Slashdot Mirror


Passive E-Mail Monitoring Leads To Arrest

www.2advanced.net writes "The world's first arrest resulting from passive monitoring of electronic communications is being reported by Globe Technology. In the article, sources reveal that 'an e-mail message intercepted by NSA spies precipitated a massive investigation by intelligence officials in several countries that culminated in the arrest of nine men in Britain and one in suburban Orleans, Ont. -- 24-year-old software developer Mohammed Momin Khawaja, who has since been charged with facilitating a terrorist act and being part of a terrorist group.'"

23 of 921 comments (clear)

  1. Orleans by dolo666 · · Score: 5, Interesting

    For those of you who have no idea where Orleans is in Ontario, its very close to Ottawa (minutes away), and about 2 hours from Montreal and 3.5 hrs from Toronto, making it an ideal spot to plan terrorist action in Canada. Ottawa is a couple hours from the US/Canadian border, and for those of you who have never driven the distance, it's a very somber drive, with extremely easy access into the United States. I knew a rum-runner once who would move liquor out of the states at an alarming rate through the St. Lawrence River border; a hardly monitored area concerned more with tourism than security, then. Today, it's a different story, I'm told.

  2. Shouldn't this be YRO? by Xshare · · Score: 5, Insightful

    It seems like YRO, I mean, they were monitoring his email, they probably are monitoring ours!

  3. Today it's a different Story by rwiedower · · Score: 5, Funny

    Today, we must FEAR those EVIL Canadians and their rum-running abilities. In fact, we have to use our "army of cryptographers, chaos theorists, mathematicians and computer scientists" to defeat just one of those crazy canuck masterminds.

  4. Hurray for the good guys! by ichthus · · Score: 5, Insightful

    EOF

    --
    sig: sauer
  5. Somebody forgot to use encryption! by Rectal+Prolapse · · Score: 5, Interesting

    Would the NSA investigate if PGP or similar encryption was used?

    Whatever the NSA is doing to monitor all the traffic, I'm sure the RIAA and MPAA are drooling at the prospect of using this technology to catch so-called copyright violators. Civilian applications for a military technology, natch!

    1. Re:Somebody forgot to use encryption! by javatips · · Score: 5, Informative

      With the state of current encryption systems, it is very unlikely... The best approach to break encryption is by breaking the weakest link in the protocol, not the encryption algorithm.

      Once they suspect illegal activities and start an investigation, there is a lot of way to access the plain text without having to break the encryption algorithm. One easy way, is to break into the target computer and install a key logger. This requires a lot less efforts.

      Note that to suspect illegal activities, they can just do some traffic analysis. If they find some pattern (an e-mail is sent from A in CA to B in the UK, then shortly after another e-mail is sent from B in the UK to C in Pakistan, then you have the same path in reverse and the pattern repeat a lot) that trigger their alert, they will monitor A, B and C a little more closely and dig a little deeper to see if it looks suspucious enough for an investigation. Then they start to do active spying and they build their case.

      The passive monitoring in that case does not requires an breaking of encryption... it does not even requires to know the plaintext (if the traffic is encrypted).

    2. Re:Somebody forgot to use encryption! by Tackhead · · Score: 5, Interesting
      > Erm... am I missing something? The only instance I am aware of where the NSA gave some advice to "strengthen" a cryptographic algorithm did actually strengthen it, when an attack was found for the algorithm a decade or so later.
      >
      > Anyone remember what algorithm it was? I think it might have been RSA.

      It was DES. NSA suggested that IBM make some modifications to the S-boxes that made DES more resistant to differential cryptanalysis.

      At the time, nobody (but NSA) knew about differential cryptanalysis. NSA basically told IBM to make the changes, and that it couldn't tell IBM why the changes were required.

      At the time (1980s), "informed speculation" in the crypto community was that NSA had weakened DES. When differential cryptanalysis was "discovered" publicly, a lot of smart people with a lot of math degrees under their belts... wound up looking like they had a fair bit of tinfoil on their heads :)

  6. Terrorism & spam by Dr_Ish · · Score: 5, Funny

    Although this news is probably bad for YRO issues, there may be an upside. If the NSA is packet-sniffing e-mail traffic, then maybe they will be motivated to find a way of reducing the amount of Nigerean printer cartridge enlargement spam messages. If we are really lucky, they may even share the solution with us all. Of course, it is also possible that the guys at the NSA may all suddenly become hung like donkeys, NOT!

