Slashdot Mirror
Osama Bin Laden Didn't Encrypt His Files
An anonymous reader writes "If you're running a terrorist organization, it might make sense to encrypt your files. Clearly Osama Bin Laden didn't realize that — as some of the documents seized during the raid on his hideout in Pakistan have been made public for the first time. 17 electronic documents, which were found on USB sticks, memory cards and computer hard drives after US Navy Seals killed the terrorist chief in the May 2011 raid, are being released in their original Arabic alongside English translations by the Combating Terrorism Center, reports Sophos."
Worked pretty well for the 10 or so years it took to *find* his files!
I swear to God...I swear to God! That is NOT how you treat your human!
Normally, you would encrypt data for transmission via an unsecure network (read: internet) or to protect it from unauthorized physical access. It's not like OBL's biggest worries were the contents of his USB sticks should hostile individuals be present in his home. History certainly supports that theory ...
Surely the Pentagon knows how to crack encryption, no?
If the data is physically secure, and not on a network, you don't really need encryption.
Bin Laden's intel might never have been found if he had been a little more modern and saved his notes in the cloud under an alias
He couldn't run GPG on his paper abacus.
E
The NSA probably would have cracked it in an instant with all their crypto knowledge and built in back doors in all the major software suits.
A self destruct button with thermite/C4 is the only viable solution.
Camel, stupid. This is Pakistan, not Mexico.
-- Ethanol-fueled
Also:
"17 electronic documents...are being released...alongside English translations by the Combating Terrorism Center..."
Original Arabic:
Shopping list: Fattoush, Sharwama, halal lamb meat, goat milk
After "Translation:"
Death to ALL infidels! BEHEAD Americans! Bomb PLANES with HAND sanitizer!
http://xkcd.com/538/
He correctly understood that they wouldn't be used against him as evidence in a court of law.
Lesson 1, Page 1, in covert operations:
Anonymity deflects more bullets than body armor.
Encryption prevents viewing the data only for the amount of time it takes to torture the passphrase out of you. Since you need the key to view your encrypted data, it's almost assured that the key will be near the data in some form, minimally protected. Encryption therefore provides little (if any) security in that scenario. In fact, it could cause more harm than good; It may lull you into a sense of false security.
#fuckbeta #iamslashdot #dicemustdie
I really want that to be CombaTTing.
CombaTing seems like you'd pronounce it the same way you'd pronounce, oh, say masturbating or hating or skating.
But I looked it up and one T is American English and two Ts is British English. Go figure.
He may well have operated on the assumption that if ever his enemies laid hands on his computer files, odds are that lack of encryption would be very, very low on his list of Things I Need To Worry About Right Now; thus, it would make little sense to spend his limited resources on this line of defense.
Obliteracy: Words with explosions
Why would he need to encrypt files he was storing with him? He was living covertly, so did not have to worry about surveillance. And these documents were essentially for internal (read: his own and his few insiders) use. Any distribution of those documents from his location was handled by courier, and AQ uses encryption and steganography when distributing their documents as recent news has shown, logically the same measures were probably undertaken whenever these documents left the compound. As high a profile target as he is, he really didn't have to worry about anyone snooping on him, it would be much more profitable to capture or kill him if his location were known than it would be to sit on him and investigate traffic. And odds are the NSA and other intelligence agencies would brute force and eventually crack any encryption regardless. At best, all the encryption would do is buy time for AQ to bug out/scrap plans/accelerate operations. In all likelihood they probably had a contingency plan for bin Laden's eventual capture/death(whether natural or by bullet/missile) which involved changes in methods, distribution networks, or locations, causing any intelligence gained to lead to mostly ghosts and cold trails.
Think of this another way: do you encrypt your USB drives if you are just transferring your files from one computer to another in your house? Even if the files are sensitive, it's a waste of time, because the drive isn't intended to be removed from your house.
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
Unless of course you really think that any of this happened, in which you are hopelessly retarded! The only thing that might be true is that he's dead, probably in the Tora Bora attack years ago.
