Freedom Fighters (Part II: Stately 'Omes of England)

soe.jpg

Figure 1: "Listen very carefully, I shall say this only once."

What's to do if a mad dictator runs rampage, annexing countries and menacing the world? First, put the kettle on for a cup of tea. Then dial "D" for destruction to call some of your most completely mental, nutcase friends to concoct ungentlemanly, unrelenting mischief and mayhem.

Irregular or cold war is always preferable to a real scrap for obvious cost and risk benefits, so it's the first to start and last to fade during tensions. Arguably, business is a continuation by other means. I hope America will recover from its recent distress with crackpot wannabe techno-dictators. But let's think about how memories of truly desperate times help us see clearer the landscape for digital Resistance, specifically the project of keeping free democratic states functioning.

Visitors to the Montagu Beaulieu estate in Hampshire usually head for the famous National Motor Museum. I'd been invited to watch a Christmas pantomime and see some Russian art. The paintings and amateur dramatics were remarkable for entirely different reasons, but to a hacker's mind neither as interesting as the Special Operations Executive (SOE) museum. So that's where I headed.

Not to over-egg the praise, it's a rather small converted stable building. You could walk around in two minutes if "doing Beaulieu" just to check it off the list. This is not the Bletchley Park day-out you're looking for. Display pieces are all authentic but none of the equipment is active for demo or hands on. Nonetheless it holds a significance to enthusiasts of craft. If you're like me you'll happily spend an hour perusing the exhibits and carefully reading the stories, and the significance of the site becomes apparent.

Skip fanfare on industrial revolutions and inventing computers - one other thing about the British is we're very creative at mischief, and perhaps still excel at it in the world. Anyway, here is a shrine to trouble-making…

building.jpg

Figure 2: "At SOE Exhibition, Beaulieu, Hampshire UK"

SOE operated around the world, not exclusively in occupied Europe, but crucially in France alongside resistance forces. I'll leave it to the relevant Wiki article to explain what SOE is, and the history, while just sharing some of my experience.

As Lucy Worsley might say, history is created ex post facto, in the light of day, boiled-down to pithy stories, gallant black and white photos behind glass and velvet ropes, and preserved by old money in big old buildings trodden only in the best shoes.

So long as history stays in books (and doesn't give people "ideas" or any sense of perspective), the order is usually happy. Occasionally though museums shine, scientifically and culturally to answer important questions and remind us of knowledge we put into "secondary storage". This is why mad dictators burn museums and art. They are not at war with any "enemy" so much as with civilisation itself.

Fans of Stirling's SAS, Fleming's fictional James Bond, and the improv of "Dad's Army" (Home Guard) will recognise something here. What I'd recommend to capture the feeling, the operational feeling rather than an historical account, would be the 1957 sci-fi novel Wasp by Eric Frank Russell. BBC wartime drama World On Fire also tells a good tale of clandestine wartime operations.

If you get caught, you're dead. No "oops, fluffed up my pentest", nor Edward Snowden "let's blow this fascist Popsicle stand" Rubik Cube in hand. Nor even Julian Assange style - stuck in an embassy for ten years covered in cat hairs while bullies listen and jeer at the window. You don't even get dragged into someones yard and shot like a dog. Not so lucky. No extraction team coming to rescue you. After any weapon you have, the thing to keep close is the suicide pill.

radio2.jpg

Figure 3: "Radio Set"

Who gets into this sort of a fix? A powerful selector is anger. As in Tarantino's Inglourious Basterds many recruits had compelling personal reasons to wreak vengeful havoc. Sheer outrage and grief drove many. And there were plenty of tough but socially discarded women who had lost husbands and hope in the previous war. Of course there was recruitment and training, mixing up improvised bombs, Morse code, basic ciphers… but the psychological selectors seem extraordinary.

There's a fifty-fifty chance of returning. Most operators last only a few weeks. So things you need;

  • not having anything to lose
  • really, really, really hating the enemy
  • the most unreal levels of nerve and courage

Unlike Stirling's rogue heroes, who are kinda cut from the cloth you'd expect, the SOE agents are almost by definition, not what you'd expect. Think of 50 year-old cardigan wearing librarians with the endearing warmth of Joanna Lumley, ready to stab-up Nazis if the situation turns. The desperate edge of now with split-second ethics that are not in any philosophy book.

