Slashdot Mirror
Osama Bin Laden Didn't Encrypt His Files
An anonymous reader writes "If you're running a terrorist organization, it might make sense to encrypt your files. Clearly Osama Bin Laden didn't realize that — as some of the documents seized during the raid on his hideout in Pakistan have been made public for the first time. 17 electronic documents, which were found on USB sticks, memory cards and computer hard drives after US Navy Seals killed the terrorist chief in the May 2011 raid, are being released in their original Arabic alongside English translations by the Combating Terrorism Center, reports Sophos."
Worked pretty well for the 10 or so years it took to *find* his files!
I swear to God...I swear to God! That is NOT how you treat your human!
Normally, you would encrypt data for transmission via an unsecure network (read: internet) or to protect it from unauthorized physical access. It's not like OBL's biggest worries were the contents of his USB sticks should hostile individuals be present in his home. History certainly supports that theory ...
http://xkcd.com/538/
He correctly understood that they wouldn't be used against him as evidence in a court of law.
^^ this.
He was dead anyway, regardless of how well protected his encrypted content was. Also, his network was (and is) set up in such a way that even a year after Bin Laden was captured/killed, we *still* haven't tracked down his lieutenants, I don't think he really had anything to worry about with the security of his data.
Why would he need to encrypt files he was storing with him? He was living covertly, so did not have to worry about surveillance. And these documents were essentially for internal (read: his own and his few insiders) use. Any distribution of those documents from his location was handled by courier, and AQ uses encryption and steganography when distributing their documents as recent news has shown, logically the same measures were probably undertaken whenever these documents left the compound. As high a profile target as he is, he really didn't have to worry about anyone snooping on him, it would be much more profitable to capture or kill him if his location were known than it would be to sit on him and investigate traffic. And odds are the NSA and other intelligence agencies would brute force and eventually crack any encryption regardless. At best, all the encryption would do is buy time for AQ to bug out/scrap plans/accelerate operations. In all likelihood they probably had a contingency plan for bin Laden's eventual capture/death(whether natural or by bullet/missile) which involved changes in methods, distribution networks, or locations, causing any intelligence gained to lead to mostly ghosts and cold trails.
Think of this another way: do you encrypt your USB drives if you are just transferring your files from one computer to another in your house? Even if the files are sensitive, it's a waste of time, because the drive isn't intended to be removed from your house.
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
Unless of course you really think that any of this happened, in which you are hopelessly retarded! The only thing that might be true is that he's dead, probably in the Tora Bora attack years ago.
If bin Laden died in the Tora Bora years ago, Bush would have played that card when he was losing a bunch of domestic and international credibility after Iraq. That would have taken a lot of heat off of him and make it much easier for him to have gotten things done. Although, judging by your comment you probably also think bin Laden was a CIA agent since the 80s too.
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
The only thing that might be true is that he's dead, probably in the Tora Bora attack years ago.
Right. Because George & Dick wouldn't have trumpeted it to the heavens if the got him.
Sheesh, evil *and* a jerk. -- Jade
The "terrorist" are middle east versions of neo-nazi rednecks. Most of them aren't entirely sure why they hate us but they do. Fighting us gives purpose to their otherwise sad existence. The Saudi terrorist, the ones that actually blew up the towers, blame us for their own people robbing them blind of oil money. Why didn't Bin laden encrypt his files? Why wasn't he in hiding? He had people in the Pakistani government protecting him and apparently the rest of the Al Qaeda terrorist network considered him put out to pasture. He was the figure head of a pathetic group of thugs. I just saw a report that it finally dawned on these morons that it's easier to start fires than to bring down planes. Even then they have to design complex bombs rather than matches and candles. They over think problems and miss the obvious. People think genius is coming up with complex solutions, it's coming up with simple solutions to complex problems. These guys aren't geniuses.
