Passive E-Mail Monitoring Leads To Arrest
www.2advanced.net writes "The world's first arrest resulting from passive monitoring of electronic communications is being reported by Globe Technology. In the article, sources reveal that 'an e-mail message intercepted by NSA spies precipitated a massive investigation by intelligence officials in several countries that culminated in the arrest of nine men in Britain and one in suburban Orleans, Ont. -- 24-year-old software developer Mohammed Momin Khawaja, who has since been charged with facilitating a terrorist act and being part of a terrorist group.'"
For those of you who have no idea where Orleans is in Ontario, its very close to Ottawa (minutes away), and about 2 hours from Montreal and 3.5 hrs from Toronto, making it an ideal spot to plan terrorist action in Canada. Ottawa is a couple hours from the US/Canadian border, and for those of you who have never driven the distance, it's a very somber drive, with extremely easy access into the United States. I knew a rum-runner once who would move liquor out of the states at an alarming rate through the St. Lawrence River border; a hardly monitored area concerned more with tourism than security, then. Today, it's a different story, I'm told.
Though it really surprises me that the NSA would actually take responsibility for passing along tips.
Generally they just pass stuff to the other three letter organizations and they take it from there.
Yes Francis, the world has gone crazy.
It seems like YRO, I mean, they were monitoring his email, they probably are monitoring ours!
Yeah right, like any terrorists would use unencrypted email.
# cat
Damn, my RAM is full of llamas.
That the NSA can just listen in to any/all communications like that. Makes me wonder if they're listening to me right now.
MABASPLOOM!
Today, we must FEAR those EVIL Canadians and their rum-running abilities. In fact, we have to use our "army of cryptographers, chaos theorists, mathematicians and computer scientists" to defeat just one of those crazy canuck masterminds.
EOF
sig: sauer
Would the NSA investigate if PGP or similar encryption was used?
Whatever the NSA is doing to monitor all the traffic, I'm sure the RIAA and MPAA are drooling at the prospect of using this technology to catch so-called copyright violators. Civilian applications for a military technology, natch!
It is so easy to monitor InterNet plain text communications, that I ALWAYS presume its been done since the start of the Net.
Although this news is probably bad for YRO issues, there may be an upside. If the NSA is packet-sniffing e-mail traffic, then maybe they will be motivated to find a way of reducing the amount of Nigerean printer cartridge enlargement spam messages. If we are really lucky, they may even share the solution with us all. Of course, it is also possible that the guys at the NSA may all suddenly become hung like donkeys, NOT!
Apply American laws to events occuring in America. The United States is big, but it's not everything in the world. How DARE they presume to police the world and its communications.
------- "From bored to fanboy in 3.8 asian girls" ----------
Well, I've probably got a ton of fans at the NSA due to discussion of privacy issues, security, and how to design systems that disallow monitoring that I've send through AIM/ICQ/mailing lists and other non-secured messaging systems.
Seriously, I'd say that it's a pretty reasonable bet that AIM/ICQ/MSN/Yahoo are routinely monitored. They're easy to data-mine (heck, the commercial data from that *alone* is phenomenal -- if people hear on a show that "Debora Mullins and Sandra Walker will be possibly starring in 'Shredded Metal 2', and there's a mass of messages saying "Debora Mullins sucks", that'd be awfully useful to the production company.
As for the NSA/CIA/FBI, messaging services are frequently used, easy to log and data-mine (no speech recognition necessary) systems that provide no end-to-end encryption that pass through a single point -- in the United States.
Jabber is the only reasonably well-designed IM system I've seen, and nobody *uses* Jabber, sadly enough.
May we never see th
I know this story is probably going to get a lot of people riled up. However, it is still my understanding that the NSA goes to great pains to avoid intercepting any communication that comes from a U.S. citizen. They are strictly prohibited from doing so.
If you are a U.S. citizen, your main privacy concerns should be with the FBI and the DoJ with their powers granted by the Patriot Act.
I'm all for catching "terrorists", but I agree...scary.
"'Foreign traffic that comes through the U.S. is subject to U.S. laws, and the NSA has a perfect right to monitor all Internet traffic,' said Mr. Farber, who has also been a technical adviser to the U.S. Federal Communications Commission."
I've never been under the illusion that internet traffic was private, but could someone tell me what law give them this power? I'm not being sarcastic here, I'd really like the information.
-
Tech News, Reviews and Tutorials
The quoted article seems kinda wierd to me.
The article starts off with a diabolically, highlighting the boast of a mysterious hacker who works as NSA. No names are quoted. The whole thing is given a hollywood-esque charm (the hacker known only as "Mudhen" (mud hen? duh!), a charming pseudonym for NSA - Puzzle Palace).
