Slashdot Mirror
Bin Laden's Sneakernet Email System
Hugh Pickens writes "Osama bin Laden was a prolific writer who put together a painstaking email system that thwarted the US government's best eavesdroppers despite having no Internet access in his hideout. Holed up in his walled compound in northeast Pakistan with no phone or Internet capabilities, bin Laden would type a message on his computer, save it using a thumb-sized flash drive that he passed to a trusted courier, who would head for a distant Internet cafe. At that location, the courier would plug the drive into a computer, copy bin Laden's message into an email and send it. Intelligence officials are wading through thousands of the email exchanges after around 100 flash drives were seized from the compound by US Navy Seals."
belongs under the heading of 'Apple rumors'
For justice, we must go to Don Corleone
Why couldn't he just use Tor? Heckuva lot simpler and less vulnerable to betrayal by associates.
Information theory is life. The rest is just the KL divergence.
RFC 1149?
This post may or may not contain cancer causing materials.
How is that painstaking? That's like calling writing a telegram painstaking.
Merely delayed it. A bullet in the head is a bullet in the head.
This post comes with a double-your-money-back guarantee!
Any offense taken to this post is at your sole discretion.
Kind of like mail over UUCP then. (Yes, I am showing my age)
Never email donotemail@WeAreSpammers.com
They called it painstaking because the courier was forced to use hotmail to forward the emails.
I was about to submit this from New Scientist:
Yet he never discovered that flash drives are rewritable...
Totally explains why he took forever to accept FB friend requests.
"...that thwarted the US government's best eavesdroppers despite having no Internet access in his hideout."
Didn't thwart a thing. Whether OBL emailed messages or one of his lackey minions, the CIA's spider software can scan all, sms, email and internet traffic.
Does this place have to rip off stories from every source? It used to be "the source" for inside info. This looks ripped off from the Boing Boing article.
News for Nerds? Increasingly more like "news recycled days later from the regular press."
anything else is not possible, until the truth re-emerges, in 2025. on to mebotuh, by way of babylon, to avoid climatic seismicity if possible. see you there? after the atmostfear is lifedead?
Although people seem amazed about this, it's not the first time that this has happened.
Back in '98, I worked on a network where it was against Government regulations to connect it in any way to the Internet, and an 'air gap' was required between the two. I was one of a very small team that wrote a system (using Zip disks for storage) that pulled data from a mail server on our secure network and pushed it to a mail server on the Internet, and vice versa. It had very high latency - people were assigned to do the mail drop only twice a day - but it worked well.
Now, I may not be all in on the IT/Security lingo, but this seems to be over selling it a bit. Or at least giving it a much cooler name than it really is.
All he was doing was saving a text file and then having someone else email it from an internet cafe? I think a 10 year old could come up with this simple scheme. But I guess it was simple and effective.
All I can say is that I am glad he wasn't sophisticated enough to use PGP with a strong passphrase.
"It is our blasphemy which has made us great, and will sustain us, and which the gods secretly admire in us." - Zelazny
"Hey, are you headed to the Internet cafe? Could you send this for me? I'd love to go myself, but you know, the $25000000 bounty..."
"You ALWAYS use that excuse! 'I'd love to go to the grocery store, but my bounty...I'd love to go to the laundromat, but my bounty...'"
"Oh, and could you print out the latest Digg articles?"
"...fuck it, I'm calling the Americans."
How can I believe you when you tell me what I don't want to hear?
.... trying to be covert on his emails, he was just THAT tired of spam.
Fascism: An authoritarian and nationalistic right-wing system of government and social organization. See also: NAZI's
Haaa haha! I love failed first posts...
On another note, Bin Laden's system was so slow it resulted in this er.... failed first post...
This tagline was transcoded to result in at least one smirk. If you experience failure to smirk, please consult your Gen
Gotta love schizophrenics.
There is a war going on for your mind.
courier could have been pasting just PGP armoured blobs. Or maybe he did encrypt buy his password was "infidel".
Who wants to wager what OS/software he used to compose his emails?
I can certainly see why there would be the need to disclose personal information about some of the recipients/senders of these email exchanges.
Of course, knowing that Bin Laden is no dummy, you have to wonder if any of them are faked. You know he had plenty of time to plan all kinds of things out.. so why not fake a few of them to stick it to his enemies after he's gone? He had to know that he'd eventually be caught and misinformation can be just as powerful as information.
My beliefs do not require that you agree with them.
Now the TSA will demand to inspect, copy, or seize removable media crossing such vulnerable public infrastructure as airports, train and bus stations, and sidewalks. Schumer and Lieberman will introduce legislation to require 3G transmitters in all thumb drives.
