason that at best, anyone claiming an “unhackable” service or product is a charlatan. At worst, they may actually be malicious, as shown in Cyril’s encounter with George Spelvin, a security contractor out to gain access to data on ISIS field operatives, and sell it to the highest bidder. A couple related things\u00a0to keep in mind are: don’t take security advice from people who don’t understand the threats you face, and don’t trust anyone offering easy security solutions. Proper security practices are going to offer defense in depth in order to prevent creating a single point of failure, and will necessarily be tailored to the assets you are trying to protect, and the adversaries you’re protecting against.<\/p>\n

\"\"<\/p>\n

It’s true that Archer is full of countless operational security fails and just plain bad tradecraft, but Sterling\u00a0does manage to correctly implement what may be the most important security measure\u00a0of all: Archer’s affinity group is reliable. No matter how many times they fuck up, or fight among themselves, the coalition of secret agents formerly known as ISIS understands that solidarity means nobody gets left behind.<\/p>\n","protected":false},"excerpt":{"rendered":"

Please consider subscribing to my Patreon. Sterling Archer is a well-known, widely loved secret agent whose methods are… unconventional. Despite having a background in covert and clandestine operations, he manages to fuck up on a pretty consistent basis, often with hilarious and disastrous results. Fortunately, the multitude of mistakes made by him and his cohort … Continue reading POPSEC: Operational Security Lessons Learned from Archer<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[],"class_list":["post-268","post","type-post","status-publish","format-standard","hentry","category-popsec"],"_links":{"self":[{"href":"http:\/\/blog.totallynotmalware.net\/index.php?rest_route=\/wp\/v2\/posts\/268","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/blog.totallynotmalware.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/blog.totallynotmalware.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/blog.totallynotmalware.net\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/blog.totallynotmalware.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=268"}],"version-history":[{"count":9,"href":"http:\/\/blog.totallynotmalware.net\/index.php?rest_route=\/wp\/v2\/posts\/268\/revisions"}],"predecessor-version":[{"id":312,"href":"http:\/\/blog.totallynotmalware.net\/index.php?rest_route=\/wp\/v2\/posts\/268\/revisions\/312"}],"wp:attachment":[{"href":"http:\/\/blog.totallynotmalware.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=268"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/blog.totallynotmalware.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=268"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/blog.totallynotmalware.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=268"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}