[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] Bin-Laden: High-Tech oder Low-Tech (Duncan Campbell)
Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------
http://www.telepolis.de/english/inhalt/te/9751/1.html
How the terror trail went unseen
Duncan Campbell 08.10.2001
Scientists and politicians row over whether it was planned using
hi-tech or lo-tech
Investigations into how the terror attackers managed to evade
detection are producing the unusual situation that statements from the
FBI have become more trustworthy than those in the press.
In two successive briefings, senior FBI officials have stated that the
agency has as yet found no evidence that the hijackers who attacked
America used electronic encryption methods to communicate on the
internet. But this has not prevented politicians and journalists
repeating lurid rumours that the coded orders for the attack were
secretly hidden inside pornographic web images, or from making claiming
that the hijacks could have been prevented if only western governments
had been given the power to prevent internet users from using secret
codes.
The latest evidence from the FBI suggests that the hijackers easily
hid under the noses of the American government, not by using advanced
technology but by being as American as apple pie.
Although many e-mail messages sent to and from key members of the
hijack team have been found and are being studied, none of them,
according to the FBI, used encryption. Nor did they use steganography,
a technique which allows an encrypted file to be hidden inside a larger
file, such as a .jpeg or .gif image, or an .mp3 music file.
Steganography, hides a coded message inside picture or music files by
making numerous small changes to data. The changes are invisible to
ordinary viewers or listeners, but can be read by special software.
Allegations that Osama bin Laden's terror group was using
steganography resurfaced at the end last week, after a French
investigator claimed that arrested terrorist suspect Kamel Daoudi had
been found in possession of a so-called "codebook", written in Arabic.
Former French Defence Ministry official Alexis Debat told US
television last Thursday that the book was "a major breakthrough in the
investigation". Although French and American experts have claimed that
the discovery of the "codebook" could be as important as the breaking
of codes in the second world war, no details of its contents have been
published. Oddly, the discovery of the codebook was never mentioned the
previous week, when British police arrested Daoudi in Leicester,
England, and searched his premises. He was then deported to France.
The first claim that bin Laden's followers were operating a
communications network based on encrypted messages concealed inside
pornographic pictures was made by the newspaper USA Today. Their 6
February 2001 report luridly alleged that his group had relayed the
"encrypted blueprints of the next terrorist attack against the United
States", including maps of targets, inside "X-rated pictures on several
pornographic web sites" (see USA Today [0]).
Last month's attacks have provided the first, tragic, test of who was
right about the net, encryption and terrorism. The answers, so far as
they are known, were given late in September by the FBI at a Washington
briefing. FBI assistant director Ron Dick, head of the US National
Infrastructure Protection Centre, told reporters that the hijackers had
used the net, and "used it well".
FBI investigators had been able to locate hundreds of email
communications, sent 30 to 45 days before the attack. Records had been
obtained from internet service providers and from public libraries. The
messages, in both English and Arabic, were sent within the US and
internationally. They had been sent from personal computers or from
public sites such as libraries. They used a variety of ISPs, including
accounts on Hotmail.
According to the FBI, the conspirators had not used encryption or
concealment methods. Once found, the emails could be openly read. None
of them contained plans for the New York attack hidden inside porn
pictures.
The allegation that any terrorist communications were hidden inside
internet porn has, so far, proven unsupported. A few days before the
attack, a team from the University of Michigan reported they had
searched for images that might contain such messages, using a network
of computers to look for the "signature" of steganography. According to
researchers at the Centre for Information Technology Integration [1],
they "analysed two million images but have not been able to find a
single hidden message".
Despite the forthright position taken by the FBI, some US newspapers
have continued to report technological myths in circulation before the
attack. Two weeks ago, the Washington Post claimed [2] that the
inventor of the widely used PGP (Pretty Good Privacy) encryption
system, Phil Zimmermann, had been "crying every day... overwhelmed with
feelings of guilt". Although the FBI had already said they had found no
evidence of these terrorists using encryption, Post readers were told
that Zimmermann "has trouble dealing with the reality that his software
was likely used for evil".
In a public statement in response, Zimmermann accused the Post of
serious misrepresentation in publishing things he never said. "Read my
lips," he said, "I have no regrets about developing PGP." His grief had
been for the victims, not for culpability about his invention.
Other US newspapers have also reported that bin Laden has access to
satellites more powerful than the NSA's, and uses a communications
company controlled by a relative to overcome US monitoring. Neither the
satellites nor the company exist.
In Britain, Foreign secretary Jack Straw provoked a storm of protest
from scientists and computer security specialists by claiming on the
BBC that the media and civil liberties campaigners had paved the way
for the terror attacks on America.
Mr Straw had told the BBC's Today programme that the BBC had been a
"mouthpiece piece for .... non-governmental organisations" who he
claimed had forced him and the government to back down on plans to
prohibit internet users from using secret codes, known as cryptography.
The interviewer rejected the charge.
"We knew that terrorists were going to use this", Mr Straw claimed.
The people who had opposed his 1998 plan to provide automatic
government access to all private internet communications would now be
regretting their "two dimensional view", he prophesied.
But scientists who have promoted the use of secret codes on the net to
protect privacy and make business safe say that Straw is completely
wrong. It's an "effort to divert attention from what will increasingly
be seen as a massive failure ... of the intelligence services", said
former British Ministry of Defence electronic security chief Dr Brian
Gladman. "The terrorist use of encrypted internet communications was
not a significant factor."
