Al-Qaeda Used Basic Codes, Calling Cards, Hotmail 285
jd writes "In startling revelations, convicted terrorist Ali Saleh Kahlah al-Marri admitted that Al Qaeda used public telephones, pre-paid calling cards, search engines and Hotmail. Al-Marri 'used a '10-code' to protect the [phone] numbers — subtracting the actual digits in the phone numbers from 10 to arrive at a coded number.' The real story behind all this is that the terrorists weren't using sophisticated methods to avoid detection or monitoring — which tells us just how crappy SIGINT really is right now. If the NSA needs to wiretap the whole of the US because they can't break into a Hotmail account, you know they've got problems. FindLaw has a copy of al-Marri's plea agreement (the tech-related information begins on page 12), and the LA Times has further details on his case."
This is not a surprise (Score:2, Interesting)
Then the government complains that their intelligence is crap. The reason their intelligence is crap is straightforward: They underpay people who aren't qualified to do the job in the first place. I'll never forget the CIA's little career day at my University, many a winter moon ago, when I asked the spook behind the little folding card table how much a job in intelligence paid. 33K to start, he said. I laughed and moved on to the next table, where someone in the private sector was offering 100K for a similar, but much more interesting position that I didn't have to move to Virginia to take.
So the CIA guy went home with half a dozen apple-faced applicants who were only too glad to take a ridiculously tiny salary for their huge amounts of effort, all in the name of protecting the American Way.
So really, what they hired were a bunch of pinheads prone to blind patriotism and the eating of ramen noodles.
And now here we are, everyone they couldn't afford to hire telling them that none of this is any sort of surprise, and them being all kinds of surprised. It'd be funny if it wasn't so pathetic.
Wise words from a cop... (Score:3, Interesting)
While discussing this exact type of crime with a cop (of sorts) who deals with this stuff day to day, his opinion can be summarised as followed:
- Throw away cell phone sim cards are good
- Throw away cell phones are better (Unique ID)
- Letter writing is safer than using a phone
- Having a conversation is safer than writing a letter
I am paraphrasing him now but he said something like "I would never touch a piece of technology if I didn't want to get court."
PS - Terrorist cells are unique and individual.
Terrorists are dumb (Score:2, Interesting)
It's because terrorists are stupid [slate.com].
But Can NSA Tell Of Its Successes? (Score:5, Interesting)
The dastardly part of all this is that the NSA/CIA may not be allowed to disclose all of their successes. Methods and processes that produce good intelligence have to be protected from public disclosure. For all we know, Hotmail has been cracked and the NSA/CIA made a false disclosure to get the terrorists all happy about their ability to elude the vaunted three-letter agencies. I mean, when the FBI makes an arrest based on an informant, they make sure to bust the informant as well, even making sure to smack him around a little so as to allay his concerns.
It's entirely possible that the intelligence organizations suck, but perhaps they have successes that we would not know about for decades. The "secret killing program" in Iraq sounds like one of those things.
Re:Hotmail, hmmm? (Score:3, Interesting)
``Mebbe Microsoft will finally take a tumble for aiding terrorists.''
Unlikely. Now, maybe if it had been Bittorrent. Or tor.
Re:Really? What Exacty Is Your Suggestion? (Score:5, Interesting)
SIGINT will never be as good as a man on the ground. Our national intelligence agencies have become scared of taking risks. A satellite doesn't risk capture and torture. After all, there are 89 stars in the CIA wall, and no one wants to add another one during peacetime. But you just can't help think what we could have done if we maintained our aggressiveness with HUMINT during peacetime. A white guy named John Walker Lindh [wikipedia.org] was able to walk into Pakistan and get a face-to-face meeting with Bin Laden after a few months. Now Al Qaeda is all on guard so it's tough to compromise them. But peacetime would have been the best time to break into their organizations, though civil liberty folks might freak out.
Re:Really? What Exacty Is Your Suggestion? (Score:5, Interesting)
Re:Ban it! (Score:5, Interesting)
As the NSA, FBI, and CIA are involved, you CANNOT trust this plea bargain. The defendants in this case could've agreed to say such things whether or not they are true.
And why would the NSA, CIA, and/or FBI want them to say such a thing? Why in the world would the Powers That Be want to demonize these anonymous forms of communication?
Re:Terrorists aren't stupid. (Score:4, Interesting)
SIGINT isn't just data collection -- it's also data distribution. Make the person you're listening to think they're being listened to by another group, or exchange information with an informant without them knowing who "you" are, and without them suspecting anything's wrong with the transaction.
I heard a story once [citation needed], where "we" were feeding a terrorist fake info to relay to his friends, and the terrorist gobbled it up and told his superiors... which then changed the location of some meeting, which resulted in them getting blown up (with relatively fewer civilian casualties).
Re:Really? What Exacty Is Your Suggestion? (Score:5, Interesting)
SIGINT isn't the right tool for tracking terrorist cells anyway. They don't generate enough signals.