> "thwarted the US government's best eavesdroppers despite having no Internet access in his hideout."
So, here's my question: by having an intermediary go to the internet cafe, Bin Laden could avoid being seen. However, how does this avoid eavesdropping? It seems to me that if they ever find one of Bin Laden's emails (by sniffing packets or by capturing one of his email targets and tracing back his email to the original IP address), then you could get back to the original internet cafe. Depending on the number of internet cafes in the area, you could start monitoring traffic and figure out which guy was sending them. Then, you could follow the guy to see where he went, which would lead you to Bin Laden. Also, if you infect the computers in the local internet cafes with a keylogger, you could get into Bin Laden's email accounts. By using the intermediary, Bin Laden only added a step or two to the whole procedure and avoided being seen in an internet cafe himself. It wasn't some sort of foolproof method for sending emails.
The same could be done if you got a massive botnet out there. send your encrypted payload, it bounces around the world for a while before getting sent. also have random hacked email servers used as incoming points...
"bin.laden@sales.cisco.com" would be used this week, "deathtoamerica@whitehouse.com" for next week, etc......
there are a lot of ways to stay ahead of the feds while being online. The courier setup is a nice old skool setup.. have level 1 couriers hand off to level2, who hands off to level 3 who does the email send and retrieve, and then hands off to courier level 4 who hands to a different level 3 who get's it to level 2., etc.... but people can be followed and tracked because they are not random. you CAN randomize internet traffic if you set up a good botnet and a set of lightly hacked servers.
You can easily hack a server and put something in there that is NOT causing problems but acts as a relay for a S2S comms channel to hand off communication in a round robin or even random way. and if it's small messages like email it could go un-noticed on a server for years.
Kind of like old school hacker tricks we used to use in the 80's and 90's. back to back modems on a timer in office buildings as a data relay point to hide your location. Call into ABC insurance fax line 1 after 2am and the modem answers, send the ATDT command to connect out Zimmer Imports voice line to the next hop... I had some that went undetected for a very long time. In fact I'll bet there are a couple that I personally placed that are still there but inactive because of the phone lines being disconnected..
Do not look at laser with remaining good eye.
It would be a lot easier to wardrive around and log into open wireless access points, or hack into weakly secured ones. Internet cafes in Pakistan could easily have CIA cameras, or at minimum witnesses who could identify you in a photo lineup. I'm pretty sure that the CIA is working with Microsoft to take a closer look at low-usage or short-lived Hotmail accounts opened from Pakistani, Afghani and Yemeni internet cafe IP addresses. That wouldn't even be such a hard thing to do.
The first thing that came to my mind when I started reading the article was UUCP.
Send an e-mail from the MUA, have the MTA save it to a directory, copy the files to portable device, move it, copy it to the 'destination' directory, and have the remote MTA process the queue.
Yeah, it's interesting.
But whomever thinks it is great to just leak all this hard won intel ... should be keel hauled.
{"responseData": null, "responseDetails": "Don't be evil.", "responseStatus": 406}
You can easily hack a server and put something in there that is NOT causing problems but acts as a relay for a S2S comms channel to hand off communication in a round robin or even random way. and if it's small messages like email it could go un-noticed on a server for years.
His method worked for 10 years with none of that work. You have to remember that Bin Laden is not an uber l33t haxxor or anything. The botnet method you describe would involve the inclusion of people unlike the sort he'd normally trust anyways, probably a money trail, intermediaries, etc. All weaknesses. And it's not like they never find people who create and manage botnets as it is. Imagine how fast we'd infiltrate each botnet and catch every operator if they were, "Enemy of the World #1".
From http://en.wikipedia.org/wiki/Sneakernet:
The theoretical capacity of a Boeing 747 filled with Blu-Ray discs is 595,520,000 Gigabits, resulting in a 37,000 Gbit/s flight from New York to Los Angeles.
Have gnu, will travel.
Why? Let's check possible scenarios:
1) They have indeed found loads of data, disks, CDs and DVDs, hundreds of thumb drives and so on. They can now do one of two things:
a) Go through that data and come up with press releases every few days to keep the media interested in this. The news will spread everywhere. Every terrorist who even suspects his name, e-mail adress or similar among this data will now immediately try to cover his tracks, abandon accounts, change his location and generally get away. Rather silly to warn them, isn't it?
b) Keep silent, don't tell anyone about what they've found and try to track down whoever they can find with this silently. That would be clever.
