Slashdot Mirror
Nasty Bad Men Are Using Encryption
ruebarb writes: "It appears that Osama Bin Laden and the majority of the Slashdot community have something in common - they love that free encryption! Bin Laden has been using chat rooms, bulletin boards, email, and (presumably) PGP to plan his terrorist activities. The article is available at cnn.com -- Expect the usual political outcry and demands for restriction of encryption technology to follow shortly hereafter"
And an unnamed correspondent writes: "USA Today has this report about how terrorists are using encryption to distribute secret mayhem instructions via the internet. Gee, you think?
What do you think -- is this part of a PR campaign to show John Q. Public how dangerous encryption is in any hands other than gov?" In related news, several of the major news networks are reporting that innocent-looking newspapers and circulars have been employed to form the ransom notes used by notorious kidnappers; calls to ban newspapers on that ground may face some opposition from extremists, but will no doubt soon reach the legislature.
Besides, restrictions on encryption technology can't stuff this cat back into the bag; the software is out there, and that's that.
Intelligence and police agencies have been using other techniques to get around the use of encryption since the late '80s, from keystroke logging hardware slipped into a suspect's keyboard (what was that about a passphrase?) to the simple and ancient techniques of Van Eyck/TEMPEST monitoring (nabbing the cleartext from the RF emissions of the CPU or display).
Informed sources tell me the NSA has been breaking PGP for years, but they'll generally only bother in cases where side-channel attacks are unfeasible, due to the required resources in time and labor.
Someone's pushing an agenda with this article, but I rather suspect it's Gannett (owners of USAToday) and CNN.com, who's essentially paraphrasing the USAToday article. Sadly for us /. paranoiacs, it's probably no agenda more sinister than "attract readers with inflammatory stories", just like many other sites we know and love. :)
-Isaac
I am not a lawyer, and this is not legal advice. For Entertainment Purposes Only.
Is there any strong evidence that Bin Laden really exists, and is really the mastermind of a global anti-American plot? Sometimes I get the feeling that he is just the generic evil guy that the US drags out whenever it needs to push some agenda.
USA Today article is so filled with garbage and gaps, so clearly following an (no-very-well) hidden agenda that I don't even have the energy to debunk it all. So, just a few commented hightlights:
a) "Hidden in the X-rated pictures on several pornographic Web sites". The article starts with this major culturally ignorant phrase. All "bad men" quoted afterwards are fundamentalist muslins. These guys are as likely to found in pornographic sites as Mrs. Barbara Bush is likely to be photographed burning the flag.
b) "Uncrackable encryption is allowing terrorists ? Hamas, Hezbollah, al-Qaida and others ? to communicate about their criminal intentions without fear of outside intrusion," FBI Director Louis Freeh said last March during closed-door testimony on terrorism before a Senate panel. "They're thwarting the efforts of law enforcement to detect, prevent and investigate illegal activities." Please notice the "last March" expression. This panel was reported and fully discussed (See the news here. I believe it was even discussed in Slashdot, but I couldn't find the article)
c)"encryption has become the everyday tool of Muslim extremists in Afghanistan, Albania, Britain, Kashmir, Kosovo, the Philippines, Syria, the USA, the West Bank and Gaza and Yemen, U.S. officials say." I guess they also have radios, all forms of guns, phones, cameras. They also use cars, trains, buses. Let us ban all of those.
d)"All the Islamists and terrorist groups are now using the Internet to spread their messages," says Reuven Paz, academic director of the Institute for Counter-Terrorism, an independent Israeli think tank." This has absolutely nothing to do with encryption. Notice the equality achieved in the sentence between Islamist and terrorist. Rephrase to "All Southern Baptists and racists groups are now using the Internet". Think about it.
e)"They're hidden using free encryption Internet programs set up by privacy advocacy groups. The programs scramble the messages or pictures into existing images. The images can only be unlocked using a "private key," or code, selected by the recipient, experts add. Otherwise, they're impossible to see or read." We should throw all these "privacy advocacy groups" in jail and lose the key, shouldn't we?
