Facebook and other big tech companies aren’t the only ones who can create apps for encrypted communication.
ISIS has a new Android app for exchanging secure messages, joining another app that distributes propaganda and recruiting material, according to a counterterrorism network called the Ghost Security Group.
Last month, Ghost Security and others, observed ISIS members using private messages on the Telegram app and direct messages on Twitter to send followers to a site (since vanished) to download the Amaq Agency app.
“The application’s primary purpose is for propaganda distribution. Using the app you are able to follow the most recent news and video clips.” Ghost Security representatives told Defense One. The Amaq Agency has known ties to Islamic State and issued statements in support of the attackers in the recent California shootings before all the details were publicly available. .
The app joins ISIS’ other known methods of communication to individuals and groups. Among their favorite is Telegram, the a messaging app created by Pavel Durov, a Russian entrepreneur residing in Germany.
Immediately after the Paris attacks in November, credited to ISIS-affiliated gunmen, Telegram suspended 78 public ISIS-related channels in 12 languages. But Durov has made no promises that private chats could be shut down.
Here’s what today’s announcement from Ghost Security means if it’s true: even if FBI Director James Comey and others get their wish and providers of end-to-end encrypted communication are forced to put in back doors into their services or face banning, then ISIS would still have the ability to communicate securely, just not as securely as if they were using a service like Telegram or WhatsApp … at least not yet.
A small email provider and its customers have almost single-handedly forced the Swiss government to put its new invasive surveillance law up for a public vote in a national referendum in June.
“This law was approved in September, and after the Paris attacks, we assumed privacy was dead at that point,” said Andy Yen, co-founder of ProtonMail, when I spoke with him on the phone. He was referring to the Nachrichtendienstgesetzt (NDG), a mouthful of a name for a bill that gave Swiss intelligence authorities more clout to spy on private communications, hack into citizens’ computers, and sweep up their cellphone information.
The climate of fear and terrorism, he said, felt too overwhelming to get people to care about constitutional rights when people first started organizing to fight the NDG law. Governments around the world, not to mention cable news networks, have taken advantage of tragedy to expand their reach under the guise of protecting people, even in classically neutral Switzerland — without much transparency or public debate on whether or not increased surveillance would help solve the problem.
But thanks to the way Swiss law works — if you get together 50,000 signatures within three months of the law passing — you can force a nationwide referendum where every citizen gets a say.
By gathering its users and teaming up with political groups including the Green and Pirate parties, as well as technological and privacy advocates including Chaos Computer Club Switzerland and Digitale Gesellschaft Switzerland, ProtonMail was able to collect over 70,000 signatures before the deadline.
The new law is the first of two surveillance laws that have been circulating through the Swiss Parliament. The NDG law was fully passed in September, but can’t take full effect until after the referendum vote in June.
The NDG would “create a mini NSA in Switzerland,” Yen wrote — allowing Swiss intelligence to spy without getting court approval. It would authorize increased use of “Trojans,” or remote hacking tactics to investigate suspects’ computers, including remotely turning on Webcams and taking photos, as well as hacking abroad to protect Swiss infrastructure. It would legalize IMSI catchers, or Stingrays, which sweep up data about cellphones in the area.
The second law, known as the “BÜPF,” might come up for a vote in the Parliament’s spring session, but may be revised or delayed. The BÜPF would expand the government’s ability to retain data for longer, including communications and metadata, as well as deputize private companies to help spy on their users, or face a fine.
ProtonMail, created by scientists and engineers with know-how in particle physics, software, cryptology, and civil liberties, provides unbreakable end-to-end encryption by default to its users for free — making it easy for ordinary people to protect their communications and preserve their anonymity.
With end-to-end encryption, only the person who sends the message and the person who receives it can access the content; not even the company can see what was written. Encryption protects transactions on the internet, so that criminals can’t read messages, steal credit card information, or impersonate others.
The Swiss surveillance bill does not compel ProtonMail to decrypt its users’ communications, so if the Swiss intelligence service forces it to hand over data, all the intelligence service will get is gobbledygook. But ProtonMail still feels the measure threatens Swiss privacy — something the company hopes to defend, regardless of its bottom line.
In June the European Commission will propose new legislation to effectively end the possibility of anonymous payment, by forcing users of virtual currencies like Bitcoin, and of prepaid credit cards, to provide identity details. Additionally the EC intends to propose monitoring inter-bank transfers within Europe
Though the proposed measures are intended to heap new pressure on the financing of terrorism, a report from Interpol last week concluded that terrorist funding methods have not changed substantially in recent years
In June the European Commission will propose new measures which will effectively end the possibility of staying anonymous while using virtual currencies such as Bitcoin and prepaid credit cards. The mooted legislation is intended to fight the funding of terrorism, in spite of a report from Europol less than a week ago which found no fundamental change in the way terrorism is funded in recent years, or any particular connection with virtual currencies.
In December the EC proposed a Directive on combatting terrorism [PDF] criminalising terrorist financing techniques, as well as training and travel for terrorist purposes. In May 2015 the EU adopted the Fourth Anti-Money Laundering Package, and the new regulations are intended to bring virtual currencies and prepaid cards – and, in effect, any ‘burner’-style anonymous currency methods – under the terms of that legislation, with full oversight.
The ‘Bitcoin-ban’ will effectively prevent Bitcoin from being turned back into ‘real money’ within the EU, and the primary effect such legislation is likely to have will be in the area of illicit purchases from the ‘dark net’, where users can currently purchase drugs to be posted to an address of their choice from the various outlets that survived the fall of the Silk Road deep web narcotics websites.
France had asked for all this and more
The Treasury Department report concludes that ‘The evidence available indicates that digital currencies have been used by illicit actors, but the information does not suggest that digital currencies have, at present, been widely adopted as a payment vehicle in the wider criminal community.’
Commission presents Action Plan to strengthen the fight against terrorist financing
The European Commission is today presenting an Action Plan to strengthen the fight against the financing of terrorism. http://europa.eu/rapid/press-release_IP-16-202_en.htm
The recent terrorist attacks in the European Union and beyond demonstrate the need for a strong coordinated European response to combatting terrorism. The European Agenda for Security had identified a number of areas to improve the fight against terrorist financing. Today’s comprehensive Action Plan will deliver a strong and swift response to the current challenges, building on existing EU rules and complementing them where necessary. Through concrete measures, it will adapt or propose additional rules to deal with new threats.
Vice-President Valdis Dombrovskis, in charge of the Euro and Social Dialogue, said: “With today’s Action Plan we are moving swiftly to clamp down on terrorist financing, starting with legislative proposals in the coming months. We must cut offterrorists’ access to funds, enable authorities to better track financial flows to prevent devastating attacks such as those in Paris last year, and ensure that money laundering and terrorist financing is sanctioned in all Member States. We want to improve the oversight of the many financial means used by terrorists, from cash and cultural artefacts to virtual currencies and anonymous pre-paid cards, while avoiding unnecessary obstacles to the functioning of payments and financial markets for ordinary, law-abiding citizens.”
Preventing the movement of funds and identifying terrorist funding
Terrorists are involved in a variety of both licit and illicit activities to finance terrorist acts. Tracking financial flows can help to identify and pursue terrorist networks. New financial tools and payment modes create new vulnerabilities that need to be addressed. Closing off options for terrorism funding is crucial for security, but measures in this field may also touch on the lives and the economic activity of citizens and companies throughout the EU. This is why the Commission’s proposals will balance the need to increase security with the need to protect fundamental rights, including data protection, and economic freedoms.
Jessica Guynn / USA Today:
Facebook pledges to fight against demands to weaken system security, Twitter adds its support to Apple in San Bernadino iPhone case
Facebook and Twitter sided with Apple in the public spat with the Obama administration over its refusal to help the FBI break into the iPhone of San Bernardino, Calif., shooter Syed Rizwan Farook.
Facebook warned that a federal judge’s order this week to force Apple bypass security functions on the iPhone used by Farook, one of the assailants in the December mass shootings in San Bernardino, Calif., that killed 14 people, would set a “chilling precedent.”
The social media giant pledged to “fight aggressively” against government efforts to “weaken the security” of consumer tech products.
“We condemn terrorism and have total solidarity with victims of terror. Those who seek to praise, promote, or plan terrorist acts have no place on our services. We also appreciate the difficult and essential work of law enforcement to keep people safe,” the statement reads. “When we receive lawful requests from these authorities we comply. However, we will continue to fight aggressively against requirements for companies to weaken the security of their systems. These demands would create a chilling precedent and obstruct companies’ efforts to secure their products.”
French authorities still have not been able to break encryption on the cell phones of the Paris attackers because tech companies won’t cooperate, French Interior Minister Bernard Cazeneuve told CNN.
The U.S. has been pressuring Apple to allow access to a phone connected to the San Bernardino, California, terror attack, and France, too, is accusing Apple and other corporations of making it harder to prevent terror attacks by resisting breaking encryption on the electronic devices of known and suspected terrorists.
