Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Bin Laden's Sneakernet Email System

Soulskill posted more than 3 years ago | from the guess-we-can't-take-flash-drives-on-airplanes-anymore dept.

Communications 240

Hugh Pickens writes "Osama bin Laden was a prolific writer who put together a painstaking email system that thwarted the US government's best eavesdroppers despite having no Internet access in his hideout. Holed up in his walled compound in northeast Pakistan with no phone or Internet capabilities, bin Laden would type a message on his computer, save it using a thumb-sized flash drive that he passed to a trusted courier, who would head for a distant Internet cafe. At that location, the courier would plug the drive into a computer, copy bin Laden's message into an email and send it. Intelligence officials are wading through thousands of the email exchanges after around 100 flash drives were seized from the compound by US Navy Seals."

Sorry! There are no comments related to the filter you selected.

All this OBL bullshit (0, Offtopic)

countertrolling (1585477) | more than 3 years ago | (#36117812)

belongs under the heading of 'Apple rumors'

Re:All this OBL bullshit (0, Troll)

Anonymous Coward | more than 3 years ago | (#36117902)

Indeed. Amazing how many people still completely buy in to the bin Laden BS.

Re:All this OBL bullshit (0)

clang_jangle (975789) | more than 3 years ago | (#36117942)

Bread and circuses. Business as usual, I'm afraid...

Re:All this OBL bullshit (1, Offtopic)

MikeDirnt69 (1105185) | more than 3 years ago | (#36117990)

Yeah, I can see OBL typing on his White MacBook Pro.

Re:All this OBL bullshit (-1, Offtopic)

countertrolling (1585477) | more than 3 years ago | (#36118146)

Score:-1, Offtopic)

I am no more 'offtopic' than OBL himself.. You print stories from crooks and liars as if they were actual fact.. Amusing to some extent, but very sad for the most part.. Eh, whatever pumps up the page hits..

Re:All this OBL bullshit (0)

jhoegl (638955) | more than 3 years ago | (#36118382)

Who are the crooks and liars?
At this point your trolling seems obvious.

Re:All this OBL bullshit (0)

webmistressrachel (903577) | more than 3 years ago | (#36118498)

No, your trolling is obvious...

The crooks and liars being the US government.

Re:All this OBL bullshit (0)

countertrolling (1585477) | more than 3 years ago | (#36118578)

It seems you wouldn't believe the answer if it bit you on the ass.. I'll just leave it at that..

I'll give you a hint though.. This post is brought to you by the letters "G" and "P"

Re:All this OBL bullshit (1)

jhoegl (638955) | more than 3 years ago | (#36119026)

Fox news, is that you?

Re:All this OBL bullshit (0)

countertrolling (1585477) | more than 3 years ago | (#36119040)

Lots of mod bombing by the coalition on this one.. Geeze people! I know you all wanted the OJ trial to end this way, but you're carrying this a bit far

The Onion Router (1)

DriedClexler (814907) | more than 3 years ago | (#36117818)

Why couldn't he just use Tor? Heckuva lot simpler and less vulnerable to betrayal by associates.

Re:The Onion Router (2)

badran (973386) | more than 3 years ago | (#36117862)

A tor node in Pakistan would not be suspicious at all.

Re:The Onion Router (5, Interesting)

conspirator57 (1123519) | more than 3 years ago | (#36118300)

10,000 tor nodes with hundreds going up and down every day in different locations would be as difficult to track through as physically going door-to-door searching the entire populace. that's part of why tor was built: to enable communication of persecuted minorities. when we built tor we were thinking post-tienanmen democracy advocates in china. our noble intentions in building tor don't keep the technology from being useful to other persecuted minorities that we don't like.

Re:The Onion Router (0)

Desler (1608317) | more than 3 years ago | (#36118366)

I hate to break it to you, but you can be tracked through TOR. The NSA has been doing so for years.

Re:The Onion Router (0)

conspirator57 (1123519) | more than 3 years ago | (#36118428)

sure. but i herd tor was open-source and modifiable.