f)"It's no wonder the FBI wants all encryption programs to file what amounts to a "master key" with a federal authority that would allow them, with a judge's permission, to decrypt a code in a case of national security. But civil liberties groups, which offer encryption programs on the Web to further privacy, have vowed to fight it." Of course, as we already know that all the enemies of the United States are a bunch dumb arabs, they obviously cannot develop their own software. So they will be forced use US-made software that automatically deposits their private keys with the FBI.
g)"Who ever thought that sending encrypted streams of data across the Internet could produce a map on the other end saying 'this is where your target is' or 'here's how to kill them'?" says Paul Beaver, spokesman for Jane's Defense Weekly in London, which reports on defense and cyberterrorism issues. "And who ever thought it could be done with near perfect security? The Internet has proven to be a boon for terrorists." Who ever thought a spokesman for a defense and cyberterrorism publication could be so dumb? To discover how does Mr. Beaver manages to keep his job, that would amaze me.
The discussion about the racist bias of the article is left as an exercise to the reader.
MSK
And THAT, my friends is precisely why the Americans leave us Canadians alone. (-:
Currently, I tend to feel SAFER buying stuff online from trusted merchants with my credit card than giving it to someone who works in a store. Most online merchants destroy your credit card number after it's no longer needed, and keep only minimal records of it (4 first or last numbers). Compared to bricks-and-mortar shopping, where the store makes one or two copies for itself and one copy for you to lose, with 'customers' behind you that can look over your shoulder because of poor handling of the card, it makes me feel nervous. However, if you take away encryption from the equation, all bets are off, since a packet may travel through dozens of systems and routers before being recieved by the vendor you're trying to buy from.
How much freedom are you willing to sacrifice in order to gain safety? To me, the benefits that society gains from encryption far outweigh the evils that can be done with it. Besides the fact that if they're already criminals, do you think they'll have any qualms about using 'illegal' encryption products? You'll only stop stupid ones, and they're rarely the ones that do the most damage. I'm glad to be living in Canada on this point -- there's never been any plans to stop private citizens from using or exporting encryption, with the exception of those products imported from the United States that employed 'high-grade' encryption that was banned from export from the United States. Why do you suppose the OpenBSD project, which uses encryption where ever possible, is based in Canada? ;-)
I used up all my sick days, so I'm calling in dead.
It's obvious, then, that if the government has a tight enough rein on the terrorists they're pointing out who use encryption, then obviously the government is good enough at tracking terrorists without being able to track their keys, and they simply don't need to worry about it!
Of course, the reality is that this is prime material for legislatures to begin convincing the less tech-savvy "common man" that they desperately need legislation in place to form a Key Escrow so that anyone's keys can be cracked by the government if they so desire.
Criminals, of course, simply won't obey the law. Duh.
Only outlaws will use encryption. I know it's an old saw, but how exactly is banning encryption supposed to stop terrorists from using it? The mathematical basis for most algorithms is still out there, and just about anyone reasonably competent at programming can roll their own. Not to mention that software can legally be written in countries other than the US, so unilateral action won't do any good anway. The genie is out of the bottle, and it can't be put back in.
There's no point in questioning authority if you aren't going to listen to the answers.
In a related story, cnn.com is also reporting that Osama Bin Laden and other terrorists are using this new technology called 'chemistry' to carry out their work.
'Chemistry' could be a new, important tool in the terrorists quest to stay one step ahead of authorities and commit mass-murder. The senate will soon debate a bill which bans the use or export of this 'chemistry' and proposes stiff new regulations.
Liberty.
Firstly, we need to to step up manned operations abroad, especially in known trouble spots. We'll need to recruit more people to do this, which means increasing budgets.
This might not work. How do you infiltrate a terrorist organization made up of people who are relatives? How do you infiltrate a terrorist organization in a country where most of the residents are at least somewhat sympathetic to the groups goals? Bear in mind that HUMINT has a pretty shitty track record. Investing in HUMINT is like investing in a dotcom - you may be wasting your money or you might get a huge payoff. Getting Congress to approve large cash payouts to shifty characters could be awfully difficult, especially in light of the Iran-Contra debacle not too long ago.
