Slashdot Mirror
Osama Bin Laden Didn't Encrypt His Files
An anonymous reader writes "If you're running a terrorist organization, it might make sense to encrypt your files. Clearly Osama Bin Laden didn't realize that — as some of the documents seized during the raid on his hideout in Pakistan have been made public for the first time. 17 electronic documents, which were found on USB sticks, memory cards and computer hard drives after US Navy Seals killed the terrorist chief in the May 2011 raid, are being released in their original Arabic alongside English translations by the Combating Terrorism Center, reports Sophos."
Worked pretty well for the 10 or so years it took to *find* his files!
I swear to God...I swear to God! That is NOT how you treat your human!
Normally, you would encrypt data for transmission via an unsecure network (read: internet) or to protect it from unauthorized physical access. It's not like OBL's biggest worries were the contents of his USB sticks should hostile individuals be present in his home. History certainly supports that theory ...
He couldn't run GPG on his paper abacus.
E
No kidding. Like that would have slowed the NSA down for about 42 billion processor cycles.
He probably figured it was not worth being tortured for his password.
Surely the Pentagon knows how to crack encryption, no?
Please see http://yro.slashdot.org/story/10/06/26/1825204/fbi-failed-to-break-encryption-of-hard-drives
the FBI has failed to decrypt files of a Brazilian banker accused of financial crimes...two encryption programs, one Truecrypt and the other unnamed
Surely they could use some of their "Enhanced Interrogation Techniques" to elicit the passwords from someone. (see http://xkcd.com/538/)
AccountKiller
http://xkcd.com/538/
He correctly understood that they wouldn't be used against him as evidence in a court of law.
Lesson 1, Page 1, in covert operations:
Anonymity deflects more bullets than body armor.
Encryption prevents viewing the data only for the amount of time it takes to torture the passphrase out of you. Since you need the key to view your encrypted data, it's almost assured that the key will be near the data in some form, minimally protected. Encryption therefore provides little (if any) security in that scenario. In fact, it could cause more harm than good; It may lull you into a sense of false security.
#fuckbeta #iamslashdot #dicemustdie
^^ this.
He was dead anyway, regardless of how well protected his encrypted content was. Also, his network was (and is) set up in such a way that even a year after Bin Laden was captured/killed, we *still* haven't tracked down his lieutenants, I don't think he really had anything to worry about with the security of his data.
Why would he need to encrypt files he was storing with him? He was living covertly, so did not have to worry about surveillance. And these documents were essentially for internal (read: his own and his few insiders) use. Any distribution of those documents from his location was handled by courier, and AQ uses encryption and steganography when distributing their documents as recent news has shown, logically the same measures were probably undertaken whenever these documents left the compound. As high a profile target as he is, he really didn't have to worry about anyone snooping on him, it would be much more profitable to capture or kill him if his location were known than it would be to sit on him and investigate traffic. And odds are the NSA and other intelligence agencies would brute force and eventually crack any encryption regardless. At best, all the encryption would do is buy time for AQ to bug out/scrap plans/accelerate operations. In all likelihood they probably had a contingency plan for bin Laden's eventual capture/death(whether natural or by bullet/missile) which involved changes in methods, distribution networks, or locations, causing any intelligence gained to lead to mostly ghosts and cold trails.
Think of this another way: do you encrypt your USB drives if you are just transferring your files from one computer to another in your house? Even if the files are sensitive, it's a waste of time, because the drive isn't intended to be removed from your house.
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
Unless of course you really think that any of this happened, in which you are hopelessly retarded! The only thing that might be true is that he's dead, probably in the Tora Bora attack years ago.
If bin Laden died in the Tora Bora years ago, Bush would have played that card when he was losing a bunch of domestic and international credibility after Iraq. That would have taken a lot of heat off of him and make it much easier for him to have gotten things done. Although, judging by your comment you probably also think bin Laden was a CIA agent since the 80s too.
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
He correctly understood that they wouldn't be used against him as evidence in a court of law.
Uh, perhaps the idea would be to use a strong encryption so that if someone did find them, they wouldn't give away all the people you are collaborating with? Sure, it would be broken 20 years down the road but ... surely even in death you would want to protect your cause and your allies? Seems like pretty common sense to me ... just another sign that he didn't really care about those around him or he didn't understand technology.
The less information you give your enemy the better. Even minute things that seem unimportant can be used against you.
Wind-up Usama Bin Laden doll says real life phrases like "Encryption is hard, let's go jihading!"
My work here is dung.
The only thing that might be true is that he's dead, probably in the Tora Bora attack years ago.