  7. Re:Yeah right... by wishus · · Score: 5, Insightful

    2. What makes you think that the encryption systems available to the general public aren't easily cracked by the boys in Virginia and Maryland?

    Mathematics.

  8. Before putting on your tinfoil hat... by dmoore · · Score: 5, Informative

    I know this story is probably going to get a lot of people riled up. However, it is still my understanding that the NSA goes to great pains to avoid intercepting any communication that comes from a U.S. citizen. They are strictly prohibited from doing so.

    If you are a U.S. citizen, your main privacy concerns should be with the FBI and the DoJ with their powers granted by the Patriot Act.

  9. Re: Passive E-Mail Monitoring Leads To Arrest by manavendra · · Score: 5, Insightful

    The quoted article seems kinda wierd to me.

    The article starts off with a diabolically, highlighting the boast of a mysterious hacker who works as NSA. No names are quoted. The whole thing is given a hollywood-esque charm (the hacker known only as "Mudhen" (mud hen? duh!), a charming pseudonym for NSA - Puzzle Palace).

    After adding sufficient soundbites to attract reader's attention, besides making one thing is it one of those devious secrets about NSA, it suddenly changes tone and highlights the achievement of NSA "spies". Charming. Other gems:

    "army of cryptographers, chaos theorists"

    "that may have pulled in the first piece of evidence"

    "massive investigation in several countries "

    And then finally a quick rundown on TCP/IP.

    One could almost mistake it for communistic propaganda, if only it hailed the fatherland (or the motherland) as well...

    ps: don't forget, there are no facts or figures mentioned anywhere in it well.

    --
    http://efil.blogspot.com/
  10. Re:Nice to hear by I+confirm+I'm+not+a · · Score: 5, Interesting

    Possibly not - obviously the various PATRIOT acts have changed the landscape somewhat, but hasn't it traditionally been against the law for the US government to monitor US citizens without a warrant? Echelon was established in the aftermath of the 2nd World War, and basically provided a mechanism for spying on your own citizens: Canada spies on US citizens, and alerts the US authorities, and vice verca. Insert any combination of UK, Australia and NZ governments here for the full horror.

    In other words - the NSA probably don't need to monitor you. They'll find out the naughty things you're plotting, regardless!

    --
    This is where the serious fun begins.
  11. It's sad... by waterford0069 · · Score: 5, Funny

    when the most interesting thing to you about the entire story is the fact that there is now an IT job open in Ottawa.

  12. Re:Yeah right... by 3waygeek · · Score: 5, Funny
  13. Re:Sigh by hazem · · Score: 5, Informative

    Actually... it has apparently been declassified:

    From http://www.interesting-people.org/archives/interes ting-people/200110/msg00157.html

    Out of curiosity I went hunting for info on the United States Signals
    Intelligence Directives (USSIDs) I had to be aware of in a former line of work.

    Much to my surprise, USSID 18, which outlines procedures for the NSA's
    collection of data on "U.S. persons" was declassified just over a year ago.

    I thought the document might be of interest to IPers, especially at this time.

    An introduction, and links to the archives can be found at:

    http://cipherwar.com/news/00/nsa_surveillance.htm

    (From the site above:)

    In the aftermath of revelations in the 1970s about NSA interception of the
    communications of anti-war and other political activists new procedures
    were established governing the interception of communications involving
    Americans. The version of USSID 18 currently in force was issued in July
    1993 and "prescribes policies and procedures and assigns responsibilities
    to ensure that the missions and functions of the United States SIGINT
    System (USSS) are conducted in a manner that safeguards the constitutional
    rights of U.S. persons."

