Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bin Laden's Sneakernet Email System

Posted by Soulskill on from the guess-we-can't-take-flash-drives-on-airplanes-anymore dept.

Hugh Pickens writes "Osama bin Laden was a prolific writer who put together a painstaking email system that thwarted the US government's best eavesdroppers despite having no Internet access in his hideout. Holed up in his walled compound in northeast Pakistan with no phone or Internet capabilities, bin Laden would type a message on his computer, save it using a thumb-sized flash drive that he passed to a trusted courier, who would head for a distant Internet cafe. At that location, the courier would plug the drive into a computer, copy bin Laden's message into an email and send it. Intelligence officials are wading through thousands of the email exchanges after around 100 flash drives were seized from the compound by US Navy Seals."

13 of 240 comments (clear)

  1. Why didn't he just use by Shanrak · · Score: 5, Funny

    RFC 1149?

    --
    This post may or may not contain cancer causing materials.
  2. More info from New Scientist by wjousts · · Score: 5, Interesting

    I was about to submit this from New Scientist:

    If this newly discovered messaging method is a surprise to western intelligence, however, it means they may not have been monitoring the recipients of his USB-facilitated missives - possibly because Al-Qaida is thought to be using short-lived email addresses after an earlier trick of theirs was rumbled.

    That trick? Before 9/11 some of the attackers evaded email surveillance by not sending email. Instead they used webmail services but saved messages as drafts - and then shared their logins with their co-conspirators.

    1. Re:More info from New Scientist by mcmonkey · · Score: 5, Interesting

      That trick? Before 9/11 some of the attackers evaded email surveillance by not sending email. Instead they used webmail services but saved messages as drafts - and then shared their logins with their co-conspirators.

      That's pretty clever.

      I've often wondered if some gibberish spam contains convert messages of nefarious intent. If you're a known bad guy and want to send email without identifying your cohorts to anyone watching, why not send the same message to thousands (or millions) of addresses? (Assuming your message is adequately coded/encrypted. You don't want to broadcast your plans in plain text.)

      Even if the good guys know one of the recipients is a bad guy, they don't know which recipient, and burn a lot of resources eliminating the red herring.

      Yes, I know supposedly those gibberish emails are for poisoning spam filters. At least, that's what they want you to believe.

      I've thought the same about those spams that were sections of text from famous literature. Again, supposedly targeted to spam filters. Could be a signal for a terrorist in a sleeper cell to go to the local library, go to a certain book, open to a certain page, where the secret plans have been hidden.

      Yes, I am convinced all spammers are terrorists.

  3. This explains it then.. by Anonymous Coward · · Score: 4, Funny

    Totally explains why he took forever to accept FB friend requests.

  4. Re:The Onion Router by x6060 · · Score: 5, Insightful

    Tor does have a few potential vulnerabilities and it would not surprise me in the least if the NSA did have a way of tracking it. The way Osama decided to do it shifted the vulnerability from an electronic one to a personal loyalty one. With his age, experience and knowledge im sure he was able to better control and protect the later rather than the former. Its also very similar to his previous methods. Low tech - High concept.

  5. Re:The Onion Router by darjen · · Score: 5, Insightful

    Because everyone knows the FBI/CIA/NSA operate "anonymous" Tor nodes.

  6. Re:The Onion Router by x6060 · · Score: 5, Insightful

    I also feel the need to point out that this was probably not so much an attempt to thwart eavesdropping, but to mask his location.

  7. Not the first, won't be the last by amw · · Score: 4, Interesting

    Although people seem amazed about this, it's not the first time that this has happened.

    Back in '98, I worked on a network where it was against Government regulations to connect it in any way to the Internet, and an 'air gap' was required between the two. I was one of a very small team that wrote a system (using Zip disks for storage) that pulled data from a mail server on our secure network and pushed it to a mail server on the Internet, and vice versa. It had very high latency - people were assigned to do the mail drop only twice a day - but it worked well.

    1. Re:Not the first, won't be the last by pz · · Score: 5, Interesting

      Although people seem amazed about this, it's not the first time that this has happened.

      Back in '98, I worked on a network where it was against Government regulations to connect it in any way to the Internet, and an 'air gap' was required between the two. I was one of a very small team that wrote a system (using Zip disks for storage) that pulled data from a mail server on our secure network and pushed it to a mail server on the Internet, and vice versa. It had very high latency - people were assigned to do the mail drop only twice a day - but it worked well.

      My understanding is that in Victorian England, the Royal Mail made hourly deliveries daily to The City (the central-most part of London), and it was entirely possible to carry on a conversation through the day via post, rather like we do today via email. The point here is that nominally the latency in a conversation is not always dominated by the delivery method, but rather the delays associated with being away from one's desk for meetings, coffee, lunch, events, seminars, errands, flirting with the cute receptionist downstairs, etc., performing work unrelated to reading email, in addition to the time it takes to compose replies to received messages. How often do you manage to get 3 or more back-and-forth cycles on an email thread with someone in one day? Yes, it happens, but probably not that often for most correspondence. It was readily possible in London over 100 years ago!

      --

      Put my fist through my alarm clock with its ding-dong death inside my ear. - The Blackjacks.
  8. Re:Didn't prevent anything by Skuto · · Score: 5, Insightful

    They found him through a courier. So actually, email did get him killed, sortof.

  9. Re:Sneakernet? by x6060 · · Score: 5, Informative

    The term sneakernet harkens back to the early days of computing where the only way to get information was to put it on a disk and walk it over to another computer and load it there. Thus a network using your sneakers (your shoes) as the transportation method. So this would be partially true for this instance.

    http://en.wikipedia.org/wiki/Sneakernet

  10. Such an intricate plan... by pushing-robot · · Score: 5, Funny

    "Hey, are you headed to the Internet cafe? Could you send this for me? I'd love to go myself, but you know, the $25000000 bounty..."

    "You ALWAYS use that excuse! 'I'd love to go to the grocery store, but my bounty...I'd love to go to the laundromat, but my bounty...'"

    "Oh, and could you print out the latest Digg articles?"

    "...fuck it, I'm calling the Americans."

    --
    How can I believe you when you tell me what I don't want to hear?
  11. Re:The Onion Router by conspirator57 · · Score: 5, Interesting

    10,000 tor nodes with hundreds going up and down every day in different locations would be as difficult to track through as physically going door-to-door searching the entire populace. that's part of why tor was built: to enable communication of persecuted minorities. when we built tor we were thinking post-tienanmen democracy advocates in china. our noble intentions in building tor don't keep the technology from being useful to other persecuted minorities that we don't like.

    --
    "If still these truths be held to be
    Self evident."
    -Edna St. Vincent Millay