After adding sufficient soundbites to attract reader's attention, besides making one thing is it one of those devious secrets about NSA, it suddenly changes tone and highlights the achievement of NSA "spies". Charming. Other gems:
"army of cryptographers, chaos theorists"
"that may have pulled in the first piece of evidence"
"massive investigation in several countries "
And then finally a quick rundown on TCP/IP.
One could almost mistake it for communistic propaganda, if only it hailed the fatherland (or the motherland) as well...
ps: don't forget, there are no facts or figures mentioned anywhere in it well.
http://efil.blogspot.com/
There is no need to fear evil Canadians. There is a very significant need to fear apathetic Canadians.
Our politicians still don't think we have a terrorist problem. Our politicians think the Americans are the cause of all their terrorist problems. Our politicians think that if the Americans would just be nice to everyone all the time, everything would be just fine.
So, while we raise taxes for 'anti-terrorism' the money actually goes into a big pot and is spent on anything but solutions that the government finds unnecessary.
I'd ask anyone outside our borders who actually cares to forgive the average Canadian - we currently don't have a viable center or right-of-center party for whom to vote. Ostriches on the left, and book-burning, bible-thumping fanatics on the right.
In the meantime, the US shouldn't trust any person or vehicle coming across their northern border.
Right...we'd rather have it the other way around. Don't snoop, don't find bad crap like this going on, don't stop them before it happens... then when it does (because it will) have independent and congressional inquiries to determine blame - and ask "Why didn't you know about this beforehand?"
So this is the first thing we need. You want privacy? I want security more...
NSA is not the enemy - they are protectors. A bunch of dedicated professionals, even IF some of them need to get out into the sun more often...
Life would be so much easier if we could just look at the source code...
We need a group of people to start discussing how cheap Viagra, a larger penis, and low-interest home mortages can be used for terrorism. Blip! Suddenly all the spam vanishes off the internet. I always hoped the NSA could be used for good as well as evil.
when the most interesting thing to you about the entire story is the fact that there is now an IT job open in Ottawa.
Several years ago I taught some workshops to teachers to let them learn the joys of email. I made apoint to show them that email was not sure and anything written can be read by anyone with some knowledge. After sending some emails back and forth as a class, I logged into the mail server and showed them what they had written to each other. Even though they were upset that I could see the email, they walked away remembering the message:
Don't send anything in the email that you don't want printed in the classified ads of the local paper. Because sending email is like sending a postcard. Every postman between here and there can read what you've said.
What makes me wonder is that these "terrorist" were sending email that was unencrypted? [tinfoil hat] Or maybe, the NSA were able to get backdoors to encryption technology and that what what is passively being listened to. [/tinfoil]
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
"First things first -- but not necessarily in that order"
-- The Doctor, "Doctor
The people that founded the US were not terrorists in the sense that these people are. They didn't go to England and kill thousands of citizens in order to scare the English into leaving them alone. It was also very well known who they were, as they acted quite publicly with their intentions, and even sent a nice note to England lining out their complaints and putting their names on the bottom.
Terrorists target civilians, remain anonymous as often as possible, and their goal is often annihilation rather than separation.
What?
So when they start caring about something you are doing then you will give a shit, but it will be too late.
They came for the blahs, but I'm not a blah so I did nothing.
They came for the foos, but I'm not a foo so I said nothing.
Then they came for me, and no one was left to do anything.
Or something along those lines.
So yeah, terrorists today, guys named Jason Straight tomorrow.
You've been warned.
Actually... it has apparently been declassified:
s ting-people/200110/msg00157.html
From http://www.interesting-people.org/archives/intere
Out of curiosity I went hunting for info on the United States Signals
Intelligence Directives (USSIDs) I had to be aware of in a former line of work.
Much to my surprise, USSID 18, which outlines procedures for the NSA's
collection of data on "U.S. persons" was declassified just over a year ago.
I thought the document might be of interest to IPers, especially at this time.
An introduction, and links to the archives can be found at:
http://cipherwar.com/news/00/nsa_surveillance.htm
(From the site above:)
In the aftermath of revelations in the 1970s about NSA interception of the
communications of anti-war and other political activists new procedures
were established governing the interception of communications involving
Americans. The version of USSID 18 currently in force was issued in July
1993 and "prescribes policies and procedures and assigns responsibilities
to ensure that the missions and functions of the United States SIGINT
System (USSS) are conducted in a manner that safeguards the constitutional
rights of U.S. persons."
