Slashdot Mirror
German Authorities Find Al Qaeda Plans Disguised In Porn
According to CNN, which credits Hamburg-based newspaper Die Zeit, German investigators have uncovered a trove of more than 100 Al Qaeda documents recovered from a "digital storage device" (and memory cards) which were found hidden in the underpants of Austrian citizen Maqsood Lodin, who had recently traveled to Pakistan. The documents "included an inside track on some of the terror group's most audacious plots and a road map for future operations." Among these future plots: "[S]eizing cruise ships and carrying out attacks in Europe similar to the gun attacks by Pakistani militants that paralyzed the Indian city of Mumbai in November 2008." The documents were reportedly neither in plain view nor simply encrypted, but instead steganographically embedded in a pornographic video.
They seem to love stuffing things down their pants, from bombs to porno-packed digital storage. This eventually will not turn out well for the propagation of their cause.
Of course, a terrorist group wouldn't use one of the most widely-distributed types of video to conceal information in plain sight, knowing that communication with the actual target would be concealed by the tens, if not hundreds, of thousands of others downloading it.
Absent the decryption key and/or software, I can't see a solid basis for destroying this guy's life. Of course, that won't stop them. New terrorist strategy: Make everyone a terrorist by distributing encoded terrorist documents.
#fuckbeta #iamslashdot #dicemustdie
Why Bin Laden was watching porn.
I really would like to see this video, so I can become familiar with their steganographic techniques.
You know, for science.
Steganographically hide sensitive information in an innocuous looking video, and then hide it in your underpants thus guaranteeing it will arouse suspicion on discovery. How stupid are these guys??
Sounds like they bared more than just witness.
Nullius in verba
So you find some pornography files in a strange place (a guy's underwear -- maybe not that strange), and the reason you think there is some hidden message is...? Oh, yeah, you also found the steganography software that was used for encoding and decoding, and then just brute forced the passphrase (RTFA). So the fact that the memory card was in the guy's underwear is actually irrelevant -- the same thing would have happened had the card been in his wallet, backback, tablet, etc.
This is the classic warden problem, applied to terrorists.
Palm trees and 8
We all know these religious zealots hate pornography! This must mean the reason they are doing this is instead to terrorize US citizens!!! How? From now on the TSA will request all pornography in your laptop or smartphone be carefully analyzed, frame by frame, before you board your flight!!! They may simply force you to trash your smartphones, laptops and tablets just like they do with your coke!
Conspiracy Theory B:
This was hoaxed by the TSA themselves so they have legal reasons to confiscate cool looking laptops, new top of the line smart phones, and expensive tablets!
11 years later, some are calling them stupid, but given the state of the United States, their plans seemes to have worked perfectly. Homogenizing religious people as stupid or ignorant seems like a pretty dangerous thing to do.
while(1) attack(People.Sandy);
Osama's wife: Do you always look at it encoded?
Osama: Well you have to. There's way too much information to decode the movie in realtime. You get used to it. I...I don't even see the blonde, brunette, and red-head. All I see is our nefarious plots. Hey, you uh... want a drink?
Importing porn to Germany from Pakistan is about the most suspicious thing anyone can do.
Steno doesn't require encryption. It prevents the information from getting into the hands of the opposition to begin with. They are probably under the assumption that trying to encrypt something (A) is a waste of time if they are likely to have the resources to break it and (B) will attract attention.
Analysis of randomness is quite an advanced science. It's not nearly as difficult as you might imagine to spot an anomaly in random data. Few things in life are truly random, and if you are familiar enough with the kind of randomness in something, you will have a very good statistical chance of noticing it.
As for the steno itself, there's a double-edged sword there. The same as encryption, only a fool designs his own. Without a really deep understanding of encryption it's easy to make a subtle mistake in you design that introduces a significant weakness. So on that hand we have to assume they are using something at least somewhat commonly available. But that's where the other edge gets you... it becomes MUCH easier to spot steno'd data when you are checking for a list of specific methods of steno. The analysis tool will scan the data against dozens or hundreds of common tools, and draw a nice graph with the line mostly hanging around the 2% point at the bottom, except for one eyesore of a spike for one of the tests. Then they take off the gloves and get to work.