Back door could provide clues
Unlocking the two phones found at Stade de France, one of the targets of the deadly rampage on November 13 in the French capital, could help investigators unveil any contacts the attackers had with other ISIS sympathizers and provide clues to how the attacks were planned and carried out.
French authorities have not reached out to Apple to request access to the Paris attackers’ cellphones, an industry executive told CNN.
Like a “Swiss bank account in their pocket”
Obama also spoke to the issue of technology companies and encryption at the SXSW conference in Austin, Texas, Friday.
“The question we now have to ask is, if technologically it is possible to make an impenetrable device or system where the encryption is so strong that there’s no key, there’s no door at all, then how do we apprehend the child pornographer? How do we solve or disrupt a terrorist plot?” he asked.
“If in fact you can’t crack that at all, government can’t get in, then everybody’s walking around with a Swiss bank account in their pocket,” he said.
Highlighting the central role of online communications to ISIS recruiting and operations, Cazeneuve said later at a speech at George Washington University, “Most of the new jihadists who have travelled or are seeking to travel to Syria or Iraq were radicalized online.”
In the wake of the Paris attack, intelligence officials and sympathizers upset by the Edward Snowden leaks and the spread of encrypted communications have tried to blame Snowden for the terrorists’ ability to keep their plans secret from law enforcement.
Yet news emerging from Paris — as well as evidence from a Belgian ISIS raid in January — suggests that the ISIS terror networks involved were communicating in the clear, and that the data on their smartphones was not encrypted.
Investigators found crates’ worth of disposable cellphones. All around Paris, they found traces of improved bomb-making materials. And they began piecing together a multilayered terrorist attack that evaded detection until much too late.
In the immediate aftermath of the Paris terror attacks on Nov. 13, French investigators came face to face with the reality that they had missed earlier signs that the Islamic State was building the machinery to mount sustained terrorist strikes in Europe.
Now, the arrest in Belgium on Friday of Salah Abdeslam, who officials say was the logistics chief for the Paris attacks, offers a crucial opportunity to address the many unanswered questions surrounding how they were planned. Mr. Abdeslam, who was transferred to the penitentiary complex in Bruges on Saturday, is believed to be the only direct participant in the attacks who is still alive.
They exploited weaknesses in Europe’s border controls to slip in and out undetected
French officials have repeatedly warned that more strikes are possible, saying security and intelligence officials cannot track all the Europeans traveling to and from Islamic State strongholds in Syria and Iraq. And Western intelligence officials say their working assumption is that additional Islamic State terrorism networks are already in Europe.
The reason the terrorist group uses this particular explosive, experts say, is the availability of the ingredients. But creating an effective bomb can be tricky
“To make an effective TATP bomb requires real training”
Disposable Phones
As the bodies of the dead were being bagged, the police found a white Samsung phone in a trash can outside the Bataclan.
It had a Belgian SIM card that had been in use only since the day before the attack. The phone had called just one other number — belonging to an unidentified user in Belgium. Another new detail from the report showed that in the phone’s photo album police found images of the concert hall’s layout, as well as Internet searches for “fnacspectacles.com,” a website that sells concert tickets; “bataclan.fr“; and the phrase “Eagles of Death at the Bataclan.”
Everywhere they went, the attackers left behind their throwaway phones
Most striking is what was not found on the phones: Not a single email or online chat from the attackers has surfaced so far.
Even though one of the disposable phones was found to have had a Gmail account with the username “yjeanyves1,” the police discovered it was empty, with no messages in the sent or draft folders. It had been created on the afternoon of the attacks from inside the Appart’City budget hotel.
Republican South Carolina Sen. Lindsey Graham renewed his calls on technology companies to give law enforcement entry into its encrypted information to fight terrorism. His message to Silicon Valley: “Change your business model tomorrow.”
Graham said encryption on consumer devices is leaving the U.S. vulnerable to attacks. He cited an incident from May of this year when two gunmen opened fire outside a Prophet Muhammad cartoon contest in Garland, Texas. The FBI argued encryption stymied the probe.
“Here is my message to Silicon Valley,” Graham said. “Change your business model tomorrow.”
The senator’s challenge isn’t new, but the terror attacks in San Bernardino and Paris, just weeks apart, have heightened the rhetoric, with encryption coming to the forefront. Still, critics argue the tech industry itself has become a convenient political mark.
Apple, Google and Facebook have all been under mounting pressure to create backdoor keys that would allow law enforcement access to encrypted communications. The companies maintain that this change would make consumers vulnerable to hackers and cyber crime.
A message purportedly sent to supporters of the Islamic State over the anonymous messaging app Telegram on Tuesday warned the group’s “brothers in Belgium” to avoid social media, use “encryption” to communicate and to “keep [a] low profile until the heat dies down.”
Minutes after the Islamic State claimed responsibility for deadly terror attacks in Brussels on Tuesday, the militant group’s cybersecurity experts began advising jihadists still in Belgium on how to stay safe and beat police and intelligence investigations.
Since Tuesday’s deadly bombings in Brussels, it’s come to light that Belgium’s security and intelligence services either missed or overlooked several clues that may have led them to the attackers — and questions about authorities’ actions are piling up.
The deadly attacks struck the heart of the European Union — right under the nose of law enforcement — despite high security measures already in place after the Paris attacks in November and a flurry of police activity in Brussels in recent days. What went wrong?
Suspects were already on law enforcement’s radar
The fact that the suspects were on Belgian authorities’ radar well before Tuesday’s bombings — some even before the Paris attacks — and yet were able to evade capture raises serious questions about their ability to gather intelligence.
Belgium’s security forces and counterintelligence services have reportedly been overwhelmed by the terror investigations following the Paris attacks, with few resources at their disposal to uncover or disrupt existing plots.
William Hague, the Conservative former Foreign Secretary, has claimed that the latest Brussels terrorist attacks “show the need to crack terrorist communications.”
Writing in The Telegraph, Hague claimed that the stand-out detail from the attacks in Brussels was “the communications discipline of those responsible.”
Since the attacks, the Belgian authorities have claimed that the murderers used pre-paid disposable phones, which were untraceable by any surveillance on their financial accounts. Subsequently, it was not possible to monitor the terrorists through regular communications surveillance.
Hague – who, as Foreign Secretary, held ministerial responsibility for MI6 – wrote that “the mobile phones they carried had evidently not been used before and showed no record of texts, chat or emails” – but such “discipline” should not surprise us, he said, as “every mastermind of terrorism or organised crime” had been tipped off about operational security by Edward Snowden.
The use of pre-paid phones, also known as “disposable” or “burner” phones, as part of an criminal organisations’ operational security against communications surveillance, was, in fact, publicised a decade before the Snowden revelations in the television show The Wire.
curious claim that: “Whatever means of co-ordination [the Brussels attackers] used, it was sufficiently private or encrypted that the authorities do not seem to have been aware of it.”
In the wake of Paris, San Bernardino, and now Brussels, the encryption debate has become such a potent cocktail of horror, idiocy, and farce that it has become hard to tease out any rational threads of discussion. There is so much stupidity that I hardly know where to begin; but let’s start with the farce. Everybody loves a farce, right?
To recap: immediately after the San Bernardino attack, the FBI acquired the attacker’s work phone, which (unlike his personal phone) he had not bothered to destroy, and promptly locked themselves out of it. Months later, they / the San Bernardino DA decided to try to use the 200-year-old All Writs Act to force Apple to hack into it, claiming — I am not making this up —
” The seized iPhone may contain evidence that can only be found on the seized phone that it was used as a weapon to introduce a lying dormant cyber pathogen that endangers San Bernardino’s infrastructure”
Can we all just pause for a moment to bask, once again, in the breathtaking idiocy of that statement?
So did sanity return to the discussion? Did it hell. First, word broke out that the US government is seriously considering attempting to legally force WhatsApp to cripple its end-to-end encryption in the name of wiretaps
Then, days after the awful attacks on Brussels, the New York Times — which had previously published-and-then-retracted quotes from anonymous sources who (completely wrongly) blamed the Paris attacks on encryption
Let me explain. First, many of my pro-encryption, anti-back-door allies are arguing from a nakedly American-libertarian, government-oversight-is-bad stance.
And, indeed, if we were to have back doors / escrowed keys, I prefer his partner Albert Wenger’s approach — a unique key for every single device — to a master “golden key” that would open everything. (This doesn’t mean I think that this is remotely a good idea, though;
Second, my pro-encryption allies keep yammering on, loudly and pointlessly, about how what’s happening today is just another version of the “crypto wars” that were fought in the 90s. That may well be the case.