(And a bit from USSID 18, itself - any errors in transcription are my fault:)
SECTION 1 - PREFACE
1.1. (U) The Fourth Amendment ot the Unites States Constitution protects
all U.S. persons anywhere in the world and all persons within the United
States from unreasonable searches and seizures by any person or agency
acting on behalf of the U.S. Government. The Supreme Court has ruled that
the interception of electronic communications is a search and seizure
within the meaning of the Fourth Amendment. It is therefore mandatory that
signals intelligence (SIGINT) operations be conducted pursuant to
procedures which meet the reasonableness requirements of the fourth
amendment.
1.2. (U) In determining whether United States SIGING System (USSS)
operations are "reasonable," it is necessary to balance the U.S.
Government's need for foreign intelligence information and the privacy
interests of persons protected by the Fourth Amendment. Striking that
balance has consumed much time and effort by all branches of the United
States Government. The results of that effort are reflected in the
references listed in Section 2 below. Together, these references require
the minimization of U.S. person information collected, processed, retained
or disseminated by the USSS. The purpose of this document is to implement
these minimization requirements.
1.3. (U) Several themes run throughout this USSID. The most important is
that intelligence operation and the protection of constitutional rights are
not incompatible. It is not necessary to deny legitimate foreign
intelligence collection or suppress legitimate foreign intelligence
information to protect the Fourth Amendment rights of U.S. Persons.
1.4. (U) Finally, these minimization procedures implement the
constitutional principle of "reasonableness" by giving different categories
of individuals and entities different levels of protection. These levels
range from the stringent protection accorded U.S. citizens and permanent
resident aliens in the United States to provisions relating to foreign
diplomats in the U.S. These differences reflect yet another main theme of
these procedures, that is, that the focus of all foreign intelligence
operation is on foreign entities and persons.
One of the big pushes after 9-11 was for all of the intelligence agencies to "cooperate."
When I was in the navy we conducted counter narcotics patrols off the coast of Colombia and Panama. Since the military is not allowed to engage in law enforcement (that pesky Constitution and all) we simply had a Coast Guard team (they're Dept of Transportation and not Defense, so they *can* do law enforcement) that took care of the actual boarding of vessles and law enforcement. In fact, it had to be the Coast Guard person on watch who initiated the request to investivate/board a vessle. There was no "official" cooperation between the military and the Coast Guard on this, but when you get orders on the secure circuit to "think about getting to these coordinates in exactly 12 hours" which result in the Coastie on watch saying "Oh hey -- there's a boat... let's board him!" can you deny that there is unofficial cooperation going on?
(There were further stories about SEALS and other special forces folks who were officially discharged from the military and transferred to "another agency" for two weeks at a time in order to engage in "direct action law enforcement" before "deciding to reenter the military." It's call "sheep-dipping" and is just one more thing for the tin-foil-hatters to worry about...)
I suspect that this is probably what's going on with the NSA et al. If the agency in question either thinks/knows they're looking at a US citizen, they can just drop a pointer to the intel in the inbox of an agency who *can* legally handle it (Oh geez -- I wonder where *that* lead came from?). Or there are teams of "not officially NSA folks" who just happen to be working at NSA alongside the others who are legally allowed to investigate US citizens (similar to Coasties on US Naval vessles for counter-narc activities).
Take your pick as to the method in use or make up another, but I am pretty sure it's going on and will not be going away anytime soon.
Oh for ALLah's sake! I can't believe the waY OUR governments spy on us. Any AraB, AS Ever, is a suspect. This is going too fAR Even for Bush. It won't BE LONG before they'll be trawling slashdot looking for hidden messages. I certainly won't be moving TO the US any time soon.
Apathetic Canadians are no worse than apathetic US Citizens. US politicians have no problem with terrorists, as it only creates more jobs (defense spending == jobs). More jobs means less to complain about, and (finally) less to complain about leads to apathetic citizens. The US voting system allows far more control and granularity on whom we put in office, and frankly I think US citizens (in general) are far less likely to pay attention to important issues and vote along issue lines.
Already the US presidential race is about taxes. What makes taxes more important than international policy? And if someone starts talking about international policy, someone else will start bringing up the abortion debate again. (( Note Ralph Nader, while not officially running, is trying to talk about international policy, but is doing it in such a confrontational way, that he is easily marginalized as a zealot. )).How are Canadian polititicans different? Less population to try to lull into a sense of contentment / less active military force in countries where people feel they need to retaliate? Basically the same issues on a slightly smaller scale, with a higher per-person tax base. Oh, yeah, and they have to know two languages.
I feel for you, but your problems are not unique - after all, you are in North America, too.
I'm Allen Zadr, and I approved this messageKinetic stupidity has a new brand leader: Allen Zadr.