And in the event that all of this fails, we're going to need the much-maligned national missile defence folks. When you don't know in advance what's coming, you have to be able to protect yourselves! It's no different from soldiers wearing a bulletproof jacket, and in these times when nuclear proliferation is a fact of life, America needs that jacket.
Ouch! Head hurts! NMD = very stupid.
Why would anyone launch a missile at the US when much better delivery systems are available? The World Trade Center bombing, the Oklahoma federal building bombing, and so forth all involved very sophisticated car bombs. The USS Cole was hit by another boat, not a missile. There is no reason why any terrorist would use a missile as a delivery system - they're expensive, and it appears sneaking up on your target works just fine.
Some may say, well, just because a missile defense would not protect us against some attacks isn't a reason to build it. Implicit within this claim is a couple things:
1) Terrorists are fairly smart, they can build high-yield conventional weapons and possibly NBCs.
2) Terrorists are extremely stupid, if we build a missile defense system they will abadon in rental trucks and boats as delivery systems and switch to ballistic missiles.
Pick one or the other folks, it can't be both.
What would happen if the NSA and the CIA and the FBI and all the Military intelligence communities get public key escrow and the right to snoop thru our email and web pages?
Answer - it would not affect them at all. The bad guys already have PGP and they can't crack it. The bad guys already have image encryption and they can't crack it.
All this will let them do is run roughshod over the constitution and pry even more into our private lives.
And, remember, Bush Sr. was Director of the CIA - don't for a second think that this is not a pretext to take even more of our civil liberties away.
--- Will in Seattle - What are you doing to fight the War?
Curses! Foiled again!
omega_rob
I think that this incident is precisely a government campaign to build public support for encryption regualtion. My grad instructor worked for the 'intelligence community' during the Gulf War; he implied without saying directly that the gorvernment used the news media like a precision weapon in control what was known, by whom and when. So much disinformation went through CNN, with their blessing, that it is amazing we know any 'facts' at all. Who knows, maybe Bin laden is on the government payroll...
There is no guarantee that the content has been read or understood.
Now, how are the mainstream to be convinced that using encryption is a good thing? This is what we all want to do, correct? Well, we won't manage it by trying to do so ourselves - being lectured at by the freaks will only make the public resist even more. I suggest that we embrace the criminals for this campaign. The fact that Bin Laden and criminals like the mafia use encryption make it into a sexy field again, like it was in the 1920's through 40's, say. If we wish to impress Joe Public, it is imperative that we use the tools of advertising, which uses sexy images and subliminal suggestions, and not reason, which bores the common man and causes him to switch off.
Much like antidrugs campaigns by the government can increase their appeal and use in many quarters, I suspect that any government campaign to convince people that encryption is evil because it is used by terrorists criminals will surely backfire, and increase the sexiness of the field and general usage statistics for encryption.
This is what encryption has needed to enter the mainstream.
They fuck you up, your mum and dad.
--Anticipation of a New Lover's Arrival, The
Late at night, Muslim terrorist headquarters...
General walks into a room unannounced.
General: Samir, what are you doing?!?
Samir (surprised, suddenly turning his attention from the computer): General!!! I-I-I didn't know you were here at this hour, sir!!!!
General: Samir, were you using Allah's network connection to visit porn sites?
Samir: No, General! Of course not! I was just -- I was just, eh, using the porn site's bulletin board to send terrorist messages, sir! (types in something random)
General: But I can't read any of it!
Samir: Of course not, General! You see, sir, they're encrypted! Yes, that's right, they're encrypted!
General: Very well, I'll let it pass this time.
Samir turns off the computer and the lights. Exeunt.
General: By the way, Samir...
Samir: Yes, sir?
General: I think "CIABoy935466" likes you.
To the editors: your English is as bad as your Perl. Please go back to grade school.
http://www.attrition.org/~wrlwnd/crypto/steanograp hy/jpeg-steg/
Maybe you could use this to tunnel IP over USENET porn?
I think it's important to put Bin-Laden's quote in context:
----> The US conducts Operation Desert Storm. The US media reports it is an enormous success -- highlighting the role of Patriot missles and other high-tech systems -- when in fact, MIT researchers later show that none of the Patriots hit their intended targets, cruise missle performance was dismal (30% ish), etc.