2) They haven't found anything to speak of. Now they can again one of two things:
a) Tell the media and anyone interested they haven't found anything. Terrorists may believe this or not, but they won't be in any hurry to get away. Silly.
b) Despite finding nothing, come up with a media campaign telling all the world they have found a "mother lode" of data and make sure to refresh this lie again and again with made-up stories. The terrorists will now change names, delete accounts, change location, cut communication channels, build new ones, etc. This not only disrupts their organizations, it may also create a certain buzz which makes it easier to catch them. Again, clever idea.
So, what do you think: Have they found a "mother lode of data" or not? I don't think so. Because if they did, they wouldn't tell all the world about that. They would silently analyze that data and act on it. What we're seeing here is a carefully orchestrated campaign as a second choice because they didn't find anything useful.
Schizophrenic? I thought it was bot. Maybe the gp was a schizophrenic bot.
So all these bazillion of dollars and routine reading of all mails by echelon and NSA was for nothing then? Didn't work?
Couldn't catch a message to a top/medium level terrorist from an 'unknown' (the guy in the internet café)?
Offers of jewelery (or clothing, or perfumes) to the Slashdot crowd are likely to be about as successful as trying to sell bacon in a Shtetl.
Get lost, dumbass.
then I'd like to share with that person my process for making a turkey sandwich at lunchtime. It would likely blow their mind. I mean, for starters, wouldn't it have been better to DOWNLOAD the incoming email on a known safe computer rather than a webcafe computer that could be shunting dialers or other malware onto every removable drive it touched? It seems conceivable to me that the isolated Bin Laden computer, once infected, might thereafter copy potentially revealing information onto every flash drive it subsequently touched, which could be collected by a host program on the infected, internet-connected webcafe computer. All in all, doesn't sound as super secure as they're making it out to be.
"Outdated business models" is code for "I don't like paying for things, but want them anyway"
"Osama bin Laden was a prolific writer who put together a painstaking email system that thwarted the US government's best eavesdroppers despite having no Internet access in his hideout" ..
Then why does the Gov need to spy on us all in order to protect us from the terrorists ?
New US bill would require ISPs to retain user info to aid police
For deep security use the drives the professionals use!
Don't neglect your physical security.
I remember hearing on TV PRECISELY ONCE in the first few hours after 9/11, that Al Queda had evaded electronic eavesdropping (Echelon, Carnivore, PROMIS, et al) by mailing ZIP DISKS to one another.
At the time, the comment struck me as odd; because, if the gummint knew that Al Queda was doing this, then they MUST have intercepted those disks, likely on a regular basis, even. And if THAT was true, then how was 9/11 a "surprise" attack?
But now that we have the USAPATRIOTACT (and all its Idiot Bastard Children (apologies to Frank Zappa)), I think the real reason that that bit of news was quickly "spiked" was because it would have PROVEN that the already-planned-for electronic surveillance was/would be utterly ineffective.
Im a young slashdotter, >Government teacher is explaining this story in class >Talks about thumbdrives being walked out of his palace >Instinctively yell out SNEAKER NET!! with a big smile >Whole class looks at me >Dead silence... >Come to slashdot and read the sneaker net headline >*face palm*
In this case it was Sandalnet, not Sneakernet.
Akin to Password expiration policies, seems like the weakness in Osama's Sneakernet was an overlong cached crednetial (aka courier) that was finally compromised. Would he have had better or worse security if he would have rotated couriers every 90 days with multi-factor authentication (knocks, speech, etc.). Having an old courier (like an old password), seemed a flaw.
Terrorist
> UBL holed up in his walled compound in northeast Pakistan with no phone or Internet capabilities
That is certified mega bullshit! The mansion's press photos clearly show there was a big 3 yard sat dish mounted on the top of the smaller extension building within the walled compound. Such a big is dish is only for transmission, for satellite reception a mini 3ft dish is perfect.
> bin Laden would type a message on his computer, save it using a thumb-sized flash drive that he passed to a trusted courier, who would head for a distant Internet cafe. At that location, the courier would plug the drive into a computer
Yeah and of course UBL's courier is somehow magically immune to the USB-born Stuxnetan worm-trojan-rootkit-backdoor-whatnot military malware infection, that so nastily destroyed Iran's nuclear program at the Natanz uranium enrichment centrifuge line as well as the Bushehr PWR atomic reactor and hd hit most of netcafe across Asia. Most definitely UBL's mansion was protected by a holy arabic forcefield, specifically created to stop israeli made super-malware, malware which has proven perfectly capable of inflitrating high value off-line locations elsewhere around the globe, especially Iran and Japan.