Yeah, I think you might be right. I suspect what this really means is that they're incapable of actual, old-style spy-work. Here's what a CIA Near-East operative said:
"The CIA probably doesn't have a single truly qualified Arabic-speaking officer of Middle Eastern background who can play a believable Muslim fundamentalist who would volunteer to spend years of his life with shitty food and no women in the mountains of Afghanistan. For Christ's sake, most case officers live in the suburbs of Virginia. We don't do that kind of thing." A younger case officer boils the problem down even further: "Operations that include diarrhea as a way of life don't happen."
That's from The Atlantic's The Counterterrorist Myth:
http://www.theatlantic.com/doc/200107/gerecht [theatlantic.com]
Pay some unmarried dude 20 million a year to live this shitty life in return for his services and, additionally, pay well some willing prostitues to be shipped in secret CIA planes to have fun with him secretly - call it "operation secret panties". Are there too many religious right-wingers at the CIA for ideas like this to stick?
Re:This is not a surprise (Score:5, Interesting)
Speaking as someone who does work in a gov. agency, as part on the IT (no, not the IT you are thinking, it means something else to spooks), money is important. Yes, we get the plenty of folks willing to take lower pay because they feel like they are doing something with a purpose. But, and this is a big but, there are many people who won't or can't take an entry level position. Think about that rock star coder in Silicon Valley who has gotten bored and wants a new challenge? Could she apply for the CIA? Not if she has a mortgage. Can't do it. She might be willing to take a 30% pay cut to do it. It would be a stretch, but she could make her mortgage, but not the 50% that the service requires. This sort of thing might sound trivial. But there are very talented people making this calculus every day.
The other thing to realize is that the salary of an analyst or officer is really a small percentage of the total cost. It costs something like $400K/year to support many of our overseas officers. If we bumped their salary by $50/year you would certainly attract people from a much wider pool. And the cost would be minimal.
Federal spying is a matter of perspective. (Score:2, Interesting)
The left is aghast at federal firms monitoring conversations... but the same left would have absolutely no problem with forcing vehicle inspections, requiring employers and banks to hand your income to the federal government, beating the heck out of the swiss to allow access into foreign bank accounts, tracking the flow of carbon to monitor everything we burn, allowing uav overflights to monitor co2 emissions, all in the name of saving the planet and ensuring businessman pay their taxes and the planet is safe.
Conversely, the right wing could do without any of this. Keep the census as just a count, screw all the forms and taxes and filings and inspections you have to do the government. Compared to that, having your phone listened to is a lot easier. Government reporting is so intrusive and so heavy handed any more that if the government just said, let's just read your email and you don't have to fill out any more forms with us, it would be a GODSEND to 90% of the people who actually run businesses.
The biggest joke is that, we talk about all the intrusiveness of wiretaps, but look at all the forms we are REQUIRED to fill out to the IRS, the Commerce Dept, the local Depts of Transportation, and more, not to mention the Census - and the thing is, all of this data, regardless of party, is going to be a politicized fraud anyway.
Weighed against that, I think it is reasonable that for some people, who are already caught up supplying the government with a bunch of information, to wonder why not just go and wiretap everyone if it nabs a few terrorists. The government is way beyond spying, on us, in reality, it is forcing us to turn over mountains of information to it already. Spying is chump change compared to what we already do.
If you really want to get government out of monitoring you, then lets get rid of all the OTHER forms and inspections the government makes you do.
Re:Really? What Exacty Is Your Suggestion? (Score:1, Interesting)
There weren't much signals at all.
If I remember, they weren't sending the emails, they were using the drafts folder as a dead drop.
Re:Really? What Exacty Is Your Suggestion? (Score:3, Interesting)
No, no I don't know that they have problems. You have presented little to no proof they have problems. So your suggestion is that they not only wiretap the whole US but also break into every e-mail account they suspect of terrorist activity?
Man do I love it, when people arrogantly just interpret things like they want, and then attack others for the meaning of that interpretation... :\
Your problem seems to be, that you did not notice that there is another option, than just doing global wiretapping or e-mail-account cracking on everybody they "suspect".
What i think GP meant, and what I think is right, is that to work as intended, the NSA should have determined the "terrorists" good enough to get a fully acceptable court-order, which then would give them the right to wiretap/crack anything.
Them not doing so is proof of how fucked up they are.
So GP likely did not mean that they ran into any obstacles, but that they got real problems in their "mind".
But of course we're talking about an organization which rapes the constitution, and a bunch of lazy retards not kicking their asses for doing so. Yay.