Re:The Onion Router (5, Insightful)

x6060 (672364) | more than 3 years ago | (#36117980)

Tor does have a few potential vulnerabilities and it would not surprise me in the least if the NSA did have a way of tracking it. The way Osama decided to do it shifted the vulnerability from an electronic one to a personal loyalty one. With his age, experience and knowledge im sure he was able to better control and protect the later rather than the former. Its also very similar to his previous methods. Low tech - High concept.

Re:The Onion Router (5, Insightful)

darjen (879890) | more than 3 years ago | (#36118008)

Because everyone knows the FBI/CIA/NSA operate "anonymous" Tor nodes.

Re:The Onion Router (0)

Anonymous Coward | more than 3 years ago | (#36118010)

Maybe, just maybe he didn't know what Tor is? Maybe he's not as much of a criminal mastermind as people think he is?

Re:The Onion Router (5, Insightful)

x6060 (672364) | more than 3 years ago | (#36118020)

I also feel the need to point out that this was probably not so much an attempt to thwart eavesdropping, but to mask his location.

Re:The Onion Router (1)

Anonymous Coward | more than 3 years ago | (#36118164)

Huge vulnerability in that someone with enough resources could run a large number of nodes that could help track down people.

Almost makes me wonder if anyone has done any tests to see if it was possible.
Open wi-fi + a target that they couldn't resist = crackdown if they are capable of finding people.
Of course, this is very gray area stuff so just take note of that. Government agencies wouldn't hesitate to mess you up for wasting their time.

Re:The Onion Router (1)

ashidosan (1790808) | more than 3 years ago | (#36118266)

Tor may hide the endpoints to a midpoint party, but you can bet it would only be a matter of time before the closest exit node to Pakistan would be honeypotted.

http://cryptome.org/0003/tor-spy.htm [cryptome.org]

Re:The Onion Router (1)

ObsessiveMathsFreak (773371) | more than 3 years ago | (#36118392)

Because a Tor user would have been a lot easier to track down.

Re:The Onion Router (2)

LWATCDR (28044) | more than 3 years ago | (#36118514)

Well Tor has been shown to be vulnerable from time to time http://www.google.com/search?aq=1&oq=Tor+vu&sourceid=chrome&ie=UTF-8&q=tor+vulnerabilities [google.com] and the US has a lot of resources to throw at the problem I wouldn't bet on that being as good of a solution.
Frankly The lack of wifi, cell, internet, and phone in a big expensive home in a well to do town in Pakistan was probably a bit red flag. I mean really it is like going to a Rave in a three piece suit, sunglasses and sporting a buzz cut.
  If they where smart they would have had a few cell phones that they used to call women on and chat about going out, and an internet connection where they went and played Farmville.

bin laden's sneakernet first post system (-1)

Anonymous Coward | more than 3 years ago | (#36117820)

suck it, mother fuckers!

Re:bin laden's sneakernet first post system (0)

webmistressrachel (903577) | more than 3 years ago | (#36118172)

Haaa haha! I love failed first posts...

On another note, Bin Laden's system was so slow it resulted in this er.... failed first post...

Why didn't he just use (5, Funny)

Shanrak (1037504) | more than 3 years ago | (#36117828)

RFC 1149?

Re:Why didn't he just use (0)

Anonymous Coward | more than 3 years ago | (#36118086)

Because it's really hard to spoof the origin of a homing pigeon?

Re:Why didn't he just use (1)

gv250 (897841) | more than 3 years ago | (#36118528)

Why didn't he just use RFC 3514?

ajax.googleapis.com/ajax/services/search (1)

operator_error (1363139) | more than 3 years ago | (#36119070)

{"responseData": null, "responseDetails": "Don't be evil.", "responseStatus": 406}

Re:Why didn't he just use (0)

Anonymous Coward | more than 3 years ago | (#36118650)

Pigeons are not halal.

Re:Why didn't he just use (1)

conspirator57 (1123519) | more than 3 years ago | (#36118780)

Pigeons are not halal.

pure win.