Regular combat ends after a blast of intense action. There's recovery time. SOE clandestine insurgent work is permanent covert engagement, immersed in constant subterfuge, brazenly in-amongst the enemy, every day, where one wrong move will get you killed… it takes a toll. And an odd brand of courage. When silently watching other resistance fighters being caught and killed, because to act would blow your cover, courage becomes patience, biding time, waiting for that optimal moment to strike with devastating effect.

Interesting question; would any of these folks pass psych or be deemed fit for service in any modern organisation, civil or military? Probably not. Maybe that says more about organisations and the distance between the values we espouse as a society and those we really live by when the chips are down. The mentality, if one can attempt to name it, is beyond professionalism or love of country. There's something plainly adrenaline driven, addictive and fully criminally-minded at play. Something delightful. Just getting away with it for another hour is a major reward. The catch me if you can vibe is well described by Mitnick amongst others.

There's also untold stories of idealist/naive operators being manipulated into missions. Twenty four years after the 911 WTC attacks it's awkward for us to examine and frame our own methods of recruitment, radicalisation and facilitation of terrorism, but historically many "Home Guard" manuals from the 1940s are full of disturbing details. We generally believe that defensive insurgency is always legitimate, however brutal and underhand it may need to be.

"Dad's Army" was far from its humorous television depiction. Britain planned for concerted insurgency including suicide bombing. Had Hitler ever successfully crossed the channel he would have faced a campaign of harrying and daily terror, to the "last drop of blood" from HG Auxiliaries. One campaign enjoined "You can always take one with you", and instructed women to pack prams with explosives and walk up as close as possible to groups of Nazi soldiers before detonating. Relational "collateral damage" was everywhere. As people, active SOE agents were wrecking balls for any friends, lovers or family.

Nonetheless, what we see here is craft by the bucket-full that prefigures all our modern digital, including;

  • insertion, pretexting, careful legend building
  • recon and passive analysis, careful listening
  • covert recording, note taking, exfiltration
  • signals, cryptography, side channels, dead-drops, steganography
  • impersonation, disguise, transformation, acting
  • deception, story telling, evidence removal
  • stealth, movement, tailing, shaking
  • detective work, clue gathering, field analysis
  • sabotage, insinuation, planting, framing, destruction
  • living off the land
  • patience (boredom management)
  • improvisation, creative fast-thinking, opportunism

radio.jpg

Figure 4: "Suitcase Transmitter"

Personally I'm really into the old gear. Especially I love the radios and signalling toys. The model shown in the photo here is just a CW Hartley oscillator with modular battery packs. These were incredibly portable technology for the time. Signalling is when you're likely to get caught by triangulation, so these are made to be packed up quick and hidden or moved.

Militarily it was not random, discoordinated action. Like the Viet Cong resisting USA it was networked, and held together by intricate, robust signals, resource and intelligence sharing and human communications channels. Later, action dovetailed perfectly with the planned "Overlord" (D-Day liberation at Normandy). Check out the org-chart of where SOE fitted into the "bigger show", something practically nobody knew about at the time.

orgchart.jpg

Figure 5: "SOE organisational context (sorry should have been in 4k)"

Relevance

Why is this still important?

Seeing the risks and sacrifices of people defending against fascism leaves a powerful, lasting impression. At a time when the rule-of-law and democratic governance is wobbling we should heed these important memories. And we should have the courage, if only out of gratitude to our grandparents, to stand firm against greed-driven monsters and fascists of every kind.

Cybersecurity as a defence game, is to preserve democracy. At times that means red-team work to take down enemy assets, enter and destroy their systems, use honeypots to lure enemies into wasting resources, spread disinformation to sabotage opponents or put down poison for "AI" devouring our assets.

As we move into cyberwar we must understand that if this is motivated beyond base self-interest (profit), it cannot be criminal wherever one takes a sincere stand against forms of fascism, foreign or domestic. In fact, it is a duty. That is honourable and don't let anyone tell you otherwise or buy-in to defeatist propaganda about what is "inevitable" around technology or "what we must give up". Security is what you don't give up on. Vigilantism and civil militia, however undesirable those may be in a perfectly ordered society, is the last line of defence following invasion or coup.