My guess is that encrypting your email makes it easier for the NSA -- only a tiny fraction of email traffic is encrypted. Outside of the tinfoil hat community, very, very few people bother to secure their email, so the simple act of sending an encrypted message (which can be spotted due to the low information content of cyphertext, or due to specific comments in the message header) probably flags you for attention.
And if that message is routed from an IP address in England to a cybercafe in Pakistan then so much the better. And if mail from the same address was sent to a known bad-guy last week then better still -- and before you know it, your door gets kicked in and several burly men are asking you questions about the half-tonne of fertilizer you just purchased.
It's convenient that the first instance of e-mail "bugging" resulting in action is against a terrorist. Right now, for the most part, the Average American (tm) is totally commited to giving up freedom for security (which conjures up the quote about said person deserving neither). Basically, since it stopped a terrorist, it completely validated this breach of privacy. I'm pretty sure that new initiatives like Carnivore will be openly embraced by said Average American (tm). The damage the terrorists have done is far beyond the deaths of Americans.
Tricksy hobbitses tries to takes away our privacies! Must protect the precious...
I do not know if the guy is guilty or not. A trial will tell us, in due time.
...etc. all these are misused terms in these confusing times.
However, the media coverage of the whole thing sucks.
His father, Mahboob A. Khawaja, has been detained in Saudi Arabia, where he is a professor at some university. The media reports that the father wrote articles critical of the West's meddling with the Muslim World's affairs. He wrote a book called Muslims and the West.
How is that relevant to anything? Is it an attempt to tie genuine legitimate criticism to terrorism somehow?
I did some searching on the father, and found quite a few articles, most of it critical to the Arab rulers than anything else. Seems he places blame where it belongs, whether in the West or in the Arab world.
This reminds me of the terms "terrorism", "anti-Americanism",
This whole thing about "guilt by association" got to stop.
2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning.
I'm not sure which part is worse, email monitoring (sure, they SAY it's passive...) or the terrorist activities.
You're not sure? I am. Terrorism is worse than reading someone else's email.
Mike van Lammeren
It will challenge your head, your brain, and your mind.
2. What makes you think that the encryption systems available to the general public aren't easily cracked by the boys in Virginia and Maryland?
1. You can not brute force a 256+ bit encryption. It'd be like every atom of earth (2^171) solving at 1THz (2^40) for a million years (2^45). So it must be an algorithm attack.
2. A lot of encryption theory is developed outside the US or in academia as theoretical mathematics. They do not have a monopoly on intelligence, or on trying to crack them.
3. Most encryption protocols rely on well published, well researched topics, like difficulty of factorization as opposed to multiplication. For them to have it would imply that a) such a solution exists and b) that they, but not anyone outside of their community would find it.
4. Most encryption protocols are vastly overengineered compared to the threats. Like, e.g. an opponent with a million times more computing power (-20 bits) or capable of instantly rejecting 99% of the keys (-7 bits) would have nearly no influence on the difficulty.
In short, there's every reason to believe that your favorite three-letter agency will capture the input before encryption or after decryption, due to a flawed implementation, unsecure handshake or through a man-in-the-middle attack than breaking the encryption/algorithm itself.
Kjella
Live today, because you never know what tomorrow brings
1.) expect to be evesdropped on for EVERYTHING that is not encrypted, wether you're IN the US or outside of it. Use STRONG encryption whereever possible.
2.) expect weak encryption to be easily broken--it's prettymuch a given that the NSA has hardware *specifically designed* to break or brute force crypto. they employ many of the worlds greatest mathmatic savants out there, do not underestimate their capabilities.
3.) All your base ae belong to U.S.
Troll, Troll, go away and flame again some other day
It's all well and good when the bad guys get caught...right up until the definition of "bad guys" gets changed. Yesterday there was an article about the DOJ labeling pornographers as "bad guys." There's no logical end. What's to stop someone being labeled as a bad guy for not going to church, or not supporting the government, or not going along with whatever intrusion-of-the-day on your privacy? It's not that big of a change from where we are now.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Actually, if you look at the Palestinian suicide bombers a lot of them are well-educated and middle class (by Palestinian standards). Some were not even particularly religious. In fact I believe some of them were even university students studying subjects like law. The 9/11 suicide bombers - quite a few of them were well educated and came from relatively rich families. Despite the hatred they nutured for the West they spent years studying in Western universities, getting Western friends and even girlfriends. This takes as much intelligence as any good spy in a foreign country. To hide your true self, blend in, become one of the enemy. They even learnt how to fly planes. A suicide bomber has to be smart to succeed. They have to be someone who can act on their own. Once they are set loose they are on their own. They have to negotiate their way to the target. They have to be able to act well enough to blend in to the crowd to do the maximum damage. If something goes wrong they have to negotiate the obstacles by themselves with no one to help them. Of course there is a lot of psychological preparation as well (brainwashing) but that's nowhere near the same thing as stupidity.