Painstaking? (3, Insightful)

j00r0m4nc3r (959816) | more than 3 years ago | (#36117838)

How is that painstaking? That's like calling writing a telegram painstaking.

RTFA (3, Funny)

Anonymous Coward | more than 3 years ago | (#36117890)

They called it painstaking because the courier was forced to use hotmail to forward the emails.

Re:Painstaking? (3, Interesting)

gstoddart (321705) | more than 3 years ago | (#36117894)

How is that painstaking? That's like calling writing a telegram painstaking.

Or, no more complicated than the tradecraft of cold-war era spies.

This sounds like nothing more than well-established stuff that likely goes back to WWII if not before, and that you can read about in any Tom Clancy novel.

Who knew ... the easiest way to avoid getting detected by a massive, international signals intelligence network, is to not use methods that give them anything to listen to.

I'm completely shocked ... next thing they'll tell us about one-time-pads.

Re:Painstaking? (1)

vinn (4370) | more than 3 years ago | (#36118078)

I totally agree - that was the first thought that crossed my mind when I read this. This system is dumb and simple.

What would be more interesting to find out is why the US couldn't eavesdrop on the email and figure out where it came from. I was under the impression with things like ECHELON we could just read every email ever sent anywhere in the world. Or, did bin Laden write in such a way that it didn't trigger it to get picked up? Or, did he actually use some kind of encryption?

Re:Painstaking? (1)

timeOday (582209) | more than 3 years ago | (#36118982)

I was under the impression with things like ECHELON we could just read every email ever sent anywhere in the world.

Maybe OBL was hard to track because he wasn't saying anything that only he could have said - but then, how could he have remained in power? If the medium for your communications is obfuscated enough that it can't be tracked back to you, how do your followers know your messages are authentic? If you signed your messages with a private key, for example, then the first people to have your new signed messages would be immediately suspect and traced back to you.

This leads me back to how OBL was portrayed before he was found: if not dead, he was said to be incapacitated by the constant threat against him. Only after his final defeat was his image as a acting leader revived. I have to wonder if there isn't an element of propaganda here.

Re:Painstaking? (1)

228e2 (934443) | more than 3 years ago | (#36118158)

I agree. I was expecting to hear some complicated eluding system where the courier didnt use the same cafe twice in a year and often went as far as 50 miles and created a new email address each time composed of some longitude/constellation combination. For a paranoid mastermind, this is full of weaksauce.

Re:Painstaking? (1)

conspirator57 (1123519) | more than 3 years ago | (#36118830)

or at least wherein there are multiple courrier legs and/or dead drops. i mean this sounds simpler than a plot on a prime time crime show.

Re:Painstaking? (1)

kelemvor4 (1980226) | more than 3 years ago | (#36118326)

Seems like an accurate description to me
  1. 1. Type Message
  2. 2. Save as file
  3. 3. Copy to thumbdrive
  4. 4. Have servant drive it across country
  5. 5. Have servant copy it off the thumb drive into an email
  6. 6. Have servant click send

VS.

  1. 1. Type Message
  2. 2. Click send

In fact, short of carrier pigeons it's probably one of the most painstaking methods I've heard of to send a message.

Re:Painstaking? (0)

GigG (887839) | more than 3 years ago | (#36118438)

It is only pain staking to the servant. I'm sure OBL was real concerned about that.

Re:Painstaking? (1)

gstoddart (321705) | more than 3 years ago | (#36118468)

In fact, short of carrier pigeons it's probably one of the most painstaking methods I've heard of to send a message.

You've never received email through UUCP bang-path addressing then or set it up then.

This is how people used to communicate when they had need of security ... hell, it's probably straight out of a CIA handbook from the 50s or 60s (or a KGB manual from the same era).

It's not even a new technique ... substitute a thumb drive for a piece of paper with a cipher, and the technique is probably centuries old.

Maybe for someone who grew up in a world where everyone has text messages and email this sounds convoluted ... the to rest of it, it's pretty much old hat. Hell, read a spy novel -- this is a very well known technique for maintaining security and secrecy.