In a press briefing at FBI headquarters in Washington two weeks ago,
bureau assistant director Ron Dick told reporters that hundred of
e-mails from the hijackers had been found and were being examined. But
the conspirators had not used encryption or concealment methods. The
FBI said that their e-mails could be openly read.
Evidence from questioning terrorists and monitoring their messages
reveal that they did use word to make their discussions sound inocuous
to eavesdroppers. Osama bin Laden was referred to as the director". An
Arabic word for babyfood meant "bomb". The recently publicised
"codebook" probably contained no more than a list of clandestine
phrases to use when sending messages.
The real clue as to how the terrorists escaped detection by the
world's mightiest electronic surveillance system emerged last year in
Manchester, when a house suspected of being used by bin Laden
sympathisers was searched. The police and the FBI found a manual in
Arabic, entitled "Military Studies in the Jihad Against the Tyrants".
It was a how-to-do-it guide to murder and mayhem. It told bin Laden's
suicide squads how to "act, pretend and mask" themselves while
operating inside enemy territory in Europe and the United States.
The hijackers, many of whom lived in the United States for years,
obeyed. They shaved their beards and wore western clothes. They hid
their Korans. Some joined gyms and chatted about sports to neighbours.
They took flying lessons and even military courses at US academies.
Some brought their families to stay, warning them to flee at the last
possible moment before the carnage began.
They ate western food, and some even drank. No doubt they shopped at
Walmart, and watched the Simpsons on TV. The Manchester terror manual
even warned them "don't break parking regulations".
The same FBI investigation, aimed at finding who bombed America's
embassy in Kenya in 1998, also brought to light major evidence of a
terrorist communications network operating through Britain and Germany.
Between 1996 and 1998, when the embassy was bombed, the FBI found that
Osama bin Laden and his staff had spent nearly 40 hours making
satellite phone calls from the mountains of Afghanistan. The calls,
which can be sent and received from a special phone the size of a
laptop computer, were relayed via a commercial satellite to
sympathisers in the west.
Even now, as US forces move in for the kill, bin Laden's satellite
phone has not been cut off. But calls to the terrorist leader are going
unanswered. His international phone number - 00873 682505331 - was
disclosed during a trial, held in New York earlier this year. Caller to
his once-active satellite link now hear only a recorded messages saying
he is "not logged on".
According to US prosecutors, the phone most frequently called by
satellite was a mobile phone located in London. This single phone was
used by " bin Laden and the other co-conspirators to carry out their
conspiracy to murder U.S. nationals", US Attorney Kenneth Karas told
the jury.
"[It] gives you a window into how it is that Al Qaeda [the name of bin
Laden's international network] operates," he added. Calls were so
frequent were so frequent that the phone, rented from 1-2-1, was dubbed
the "Jihad phone".
But, like all the other European phones and lines mentioned in the New
York trial, the "Jihad phone" didn't use encryption to prevent the
communications from being intercepted by the police or security
agencies. It couldn't. Yet investigators and surveillance centres
apparently knew nothing of what was going on at the time, and were
unable to piece together the links being run by the terror group.
Throughout the period, US intelligence did track bin Laden's satphone.
They heard him talking to the Taliban about heroin exports, and even
monitored him chatting to his mother. Tracking data based on the
position of his phone was used in 1998, when President Clinton
authorised the launch of cruise missiles intended to kill him. But he
wasn't logged on, and survived. And he never logged on again.
Although politicians have rushed to blame new technology, intelligence
experts say that the real problem has been getting agents inside the
terror groups. They say that the CIA has been inexcusably lazy by
failing to recruit and run agents who were willing to risk dirt,
disease and death by joining the terror teams at their training camps.
But without the information from such sources on who and what to look
for, America's vast global arsenal of satellites and listening centres,
like the giant satellite spy base at Menwith Hill near Harrogate,
England, and Bad Aibling, Bavaria, were blind and deaf.
British foreign secretary Jack Straw's suggestion that the inventors
and promoters of computer security now regret what they have done also
appears misleading. One of the most famous of these experts is Dr
Whitfield Diffie from California, who jointly helped invent the system
now used as the foundation of internet business. Speaking at a security
conference in Ireland last week, he said "the internet is so valuable
as a communication mechanism that people and corporations cannot afford
not to use it ... it's only cryptography [secret codes] that makes it
safe."
The evidence so far is that, when communicating, the terrorists used
simple open codes to conceal who and what they were talking about. This
low-tech method works. Unless given leads about who to watch, even the
vast "Echelon" network run by NSA and GCHQ cannot separate such
messages from innocuous traffic. The problem, says Dr Gladman, is that
"the volume of communications is killing them [the spy agencies]. They
just can't keep up. It's not about encryption."
"Events have vindicated our position", adds Ian Miller, a computer
security specialist and one of the experts whom Mr Straw has accused of
being "naïve". The attacks, he said, worked because they had "none of
the hallmarks of clandestine activity the intelligence agencies
normally look for. They did nothing suspicious - until they did
something abominable".
Links
[0] http://www.usatoday.com/life/cyber/tech/2001-02-05-binladen.htm
[1] http://www.citi.umich.edu/techreports/reports/citi-tr-01-11.pdf
[2] http://www.washingtonpost.com/wp-dyn/articles/A1234-2001Sep20.html
---------------------------------------------------------------
Liste verlassen:
Mail an infowar -
de-request -!
- infopeace -
de mit "unsubscribe" im Text.