What we should be talking about, loudly and ceaselessly, is the fact that even if the tech industry did give the government everything they wanted, this would be completely ineffective. We need to explain this as often as we can
encryption is not a munition
Anyone who wants strong end-to-end encryption can get it, for free, with very little effort. Some people seem to have a misconception that Apple’s encryption is especially strong. It isn’t. The state-of-the-art of end-to-end encryption software is Signal, which is free and open-source. (WhatsApp adopted their technology.)
The day Apple allows any government to insist on back doors is the day every remotely competent bad actor in the world switches to third-party encrypted apps which require their own separate access codes.
Any attempt to fight encryption with back doors is Whack-a-Mole with an infinite number of moles, unless the powers that be are willing to expand it into an all-out war on general-purpose computing.
But guess who will be affected by back doors on default / widely used messaging systems? Everyone else who uses them — ie all the innocent ordinary people — because adding back doors, again by definition, hurts everyone’s security. (There is a long, sad, compelling history of “secure” back doors ultimately being used for unauthorized access. Even mighty Google has been successfully attacked in that way — by the Chinese, no less.)
Let’s focus on how encryption is merely math, which anyone can do, and let’s explain how world-class “military-grade” implementations of that math are already available, for free, to anyone and everyone.
If you understand technology, there were a lot of things hard to explain on Star Trek.
Remote sensing would have a very distinct use in today’s world: finding terrorist bombs earlier. A recent article published on New Scientist by [Debora MacKenzie] points out that stopping attacks like the recent one in Brussels is difficult without increasing congestion. For example, putting checkpoints at doors instead of inside transit stations is common in Asia, but causes lines and delays.
Airport security focuses on keeping explosives off planes. Hospital-like CT scanners and X-ray diffraction machines peer into checked luggage as it moves through the bowels of airports. Passengers line up to pass through metal-detectors and be swabbed for explosives. But the Brussels attackers targeted the busy check-in area – where no security checks take place.
How do we prevent a repeat attack? Moving check-points to the front doors is one solution; metal detectors and pat-downs are ubiquitous at airport entrances across Asia. But it would mean further delays, and create new lines of people that could be targeted.
One solution, say security researchers, is to keep people moving, and scan them remotely as they pass through the building.
So how else can we stop explosives getting to crowds of people? “The technologies are either imagers or sniffers,”
Unfortunately, imagers can be tricked. Explosives can be moulded to look like ordinary objects
Sniffers are harder to fool. Dogs are the best, says Jenkins, but they are hard to use on a large scale.
There are other ways to detect explosives remotely. Rather than analysing captured molecules – like the failed puffers – the Lincoln Laboratory at the Massachusetts Institute of Technology has turned to lasers to “sniff” explosives from a distance.
Lasers are also the main ingredient of a gun-shaped device called G-Scan, developed by Laser Detect Systems of Ramat Gan in Israel. This fires a green laser at a target then uses Raman spectroscopy to identify the molecules that are scattered back.
Detecting explosive material from a distance would let security services search for bomb-making materials – not just finished weapons.
On Tuesday, the Times reporter Rukmini Callimachi published the latest in a series of blockbuster stories about the inner workings of the Islamic State. The piece focussed on the logistics of the group’s deployment of terrorists in Europe, but also included a significant revelation in an ongoing debate about encryption. In ISIS’s training and operational planning, Callimachi reported, the group appeared to routinely use a piece of software called TrueCrypt. When one would-be bomber was dispatched from Syria to France, Callimachi writes, “an Islamic State computer specialist handed him a USB key. It contained CCleaner, a program used to erase a user’s online history on a given computer, as well as TrueCrypt, an encryption program that was widely available at the time and that experts say has not yet been cracked.”
TrueCrypt and programs like it were the primary means for securing files and disks by those with a privacy bent of whatever stripe. Free to download and relatively user-friendly, TrueCrypt has been considered by experts to be among the strongest file-encryption programs available, since its release in 2004.
Without the user’s password, the software has long been viewed as uncrackable. Included in the information that Edward Snowden provided to Glenn Greenwald, Laura Poitras, and other reporters in 2013 was a document showing that the National Security Agency had “major problems” breaking TrueCrypt.
The genesis of TrueCrypt turns out to be as full of intrigue as the uses of it. The encryption software came up in my own reporting, in a story I’ve been researching for two years about a programmer named Paul Le Roux, who built a global drug, arms, and money-laundering cartel out of a base in the Philippines.
Both E4M and its progeny, TrueCrypt, are “open source” software. Their code is available to anyone to examine or to build upon, with some restrictions. The developers who expanded upon E4M to improve and maintain TrueCrypt over the years have remained anonymous. “The origin of TrueCrypt has always been very mysterious,”
In May, 2014, however, the anonymous developers behind TrueCrypt abruptly announced on their Web site that they would no longer support—or vouch for the security of—the software. Theories abound in the encryption community as to why
TrueCrypt shows is how impractical those back doors and requests are. TrueCrypt is an open-source program, maintained by mysterious, anonymous developers who are generally assumed to be outside the U.S. They likely have no legal incentive to help any government, and every practical incentive not to.
We now know that the original creator of E4M was not a company looking to curry favor with the U.S. government, but a man who went on to become one of its most wanted criminals. Negotiating back doors with such developers is almost certainly not an option. And TrueCrypt is just one of many open-source encryption programs available.
In 2015, Green and some colleagues completed a security audit of TrueCrypt, concluding that, the developers’ shutdown notwithstanding, the software remained secure from back doors or cracking. ISIS certainly seems to think so.
A warning message went to the wrong address – four minutes later exploded in the subway
The police tried to close after the metro Brussels airport attack, but the e-mail went to the wrong address. Four minutes later Maalbeekin metro station exploded. Decuyper never seen a message because it was sent to his personal email address and not to work mail.
Key question has become, how it was possible that the subway network was still operating at 9.11, or more than one hour after the Zaventem airport attack.
They talk on Telegram and send viruses to their enemies. BuzzFeed News’ Sheera Frenkel looks at how ISIS members and sympathizers around the world use the internet to grow their global network.
What he wasn’t expecting was to wake up on the morning of March 29 to a virus planted by ISIS within a seemingly innocuous email attachment.
“Everything about this looked like a real email, sent from the admin of my own website. It looked safe, but it was not. They were trying to get my login information, my passwords. They were trying to get things that could have put real lives in danger,” said Abu Majad, who asked that his nickname be used instead of his real name to protect himself and his remaining family in Syria from reprisal attacks by ISIS. “It was very clever. When I saw it I thought to myself, Shit, now they are professional hackers?”
Cybersecurity experts and intelligence agencies who monitor ISIS say the malware is just one more sign that ISIS is growing more sophisticated in its use of the internet.
“I don’t think it is far-fetched to say that the internet is a major reason why ISIS is so successful, and so worrying, as far as global terror movements go,” said one U.S. intelligence officer, who spoke to BuzzFeed News in Washington, D.C., and asked not to be named as he wasn’t authorized to speak to the press. “They have always been ‘good’ at the internet, at the strategy of how they use it. Now they are smarter at the internet too.”
Many of the world’s major intelligence agencies are trying to figure out just how ISIS uses the internet.
“ISIS has been targeting sites that are outspoken against ISIS,”
“Malware, phishing campaigns, DDoS attacks are all things I have seen,” he said. “Now, these dropper attacks are new and are more sophisticated. What we see is the group growing and evolving their capabilities. What we are seeing is worrying.”
Here’s an example of a conversation on a private ISIS channel on the messaging app Telegram on a recent Sunday afternoon:
“brother r u use VPN for site?”
“no brother, that is shit. use tor.”
“tor is creation of CIA. avoid tor.”
“so use vpn?”
“lol, no there is something else”
These sorts of exchanges appear daily on Telegram
The advice is meant to keep ISIS supporters safe, but for most it’s a confusing labyrinth of conflicting opinions.
“To be anonymous online is the most important thing so that we can safely help the jihad when the time comes,” Abu Jihad wrote BuzzFeed News in a private message on Telegram. He refused to give his real name or location. “The kuffars make it as hard as possible, but we always find a way to succeed,” he said, using a derogatory term for non-Muslims.
“There are rumours that our forums are infected,” said Abu Jihad. “But it is impossible for us to stay off of the internet.”
The internet is full of American and Israeli spies,” Abu Jihad wrote BuzzFeed in a private message, before asking for more details on where BuzzFeed News is based and whether it had a political agenda. “It’s well-known that most journalists are spies.”
A security expert who is only known online as “the grugq,” but whose blogs and tweets are widely read by cybersecurity experts, closely follows how ISIS communicates online. After reviewing the magazine, he told BuzzFeed News that he believed ISIS only had a limited understanding of how encryption works.
“The author believes encryption is a solution to every problem,” the grugq said in an email to BuzzFeed News, noting that it eschewed other techniques, such as teaching users how to be anonymous online by never revealing or entering into public forms personal details such as real names, birth dates, or countries of origin
The author is not clear on the real threats that jihadis actually face. The faith in crypto as a panacea to all the dangers faced by online jihadis demonstrates the shallowness of the author’s security understanding.”