If bin Laden died in the Tora Bora years ago, Bush would have played that card when he was losing a bunch of domestic and international credibility after Iraq. That would have taken a lot of heat off of him and make it much easier for him to have gotten things done. Although, judging by your comment you probably also think bin Laden was a CIA agent since the 80s too.
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
Thankfully no one, anywhere, gives a shit about what you think.
He correctly understood that they wouldn't be used against him as evidence in a court of law.
Uh, perhaps the idea would be to use a strong encryption so that if someone did find them, they wouldn't give away all the people you are collaborating with? Sure, it would be broken 20 years down the road but ... surely even in death you would want to protect your cause and your allies? Seems like pretty common sense to me ... just another sign that he didn't really care about those around him or he didn't understand technology.
The less information you give your enemy the better. Even minute things that seem unimportant can be used against you.
Wind-up Usama Bin Laden doll says real life phrases like "Encryption is hard, let's go jihading!"
My work here is dung.
Nice headline.
Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
...especially when the side-channel attack is to reconstruct radio waves emanating from the neural networks of the brain.
The only thing that might be true is that he's dead, probably in the Tora Bora attack years ago.
Right. Because George & Dick wouldn't have trumpeted it to the heavens if the got him.
Sheesh, evil *and* a jerk. -- Jade
While I think some skepticism is healthy, the jig isn't up until he is seen alive.
Was it a pirated version of Windows? Did he send in his registration card? Or did he run linux?
If Osama was alive, he would have released a video as soon as possible after we declared him authoritatively dead. "Ha ha, still alive and well, pig-eating traitor American fascists! LOLWUT!"
Osama Bin Laden is profoundly dead. May he rest in many pieces.
The preceding comment is my own, and in no way construes an opinon of the Emperor of Mankind.
Of course Osama bin Laden doesn't care -- he's dead. But I can only imagine all the intel regarding locations, plans and correspondence has helped the US in their efforts against the surviving leaders of al-Qaeda.
So yes, not encrypting the files and having those files now in the hands of their enemy does make a difference.
Probably nature of his job/post/tenure assumed crypto keys were being held in escrow.
http://opencm3.net, http://www.nongnu.org/gm2/
The "terrorist" are middle east versions of neo-nazi rednecks. Most of them aren't entirely sure why they hate us but they do. Fighting us gives purpose to their otherwise sad existence. The Saudi terrorist, the ones that actually blew up the towers, blame us for their own people robbing them blind of oil money. Why didn't Bin laden encrypt his files? Why wasn't he in hiding? He had people in the Pakistani government protecting him and apparently the rest of the Al Qaeda terrorist network considered him put out to pasture. He was the figure head of a pathetic group of thugs. I just saw a report that it finally dawned on these morons that it's easier to start fires than to bring down planes. Even then they have to design complex bombs rather than matches and candles. They over think problems and miss the obvious. People think genius is coming up with complex solutions, it's coming up with simple solutions to complex problems. These guys aren't geniuses.
FTA "17 of the 6,000 documents have now been publicly released."
17 un encrypted documents translates into "It appears that Osama bin Laden didn’t encrypt any of his computer files"
Must be that Arabic Math, I never did learn with an abacus...
When OBL heard the automatic weapon fire on the first floor you can bet he instantly realized that living within RPG distance of the Pakistan equivalent of West Point was no real substitute for adequate file security. There is a moral here. I'm not sure I want to know what is.
'I don't know what it's called. I just know the sound it makes, when it takes a man's life.' ~ Four Leaf Tayback
I thought one of the purposes of encrypting files is to hide them - make them look like unused space on a drive. How could anyone tell that there are no encrypted files?
I once took an excursion to Reddit, and later HN. Unlimited up/down voting sucks when dealing with a hive-mind.
These items were located in his "safe" hiding place. Defended by the most loyal of the loyal followers he had. One thing was nearly certain: If anyone ever got into this place, he would get in there after a lengthy and bloody fight. His chances to survive that fight, if it was lost, were close to zero, and even if he survived, his chances to get out as a free man were zero. And it's not only likely that the 'trial' he would be put into in such a case ends in a death sentence.