The number of people who think AES can magically be cracked because the NSA is involved is staggering, if anyone can crack it it's probably the NSA, but they probably can't crack it. Slashdot your opsec is horrid, you encrypt secrets because they're secrets not because if the enemy has them you're dead anyhow, if anything it means that your secrets are more secure since they can't be beaten out of you. Does this sound like a policy we'd use with our own military secrets? More likely he's not very tech savvy and didn't understand why it would help or like many of the posters here he seemed to believe that the NSA has magical powers so crypto was futile. The man is prone to faulty thinking demonstrated by his belief that the middle east would finally be free from our meddling if he could just manage to kill another 5000 people. The fact that many of you are developers and administrators and don't seem to know the first thing about opsec or crypto is genuinely troubling, no wonder .cn walks through our infrastructure like they own it.
I bet that "evil plans" sub directory is really a front and there's some serious man on man action pictures hidden inside those files.
Boffoonery - downloadable Comedy Benefit for Bletchley Park
More likely they can just dedicate hundreds of hours worth of computing to brute-forcing a single piece of intelligence
More likely hundreds of years worth or more... I personally consume 20 CPU-years on a regular basis for things of no national security importance whatsoever.
Remember, kids, encryption strength is exponential with respect to key length! Make 'em nice and long if you don't want the NSA to read 'em!
It doesn't really have to be that much more advanced than what we have (although undoubtedly they are so far on the cutting edge of capability that they are probably in danger of falling off)
Frankly it won't be any more advanced than what "we" have. They might ask for a tweak or two to whatever vendor (e.g. or even i.e. Cray) they buy from, but it's not going to be significantly different than their commercially-available cutting edge.
Remember, the government doesn't make much of anything in the way of technology. The military, who undoubtedly has stuff "we" don't, still has that stuff designed and manufactured by private contractors -- Boeing, Rayethon, etc. Some of these are almost exclusively defense contractors so sure you pretty much aren't going to see what the military has elsewhere.
In silicon the big manufacturers sell primarily to non-government agencies, and they're selling their best stuff not holding back so the NSA can get it before anyone else when there's way more money in competitive advantage in the marketplace.
The government might have some fancy research, but to supply the NSA with what it needs requires large-scale manufacturing from industry.
The enemies of Democracy are
The rules of engagement are different for soldiers. I'm not just talking in high level theoretical moral terms, I mean there are actual rules spelled out, laws, international agreements and so on. They were sent in to neutralize him, not capture him. Now that could mean capture, but only if he surrendered immediately and completely. If he tried to run, or fight, even in a proforma way, they were justified in killing him.
Police are legally supposed to use deadly force only as a last resort, only when it is necessary to defend life or the like. Soldiers are allowed to use deadly force far more widely. Their gun is often the first thing they go for, not the last.
Also Bin Laden was a completely legit military target. Commanders of hostile forces are always legit to go after, killing generals is legal.
If you declare war (successfully) on a country, and that is what he did, you are going to be subject to having the military of the country after you. They don't play by the same rules as civilian agencies in fact and in law.
We aren't talking rocket scientists here. . . . . The "terrorist" are middle east versions of neo-nazi rednecks.
I'm afraid you've got things quite wrong in some important ways.
The Educated Muslim Terrorist
What Makes a Terrorist
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
dead he is a short term martyr at best.
What nation could try him let alone hold him? The US? Hell we would have enough people who regularly post here decrying that let alone people protesting everywhere.
Then when you try him exactly who is going to want to keep him? Which country wants a permanent living flashpoint in their borders?
For every reason I could see taking him alive I can find many more for having him dead. There are people in this world who simply serve no purpose in keeping alive. Yes it is a sad observation but until people acknowledge that the world isn't going to get far. You cannot simply wish people to be good. Some just are not fit to be part of society, some merely see society as something to destroy.
I guess it would make some people feel better about themselves, magnanimous even, to hold these types indefinitely but I find the who generally want this have no skin in the game to begin with.
* Winners compare their achievements to their goals, losers compare theirs to that of others.