“The main takeaway from this guide is that the author believes so strongly in encryption they think it will solve everything. It is the ignorant belief that ‘going dark’ is as simple as downloading TAILS. In the real world, nation state adversaries are not deterred by a little bit of crypto sprinkled here and there like OPSEC fairy dust,” he said.
“Generally the technical detail provided is impressive — not error-free, but remarkable for what after all is a general interest magazine for jihadis,”
“Even people who use these programs every day occasionally make mistakes. The processes described by ISIS are not intuitive.”
The attacks on Paris and Brussels ignited a global debate on encryption and terror.
On the one hand are certain intelligence agencies and governments, who say they missed signs of the attacks because ISIS was using the “dark web” to communicate, sending encrypted messages that intel agencies couldn’t crack. On the other hand are cybersecurity activists and experts, who say there is little evidence that sophisticated techniques were used by the attackers to mask their communication. (Quite the opposite, they argue: The attackers lived in the same apartment and used the old-school method of multiple burner phones.) And then there is the media, whose coverage of the issue has received intense scrutiny, with reports of ISIS sending encrypted emails scrubbed from the web just days after their publication, and unnamed sources giving conflicting evidence of how the attackers communicated.
After a rampage that left 14 people dead in San Bernardino, key U.S. lawmakers pledged to seek a law requiring technology companies to give law enforcement agencies a “back door” to encrypted communications and electronic devices, such as the iPhone used by one of the shooters.
Now, only months later, much of the support is gone, and the push for legislation dead, according to sources in congressional offices, the administration and the tech sector.
Draft legislation that Senators Richard Burr and Dianne Feinstein, the Republican and Democratic leaders of the Intelligence Committee, had circulated weeks ago likely will not be introduced this year and, even if it were, would stand no chance of advancing, the sources said.
Key among the problems was the lack of White House support
Orlando shooting suspect Omar Mateen was interviewed by the FBI in 2013 and 2014, FBI Assistant Special Agent Ronald Hopper told reporters Sunday. “Those interviews turned out to be inconclusive, so there was nothing to keep the investigation going,” Hopper said. Mateen was not under investigation at the time of Sunday’s shooting and was not under surveillance, Hopper said.
An American-born man who’d pledged allegiance to ISIS gunned down 50 people at a gay nightclub in Orlando — the deadliest mass shooting in the United States and the nation’s worst terror attack since 911, authorities said Sunday.
“We know enough to say this was an act of terror and act of hate,” President Obama said in an address to the nation from the White House.
Twitter accounts belonging to supporters of the Islamic State militant group (ISIS) have been hacked in the wake of the Orlando shooting, with jihadist content replaced with gay pride messages and links to gay pornography.
A hacker affiliated with the hacktivist collective Anonymous, who uses the online moniker WauchulaGhost, first began hijacking pro-ISIS Twitter accounts several months ago. Following the mass shooting at the Pulse gay nightclub in Orlando, Florida, on June 13, the hacker decided to replace ISIS imagery posted to the accounts with rainbow flags and pro-LGBT messages.
The vigilante hacker claims to have taken over 200 Twitter accounts belonging to ISIS supporters. However, many have since been taken down by Twitter.
Efe Kerem Sözeri / Vocativ:
Turkish government bans publication of news, interviews, visuals about Istanbul bombing — Once again, Turkey’s government has cracked down on media after a terror attack — Less than an hour after a coordinated suicide attack on Istanbul’s Ataturk Airport that left dozens dead and many more wounded …
Less than an hour after a coordinated suicide attack on Istanbul’s Ataturk Airport that left dozens dead and many more wounded, Turkey’s government resumed a tactic frequently seen since last summer: a gag order for the country’s media outlets. Less than an hour later, watchdog groups reported Twitter and Facebook were inaccessible inside the country.
The order, issued by the Turkish Prime Minister’s office on the grounds of “national security and public order,” bans sharing of any visuals of the moment of explosion, blast scene, emergency work, of the wounded and dead, or any “exaggerated narrative” about the scene. It also bans the act of sharing any information about the suspects.
The deadly assault by three suicide bombers on Istanbul’s Ataturk Airport once again shows the difficulty in averting terror attacks.
Terrorists targeted the 11th busiest airport in the world in a country that borders the ISIS-stronghold Syria, and it’s not hard to see why Ataturk posed an attractive soft target.
But what’s particularly unnerving about the latest incident is the regional aviation hub had a much tighter security system in place than many other airports.
Travelers using the airport are required to undergo double security screenings. One before they enter the international terminal building, and a second time after they go through passport control.
“There’s heavy security at the entrance to the international departures hall,” Ward said. “There’s a full screening process. You have an X-ray machine and you have to go through a metal detector. But in the arrivals hall, of course you don’t have that same level of security, so two of the attackers we believe went into the arrival halls.”
People going to the arrivals section on the bottom floor are required to go through metal detectors but are overseen only by a light guard presence.
What about the response from Turkish airport security as the tragedy unfolded?
France: Belgium did not tell me in time for the suspected terrorist
France Parliament blamed Belgium for not having given to France in time for their data on suspected terrorist.
MPs’ view of Paris on November terrorist attack in Salah Abdeslam second main suspect have been arrested immediately after the impact, if the man had been known at the background.
Abdeslam was caught in Belgium in March after four months of running off. He was handed over to France in April.
Abdeslam there is another terrorist attack in Brussels the prime suspect.
Belgium has been accused in the past shortcomings of protective measures, and the tracing of terror suspects.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.
We are a professional review site that has advertisement and can receive compensation from the companies whose products we review. We use affiliate links in the post so if you use them to buy products through those links we can get compensation at no additional cost to you.OkDecline
74 Comments
Tomi Engdahl says:
Patrick Tucker / Defense One:
Hacking collective Ghost Security Group says ISIS created its own encrypted messaging app
ISIS Has Built A Secure Messaging App
http://www.defenseone.com/technology/2016/01/isis-now-has-new-secure-messaging-app/125062/
Facebook and other big tech companies aren’t the only ones who can create apps for encrypted communication.
ISIS has a new Android app for exchanging secure messages, joining another app that distributes propaganda and recruiting material, according to a counterterrorism network called the Ghost Security Group.
Last month, Ghost Security and others, observed ISIS members using private messages on the Telegram app and direct messages on Twitter to send followers to a site (since vanished) to download the Amaq Agency app.
“The application’s primary purpose is for propaganda distribution. Using the app you are able to follow the most recent news and video clips.” Ghost Security representatives told Defense One. The Amaq Agency has known ties to Islamic State and issued statements in support of the attackers in the recent California shootings before all the details were publicly available. .
The app joins ISIS’ other known methods of communication to individuals and groups. Among their favorite is Telegram, the a messaging app created by Pavel Durov, a Russian entrepreneur residing in Germany.
Immediately after the Paris attacks in November, credited to ISIS-affiliated gunmen, Telegram suspended 78 public ISIS-related channels in 12 languages. But Durov has made no promises that private chats could be shut down.
Here’s what today’s announcement from Ghost Security means if it’s true: even if FBI Director James Comey and others get their wish and providers of end-to-end encrypted communication are forced to put in back doors into their services or face banning, then ISIS would still have the ability to communicate securely, just not as securely as if they were using a service like Telegram or WhatsApp … at least not yet.
Tomi Engdahl says:
How a Small Company in Switzerland Is Fighting a Surveillance Law — And Winning
https://theintercept.com/2016/01/25/how-a-small-company-in-switzerland-is-fighting-a-surveillance-law-and-winning/
A small email provider and its customers have almost single-handedly forced the Swiss government to put its new invasive surveillance law up for a public vote in a national referendum in June.
“This law was approved in September, and after the Paris attacks, we assumed privacy was dead at that point,” said Andy Yen, co-founder of ProtonMail, when I spoke with him on the phone. He was referring to the Nachrichtendienstgesetzt (NDG), a mouthful of a name for a bill that gave Swiss intelligence authorities more clout to spy on private communications, hack into citizens’ computers, and sweep up their cellphone information.
The climate of fear and terrorism, he said, felt too overwhelming to get people to care about constitutional rights when people first started organizing to fight the NDG law. Governments around the world, not to mention cable news networks, have taken advantage of tragedy to expand their reach under the guise of protecting people, even in classically neutral Switzerland — without much transparency or public debate on whether or not increased surveillance would help solve the problem.
But thanks to the way Swiss law works — if you get together 50,000 signatures within three months of the law passing — you can force a nationwide referendum where every citizen gets a say.
By gathering its users and teaming up with political groups including the Green and Pirate parties, as well as technological and privacy advocates including Chaos Computer Club Switzerland and Digitale Gesellschaft Switzerland, ProtonMail was able to collect over 70,000 signatures before the deadline.