So why bother encrypting? If anyone ever gets his hands on those sticks, Ozzi certainly had worse worries than whether his latest hate speech could be read without breaking a tough cipher first.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Personally I think he has been dead for years now. It makes more sense than the alternatives, in my opinion.
Not that I really care or have a strong opinion.
Dilbert RSS feed
Unless of course you really think that any of this happened, in which you are hopelessly retarded!
I do believe the only hopeless retards here are the ones who don't believe in the simplest possible explanation most likely being true, and instead believe crafting an imaginary entity and then killing the imaginary entity is a task our hopelessly inept government could manage without a thousand thousand leaks...
Yes, truly your kind is retarded beyond hope of recovery and it saddens me that so many fall to your fell logic daily.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
The number of people who think AES can magically be cracked because the NSA is involved is staggering, if anyone can crack it it's probably the NSA, but they probably can't crack it. Slashdot your opsec is horrid, you encrypt secrets because they're secrets not because if the enemy has them you're dead anyhow, if anything it means that your secrets are more secure since they can't be beaten out of you. Does this sound like a policy we'd use with our own military secrets? More likely he's not very tech savvy and didn't understand why it would help or like many of the posters here he seemed to believe that the NSA has magical powers so crypto was futile. The man is prone to faulty thinking demonstrated by his belief that the middle east would finally be free from our meddling if he could just manage to kill another 5000 people. The fact that many of you are developers and administrators and don't seem to know the first thing about opsec or crypto is genuinely troubling, no wonder .cn walks through our infrastructure like they own it.
The US government is not known for it's honesty. Whatever they say (And expirience proves me correct) can be assumed to be a lie. Like the weapons of mass destruction that someone else was higing in his palaces and the mobile laboratories that the same dictator used to create biological and chemical weapons. People, is our memory so bad that we forget easily we are being told nothing but lies by politicians?
I wonder if his OS and apparently were properly licensed and if he had antivirus installed.
I bet that "evil plans" sub directory is really a front and there's some serious man on man action pictures hidden inside those files.
Boffoonery - downloadable Comedy Benefit for Bletchley Park
If you read the article, you'll notice that he loves left wing media. He liked MSNBC until they fired Keith Olberman.
Good job leftists, you have OBL on your side...
After Translation: "Dirka Dirka Mohammed Jihad" over and over
"Evil will always triumph because good is dumb." -- Dark Helmet
That';s insane.
A) we have footage
B) Why would George Bush keep the secret? IT would have been a huge boon the the GOP.
The Kruger Dunning explains most post on
George W kept the secret because he was using Bin Laden as an "Emmanuel Goldstein" to scare the American public into accepting draconian security measures and taxation for years after OBL's actual death. Many non-US sources stated he was treated for, but died of kidney failure in late 2001 (yes, probably in one of those caves).
The number of patently false videos and pictures of the guy blared through American media as legitimate since 2001 constitute common sense proof that we had the wool pulled over our eyes for a long, long time.
Then why did it take till now to get them published?
Second if Bin Laden is so stupid why did it take 10 years to catch him and why is America still terrified of spooky arabs?
Donkeys are common there, especially in the mountainous regions.
The second theory is easy to test by learning arabic, pharsi, or whichever language it happens to be in.
Please consider this account deleted, I just can't be bothered with the spam anymore.
I just downloaded the 17 files from the article- they are all listed as SOCOM files- pretty cool- feels like I finished a game level:)
Republicans would be offended at the mere thought of doing that.
So I am not sure what that makes Osama Bin Laden, but I am sure we can twist it someway to make ourselves feel fuzzy inside. I can't say that the US encryption export restrictions really made a difference in this case.
The thought of hanging myself at my student loan organization doesn't bug me as much when I think it might make a differ
What a coincidence! Personally, I don't really care or have a strong opinion about whether or not Elvin is alive, but I think he has been chilling with Kurt Cobain in upstate New York for years now. It makes more sense than the alternatives, in my opinion.
Are you conspiracy theorists for real? How can anyone be that stupid without choking to death on their own tongue?