It looks like the naivity of american general public is incurable. Yankee refuse to accept the info from Russia that US General Petraeus met Usama bin Laden face to face last November, when he visited the pakistani central military academy, conveniently located just 700 yards from UBL's mansion. The general communicated President Obama's message to UBL and the sheik agreed to die if his demise helps Obama better deal with the american and israeli zionist warhawks, with regards to the formation of an independent palestinian state. The USA had known UBL's place for a long time, he was not hiding per se and he was watched 7/24 live. The "brave" US spec-ops strike was a big scam for publicity.
Gee fellas, I was wondering when you would get around to 'discovering' that... Waddya find? some TSA guy patting down the kid?
For justice, we must go to Don Corleone
Some of bin Laden's home videos have already been released. So clearly the US has a collection of his recorded data. Exactly what was captured isn't being disclosed yet, reasonably enough.
All the people bin Laden communicated with directly are probably trying to find places to hide. They would have done that regardless of what stories came out after bin Laden was killed.
There have been reprisals from bin Laden's supporters in the Taliban. They just attacked a group of Pakistani army trainees, killing 80. Dumb move. The result will probably be more Pakistani cooperation with the US.
save it using a thumb-sized flash drive that he passed to a trusted courier
And how were those dozens of couriers coming in and out of his hideout during a ten-or-so year span not detected by the local population/police exactly? Doesn't this mean that he was positively harbored, hidden and protected by the whole local population? Didn't the US and the whole West bomb and invade the shit out of Afghanistan exactly because they were providing "safe harbor to terrorists"? So what are we waiting for exactly?
Oh wait a minute... Pakistan just like North Korea does have nuclear weapons. My bad. Nobody's gonna fuck with them. Iran must be horribly jealous.
Hopefully we will have a leak system working when somebody finally grows a spine and leaks the documents after they age a little bit.... We won't be alive when they finally release this info otherwise.
Democracy Now! - uncensored, anti-establishment news
Odds are that many of Bin Laden's contacts would assume that their identities are compromised whether there was a single thumb drive involved or an entire building of thumb drives, external hard drives and computers. Stating that a large amount of data was found might scare away those who are on the fringe of the organization.
Of course a "mother lode of data" could simply be a few spread sheets of names and locations. I recall reading that more information was collected during this raid than ten years of more conventional information collecting. That wouldn't take much given how long it took to find him.
Account preferences > viewing > do not display scores
As it stands now, I think you doth protest too much.
The Pentagon has released the home videos of Osama bin Laden, “a collection to horrify and stultify the hardest heart.”
The tapes include bin Laden at Alton Towers with his children in the late 1990s, dealing with several screaming toddlers, shouting that if they did not behave they would be going home right now and there would be no ice cream for anyone and swearing that “this place and all such manifestations of Western decadence shall be scoured from the face of the earth.”
Others include shaky-cam video of bin Laden and family in front of the Twin Towers in New York, in which video he clips one of the kids around the ear for being a brat and swears a similar oath of destruction, and a tediously-narrated clip of one of the children using the potty for the first time.
Middle-aged fathers the world around viewed the clips in tears and came to a new understanding, deep within their hearts, of the forces driving radical jihadism.
The Pentagon hopes to study the films for security information. “Another video shows him watching the tape of the child on the potty,” says a spokesman. “From his face, we suspect the next Al-Qaeda target would have been the Sony factory in Japan.”
A spokesman for Alton Towers noted that, as Satanically cursed ground upon which no joy could grow and which was invulnerable to the slights and arrows of mere pathetic mortals, the amusement park would remain open and operational for this summer and all summers for the foreseeable future. “Muwaaaahahahaha,” he added.
http://rocknerd.co.uk
How could the experiment work if I can't see the results? Did you read the links?
Oh, and thanks for your contribution!
For justice, we must go to Don Corleone
Never attribute to malice that which can be adequately explained by stupidity. Much more likely that they're so enthralled by their discovery that they can't help boasting.
insecurity asks the wrong question irritation gives the wrong answer
I guess it's inevitable... OMG, people can communicate without our knowing?! Which Constitutional Rights do we need to Deep 6 to be safe?!
Avidly watching CNN after Obama's announcement of bin Laden's capture and death, I saw, several times, a large white sat dish on the compound. This clip disappeared by the next day, and the sneakernet stories started to appear. Altogether suspicious to me....
FurzyMouse
SandalNet?
Recently went closed source, but is still essentially free. Works with a client-server framework. Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.
Please don't reproduce.