Re:Painstaking? (0)

Anonymous Coward | more than 3 years ago | (#36118598)

irony

Didn't prevent anything (2)

mr1911 (1942298) | more than 3 years ago | (#36117872)

Merely delayed it. A bullet in the head is a bullet in the head.

Re:Didn't prevent anything (1)

owlstead (636356) | more than 3 years ago | (#36117960)

Hmm, semantics. He did prevent himself being killed because of the email system. If a doctor cures you from an illness, hasn't he saved you because you die of other causes later?

Re:Didn't prevent anything (5, Insightful)

Skuto (171945) | more than 3 years ago | (#36118026)

They found him through a courier. So actually, email did get him killed, sortof.

Re:Didn't prevent anything (2)

Anne_Nonymous (313852) | more than 3 years ago | (#36118286)

Network lag killed him?

Re:Didn't prevent anything (1)

SomePgmr (2021234) | more than 3 years ago | (#36118796)

Very much so, I'd say. The lesson here is they can find you no matter what. Even if you're paranoid enough to hide in a hole, buried in someones backyard under a pile of trash, like Hussein.

There's no such thing as the perfect hiding spot in the real world. There's always someone or something that will eventually betray your location. Except maybe for wherever 2-Pac and Elvis have been hiding.

Re:Didn't prevent anything (1)

Captain Spam (66120) | more than 3 years ago | (#36118050)

Hmm, semantics. He did prevent himself being killed because of the email system. If a doctor cures you from an illness, hasn't he saved you because you die of other causes later?

SLASHDOT: Keeping those happy thoughts and cheerful reminders coming every Friday at work!

UUCP (2)

Dynamoo (527749) | more than 3 years ago | (#36117874)

Kind of like mail over UUCP then. (Yes, I am showing my age)

Re:UUCP (0)

Anonymous Coward | more than 3 years ago | (#36118932)

Maybe that explains how they found him: They just followed the bang path.

Re:UUCP (1)

bzImage8 (676865) | more than 3 years ago | (#36119024)

UUCP over X.25 or over 300 bauds modems ? that were good times !!

More info from New Scientist (5, Interesting)

wjousts (1529427) | more than 3 years ago | (#36117900)

I was about to submit this from New Scientist [newscientist.com] :

If this newly discovered messaging method is a surprise to western intelligence, however, it means they may not have been monitoring the recipients of his USB-facilitated missives - possibly because Al-Qaida is thought to be using short-lived email addresses after an earlier trick of theirs was rumbled.

That trick? Before 9/11 some of the attackers evaded email surveillance by not sending email. Instead they used webmail services but saved messages as drafts - and then shared their logins with their co-conspirators.

Re:More info from New Scientist (1)

Chrisq (894406) | more than 3 years ago | (#36117918)

I was about to submit this from New Scientist [newscientist.com] :

If this newly discovered messaging method is a surprise to western intelligence, however, it means they may not have been monitoring the recipients of his USB-facilitated missives - possibly because Al-Qaida is thought to be using short-lived email addresses after an earlier trick of theirs was rumbled.

That trick? Before 9/11 some of the attackers evaded email surveillance by not sending email. Instead they used webmail services but saved messages as drafts - and then shared their logins with their co-conspirators.

Mow they just store it on their private facebook profiles.

Re:More info from New Scientist (5, Interesting)

mcmonkey (96054) | more than 3 years ago | (#36118194)

That trick? Before 9/11 some of the attackers evaded email surveillance by not sending email. Instead they used webmail services but saved messages as drafts - and then shared their logins with their co-conspirators.

That's pretty clever.

I've often wondered if some gibberish spam contains convert messages of nefarious intent. If you're a known bad guy and want to send email without identifying your cohorts to anyone watching, why not send the same message to thousands (or millions) of addresses? (Assuming your message is adequately coded/encrypted. You don't want to broadcast your plans in plain text.)