And it took 2 and a bit years for the following administration to work out that he was in fact dead and then fake his killing, an event in which Al Qaeda collaborated by also confirming that they thought he was dead?
Did you know if you punch yourself in the face very hard someone will give you $500? Try it. I guarantee you'll get the money.
FWIW, just because he was dead doesn't mean that anyone would have known, or could have identified the body.
I'd say the weight of plausibility is that he died when and where the govt. said. OTOH, they've lied so often that it wouldn't surprise me to find that they lied again.
I think we've pushed this "anyone can grow up to be president" thing too far.
Every other war? Where was Hitler's body?
Confidentiality, Integrity, Availability: without Availability the other two are assured, as is Bankruptcy.
Why would he care about encrypting his files? He was the most wanted man in the world? He could have had a computer entirely filled with child porn, and it wouldn't have made any difference to his eventual sentencing.
He was also getting on a bit, so he'd have probably forgotten the password unless he made it something easy to remember, like "American dogs" or "god is great", which I'm sure the FBI would have been able to figure out given a few weeks, enough people and 10 million dollars.
OK, how about some practical hints for using encryption?
In Ubuntu, when it asks you if you want to encrypt your home directory during install:
1) Is the entire directory encrypted as a whole, or each individual directory under /home separately?
2) Related to #1, so would the entire /home be unlocked when you log in? How does it work with multiple users, perhaps of different levels?
3) How do automated backups work? NFS or Samba has or can have access to it?
4) How do re-installs work? Does the encrypted directory remain accessible? Are you supposed to use the same password? Forever?
If you change your Unix password, how does that change the encryption (if it does)?
5) If you have to read your files out-of-band, how do you do so? (I.e., unencrypt easily.)
I'm not a lawyer, but I play one on the Internet. Blog
The released documents are interesting reading - although very long-winded and obtuse. What fascinates me is the overall callousness and unemotional references to non-Muslim human lives. Bin Laden cautions against killing the French hostages, not because killing is wrong, but because the political ramifications might have a negative effect at this time. The only time there seemed to be any concern for human life was on the issue of suicide bombings that killed random Muslims in Afghanistan & Pakistan. For most of the letters, he could very well have been a CEO talking about a downsizing at a branch office.
So does anyone want to take a guess as to what directory these were found in on his PC?
>The "terrorist" are middle east versions of neo-nazi rednecks.
Actually Bin Laden was an engineer. His second in command was a medical doctor and the leader of the 9/11 team an architect. That would make them significantly smarter than the average American given that only 20% of Americans have even 4 year degrees. Also they are quite clear on their reasons for hating us and they are well documented as anyone with a basic knowledge of West Asian history is aware. Assuming that everyone who isn't white must be stupid is how America keeps getting it's ass whipped in wars for the last 50 years.
From TFA:
In contrast to his public statements that focused on the injustice of those he believed to be the “enemies” of Muslims, namely corrupt “apostate” Muslim rulers and their Western “overseers,” the focus of Bin Ladin’s private letters is Muslims’ suffering at the hands of his jihadi “brothers”. He is at pain advising them to abort domestic attacks that cause Muslim civilian casualties and focus on the United States, “our desired goal.”
Out of 6000+ documents, they picked this to release. You don't need a huge imagination to see why.
Although I do give them credit in making this public and trying to focus attacks back on to US forces. It makes leaving Iraq/Afghanistan a lot easier if you don't have to worry about them killing each other after you leave.
It escaped to Argentina. Or got a job at NASA
And members of the republican party would f'ing hang him, for losing them the next election. "I killed Bin Laden" is pretty powerful tonic.
You cannot beat physical secure sites with limited to no network access for true secure storage; at that point, who needs encryption...
I am the unwilling control for my Origin.
-snip lots of words-
UBL will never walk this earth again. The world will take notice of that. Fin.
Camel, stupid. This is Pakistan, not Mexico.
Donkey, stupid. This is Pakistan, not the Arabian peninsular.
Of course, the documents that mean anything are probably still highly classified...
He would of been fired.
Sometimes it's hard to maintain encryption in your organization. Especially when the only guy holding the private key blew himself up.