The idea of a "bygone time" when people had to do awful things they could barely live with… so that we can live in peaceful comfort and prosperity today - is a fairy story. Guy Fawkes Night and Remembrance are celebrated as festivals of desperate times, as are Bastille Day (FR) and Independence Day (US). But beware not to mythologises struggle so as to disarm it. It's fanciful because in reality there will always need to be people who make sacrifices for freedom. Sadly, there will always be psychos, bullies, and ambitious egotists and meanwhile true democracy needs fighters. Democracy is not something we are handed as a God-given gift, it's something we take, at great cost, from tyrants and bullies.

What does that require? Self-determination, self-discipline, love of learning, insight, cunning, punctuated by decisive coordinated action. That's what characterised L-detachment, SOE, Gaullists, Maquis and other unconventional groups. It remains relevant precisely because serious modern threats cannot be fought entirely by regular law-enforcement, soldiers on a regular battlefield or by international legal systems.

State or private cybercriminals, and all in between who attack liberal democracy through technology must be on our radar as cyber-defenders. In 1945 agents using unconventional tactics had effectively tipped the war against Hitler long before the Allies landed at Normandy. They were not soldiers. They were mainly keen, intelligent, civilians who set their minds, voices and bodies to work dismantling and sabotaging the enemy regime wherever it could be found. Britain had 13,000 in "regular" service (to avoid the Third Geneva Convention definition of "irregular") and at least as many again in irregular roles (French FFI between 100,000 and 400,000)

For us as cyber-defenders, it's useful to have an understanding of insurgency, infiltration and sabotage, because even if we have no plans to engage in it, it informs our counter-insurgency mindset. We start seeing exposed supply lines and watering holes better.

We see that just as people can be deceptive, gain trust and infiltrate, so can software. So much software today is intrinsically treacherous that the very concept of a "Trojan" is hardly relevant. So many apps and devices are "Vendor Malware", from Chinese or American BigTech companies, where untrustworthiness is built-in because the software is backdoored, communicates secretly with a remote commander who orders its behaviour.

We accept software and devices as trusted friends and helpers, but in reality so much of it is working for an enemy to rob us of money or influence our behaviour. It must be contained, treated as hostile, and eliminated.

"Zero trust", in one of its guises, is permission to be a bit paranoid and to speculate that some of your close colleagues and assets may be enemy agents. Or that, at any time, they may not be who they claim. This is a sensible stance now as deepfake tech rapidly improved and made this a reality.

However, such sceptical, vigilant and territorial thinking becomes exhausting, socially corrosive and psychologically disruptive. We start seeing fifth columns everywhere. We don't want Zero Trust thinking to exacerbate that. Instead, Zero Trust is a symptom of our time, an indicator not a tactic. It's a bit of a retreat and digging-in. Part of our weakness in the West is that we have (arguably cultivated or had imposed on us) low mutual trust. Trust exists as an active relation, and cannot be bottled. At the same time we've forged unwarranted trust with many of the wrong entities like giant monopoly corporations and foreign manufacturers instead of with each other, our communities and elected, recognised government.

Forty years ago (defected) former KGB journalist Yuri Bezmenov explained precisely how this was being done to Western anglophone culture. Discord and "epistemic mistrust" are old weapons. For decades Vladimir Putin as advised by Vladislav Surkov (now dismissed and incarcerated) waged non-linear culture war, division, sapping and discombobulation. These same machinations, and tools for influence and propaganda have enabled Trump and his Silicon Valley technofascists to attempt an "electronic coup". The intruders just took over the superstructure and gave themselves permission. Like someone left a remote terminal open to Democracy, logged in as root.

From a security POV we missed a whole sphere of attack. No virus checkers or firewall rules will help with insider enemies, defectors against constitutional values, or implanted devices we buy "compromised out of the box".

(Thanks to Keith and Katya for the entertaining day)

Visit SOE at https://www.beaulieu.co.uk/

[Valid RSS]

Copyright © Cyber Show (C|S), 2025. All Rights Reserved.

Podcast by

Want to be featured? Have an idea or general query? Fill in our Enquire Form

Author: Dr. Andy Farnell

Created: 2025-02-25 Tue 13:34

Validate