Right. Because George & Dick wouldn't have trumpeted it to the heavens if the got him.
Sheesh, evil *and* a jerk. -- Jade
If Osama was alive, he would have released a video as soon as possible after we declared him authoritatively dead. "Ha ha, still alive and well, pig-eating traitor American fascists! LOLWUT!"
Osama Bin Laden is profoundly dead. May he rest in many pieces.
The preceding comment is my own, and in no way construes an opinon of the Emperor of Mankind.
The "terrorist" are middle east versions of neo-nazi rednecks. Most of them aren't entirely sure why they hate us but they do. Fighting us gives purpose to their otherwise sad existence. The Saudi terrorist, the ones that actually blew up the towers, blame us for their own people robbing them blind of oil money. Why didn't Bin laden encrypt his files? Why wasn't he in hiding? He had people in the Pakistani government protecting him and apparently the rest of the Al Qaeda terrorist network considered him put out to pasture. He was the figure head of a pathetic group of thugs. I just saw a report that it finally dawned on these morons that it's easier to start fires than to bring down planes. Even then they have to design complex bombs rather than matches and candles. They over think problems and miss the obvious. People think genius is coming up with complex solutions, it's coming up with simple solutions to complex problems. These guys aren't geniuses.
Personally I think he has been dead for years now. It makes more sense than the alternatives, in my opinion.
Not that I really care or have a strong opinion.
Dilbert RSS feed
Whahuh? Any modern, simple symmetric cipher could have protected his data from anyone but god, for the foreseeable future of the Universe. You can speculate all you want about NSA having some deep secret method of attacking asymmetric ciphers, but nestable modern symmetric ones with huge keys? Get real. And OBL would probably have loved knowing that the NSA was going to spend years accomplishing absolutely nothing with them. Heck, he probably should have encrypted a bunch of random data files alongside his real ones, for a true hoot.
Unless of course you really think that any of this happened, in which you are hopelessly retarded!
I do believe the only hopeless retards here are the ones who don't believe in the simplest possible explanation most likely being true, and instead believe crafting an imaginary entity and then killing the imaginary entity is a task our hopelessly inept government could manage without a thousand thousand leaks...
Yes, truly your kind is retarded beyond hope of recovery and it saddens me that so many fall to your fell logic daily.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
The number of people who think AES can magically be cracked because the NSA is involved is staggering, if anyone can crack it it's probably the NSA, but they probably can't crack it. Slashdot your opsec is horrid, you encrypt secrets because they're secrets not because if the enemy has them you're dead anyhow, if anything it means that your secrets are more secure since they can't be beaten out of you. Does this sound like a policy we'd use with our own military secrets? More likely he's not very tech savvy and didn't understand why it would help or like many of the posters here he seemed to believe that the NSA has magical powers so crypto was futile. The man is prone to faulty thinking demonstrated by his belief that the middle east would finally be free from our meddling if he could just manage to kill another 5000 people. The fact that many of you are developers and administrators and don't seem to know the first thing about opsec or crypto is genuinely troubling, no wonder .cn walks through our infrastructure like they own it.
The US government is not known for it's honesty. Whatever they say (And expirience proves me correct) can be assumed to be a lie. Like the weapons of mass destruction that someone else was higing in his palaces and the mobile laboratories that the same dictator used to create biological and chemical weapons. People, is our memory so bad that we forget easily we are being told nothing but lies by politicians?
I bet that "evil plans" sub directory is really a front and there's some serious man on man action pictures hidden inside those files.
Boffoonery - downloadable Comedy Benefit for Bletchley Park
Quantum computers speed up brute forcing of symmetric ciphers. But not dramatically so. If you use AES256 we're still talking "until the heat death of the universe" time spans for brute forcing.
http://en.wikipedia.org/wiki/Key_size#Effect_of_quantum_computing_attacks_on_key_strength
it's in my head
How could anyone tell that there are no encrypted files?
The usual first mistake is a sticky note with the password on it.
Common mistake number two is a big icon on the quicklaunch bar labeled "SuperSecretCryptoAccess."
You think I kid?
http://www.wired.com/dangerroom/2010/06/alleged-spies-hid-secret-messages-on-public-websites/
More likely they can just dedicate hundreds of hours worth of computing to brute-forcing a single piece of intelligence
More likely hundreds of years worth or more... I personally consume 20 CPU-years on a regular basis for things of no national security importance whatsoever.
Remember, kids, encryption strength is exponential with respect to key length! Make 'em nice and long if you don't want the NSA to read 'em!