Even if the good guys know one of the recipients is a bad guy, they don't know which recipient, and burn a lot of resources eliminating the red herring.

Yes, I know supposedly those gibberish emails are for poisoning spam filters. At least, that's what they want you to believe.

I've thought the same about those spams that were sections of text from famous literature. Again, supposedly targeted to spam filters. Could be a signal for a terrorist in a sleeper cell to go to the local library, go to a certain book, open to a certain page, where the secret plans have been hidden.

Yes, I am convinced all spammers are terrorists.

Re:More info from New Scientist (1)

140Mandak262Jamuna (970587) | more than 3 years ago | (#36118842)

People that clever usually have enough smarts to get a decent job, make enough money for maher (bride price) for at least one wife. One bird in the hand is worth a lot more than 72 in the sky after death. So they usually don't turn suicide bombers.

In fact the stark raving lunacy and incompetence of the terrorists, people who could not set their pants on fire, is the reason why we are safe. Our safety is definetly not because of the mass gate rape by the TSA.

BTW we always append the suffix -gate to for any scandal. The TSA scandal at the airport gates would then be gategate?

Re:More info from New Scientist (1)

SomePgmr (2021234) | more than 3 years ago | (#36118882)

I've often wondered if some gibberish spam contains convert messages of nefarious intent.

I don't think that's the case. Money is a sufficient motivator.

Yes, I am convinced all spammers are terrorists.

Nevermind, I'd like to subscribe to your newsletter. :)

Re:More info from New Scientist (1)

Dr. Spork (142693) | more than 3 years ago | (#36119036)

A clever idea. Now when I communicate with all my terrorist buddies, the subject will always be something about V1agra and in the body there will be a GIF of something about "Online pharmacy". Then any gibberish text is bound to fly under every radar.

Or, if not - if the CIA really does have to hire some dweebs to sort through all gibberish spam - that's sure to hasten the inevitable death to America. [BTW, if this is being monitored, I should make clear that my "cell" confines its terrorist activities to our AD&D campaign. This is slashdot, after all.]

All this... (2)

steevven1 (1045978) | more than 3 years ago | (#36117908)

Yet he never discovered that flash drives are rewritable...

Re:All this... (2)

datapharmer (1099455) | more than 3 years ago | (#36117974)

More likely he didn't trust using them again after they were plugged into an internet cafe computer. Virus anyone?

Re:All this... (2)

UnknowingFool (672806) | more than 3 years ago | (#36118472)

I thought it was interesting that he didn't destroy those drives after using them.

Re:All this... (1)

khr (708262) | more than 3 years ago | (#36118902)

I thought it was interesting that he didn't destroy those drives after using them.

Maybe he expected that after he was successful and took over the world he'd have an archive of his communications to put in the equivalent of the presidential archives. Or planned on writing his memoirs when he got old, rich and famous...

This explains it then.. (4, Funny)

Anonymous Coward | more than 3 years ago | (#36117912)

Totally explains why he took forever to accept FB friend requests.

Thwarted? Hardly. (0)

Anonymous Coward | more than 3 years ago | (#36117920)

"...that thwarted the US government's best eavesdroppers despite having no Internet access in his hideout."

Didn't thwart a thing. Whether OBL emailed messages or one of his lackey minions, the CIA's spider software can scan all, sms, email and internet traffic.

 

Slashdot story (0)

Anonymous Coward | more than 3 years ago | (#36117952)

Does this place have to rip off stories from every source? It used to be "the source" for inside info. This looks ripped off from the Boing Boing article.

not news? (0)

Anonymous Coward | more than 3 years ago | (#36117962)

News for Nerds? Increasingly more like "news recycled days later from the regular press."

once one byte of fauxking unfacts is assimilated (0)

Anonymous Coward | more than 3 years ago | (#36117972)

anything else is not possible, until the truth re-emerges, in 2025. on to mebotuh, by way of babylon, to avoid climatic seismicity if possible. see you there? after the atmostfear is lifedead?