Seriously, though, if you knew that if the US got their hands on your data, you'd either already be dead, or dead very soon, and that even if it was encrypted, they'd have the NSA crack it, why would you bother?
The only reason for someone like Bin Laden to encrypt anything is that his enemy will want the key badly enough to keep him alive.
Look, they shot him first and only then did they even find out he didn't encrypt anything.
He knew that basically if anyone got to those unencrypted files, that means they got to him, in which case he is toast.
Who?
No-one encrypts their files, or their e-mails, so why would he do it? I bet he also didn't keep backups, again just like the rest of us.
This just proves that Osama bin Laden was just a normal guy. Except maybe for his passion to kill, that is.
Any idea what OS he used?
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
As much as not wanting to be called out for being wrong. They want to cage their accusations in bullshit questions so that if proof they were wrong comes out, they can play it off like they were legitimately questioning, and thus weren't proven wrong.
The rules of engagement are different for soldiers. I'm not just talking in high level theoretical moral terms, I mean there are actual rules spelled out, laws, international agreements and so on. They were sent in to neutralize him, not capture him. Now that could mean capture, but only if he surrendered immediately and completely. If he tried to run, or fight, even in a proforma way, they were justified in killing him.
Police are legally supposed to use deadly force only as a last resort, only when it is necessary to defend life or the like. Soldiers are allowed to use deadly force far more widely. Their gun is often the first thing they go for, not the last.
Also Bin Laden was a completely legit military target. Commanders of hostile forces are always legit to go after, killing generals is legal.
If you declare war (successfully) on a country, and that is what he did, you are going to be subject to having the military of the country after you. They don't play by the same rules as civilian agencies in fact and in law.
Now it sounds like his plans were delusional bullshit, as is the case often with a leader of a crumbling organization (like the comparisons that have been made to Hitler) but he probably didn't realize that, as I said it was delusional. Well, if those plans are to continue past his capture or death, then good encryption would be a thing to have.
Hell it probably would have been worth it even with just bullshit just for his overall goal of terrorizing the US. I imagine US intelligence would be going apeshit if they had a trove of data, but it was all encrypted and they couldn't crack it. I mean what if it contained some sinister plot, already in motion and they could stop it! It would create more terror.
Fortunately, he was a moron when it comes to computer security. So we know that he had shit in the works and it sounds like we captured some other baddies he was involved with because of the info.
Perhaps he was part of a database of CIA trained militants also? Maybe they called it "the database" or "the base" or whatever that translates to in arabic?
oh wait, somebody probably did.
Democracy Now! - uncensored, anti-establishment news
I wonder if he assumed that any encryption software would be jiggered by the US or Israelis and somehow compromise his security more.
We aren't talking rocket scientists here. . . . . The "terrorist" are middle east versions of neo-nazi rednecks.
I'm afraid you've got things quite wrong in some important ways.
The Educated Muslim Terrorist
What Makes a Terrorist
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
Edison Chen.
Ask your mother.
some of the documents ALLEGEDLY seized during the raid on his hideout
[fixed it for you]
The U.S. government spends $400 Billion each year, with NO public accounting, to equip itself to kill people and destroy their property, and to do the killing and destroying. Lying is not a concern for people who kill other people.
DOD -- No Accounting -- What a Mess!
So the US are now leaking documents to the public.
dead he is a short term martyr at best.
What nation could try him let alone hold him? The US? Hell we would have enough people who regularly post here decrying that let alone people protesting everywhere.
Then when you try him exactly who is going to want to keep him? Which country wants a permanent living flashpoint in their borders?
For every reason I could see taking him alive I can find many more for having him dead. There are people in this world who simply serve no purpose in keeping alive. Yes it is a sad observation but until people acknowledge that the world isn't going to get far. You cannot simply wish people to be good. Some just are not fit to be part of society, some merely see society as something to destroy.
I guess it would make some people feel better about themselves, magnanimous even, to hold these types indefinitely but I find the who generally want this have no skin in the game to begin with.
* Winners compare their achievements to their goals, losers compare theirs to that of others.
People over estimate encryption. Just because you encrypt your files it doesn't mean you'd do so in the correct way. There are many side channel attacks.