Of course there are stupid ones as well but that's true for everything.
I realize that the real answer may be classified, but I'm interested in informed speculation as well.
Is the monitoring with the cooperation of the ISPs who control the gateways/routers? Is it mandated that they have the monitoring taps? Or is it unknown to them (NSA are tapping into the signal unbeknownst to the ISPs)?
(I think this has a known answer.) Is is true that pretty much all intercontinental traffic goes through the USA? ARe there any routes eg, Europe to Asia, or other continents that are just direct routes not passing via the USA?
There's 10 types of people in this world, those who understand binary and those who don't.
- Suspected terrorist, who's been watched by UK anti-terrorists for months, buys hundreds of kilograms of Ammonium Nitrate
- Task force raids suspect's home
- Suspect's computer found on premises
- Task force opens Outlook, looks in Inbox, Sent Items
- Incriminating email to or from Mohammed_Momin_Khawaja@?????.ca discovered.
Sounds to me like someone is trying to spin this as justification for email surveilance.All I hear is "planning a terrorist act".
These days, planning a street party can be a 'terrorist act'. Handing out pamphlets in Washington, despicting GWB as a sheep, explaining why he's such a nut, could be a terrorist act.
Mooning the traffic on an interstate could be a terrorist act.
Anybody know?
Free PC version of ChipWits at http://www.breueronline.de/klaus/chipwits/
Sad that you don't understand what it really means. What you are doing is giving extraordinary powers to a government whose motives in ten or twenty years time are completely unknown to you. Just think about that for a while. Or are you really naive enough to believe that the US government not only currently has only pure motives, but always will, for hundreds of years to come, long after you've already given them the powers to prevent you from doing against their interests? You'd have to be clueless about the history of man's activities on this planet to really believe that is a good idea.
"The" economy now measures corporate profit more than citizen welfare. The numbers have been cooked so mightily for so long, that only the numbers which make those politicians in power look good are counted. For a simple example, "unemployment" does not count those who have stopped looking for work, which of course means all the spongers, nor the 1M military staff, who produce very little (and destroy a lot), and many other discounted people who are not employed. Of course, jobs are essential to citizens' welfare, but they're only indirectly linked to the economy, filtered through the crooked government accounting.
"The ship of the Sun is steered by the Grateful Dead."
--
make install -not war
Boy, is that way off-base.
Land Mines have a military use. Did you forget that? Until there is a reliable method for smart mine or other area suppresion weapon like FireStorm, they are the most effective way to prevent an adversary from moving across land.
The idea that politicians want to keep land mines to ensure jobs is ridiculous. Upon what facts do you base that statement? Do you have any idea how few people are actually employed making them?
Regarding the Kyoto treaty, have you ever read it? American factories were to be restricted with regard to their emissions yet Chinese, Indian and Eastern European factories were not. When was the last time you visited an industrial complex in one of those areas? They're horrible with all kinds of unfiltered liquid and gaseous emissions. How long have you been reading Slashdot? Haven't you ever seen the articles about disassembly of circuit boards in China?
Kyoto hid under the cloak of global warming which is really just a political thing. Sure, people can affect the environment to some extent but thinking we are destroying the environment is not only scientifically invalid, it's almost unspeakably arrogant and naive. We live in the middle of a planet-sized filter which recycles virtually everything within itself. We can't predict the weather 5 days in advance yet global warming zealots claim to understand environmental cycles?!?! Riiiight.
The Kyoto accord was NOT ratified by the non-U.S. countries who tried to get the U.S. to commit to follow it. Would American companies have been forced to shut down or move operations overseas? Yes. Think, where would they have moved manufacturing? Probably to countries which were exempted from the accord. How, exactly, would moving production from the U.S. to areas which were to be exempt from environmental limitations contribute to a cleaner environment?
The Kyoto accord was an attempt to hobble American industry by countries which are not able to match the U.S. level of productivity because of their political environments.
As much as possible, producers of any product or service want to be as physically close to their customers as possible. Transportation and time differences cost money, real money.
Your comments were pure socialist rhetoric. THey have no basis in the reality of our physical world which is subject to the law of diminishing returns.
Evidently they are confusing packet headers(envelope, as they call it) with e-mail headers.
And the counterexample to the second statement is NAT(Network Address Translation).