Re:once one byte of fauxking unfacts is assimilate (1)

Jaysyn (203771) | more than 3 years ago | (#36118204)

Gotta love schizophrenics.

Not the first, won't be the last (4, Interesting)

amw (636271) | more than 3 years ago | (#36118024)

Although people seem amazed about this, it's not the first time that this has happened.

Back in '98, I worked on a network where it was against Government regulations to connect it in any way to the Internet, and an 'air gap' was required between the two. I was one of a very small team that wrote a system (using Zip disks for storage) that pulled data from a mail server on our secure network and pushed it to a mail server on the Internet, and vice versa. It had very high latency - people were assigned to do the mail drop only twice a day - but it worked well.

Sneakernet? (1)

celticryan (887773) | more than 3 years ago | (#36118042)

Now, I may not be all in on the IT/Security lingo, but this seems to be over selling it a bit. Or at least giving it a much cooler name than it really is.

All he was doing was saving a text file and then having someone else email it from an internet cafe? I think a 10 year old could come up with this simple scheme. But I guess it was simple and effective.

Re:Sneakernet? (5, Informative)

x6060 (672364) | more than 3 years ago | (#36118088)

The term sneakernet harkens back to the early days of computing where the only way to get information was to put it on a disk and walk it over to another computer and load it there. Thus a network using your sneakers (your shoes) as the transportation method. So this would be partially true for this instance.

http://en.wikipedia.org/wiki/Sneakernet

Re:Sneakernet? (1)

celticryan (887773) | more than 3 years ago | (#36118132)

I figured it was a made up name, so I didn't bother to wiki it. Thanks for the info. It still sounds more cool than it really is.

Re:Sneakernet? (1)

x6060 (672364) | more than 3 years ago | (#36118174)

No worries, It does sound much cooler than just saying "I copied some crap to a thumb drive and went somewhere else with it."

Re:Sneakernet? (1)

gstoddart (321705) | more than 3 years ago | (#36118340)

I figured it was a made up name, so I didn't bother to wiki it. Thanks for the info. It still sounds more cool than it really is.

Oh, you so get geek demerit points ... the term sneakernet [wikipedia.org] is old ... like maybe the 70s.

Essentially, it is the same as any other packet switching network [wikipedia.org] ... like carreir pigeons [wikipedia.org] . :-P

Re:Sneakernet? (1)

mcmonkey (96054) | more than 3 years ago | (#36118886)

I figured it was a made up name, so I didn't bother to wiki it. Thanks for the info. It still sounds more cool than it really is.

As it is with most things geek-related.

Re:Sneakernet? (1)

MozeeToby (1163751) | more than 3 years ago | (#36119088)

Sneakernets are actually pretty cool, never under estimate the bandwidth of a truck full of hard drives. I mean sure, the latency is horrible, but 1000 2 Tbyte hard drives at 60 mph will achieve ludicrous transfer rates even driving halfway across the continent.

Re:Sneakernet? (0)

Anonymous Coward | more than 3 years ago | (#36118654)

Wouldn't it have been more of a sandalnet?

Re:Sneakernet? (1)

LordStormes (1749242) | more than 3 years ago | (#36118672)

Camelnet? Bombed-out Yugo-net? Predator-net?

Re:Sneakernet? (0)

Anonymous Coward | more than 3 years ago | (#36118140)

From Wikipedia:

Sneakernet is a slang term describing the transfer of electronic information, especially computer files, by physically couriering removable media such as magnetic tape, floppy disks, compact discs, USB flash drives, or external hard drives from one computer to another. This is usually in lieu of transferring the information over a computer network. The name is a tongue-in-cheek reference to sneakers.

Re:Sneakernet? (0)

Anonymous Coward | more than 3 years ago | (#36118170)

sneakernet is not a new term. It is at least 10 years old. When the network was down in college we joked about having to use the sneakernet to transfer our work to different computers.

Its refering to using sneakers (the shoe) to move data around not sneaking it to the computer.