The new law is the first of two surveillance laws that have been circulating through the Swiss Parliament. The NDG law was fully passed in September, but can’t take full effect until after the referendum vote in June.
The NDG would “create a mini NSA in Switzerland,” Yen wrote — allowing Swiss intelligence to spy without getting court approval. It would authorize increased use of “Trojans,” or remote hacking tactics to investigate suspects’ computers, including remotely turning on Webcams and taking photos, as well as hacking abroad to protect Swiss infrastructure. It would legalize IMSI catchers, or Stingrays, which sweep up data about cellphones in the area.
The second law, known as the “BÜPF,” might come up for a vote in the Parliament’s spring session, but may be revised or delayed. The BÜPF would expand the government’s ability to retain data for longer, including communications and metadata, as well as deputize private companies to help spy on their users, or face a fine.
ProtonMail, created by scientists and engineers with know-how in particle physics, software, cryptology, and civil liberties, provides unbreakable end-to-end encryption by default to its users for free — making it easy for ordinary people to protect their communications and preserve their anonymity.
With end-to-end encryption, only the person who sends the message and the person who receives it can access the content; not even the company can see what was written. Encryption protects transactions on the internet, so that criminals can’t read messages, steal credit card information, or impersonate others.
The Swiss surveillance bill does not compel ProtonMail to decrypt its users’ communications, so if the Swiss intelligence service forces it to hand over data, all the intelligence service will get is gobbledygook. But ProtonMail still feels the measure threatens Swiss privacy — something the company hopes to defend, regardless of its bottom line.
Tomi Engdahl says:
EU Proposes End of Anonymity For Bitcoin and Prepaid Card Users
http://yro.slashdot.org/story/16/02/02/224206/eu-proposes-end-of-anonymity-for-bitcoin-and-prepaid-card-users
In June the European Commission will propose new legislation to effectively end the possibility of anonymous payment, by forcing users of virtual currencies like Bitcoin, and of prepaid credit cards, to provide identity details. Additionally the EC intends to propose monitoring inter-bank transfers within Europe
Though the proposed measures are intended to heap new pressure on the financing of terrorism, a report from Interpol last week concluded that terrorist funding methods have not changed substantially in recent years
EU proposes end of anonymity for Bitcoin and prepaid card users
https://thestack.com/security/2016/02/02/eu-proposes-end-of-anonymity-for-bitcoin-and-prepaid-card-users/
In June the European Commission will propose new measures which will effectively end the possibility of staying anonymous while using virtual currencies such as Bitcoin and prepaid credit cards. The mooted legislation is intended to fight the funding of terrorism, in spite of a report from Europol less than a week ago which found no fundamental change in the way terrorism is funded in recent years, or any particular connection with virtual currencies.
In December the EC proposed a Directive on combatting terrorism [PDF] criminalising terrorist financing techniques, as well as training and travel for terrorist purposes. In May 2015 the EU adopted the Fourth Anti-Money Laundering Package, and the new regulations are intended to bring virtual currencies and prepaid cards – and, in effect, any ‘burner’-style anonymous currency methods – under the terms of that legislation, with full oversight.
The ‘Bitcoin-ban’ will effectively prevent Bitcoin from being turned back into ‘real money’ within the EU, and the primary effect such legislation is likely to have will be in the area of illicit purchases from the ‘dark net’, where users can currently purchase drugs to be posted to an address of their choice from the various outlets that survived the fall of the Silk Road deep web narcotics websites.
France had asked for all this and more
The Treasury Department report concludes that ‘The evidence available indicates that digital currencies have been used by illicit actors, but the information does not suggest that digital currencies have, at present, been widely adopted as a payment vehicle in the wider criminal community.’
Commission presents Action Plan to strengthen the fight against terrorist financing
The European Commission is today presenting an Action Plan to strengthen the fight against the financing of terrorism.
http://europa.eu/rapid/press-release_IP-16-202_en.htm
The recent terrorist attacks in the European Union and beyond demonstrate the need for a strong coordinated European response to combatting terrorism. The European Agenda for Security had identified a number of areas to improve the fight against terrorist financing. Today’s comprehensive Action Plan will deliver a strong and swift response to the current challenges, building on existing EU rules and complementing them where necessary. Through concrete measures, it will adapt or propose additional rules to deal with new threats.
Vice-President Valdis Dombrovskis, in charge of the Euro and Social Dialogue, said: “With today’s Action Plan we are moving swiftly to clamp down on terrorist financing, starting with legislative proposals in the coming months. We must cut offterrorists’ access to funds, enable authorities to better track financial flows to prevent devastating attacks such as those in Paris last year, and ensure that money laundering and terrorist financing is sanctioned in all Member States. We want to improve the oversight of the many financial means used by terrorists, from cash and cultural artefacts to virtual currencies and anonymous pre-paid cards, while avoiding unnecessary obstacles to the functioning of payments and financial markets for ordinary, law-abiding citizens.”
Preventing the movement of funds and identifying terrorist funding
Terrorists are involved in a variety of both licit and illicit activities to finance terrorist acts. Tracking financial flows can help to identify and pursue terrorist networks. New financial tools and payment modes create new vulnerabilities that need to be addressed. Closing off options for terrorism funding is crucial for security, but measures in this field may also touch on the lives and the economic activity of citizens and companies throughout the EU. This is why the Commission’s proposals will balance the need to increase security with the need to protect fundamental rights, including data protection, and economic freedoms.
https://www.europol.europa.eu/sites/default/files/publications/changes_in_modus_operandi_of_is_in_terrorist_attacks.pdf
http://ec.europa.eu/dgs/home-affairs/what-we-do/policies/european-agenda-security/legislative-documents/docs/20151202_directive_on_combatting_terrorism_en.pdf
Tomi Engdahl says:
Jessica Guynn / USA Today:
Facebook pledges to fight against demands to weaken system security, Twitter adds its support to Apple in San Bernadino iPhone case
Facebook, Twitter side with Apple in iPhone fight
http://www.usatoday.com/story/tech/news/2016/02/18/facebook-support-apple-iphone-san-bernardino-fbi/80578754/
Facebook and Twitter sided with Apple in the public spat with the Obama administration over its refusal to help the FBI break into the iPhone of San Bernardino, Calif., shooter Syed Rizwan Farook.
Facebook warned that a federal judge’s order this week to force Apple bypass security functions on the iPhone used by Farook, one of the assailants in the December mass shootings in San Bernardino, Calif., that killed 14 people, would set a “chilling precedent.”
The social media giant pledged to “fight aggressively” against government efforts to “weaken the security” of consumer tech products.
“We condemn terrorism and have total solidarity with victims of terror. Those who seek to praise, promote, or plan terrorist acts have no place on our services. We also appreciate the difficult and essential work of law enforcement to keep people safe,” the statement reads. “When we receive lawful requests from these authorities we comply. However, we will continue to fight aggressively against requirements for companies to weaken the security of their systems. These demands would create a chilling precedent and obstruct companies’ efforts to secure their products.”
Tomi Engdahl says:
French minister: Tech companies blocking access to Paris attackers’ phones
http://edition.cnn.com/2016/03/11/politics/apple-paris-terror-attacks-san-bernardino/
French authorities still have not been able to break encryption on the cell phones of the Paris attackers because tech companies won’t cooperate, French Interior Minister Bernard Cazeneuve told CNN.
The U.S. has been pressuring Apple to allow access to a phone connected to the San Bernardino, California, terror attack, and France, too, is accusing Apple and other corporations of making it harder to prevent terror attacks by resisting breaking encryption on the electronic devices of known and suspected terrorists.
Back door could provide clues
Unlocking the two phones found at Stade de France, one of the targets of the deadly rampage on November 13 in the French capital, could help investigators unveil any contacts the attackers had with other ISIS sympathizers and provide clues to how the attacks were planned and carried out.
French authorities have not reached out to Apple to request access to the Paris attackers’ cellphones, an industry executive told CNN.
Like a “Swiss bank account in their pocket”
Obama also spoke to the issue of technology companies and encryption at the SXSW conference in Austin, Texas, Friday.
“The question we now have to ask is, if technologically it is possible to make an impenetrable device or system where the encryption is so strong that there’s no key, there’s no door at all, then how do we apprehend the child pornographer? How do we solve or disrupt a terrorist plot?” he asked.
“If in fact you can’t crack that at all, government can’t get in, then everybody’s walking around with a Swiss bank account in their pocket,” he said.
Highlighting the central role of online communications to ISIS recruiting and operations, Cazeneuve said later at a speech at George Washington University, “Most of the new jihadists who have travelled or are seeking to travel to Syria or Iraq were radicalized online.”
Tomi Engdahl says:
Signs Point to Unencrypted Communications Between Terror Suspects
https://theintercept.com/2015/11/18/signs-point-to-unencrypted-communications-between-terror-suspects/
In the wake of the Paris attack, intelligence officials and sympathizers upset by the Edward Snowden leaks and the spread of encrypted communications have tried to blame Snowden for the terrorists’ ability to keep their plans secret from law enforcement.