Just tossing out a very basic example, lets say they are steno'ing encrypted data into a big tiff by overwriting the LSB on teach byte. Visually you won't notice this because the difference is too small Mathematically the data you're storing is more-or-less flat random. BUT the data you replaced ISN'T. The LSB in an image is far from noise, and will have areas that are related by their relative position in the image. This will stick out like a sore thumb when you run a little analysis on the bits in the image. It'll be too random. And at this point your steno is busted, and it comes down to breaking the encryption. The lesson there is pretty basic - encrypted data will stick out about as well as data in the clear. All you're doing at that point is buying a little time. And intel agencies are both persistent and patient. You're better off investing more time in better steno.
To throw in an analogy, look at smuggling. If a truck is being searched at the border and the smugglers did a good job distracting from the small hide where the goods are, they get past the checkpoint with zero problem. It doesn't matter if the goods are in a safe in the hole or just tossed in a grocery sac, being in a safe didn't help. On the other hand, if the guards notice the missing volume, you're done. It doesn't matter how well you've concealed the opening, it doesn't matter how sturdy the latch, it doesn't matter if the goods are in a safe. You've been found out, and you're done. They will tear the truck apart until they get into the hole, and bust open the safe. The same principles are at work with steno.
I work for the Department of Redundancy Department.
One time I was smuggling pr0n into Germany steganographically hidden in some made up terrorist plans.
Unfortunately, I had way more porn than plans.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Both the stego and the crypto could actually be excellent and still be systematically weakened by a PEBKaC or even other layers. A few ideas off the top of my head...
Maybe the flash drive contained not only the data, but also some executable stego software (kind of like how having TrueCrypt installed, as an add-on rather than something coming in all default installs, is a way of announcing "hidden volumes very likely exist on this system").
Maybe the stego and crypto application software is excellent, but some other layer (e.g. the OS) left clues. Perhaps he occasionally updated the archive (it sounds like the movie contained multiple files), adding to it, and every time he used the stego software to write out a new file, the OS left copies of the file's previous contents sitting around in free space. (Ooh, or maybe the flash drive's own wear-levelling management: he copied the video to the drive once, then the video was updated and he copied the updated one "over" it onto the same drive -- bingo, this is my first guess as to what actually happened. I bet lots of not-necessarily-stupid people would make this mistake.) Then investigators notice two copies of the "same" video with different binary representations. Stego alert.
Maybe all the tools were perfect, but the user was an idiot. Perhaps after the guy's capture, they gave him back his flash drive and let him use a computer, and then he cooperatively typed his passphrase into the government's friendly computer, while thinking, "Muahaha, stupid infidels, now I will use this opportunity to delete my^H^H the only copy of the secret plans! I am so clever and they are so dumb!"
You can have good tools and still deploy them stupidly or use them stupidly. Or just foolishly enough, to tip your hand that you're hiding data. After that, decryption passphrase is recovered with a $10 wrench.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
*steganography. Stenography is typing court transcripts.
That sort of argument is unlikely to fly in front of a jury given all the other evidence against him. Bear in mind this wasn't just a random stop-and-search, they already suspected he was an al-Qaeda member. He tried to hide the incriminating files. Probably more that isn't in the story.
Having said that, I think this sort of story just re-inforces the general impression that the counter-terrorism apparatus is way too big for the size of the threat it presently faces. If this is the way AQ move sensitive files around, they are clearly unable to recruit members with any technical sophistication. I can easily believe intelligence agencies have got a lot better over time, not to mention ruthless and focused, but it seems that if these guys can pull off a devastating attack then basically anyone can and we may as well give up now. No need for "training in Pakistan" for those guys.
If this guy really is a terrorist and they really did recover these encoded files they wouldn't be announcing it in the news as that is irresponsible and stupid.
So why is it being announced? It should be classified.
And SteganStanography is the art of hiding secret messages in court transcripts.
It's a mistake to presume that Al Qaeda is staffed by religious fanatics. They are generally opposed to their own governments as much as ours, and attacked the U.S. because the U.S. was supporting tyrannical and corrupt governments in their region. Hopefully the Arab Spring has changed this somewhat.
Like most religious wars, religion in this case is just used as justification. The conflict has other causes.
That's steganology. Steganography is drawing pictures of such dinosaurs.