It doesn't really have to be that much more advanced than what we have (although undoubtedly they are so far on the cutting edge of capability that they are probably in danger of falling off)
Frankly it won't be any more advanced than what "we" have. They might ask for a tweak or two to whatever vendor (e.g. or even i.e. Cray) they buy from, but it's not going to be significantly different than their commercially-available cutting edge.
Remember, the government doesn't make much of anything in the way of technology. The military, who undoubtedly has stuff "we" don't, still has that stuff designed and manufactured by private contractors -- Boeing, Rayethon, etc. Some of these are almost exclusively defense contractors so sure you pretty much aren't going to see what the military has elsewhere.
In silicon the big manufacturers sell primarily to non-government agencies, and they're selling their best stuff not holding back so the NSA can get it before anyone else when there's way more money in competitive advantage in the marketplace.
The government might have some fancy research, but to supply the NSA with what it needs requires large-scale manufacturing from industry.
The enemies of Democracy are
Every other war? Where was Hitler's body?
Confidentiality, Integrity, Availability: without Availability the other two are assured, as is Bankruptcy.
The released documents are interesting reading - although very long-winded and obtuse. What fascinates me is the overall callousness and unemotional references to non-Muslim human lives. Bin Laden cautions against killing the French hostages, not because killing is wrong, but because the political ramifications might have a negative effect at this time. The only time there seemed to be any concern for human life was on the issue of suicide bombings that killed random Muslims in Afghanistan & Pakistan. For most of the letters, he could very well have been a CEO talking about a downsizing at a branch office.
From TFA:
In contrast to his public statements that focused on the injustice of those he believed to be the “enemies” of Muslims, namely corrupt “apostate” Muslim rulers and their Western “overseers,” the focus of Bin Ladin’s private letters is Muslims’ suffering at the hands of his jihadi “brothers”. He is at pain advising them to abort domestic attacks that cause Muslim civilian casualties and focus on the United States, “our desired goal.”
Out of 6000+ documents, they picked this to release. You don't need a huge imagination to see why.
Although I do give them credit in making this public and trying to focus attacks back on to US forces. It makes leaving Iraq/Afghanistan a lot easier if you don't have to worry about them killing each other after you leave.
No-one encrypts their files, or their e-mails, so why would he do it? I bet he also didn't keep backups, again just like the rest of us.
This just proves that Osama bin Laden was just a normal guy. Except maybe for his passion to kill, that is.
Any idea what OS he used?
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
The rules of engagement are different for soldiers. I'm not just talking in high level theoretical moral terms, I mean there are actual rules spelled out, laws, international agreements and so on. They were sent in to neutralize him, not capture him. Now that could mean capture, but only if he surrendered immediately and completely. If he tried to run, or fight, even in a proforma way, they were justified in killing him.
Police are legally supposed to use deadly force only as a last resort, only when it is necessary to defend life or the like. Soldiers are allowed to use deadly force far more widely. Their gun is often the first thing they go for, not the last.
Also Bin Laden was a completely legit military target. Commanders of hostile forces are always legit to go after, killing generals is legal.
If you declare war (successfully) on a country, and that is what he did, you are going to be subject to having the military of the country after you. They don't play by the same rules as civilian agencies in fact and in law.
We aren't talking rocket scientists here. . . . . The "terrorist" are middle east versions of neo-nazi rednecks.
I'm afraid you've got things quite wrong in some important ways.
The Educated Muslim Terrorist
What Makes a Terrorist
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
dead he is a short term martyr at best.
What nation could try him let alone hold him? The US? Hell we would have enough people who regularly post here decrying that let alone people protesting everywhere.
Then when you try him exactly who is going to want to keep him? Which country wants a permanent living flashpoint in their borders?
For every reason I could see taking him alive I can find many more for having him dead. There are people in this world who simply serve no purpose in keeping alive. Yes it is a sad observation but until people acknowledge that the world isn't going to get far. You cannot simply wish people to be good. Some just are not fit to be part of society, some merely see society as something to destroy.
I guess it would make some people feel better about themselves, magnanimous even, to hold these types indefinitely but I find the who generally want this have no skin in the game to begin with.
* Winners compare their achievements to their goals, losers compare theirs to that of others.
Lying is not a concern for people who kill other people.
Lying is not sufficient to keep a conspiracy intact. You need to suppress the tendency of people with big egos to brag. You need to suppress the tendency of people in government to cover their ass. You need to get everyone involved to trust one another. You need to keep everyone involved out of any compromising position that might cause them to bail (spying, trouble with law enforcement, etc). The more people involved with the lie, the harder this all becomes.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
...but the "we found that in Osama's hard drive" is a perfect excuse to make it possible to legally use informations that were given through illegal or immoral means.
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.