Yet news emerging from Paris — as well as evidence from a Belgian ISIS raid in January — suggests that the ISIS terror networks involved were communicating in the clear, and that the data on their smartphones was not encrypted.
Tomi Engdahl says:
A View of ISIS’s Evolution in New Details of Paris Attacks
http://mobile.nytimes.com/2016/03/20/world/europe/a-view-of-isiss-evolution-in-new-details-of-paris-attacks.html?smid=tw-share&referer=&_r=2
Investigators found crates’ worth of disposable cellphones. All around Paris, they found traces of improved bomb-making materials. And they began piecing together a multilayered terrorist attack that evaded detection until much too late.
In the immediate aftermath of the Paris terror attacks on Nov. 13, French investigators came face to face with the reality that they had missed earlier signs that the Islamic State was building the machinery to mount sustained terrorist strikes in Europe.
Now, the arrest in Belgium on Friday of Salah Abdeslam, who officials say was the logistics chief for the Paris attacks, offers a crucial opportunity to address the many unanswered questions surrounding how they were planned. Mr. Abdeslam, who was transferred to the penitentiary complex in Bruges on Saturday, is believed to be the only direct participant in the attacks who is still alive.
They exploited weaknesses in Europe’s border controls to slip in and out undetected
French officials have repeatedly warned that more strikes are possible, saying security and intelligence officials cannot track all the Europeans traveling to and from Islamic State strongholds in Syria and Iraq. And Western intelligence officials say their working assumption is that additional Islamic State terrorism networks are already in Europe.
The reason the terrorist group uses this particular explosive, experts say, is the availability of the ingredients. But creating an effective bomb can be tricky
“To make an effective TATP bomb requires real training”
Disposable Phones
As the bodies of the dead were being bagged, the police found a white Samsung phone in a trash can outside the Bataclan.
It had a Belgian SIM card that had been in use only since the day before the attack. The phone had called just one other number — belonging to an unidentified user in Belgium. Another new detail from the report showed that in the phone’s photo album police found images of the concert hall’s layout, as well as Internet searches for “fnacspectacles.com,” a website that sells concert tickets; “bataclan.fr“; and the phrase “Eagles of Death at the Bataclan.”
Everywhere they went, the attackers left behind their throwaway phones
Most striking is what was not found on the phones: Not a single email or online chat from the attackers has surfaced so far.
Even though one of the disposable phones was found to have had a Gmail account with the username “yjeanyves1,” the police discovered it was empty, with no messages in the sent or draft folders. It had been created on the afternoon of the attacks from inside the Appart’City budget hotel.
Tomi Engdahl says:
Sen. Lindsey Graham Demands That Silicon Valley Offer Backdoors to Its Encrypted Information
http://recode.net/2015/12/09/sen-lindsey-graham-demands-that-silicon-valley-offer-backdoors-to-its-encrypted-information/
Republican South Carolina Sen. Lindsey Graham renewed his calls on technology companies to give law enforcement entry into its encrypted information to fight terrorism. His message to Silicon Valley: “Change your business model tomorrow.”
Graham said encryption on consumer devices is leaving the U.S. vulnerable to attacks. He cited an incident from May of this year when two gunmen opened fire outside a Prophet Muhammad cartoon contest in Garland, Texas. The FBI argued encryption stymied the probe.
“Here is my message to Silicon Valley,” Graham said. “Change your business model tomorrow.”
The senator’s challenge isn’t new, but the terror attacks in San Bernardino and Paris, just weeks apart, have heightened the rhetoric, with encryption coming to the forefront. Still, critics argue the tech industry itself has become a convenient political mark.
Apple, Google and Facebook have all been under mounting pressure to create backdoor keys that would allow law enforcement access to encrypted communications. The companies maintain that this change would make consumers vulnerable to hackers and cyber crime.
Tomi Engdahl says:
US Senate considers law forcing Twitter and Facebook to report ‘terrorist activity’
http://www.theverge.com/2015/12/9/9877852/tech-companies-report-terrorist-activity-bill
The bill was previously scrapped after objections that it would create a ‘Facebook Bureau of Investigations’
Tomi Engdahl says:
ISIS tech team warns ‘brothers in Belgium’ to avoid social media after Brussels attacks
http://mashable.com/2016/03/22/isis-encryption-brussels-attack/#YDqOtcKJ4PqI
A message purportedly sent to supporters of the Islamic State over the anonymous messaging app Telegram on Tuesday warned the group’s “brothers in Belgium” to avoid social media, use “encryption” to communicate and to “keep [a] low profile until the heat dies down.”
Tomi Engdahl says:
ISIS urges fighters in Belgium to use encryption in wake of Brussels attacks
http://www.dailydot.com/politics/brussels-isis-focus-telegram/
Minutes after the Islamic State claimed responsibility for deadly terror attacks in Brussels on Tuesday, the militant group’s cybersecurity experts began advising jihadists still in Belgium on how to stay safe and beat police and intelligence investigations.
Tomi Engdahl says:
Belgian authorities had intel on the bombers, but STILL failed to stop them
http://mashable.com/2016/03/23/belgian-intel-brussels-bombers/?utm_cid=hp-hh-pri#5SczKqtUREqE
Since Tuesday’s deadly bombings in Brussels, it’s come to light that Belgium’s security and intelligence services either missed or overlooked several clues that may have led them to the attackers — and questions about authorities’ actions are piling up.
The deadly attacks struck the heart of the European Union — right under the nose of law enforcement — despite high security measures already in place after the Paris attacks in November and a flurry of police activity in Brussels in recent days. What went wrong?
Suspects were already on law enforcement’s radar
The fact that the suspects were on Belgian authorities’ radar well before Tuesday’s bombings — some even before the Paris attacks — and yet were able to evade capture raises serious questions about their ability to gather intelligence.
Belgium’s security forces and counterintelligence services have reportedly been overwhelmed by the terror investigations following the Paris attacks, with few resources at their disposal to uncover or disrupt existing plots.
Tomi Engdahl says:
William Hague: Brussels attacks mean we must destroy crypto ASAP
Facts, Willy? Don’t let those trip you up, now
http://www.theregister.co.uk/2016/03/29/brussels_attacks_mean_ending_crypto_william_hague/
William Hague, the Conservative former Foreign Secretary, has claimed that the latest Brussels terrorist attacks “show the need to crack terrorist communications.”
Writing in The Telegraph, Hague claimed that the stand-out detail from the attacks in Brussels was “the communications discipline of those responsible.”
Since the attacks, the Belgian authorities have claimed that the murderers used pre-paid disposable phones, which were untraceable by any surveillance on their financial accounts. Subsequently, it was not possible to monitor the terrorists through regular communications surveillance.
Hague – who, as Foreign Secretary, held ministerial responsibility for MI6 – wrote that “the mobile phones they carried had evidently not been used before and showed no record of texts, chat or emails” – but such “discipline” should not surprise us, he said, as “every mastermind of terrorism or organised crime” had been tipped off about operational security by Edward Snowden.
The use of pre-paid phones, also known as “disposable” or “burner” phones, as part of an criminal organisations’ operational security against communications surveillance, was, in fact, publicised a decade before the Snowden revelations in the television show The Wire.
curious claim that: “Whatever means of co-ordination [the Brussels attackers] used, it was sufficiently private or encrypted that the authorities do not seem to have been aware of it.”
Tomi Engdahl says:
This war on math is still bullshit
http://techcrunch.com/2016/03/26/this-war-on-math-is-still-bullshit/?ncid=rss&cps=gravity_1462_7875794000089808195
In the wake of Paris, San Bernardino, and now Brussels, the encryption debate has become such a potent cocktail of horror, idiocy, and farce that it has become hard to tease out any rational threads of discussion. There is so much stupidity that I hardly know where to begin; but let’s start with the farce. Everybody loves a farce, right?
To recap: immediately after the San Bernardino attack, the FBI acquired the attacker’s work phone, which (unlike his personal phone) he had not bothered to destroy, and promptly locked themselves out of it. Months later, they / the San Bernardino DA decided to try to use the 200-year-old All Writs Act to force Apple to hack into it, claiming — I am not making this up —
” The seized iPhone may contain evidence that can only be found on the seized phone that it was used as a weapon to introduce a lying dormant cyber pathogen that endangers San Bernardino’s infrastructure”
Can we all just pause for a moment to bask, once again, in the breathtaking idiocy of that statement?
So did sanity return to the discussion? Did it hell. First, word broke out that the US government is seriously considering attempting to legally force WhatsApp to cripple its end-to-end encryption in the name of wiretaps
Then, days after the awful attacks on Brussels, the New York Times — which had previously published-and-then-retracted quotes from anonymous sources who (completely wrongly) blamed the Paris attacks on encryption
Let me explain. First, many of my pro-encryption, anti-back-door allies are arguing from a nakedly American-libertarian, government-oversight-is-bad stance.