----> In 1992, a bunch of Bin-Laden trained hicks kick the US's butt in Somalia. Boy, we don't hear much about US military effectiveness in the media.
----> In Spring 2000, 129 US warplanes are downed in the Yugoslav/Kosovo conflict. The NY Times reports only one of these.
As an advocate of a truly strong military -- as opposed to a bloated, bureaucratic, budget-and-career-path grabbing mess -- I think we ought to be listening pretty strongly when Bin-Laden says America is run by "devils."
Why? Because what Bin-Laden is saying is that America is much weaker than is says it is. That it is run by a bunch of cowards who lie about just about everything -- including our military capacity. And that sort of lying has everything to do with the current case.
Instead of going out there and building a strong, honorable military that can defend Americans along with the ideal of freedom, the FBI and etc. are going out there and building a totalitarian state that prevents the flow of information and the development of ideas. It's saying that people can't have encryption, because we're too cowardly and lazy to defend against it, and playing to the weakness and fear of the public. This is the essence of unfreedom. This is what destroys republics.
It is also the direct opposite of the democratic ideal which protects our society. The idea of freedom of information is that we become strongest when ideas can flow without government restriction -- that we solve problems, build economies, develop new technologies, and learn to protect ourselves better in a free society. And it is for this reason that totalitarian societies are doomed to freedom.
Is Mr. Bin-Laden using encryption? Is he building a military force to fight the U.S. government? Is he hurting the U.S.? If so, then I say, as an American, thank you Mr. Bin-Laden. Thank you for pointing out how weak we have become, under the direction of Mr. Freeh, and Messrs. Bush, and Mr. Clinton. Thank you for showing us that our society is so weak, and so unfree, that it cannot defend itself from you. Thank you for pointing out the devils among us, and how unfree they have made us, and that they are liars.
And that the lie is, that it is good to restrict technology, restrict information, restrict DeCSS, restrict encryption. That it is good to not let Americans see when their planes are shot down, or when their soldier die because they are unprepared for real war, because it "maintains morale" and public support for the military. The lie is, that restrictions and lying and totalitarianism makes us stronger, when it weakens us, weakens our military, and weakens our democracy. The lie is, that this benefits anyone, other than the bastards telling the lie. And by that, I mean Louis Freeh, among others, in this case.
All I have left to say, is that it is time to get the bastards out of office.
When the Marines landed in the last days of 1992, bin Laden sent in his own soldiers, armed with AK-47's and rocket launchers. Soon, using the techniques they had perfected against the Russians, they were shooting down American helicopters. The gruesome pictures of the body of a young army ranger being dragged naked through the streets by cheering crowds flashed around the world. The yearlong American rescue mission for starving Somalians went from humanitarian effort to quagmire in just three weeks. Another superpower humiliated. Another bin Laden victory.
"After leaving Afghanistan, the Muslim fighters headed for Somalia and prepared for a long battle, thinking that the Americans were like the Russians," bin Laden said. "The youth were surprised at the low morale of the American soldiers and realized more than before that the American soldier was a paper tiger and after a few blows ran in defeat. And America forgot all the hoopla and media propaganda ... about being the world leader and the leader of
the New World Order, and after a few blows they forgot about this title and
left, dragging their corpses and their shameful defeat."
Oh yeah me and Osama go way back to the old school days of ef-net.. check out this old log i found:
:DDDD:D:D:D:D:D hey man! whats happening?
;)~~~
*** Osama888 has joined #metallica
<Osama888> wasssuuuuuupppppp >:D
*** UN sets mode: +o Osama888
<brakzilla>
<Osama888> man I was out shopping for nitrogen rich fertilizer at this damn store in al Kabarfi and this zit faced punk at the store was all up in my face
<brakzilla> hehehehe lol!!
<Osama888> hehe then I told the guy, "do you know who I am??" and he was like D:
<brakzilla> werd!
<Osama888> yea w3rd.. brb pizza
don't sweat the petty things and don't pet the sweaty things
It's kind of funny (but not too funny) how the Western World is as afraid of technology they don't understand (crypto) as they are of cultures they don't understand.
It's supposed to be completely automatic, but actually you have to press this button.