Governments prefer to have subjects with low IQ and blind faith who treat the government as God.
No it doesn't. To any language curmudgeon curmudgeons out there who tire of this apparent nit-pickery, I can only say that getting this shit wrong interferes unnecessarily with communication. Why I should have to carry more than my own 50% of the load of the task of communication is quite beyond me. What's wrong with getting it right?
Athy, athier, athiest.
Send your comments to the author noted at the link. It does zero good to complain to me as I merely quote it, I didn't write it. I hope you are still able to focus on the important information here. It would be quite embarrassing to end up wounded some day because you were so busy correcting the grammar on a terrorist's protest sign that you didn't run from the suicide vest.
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
If documents would have any valor what so ever, they would not be published at all.
True dat, Osama.
Well, he and his group were well funded and equipped by the CIA in the 80s. So in that regard, he was a CIA "agent", just not in the undercover operative sense. That much is well documented and accepted.
...but the "we found that in Osama's hard drive" is a perfect excuse to make it possible to legally use informations that were given through illegal or immoral means.
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
Did you read any of OBL's published documents? You don't have to read that many to realize that the guy was not a redneck at all. A redneck is someone who picks up a stick of dynamite and hollers, "Hey y'all watch this!!!"
OBL was an intelligent, complex thinker who was quite sophisticated about media manipulation and message control, in addition to being quite competent with logistics and managing people. If you read what he wrote, you do not get the sense at all that he was insane or irrational. He had strong convictions and he had a plan that he put into action.
In saying this I am not excusing or defending him, but rather trying to make the point that if you dismiss OBL and his leadership as rednecks and incompetent fools then you will surely miss future OBLs and continue to make the same policy mistakes that keep re-creating them over, and over.
And next time, the death toll might be very much greater than 3K.
If not us, who? If not now, when?
You still believe the fairy tale?
Would It Have Mattered?
I think there are various sub-groups of militants and both you and the OP are talking about different types. He was talking about the foot soldiers in the Islamic world. You're talking about the commanders and the ones doing the "work" in the West.
Your first linked article has a germ of a point, undermined by his contempt towards Muslims. i.e Why hasn't their association with the West and its ways produced gratitude. Ha! What a patronizing argument. Should the global South accept imperialism out of gratitude for the gifts of Western technologies and institutions? The article seems to say yes. I can imagine British colonial officials arguing the same point against the London educated Gandhi. Or the Spanish against Bolivar. Or the French against Ho Chi Minh. Is the U.S guilty of imperialism against the Muslim world? I think there are tens of thousands of dead Iraqis who would say yes if they weren't, you know, dead. (Not that the deranged jihadist agenda offers any credible way forward.)
http://xkcd.com/1013/
I can only say that getting this shit wrong interferes unnecessarily with communication.
It's obvious in context what is meant.
Why I should have to carry more than my own 50% of the load of the task of communication is quite beyond me.
You don't have to, and it's presumptious of you to claim so.
I can sympathize with the principle, and I have my own pet peeves that I grumble about, but language is always under tension between popular usage and conservative, "correct" usage. This particular case I don't care about, and I agree with the viewpoint that the phrase is so prone to being misunderstood that it should be abandoned.
Yup! http://www.foxnews.com/story/0,2933,41576,00.html
Before that, actually. http://www.newsrescue.com/wp-content/uploads/2012/04/Zbigniew-Bin-Laden.jpg
They found the files AFTER they killed him - he probably didn't care by then.
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
By the way, I'm not having a go at cold fjord who simply quoted the passage. Just wanted that to be clear.
Athy, athier, athiest.
Maybe I'm just irritable
I'm afraid so. Most people just don't have a problem with it. But as I've said, I've got my own pet peeves, so I can sympathize.
We already have a phrase that means "raises the question": it's "raises the question". It's not at all clear to me why that one could not have been used.
Probably because people like the way it sounds and that it adds emphasis.
Fair enough, mate, and thanks for your forbearance. It's still irritating, but I can do better than I did. Lesson learned.
Athy, athier, athiest.