And, indeed, if we were to have back doors / escrowed keys, I prefer his partner Albert Wenger’s approach — a unique key for every single device — to a master “golden key” that would open everything. (This doesn’t mean I think that this is remotely a good idea, though;
Second, my pro-encryption allies keep yammering on, loudly and pointlessly, about how what’s happening today is just another version of the “crypto wars” that were fought in the 90s. That may well be the case.
What we should be talking about, loudly and ceaselessly, is the fact that even if the tech industry did give the government everything they wanted, this would be completely ineffective. We need to explain this as often as we can
encryption is not a munition
Anyone who wants strong end-to-end encryption can get it, for free, with very little effort. Some people seem to have a misconception that Apple’s encryption is especially strong. It isn’t. The state-of-the-art of end-to-end encryption software is Signal, which is free and open-source. (WhatsApp adopted their technology.)
The day Apple allows any government to insist on back doors is the day every remotely competent bad actor in the world switches to third-party encrypted apps which require their own separate access codes.
Any attempt to fight encryption with back doors is Whack-a-Mole with an infinite number of moles, unless the powers that be are willing to expand it into an all-out war on general-purpose computing.
But guess who will be affected by back doors on default / widely used messaging systems? Everyone else who uses them — ie all the innocent ordinary people — because adding back doors, again by definition, hurts everyone’s security. (There is a long, sad, compelling history of “secure” back doors ultimately being used for unauthorized access. Even mighty Google has been successfully attacked in that way — by the Chinese, no less.)
Let’s focus on how encryption is merely math, which anyone can do, and let’s explain how world-class “military-grade” implementations of that math are already available, for free, to anyone and everyone.
Tomi Engdahl says:
Remote Sensing Bombs Could Stem Terrorism
http://hackaday.com/2016/03/29/remote-sensing-bombs-could-stem-terrorism/
If you understand technology, there were a lot of things hard to explain on Star Trek.
Remote sensing would have a very distinct use in today’s world: finding terrorist bombs earlier. A recent article published on New Scientist by [Debora MacKenzie] points out that stopping attacks like the recent one in Brussels is difficult without increasing congestion. For example, putting checkpoints at doors instead of inside transit stations is common in Asia, but causes lines and delays.
Airport security focuses on keeping explosives off planes. Hospital-like CT scanners and X-ray diffraction machines peer into checked luggage as it moves through the bowels of airports. Passengers line up to pass through metal-detectors and be swabbed for explosives. But the Brussels attackers targeted the busy check-in area – where no security checks take place.
How do we prevent a repeat attack? Moving check-points to the front doors is one solution; metal detectors and pat-downs are ubiquitous at airport entrances across Asia. But it would mean further delays, and create new lines of people that could be targeted.
One solution, say security researchers, is to keep people moving, and scan them remotely as they pass through the building.
So how else can we stop explosives getting to crowds of people? “The technologies are either imagers or sniffers,”
Unfortunately, imagers can be tricked. Explosives can be moulded to look like ordinary objects
Sniffers are harder to fool. Dogs are the best, says Jenkins, but they are hard to use on a large scale.
There are other ways to detect explosives remotely. Rather than analysing captured molecules – like the failed puffers – the Lincoln Laboratory at the Massachusetts Institute of Technology has turned to lasers to “sniff” explosives from a distance.
Lasers are also the main ingredient of a gun-shaped device called G-Scan, developed by Laser Detect Systems of Ramat Gan in Israel. This fires a green laser at a target then uses Raman spectroscopy to identify the molecules that are scattered back.
Detecting explosive material from a distance would let security services search for bomb-making materials – not just finished weapons.
Tomi Engdahl says:
The Strange Origins of TrueCrypt, ISIS’s Favored Encryption Tool
http://www.newyorker.com/news/news-desk/the-strange-origins-of-truecrypt-isiss-favored-encryption-tool
On Tuesday, the Times reporter Rukmini Callimachi published the latest in a series of blockbuster stories about the inner workings of the Islamic State. The piece focussed on the logistics of the group’s deployment of terrorists in Europe, but also included a significant revelation in an ongoing debate about encryption. In ISIS’s training and operational planning, Callimachi reported, the group appeared to routinely use a piece of software called TrueCrypt. When one would-be bomber was dispatched from Syria to France, Callimachi writes, “an Islamic State computer specialist handed him a USB key. It contained CCleaner, a program used to erase a user’s online history on a given computer, as well as TrueCrypt, an encryption program that was widely available at the time and that experts say has not yet been cracked.”
TrueCrypt and programs like it were the primary means for securing files and disks by those with a privacy bent of whatever stripe. Free to download and relatively user-friendly, TrueCrypt has been considered by experts to be among the strongest file-encryption programs available, since its release in 2004.
Without the user’s password, the software has long been viewed as uncrackable. Included in the information that Edward Snowden provided to Glenn Greenwald, Laura Poitras, and other reporters in 2013 was a document showing that the National Security Agency had “major problems” breaking TrueCrypt.
The genesis of TrueCrypt turns out to be as full of intrigue as the uses of it. The encryption software came up in my own reporting, in a story I’ve been researching for two years about a programmer named Paul Le Roux, who built a global drug, arms, and money-laundering cartel out of a base in the Philippines.
Both E4M and its progeny, TrueCrypt, are “open source” software. Their code is available to anyone to examine or to build upon, with some restrictions. The developers who expanded upon E4M to improve and maintain TrueCrypt over the years have remained anonymous. “The origin of TrueCrypt has always been very mysterious,”
In May, 2014, however, the anonymous developers behind TrueCrypt abruptly announced on their Web site that they would no longer support—or vouch for the security of—the software. Theories abound in the encryption community as to why
TrueCrypt shows is how impractical those back doors and requests are. TrueCrypt is an open-source program, maintained by mysterious, anonymous developers who are generally assumed to be outside the U.S. They likely have no legal incentive to help any government, and every practical incentive not to.
We now know that the original creator of E4M was not a company looking to curry favor with the U.S. government, but a man who went on to become one of its most wanted criminals. Negotiating back doors with such developers is almost certainly not an option. And TrueCrypt is just one of many open-source encryption programs available.
In 2015, Green and some colleagues completed a security audit of TrueCrypt, concluding that, the developers’ shutdown notwithstanding, the software remained secure from back doors or cracking. ISIS certainly seems to think so.
How ISIS Built the Machinery of Terror Under Europe’s Gaze
http://www.nytimes.com/2016/03/29/world/europe/isis-attacks-paris-brussels.html?_r=0
Tomi Engdahl says:
A warning message went to the wrong address – four minutes later exploded in the subway
The police tried to close after the metro Brussels airport attack, but the e-mail went to the wrong address. Four minutes later Maalbeekin metro station exploded. Decuyper never seen a message because it was sent to his personal email address and not to work mail.
Key question has become, how it was possible that the subway network was still operating at 9.11, or more than one hour after the Zaventem airport attack.
Source: http://www.iltalehti.fi/ulkomaat/2016051321555120_ul.shtml
Tomi Engdahl says:
Sheera Frenkel / BuzzFeed:
How ISIS uses the internet: malware, phishing, DDoS attacks, and communicating over Telegram
Everything You Ever Wanted to Know About How ISIS Uses The Internet
https://www.buzzfeed.com/sheerafrenkel/everything-you-ever-wanted-to-know-about-how-isis-uses-the-i?utm_term=.ltJ2y9DJ5g#.ek49xbaD6P
They talk on Telegram and send viruses to their enemies. BuzzFeed News’ Sheera Frenkel looks at how ISIS members and sympathizers around the world use the internet to grow their global network.
What he wasn’t expecting was to wake up on the morning of March 29 to a virus planted by ISIS within a seemingly innocuous email attachment.
“Everything about this looked like a real email, sent from the admin of my own website. It looked safe, but it was not. They were trying to get my login information, my passwords. They were trying to get things that could have put real lives in danger,” said Abu Majad, who asked that his nickname be used instead of his real name to protect himself and his remaining family in Syria from reprisal attacks by ISIS. “It was very clever. When I saw it I thought to myself, Shit, now they are professional hackers?”
Cybersecurity experts and intelligence agencies who monitor ISIS say the malware is just one more sign that ISIS is growing more sophisticated in its use of the internet.
“I don’t think it is far-fetched to say that the internet is a major reason why ISIS is so successful, and so worrying, as far as global terror movements go,” said one U.S. intelligence officer, who spoke to BuzzFeed News in Washington, D.C., and asked not to be named as he wasn’t authorized to speak to the press. “They have always been ‘good’ at the internet, at the strategy of how they use it. Now they are smarter at the internet too.”