Re:Sneakernet? (0)

Anonymous Coward | more than 3 years ago | (#36118324)

I prefer sandalnet

Re:Sneakernet? (1)

oobayly (1056050) | more than 3 years ago | (#36118988)

AC because you wear socks too?

PGP (1)

tm2b (42473) | more than 3 years ago | (#36118082)

All I can say is that I am glad he wasn't sophisticated enough to use PGP with a strong passphrase.

Re:PGP (1)

tm2b (42473) | more than 3 years ago | (#36118198)

I should add - or if he did, his passphrase must have been on a post-it next to his computer.

Re:PGP (1)

Fnkmaster (89084) | more than 3 years ago | (#36118798)

Something tells me when they heard that RSA encryption was named after Rivest, Shamir and Adleman they would think it was part of a Jewish conspiracy.

Such an intricate plan... (5, Funny)

pushing-robot (1037830) | more than 3 years ago | (#36118102)

"Hey, are you headed to the Internet cafe? Could you send this for me? I'd love to go myself, but you know, the $25000000 bounty..."

"You ALWAYS use that excuse! 'I'd love to go to the grocery store, but my bounty...I'd love to go to the laundromat, but my bounty...'"

"Oh, and could you print out the latest Digg articles?"

"...fuck it, I'm calling the Americans."

He wasn't (1)

meglon (1001833) | more than 3 years ago | (#36118136)

.... trying to be covert on his emails, he was just THAT tired of spam.

discount pandora jewelry 925 wholesale (-1)

Anonymous Coward | more than 3 years ago | (#36118166)

Our site is the place online to find AUTHENTIC Pandora Jewelry [wholesale-...ewelry.com] , pandora bracelets [wholesale-...ewelry.com] , pandora charms [wholesale-...ewelry.com] . We are an AUTHORIZED Pandora Jewelry retailer. We carry a large inventory of Pandora Beads, Charms, Bracelets and other Pandora Jewelry to assure your order is shipped as soon as possible. We offer the best prices allowed online for genuine Pandora Jewelry. We’ve been in business for many years and promise you superior customer service and fast shipping on all orders!

wholesale pandora bracelet [wholesale-...ewelry.com] now!

yet he did not encrypt? (1)

BigGerman (541312) | more than 3 years ago | (#36118270)

courier could have been pasting just PGP armoured blobs. Or maybe he did encrypt buy his password was "infidel".

Microsoft Word (0)

Anonymous Coward | more than 3 years ago | (#36118332)

Who wants to wager what OS/software he used to compose his emails?

Re:Microsoft Word (1)

partyguerrilla (1597357) | more than 3 years ago | (#36119086)

How does this matter at all? You GNUkids seriously need to shut the fuck up from time to time.

I'm a privacy advocate, but... (1)

gosand (234100) | more than 3 years ago | (#36118384)

I can certainly see why there would be the need to disclose personal information about some of the recipients/senders of these email exchanges.
Of course, knowing that Bin Laden is no dummy, you have to wonder if any of them are faked. You know he had plenty of time to plan all kinds of things out.. so why not fake a few of them to stick it to his enemies after he's gone? He had to know that he'd eventually be caught and misinformation can be just as powerful as information.

Fantastic. (1)

straponego (521991) | more than 3 years ago | (#36118460)

Now the TSA will demand to inspect, copy, or seize removable media crossing such vulnerable public infrastructure as airports, train and bus stations, and sidewalks. Schumer and Lieberman will introduce legislation to require 3G transmitters in all thumb drives.

This isn't *that* great (2)

brit74 (831798) | more than 3 years ago | (#36118566)

> "thwarted the US government's best eavesdroppers despite having no Internet access in his hideout."

So, here's my question: by having an intermediary go to the internet cafe, Bin Laden could avoid being seen. However, how does this avoid eavesdropping? It seems to me that if they ever find one of Bin Laden's emails (by sniffing packets or by capturing one of his email targets and tracing back his email to the original IP address), then you could get back to the original internet cafe. Depending on the number of internet cafes in the area, you could start monitoring traffic and figure out which guy was sending them. Then, you could follow the guy to see where he went, which would lead you to Bin Laden. Also, if you infect the computers in the local internet cafes with a keylogger, you could get into Bin Laden's email accounts. By using the intermediary, Bin Laden only added a step or two to the whole procedure and avoided being seen in an internet cafe himself. It wasn't some sort of foolproof method for sending emails.