    (And a bit from USSID 18, itself - any errors in transcription are my fault:)

    SECTION 1 - PREFACE

    1.1. (U) The Fourth Amendment ot the Unites States Constitution protects
    all U.S. persons anywhere in the world and all persons within the United
    States from unreasonable searches and seizures by any person or agency
    acting on behalf of the U.S. Government. The Supreme Court has ruled that
    the interception of electronic communications is a search and seizure
    within the meaning of the Fourth Amendment. It is therefore mandatory that
    signals intelligence (SIGINT) operations be conducted pursuant to
    procedures which meet the reasonableness requirements of the fourth
    amendment.

    1.2. (U) In determining whether United States SIGING System (USSS)
    operations are "reasonable," it is necessary to balance the U.S.
    Government's need for foreign intelligence information and the privacy
    interests of persons protected by the Fourth Amendment. Striking that
    balance has consumed much time and effort by all branches of the United
    States Government. The results of that effort are reflected in the
    references listed in Section 2 below. Together, these references require
    the minimization of U.S. person information collected, processed, retained
    or disseminated by the USSS. The purpose of this document is to implement
    these minimization requirements.

    1.3. (U) Several themes run throughout this USSID. The most important is
    that intelligence operation and the protection of constitutional rights are
    not incompatible. It is not necessary to deny legitimate foreign
    intelligence collection or suppress legitimate foreign intelligence
    information to protect the Fourth Amendment rights of U.S. Persons.

    1.4. (U) Finally, these minimization procedures implement the
    constitutional principle of "reasonableness" by giving different categories
    of individuals and entities different levels of protection. These levels
    range from the stringent protection accorded U.S. citizens and permanent
    resident aliens in the United States to provisions relating to foreign
    diplomats in the U.S. These differences reflect yet another main theme of
    these procedures, that is, that the focus of all foreign intelligence
    operation is on foreign entities and persons.

  14. Officially, yes; however... by parvenu74 · · Score: 5, Interesting

    One of the big pushes after 9-11 was for all of the intelligence agencies to "cooperate."

    When I was in the navy we conducted counter narcotics patrols off the coast of Colombia and Panama. Since the military is not allowed to engage in law enforcement (that pesky Constitution and all) we simply had a Coast Guard team (they're Dept of Transportation and not Defense, so they *can* do law enforcement) that took care of the actual boarding of vessles and law enforcement. In fact, it had to be the Coast Guard person on watch who initiated the request to investivate/board a vessle. There was no "official" cooperation between the military and the Coast Guard on this, but when you get orders on the secure circuit to "think about getting to these coordinates in exactly 12 hours" which result in the Coastie on watch saying "Oh hey -- there's a boat... let's board him!" can you deny that there is unofficial cooperation going on?

    (There were further stories about SEALS and other special forces folks who were officially discharged from the military and transferred to "another agency" for two weeks at a time in order to engage in "direct action law enforcement" before "deciding to reenter the military." It's call "sheep-dipping" and is just one more thing for the tin-foil-hatters to worry about...)

    I suspect that this is probably what's going on with the NSA et al. If the agency in question either thinks/knows they're looking at a US citizen, they can just drop a pointer to the intel in the inbox of an agency who *can* legally handle it (Oh geez -- I wonder where *that* lead came from?). Or there are teams of "not officially NSA folks" who just happen to be working at NSA alongside the others who are legally allowed to investigate US citizens (similar to Coasties on US Naval vessles for counter-narc activities).

    Take your pick as to the method in use or make up another, but I am pretty sure it's going on and will not be going away anytime soon.

  15. Stenography by pr0nbot · · Score: 5, Funny

    Oh for ALLah's sake! I can't believe the waY OUR governments spy on us. Any AraB, AS Ever, is a suspect. This is going too fAR Even for Bush. It won't BE LONG before they'll be trawling slashdot looking for hidden messages. I certainly won't be moving TO the US any time soon.

  16. Media coverage by kbahey · · Score: 5, Insightful

    I do not know if the guy is guilty or not. A trial will tell us, in due time.

    However, the media coverage of the whole thing sucks.

    His father, Mahboob A. Khawaja, has been detained in Saudi Arabia, where he is a professor at some university. The media reports that the father wrote articles critical of the West's meddling with the Muslim World's affairs. He wrote a book called Muslims and the West.

    How is that relevant to anything? Is it an attempt to tie genuine legitimate criticism to terrorism somehow?