Many of the world’s major intelligence agencies are trying to figure out just how ISIS uses the internet.
“ISIS has been targeting sites that are outspoken against ISIS,”
“Malware, phishing campaigns, DDoS attacks are all things I have seen,” he said. “Now, these dropper attacks are new and are more sophisticated. What we see is the group growing and evolving their capabilities. What we are seeing is worrying.”
Here’s an example of a conversation on a private ISIS channel on the messaging app Telegram on a recent Sunday afternoon:
“brother r u use VPN for site?”
“no brother, that is shit. use tor.”
“tor is creation of CIA. avoid tor.”
“so use vpn?”
“lol, no there is something else”
These sorts of exchanges appear daily on Telegram
The advice is meant to keep ISIS supporters safe, but for most it’s a confusing labyrinth of conflicting opinions.
“To be anonymous online is the most important thing so that we can safely help the jihad when the time comes,” Abu Jihad wrote BuzzFeed News in a private message on Telegram. He refused to give his real name or location. “The kuffars make it as hard as possible, but we always find a way to succeed,” he said, using a derogatory term for non-Muslims.
“There are rumours that our forums are infected,” said Abu Jihad. “But it is impossible for us to stay off of the internet.”
The internet is full of American and Israeli spies,” Abu Jihad wrote BuzzFeed in a private message, before asking for more details on where BuzzFeed News is based and whether it had a political agenda. “It’s well-known that most journalists are spies.”
A security expert who is only known online as “the grugq,” but whose blogs and tweets are widely read by cybersecurity experts, closely follows how ISIS communicates online. After reviewing the magazine, he told BuzzFeed News that he believed ISIS only had a limited understanding of how encryption works.
“The author believes encryption is a solution to every problem,” the grugq said in an email to BuzzFeed News, noting that it eschewed other techniques, such as teaching users how to be anonymous online by never revealing or entering into public forms personal details such as real names, birth dates, or countries of origin
The author is not clear on the real threats that jihadis actually face. The faith in crypto as a panacea to all the dangers faced by online jihadis demonstrates the shallowness of the author’s security understanding.”
“The main takeaway from this guide is that the author believes so strongly in encryption they think it will solve everything. It is the ignorant belief that ‘going dark’ is as simple as downloading TAILS. In the real world, nation state adversaries are not deterred by a little bit of crypto sprinkled here and there like OPSEC fairy dust,” he said.
“Generally the technical detail provided is impressive — not error-free, but remarkable for what after all is a general interest magazine for jihadis,”
“Even people who use these programs every day occasionally make mistakes. The processes described by ISIS are not intuitive.”
The attacks on Paris and Brussels ignited a global debate on encryption and terror.
On the one hand are certain intelligence agencies and governments, who say they missed signs of the attacks because ISIS was using the “dark web” to communicate, sending encrypted messages that intel agencies couldn’t crack. On the other hand are cybersecurity activists and experts, who say there is little evidence that sophisticated techniques were used by the attackers to mask their communication. (Quite the opposite, they argue: The attackers lived in the same apartment and used the old-school method of multiple burner phones.) And then there is the media, whose coverage of the issue has received intense scrutiny, with reports of ISIS sending encrypted emails scrubbed from the web just days after their publication, and unnamed sources giving conflicting evidence of how the attackers communicated.
Tomi Engdahl says:
Reuters:
Sources: the Feinstein-Burr encryption bill has lost support in Congress, likely won’t be introduced this year
Push for encryption law falters despite Apple case spotlight
http://www.reuters.com/article/us-usa-encryption-legislation-idUSKCN0YI0EM
After a rampage that left 14 people dead in San Bernardino, key U.S. lawmakers pledged to seek a law requiring technology companies to give law enforcement agencies a “back door” to encrypted communications and electronic devices, such as the iPhone used by one of the shooters.
Now, only months later, much of the support is gone, and the push for legislation dead, according to sources in congressional offices, the administration and the tech sector.
Draft legislation that Senators Richard Burr and Dianne Feinstein, the Republican and Democratic leaders of the Intelligence Committee, had circulated weeks ago likely will not be introduced this year and, even if it were, would stand no chance of advancing, the sources said.
Key among the problems was the lack of White House support
Tomi Engdahl says:
50 killed in Florida nightclub, shooter pledged ISIS allegiance
http://edition.cnn.com/2016/06/12/us/orlando-nightclub-shooting/
Orlando shooting suspect Omar Mateen was interviewed by the FBI in 2013 and 2014, FBI Assistant Special Agent Ronald Hopper told reporters Sunday. “Those interviews turned out to be inconclusive, so there was nothing to keep the investigation going,” Hopper said. Mateen was not under investigation at the time of Sunday’s shooting and was not under surveillance, Hopper said.
An American-born man who’d pledged allegiance to ISIS gunned down 50 people at a gay nightclub in Orlando — the deadliest mass shooting in the United States and the nation’s worst terror attack since 911, authorities said Sunday.
“We know enough to say this was an act of terror and act of hate,” President Obama said in an address to the nation from the White House.
Tomi Engdahl says:
Hackers Hijack ISIS Twitter Accounts With Gay Porn After Orlando Attack
Anonymous hacker targets Twitter accounts of ISIS supporters following Orlando attacks.
http://europe.newsweek.com/isis-twitter-accounts-gay-porn-orlando-attacks-anonymous-470300
Twitter accounts belonging to supporters of the Islamic State militant group (ISIS) have been hacked in the wake of the Orlando shooting, with jihadist content replaced with gay pride messages and links to gay pornography.
A hacker affiliated with the hacktivist collective Anonymous, who uses the online moniker WauchulaGhost, first began hijacking pro-ISIS Twitter accounts several months ago. Following the mass shooting at the Pulse gay nightclub in Orlando, Florida, on June 13, the hacker decided to replace ISIS imagery posted to the accounts with rainbow flags and pro-LGBT messages.
The vigilante hacker claims to have taken over 200 Twitter accounts belonging to ISIS supporters. However, many have since been taken down by Twitter.
Tomi Engdahl says:
Efe Kerem Sözeri / Vocativ:
Turkish government bans publication of news, interviews, visuals about Istanbul bombing — Once again, Turkey’s government has cracked down on media after a terror attack — Less than an hour after a coordinated suicide attack on Istanbul’s Ataturk Airport that left dozens dead and many more wounded …
Turkey Blocks News Sites, Twitter, Facebook After Deadly Attack
Once again, Turkey’s government has cracked down on media after a terror attack
http://www.vocativ.com/334890/turkey-blocks-news-sites-twitter-facebook-after-deadly-attack/
Less than an hour after a coordinated suicide attack on Istanbul’s Ataturk Airport that left dozens dead and many more wounded, Turkey’s government resumed a tactic frequently seen since last summer: a gag order for the country’s media outlets. Less than an hour later, watchdog groups reported Twitter and Facebook were inaccessible inside the country.
The order, issued by the Turkish Prime Minister’s office on the grounds of “national security and public order,” bans sharing of any visuals of the moment of explosion, blast scene, emergency work, of the wounded and dead, or any “exaggerated narrative” about the scene. It also bans the act of sharing any information about the suspects.
Tomi Engdahl says:
How did the Istanbul airport attackers get past security?
http://edition.cnn.com/2016/06/29/middleeast/turkey-istanbul-ataturk-airport-security/index.html
The deadly assault by three suicide bombers on Istanbul’s Ataturk Airport once again shows the difficulty in averting terror attacks.
Terrorists targeted the 11th busiest airport in the world in a country that borders the ISIS-stronghold Syria, and it’s not hard to see why Ataturk posed an attractive soft target.
But what’s particularly unnerving about the latest incident is the regional aviation hub had a much tighter security system in place than many other airports.
Travelers using the airport are required to undergo double security screenings. One before they enter the international terminal building, and a second time after they go through passport control.
“There’s heavy security at the entrance to the international departures hall,” Ward said. “There’s a full screening process. You have an X-ray machine and you have to go through a metal detector. But in the arrivals hall, of course you don’t have that same level of security, so two of the attackers we believe went into the arrival halls.”
People going to the arrivals section on the bottom floor are required to go through metal detectors but are overseen only by a light guard presence.
What about the response from Turkish airport security as the tragedy unfolded?
Tomi Engdahl says:
France: Belgium did not tell me in time for the suspected terrorist
France Parliament blamed Belgium for not having given to France in time for their data on suspected terrorist.
MPs’ view of Paris on November terrorist attack in Salah Abdeslam second main suspect have been arrested immediately after the impact, if the man had been known at the background.
Abdeslam was caught in Belgium in March after four months of running off. He was handed over to France in April.
Abdeslam there is another terrorist attack in Brussels the prime suspect.
Belgium has been accused in the past shortcomings of protective measures, and the tracing of terror suspects.
Source: http://www.iltalehti.fi/ulkomaat/2016070421842380_ul.shtml