I feel like leaving a bunch of misdirection would also risk potentially just leave real traces behind that in some ways.
At least in my mind leaving some false trails behind, when I run through scenarios, seems like it could leave actual trails / to the point of not being worth the extra risk.
Yeah. If you have a choice of giving an adversary no information or false information, no information seems safer. The choice of false information is information. Same way that people are terrible at picking random numbers and fraudsters are often caught because they avoid round numbers.
It would make sense if doing something illegal to do the former, but also leave "slip ups" that are complete red herrings, create trails to people that seem like opsec fails but are actually just framing others, etc.
All about plausible deniability. Layers and layers and layers of dead ends that seem real.
In this way, if you do actually slip up, it becomes near impossible to distinguish the real slip-ups with the orchestrated ones.
The problem is that false “slip ups” provide information. Sure, you waste investigator’s time, but once they rule out the false lead they have a bunch of information:
- if the false slip-up used only public information about, you likely don’t have access to confidential information about that space. If it used confidential information, you do.
- The geography and demographics of the false lead are probably not near-misses. The point of misdirection is to misdirect, so you likely won’t frame a coworker that will bring investigators to your own door.
- Any mistakes in the false slip-up, from spelling to factual to timing, may reveal info.
IMO this is a “too clever by half” scenario: leaving any trace at all is information. Leaving none is wiser.
Example: you’re a master hacker. You’re going to repeatedly access a compromised system. Is it better to set an alarm for 3am each time to suggest you’re in a different time zone, or to use a RNG to close an alarm time?
I say the RNG is better. Using 3am gives psychographics. Random isn’t clear if there’s any planning at all, or if you travel, etc.