    I did some searching on the father, and found quite a few articles, most of it critical to the Arab rulers than anything else. Seems he places blame where it belongs, whether in the West or in the Arab world.

    This reminds me of the terms "terrorism", "anti-Americanism", ...etc. all these are misused terms in these confusing times.

    This whole thing about "guilt by association" got to stop.

  17. Re:Sigh by lamz · · Score: 5, Insightful

    I'm not sure which part is worse, email monitoring (sure, they SAY it's passive...) or the terrorist activities.

    You're not sure? I am. Terrorism is worse than reading someone else's email.

    --

    Mike van Lammeren
    It will challenge your head, your brain, and your mind.

  18. Would it change the discussion by HangingChad · · Score: 5, Insightful
    If we changed "Email" to "mail" and made the same statements? Do we grant ourselves the right to read every piece of postal mail that goes through the US? Why stop there? Why not search mail and packages? And luggage...oops, we already do that one. Where does it stop? The Supreme Court has never met an unreasonable search.

    It's all well and good when the bad guys get caught...right up until the definition of "bad guys" gets changed. Yesterday there was an article about the DOJ labeling pornographers as "bad guys." There's no logical end. What's to stop someone being labeled as a bad guy for not going to church, or not supporting the government, or not going along with whatever intrusion-of-the-day on your privacy? It's not that big of a change from where we are now.

    --
    That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
  19. Re:Jobs by FredThompson · · Score: 5, Insightful

    Boy, is that way off-base.

    Land Mines have a military use. Did you forget that? Until there is a reliable method for smart mine or other area suppresion weapon like FireStorm, they are the most effective way to prevent an adversary from moving across land.

    The idea that politicians want to keep land mines to ensure jobs is ridiculous. Upon what facts do you base that statement? Do you have any idea how few people are actually employed making them?

    Regarding the Kyoto treaty, have you ever read it? American factories were to be restricted with regard to their emissions yet Chinese, Indian and Eastern European factories were not. When was the last time you visited an industrial complex in one of those areas? They're horrible with all kinds of unfiltered liquid and gaseous emissions. How long have you been reading Slashdot? Haven't you ever seen the articles about disassembly of circuit boards in China?

    Kyoto hid under the cloak of global warming which is really just a political thing. Sure, people can affect the environment to some extent but thinking we are destroying the environment is not only scientifically invalid, it's almost unspeakably arrogant and naive. We live in the middle of a planet-sized filter which recycles virtually everything within itself. We can't predict the weather 5 days in advance yet global warming zealots claim to understand environmental cycles?!?! Riiiight.

    The Kyoto accord was NOT ratified by the non-U.S. countries who tried to get the U.S. to commit to follow it. Would American companies have been forced to shut down or move operations overseas? Yes. Think, where would they have moved manufacturing? Probably to countries which were exempted from the accord. How, exactly, would moving production from the U.S. to areas which were to be exempt from environmental limitations contribute to a cleaner environment?

    The Kyoto accord was an attempt to hobble American industry by countries which are not able to match the U.S. level of productivity because of their political environments.

    As much as possible, producers of any product or service want to be as physically close to their customers as possible. Transportation and time differences cost money, real money.

    Your comments were pure socialist rhetoric. THey have no basis in the reality of our physical world which is subject to the law of diminishing returns.

  20. Re:The US should watch the Canadian border by pcb · · Score: 5, Insightful

    Why do Canadians always talk to Americans with that pathetic tone. We are, who we are. Don't be such an apologist...it makes everybody look bad. Canada, like every other country, is just a bunch of people trying to get through life as best they can. Sometimes we make mistakes, sometimes we get it right. There is nothing to apologize for.

    -PCB

    --
    'Men never commit evil so fully and joyfully as when they do it for religious convictions.' B. Pascal
  21. Re:+1 Ane by mwood · · Score: 5, Insightful

    Um, so newborns should be part of the unemployment figure because they don't have jobs? That's what "the unemployed" ought to mean, strictly speaking, but the result would be a strikingly useless number.

    The phrase usually means "people who are seeking employment but haven't found it." That is a very useful number. Those who aren't seeking, don't get counted. If you want to be counted, show up where they're counting.