Glad to see they are not technologically savvy... (1)

Lumpy (12016) | more than 3 years ago | (#36118606)

The same could be done if you got a massive botnet out there. send your encrypted payload, it bounces around the world for a while before getting sent. also have random hacked email servers used as incoming points...

"bin.laden@sales.cisco.com" would be used this week, "deathtoamerica@whitehouse.com" for next week, etc......

there are a lot of ways to stay ahead of the feds while being online. The courier setup is a nice old skool setup.. have level 1 couriers hand off to level2, who hands off to level 3 who does the email send and retrieve, and then hands off to courier level 4 who hands to a different level 3 who get's it to level 2., etc.... but people can be followed and tracked because they are not random. you CAN randomize internet traffic if you set up a good botnet and a set of lightly hacked servers.

You can easily hack a server and put something in there that is NOT causing problems but acts as a relay for a S2S comms channel to hand off communication in a round robin or even random way. and if it's small messages like email it could go un-noticed on a server for years.

Kind of like old school hacker tricks we used to use in the 80's and 90's. back to back modems on a timer in office buildings as a data relay point to hide your location. Call into ABC insurance fax line 1 after 2am and the modem answers, send the ATDT command to connect out Zimmer Imports voice line to the next hop... I had some that went undetected for a very long time. In fact I'll bet there are a couple that I personally placed that are still there but inactive because of the phone lines being disconnected..

Re:Glad to see they are not technologically savvy. (1)

SomePgmr (2021234) | more than 3 years ago | (#36119106)

You can easily hack a server and put something in there that is NOT causing problems but acts as a relay for a S2S comms channel to hand off communication in a round robin or even random way. and if it's small messages like email it could go un-noticed on a server for years.

His method worked for 10 years with none of that work. You have to remember that Bin Laden is not an uber l33t haxxor or anything. The botnet method you describe would involve the inclusion of people unlike the sort he'd normally trust anyways, probably a money trail, intermediaries, etc. All weaknesses. And it's not like they never find people who create and manage botnets as it is. Imagine how fast we'd infiltrate each botnet and catch every operator if they were, "Enemy of the World #1".

It's strange to use an internet cafe (1)

Dr. Spork (142693) | more than 3 years ago | (#36118816)

It would be a lot easier to wardrive around and log into open wireless access points, or hack into weakly secured ones. Internet cafes in Pakistan could easily have CIA cameras, or at minimum witnesses who could identify you in a photo lineup. I'm pretty sure that the CIA is working with Microsoft to take a closer look at low-usage or short-lived Hotmail accounts opened from Pakistani, Afghani and Yemeni internet cafe IP addresses. That wouldn't even be such a hard thing to do.

Re:It's strange to use an internet cafe (1)

hibiki_r (649814) | more than 3 years ago | (#36118912)

The CIA has a nice budget, but not THAT good a budget: Something that big and that overt is not only expensive, but it'd easily leak.

Re:It's strange to use an internet cafe (1)

HazMathew (207212) | more than 3 years ago | (#36119032)

It's easier to get a car and a laptop and then proceed to drive around Pakistan looking for open wireless networks than to walk into an internet cafe in disguise, pay in cash and plug in a thumb drive???

UUCP (0)

Anonymous Coward | more than 3 years ago | (#36118956)

The first thing that came to my mind when I started reading the article was UUCP.

Send an e-mail from the MUA, have the MTA save it to a directory, copy the files to portable device, move it, copy it to the 'destination' directory, and have the remote MTA process the queue.

What is up with all this info? (0)

Anonymous Coward | more than 3 years ago | (#36118966)

Yeah, it's interesting.

But whomever thinks it is great to just leak all this hard won intel ... should be keel hauled.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?