Re:I smell BS. (Score:5, Interesting)
I suspect that's the tip of the iceberg. Accusations that US and UK spying agencies (through the Echelon project) were using their power for commercial espionage really began to flow in the 1990s. The European Parliament made a series of public allegations against the US in early 2000 stating that the NSA had intercepted conversations and data and passed it on to the US Commerce Department for use by American firms resulting "stolen sales". The Boeing V. Airbus that you noted is the most famous of these, but probably as large was AT&T using intercepted communications to get a half-share of an Indonesian trade contract which was initially going to NRC of Japan before the NSA got hold of the confidential details and passed them along. Lawsuits and procedings were actually filed in France, Italy and Belgium. Another instance was Raytheon getting hold of confidential information belonging to Thompson-CSF on a US$1.5bn dollar deal with Brazil for satellite imaging. Raytheon got the contract. Enercon - a German wind generator manufacturer - developed a major refinement on generating electricity. When they tried to patent it in the USA, an American corporation had beaten them to the punch. That's an especially interesting case since there were people inside the NSA that confirmed they'd spied on the German company and passed the necessary details on. Other accusations have been made by such companies as BMW and German security experts pegged costs to German industry at a minimum of US$10bn by just the year 2000.
All this apparently came straight from the top.
It's that sort of behaviour, regarded as betrayal by an ally in the European politicians,
Re:They did at one point... (Score:2, Interesting)
Wether or not it is true that the Washington Post leaked the story, this is/was an invaluable technique. Maybe it was leaked on purpose. Who knows.
I wouldn't put it past some media channels from leaking secret or classified information. I'm all for freedom of the press, but if it impedes security, saves lives and helps the military, I think there is a moral and legal obligation to not talk about it. I don't care if its leaked or revealed - with permission - from the agency dealing with the information. Its a whole different ball-game when they are doing this when the techniques are being used 'in real time'. I'm sure Osama would have clued in eventually, but I'd hate to think lives were put in jeopardy to help the Post.
As an employee of the government it doesn't take a lot to get in hot water for leaking much less serious classified (non-military) government information. Similar rules should exist with the media.
Put another way, if someone at the CIA, NSA, FBI (or now DHS) leaked this type of information they would be fired at the least. If serious enough a leak, they would be tried for treason. The newspapers and television seem to think that leaking this type of stuff will go on without punishment especially after the Novak & Plame incident. Embarrassing and shameful is where I can only begin.
Re:Really? What Exacty Is Your Suggestion? (Score:4, Interesting)
It's a shame 4chan wasn't around when bin Laden's phone number was published in court documents [heise.de]
Re:Really? What Exacty Is Your Suggestion? (Score:3, Interesting)
Taking it a bit further, contrary to the claims of "startling" revelations in the simplicity of Al Quaeda counter intelligence techniques it should be of no surprise. And who in the United States intelligence agencies claimed the NSA was not capable of and did not crack these pathetic techniques?
What I'm sure is only a small percentage of the information available in the September 11 Commission report [unt.edu] suggests there were bureaucratic blunders rather than outright intelligence failings.
While a wire tap into every phone connected to a super computer for analysis works wonders in a Bat Man movie [poplicks.com], somehow I doubt it would be that simple or that effective in real life. I don't recall anyone in Gotham city speaking Arabic or using code words. And more importantly, how many innocent people would have their rights violated not just by the wiretapping but by further investigation and false accusations, and how often would such activity be used for ulterior [wikipedia.org] political motives [serendipity.li]?
The fact is the now public knowledge of Al Quaeda intelligence techniques tells us nothing of the NSA's capabilities or how much they really knew prior to September 11th and illegally wire-tapping an entire nation is likely no silver bullet that will prevent future attacks and as history has shown will likely be used for political reasons.
Re:But Can NSA Tell Of Its Successes? (Score:3, Interesting)
I'm perfectly happy to accept that we only know about the 0.1% of the cases where sigint failed. However, the failures that we have were ones where human intelligence was completely absent, and actually ignored. What this story shows is that you should never rely only on sigint to find out what your enemies are up to. Unfortunately, there has been a massive infatuation at the management level and up with electronics and toys, rather than the dirty business of putting shoes on the ground.
Re:Hindsight is 20/20, right? (Score:3, Interesting)
Kamikaze's were not very effective. I thought any 6th grader knew that. Not to mention that previous plane strikes did not bring down the building either.
Here's some homework for you: devise a plan to bring down a skyscraper. Then execute it. I'd really like to know how that goes for you.
Re:Terrorists aren't stupid. (Score:5, Interesting)
It's so lucky that we're the good guys.
Considering that the opposing side considers collateral damage to be a good thing (the more of it, the better), yes, I'd say so.
Is he telling anything he really knows? (Score:2, Interesting)
Ali Saleh Kahlah al-Marri can for all we know just be making it up as he go just to get a leaner sentence. That and the torture hes been put through sure can make wonders for a captives imagination.
Torture is a very crappy way of getting information and just about as reliable now as it was during the spanish inquisition where many people confessed of being wiches, sorcerers and all sorts of funny things. The inquisition was dismantled because it was ineffective, not because it was evil or inhuman.
Barack Obama is a spineless wimp for not prosecuting the hell out of the former administration and instead letting things like this that excuses torture upfront.
Re:You make an excellent point. (Score:2, Interesting)