Wednesday, August 20, 2014

How do you say "Hey, NSA! Look over here!" on the Internet?

Use an encryption cipher custom designed by al Qaeda:
The web intelligence firm Recorded Future has posted two stories about how al Qaeda is using new encryption software in response to the Snowden disclosures. NPR picked up the story a week later.


My guess is that in this case they don't even bother with the encryption software; they just attack the users' computers. There's nothing that screams "hack me" more than using specially designed al Qaeda encryption software. There's probably a QUANTUMINSERT attack and FOXACID exploit already set on automatic fire.
[blink] [blink]

I'm glad to see our enemies so monumentally stupid as to shine a searchlight on themselves.  Awesome.

I've been very critical about how NSA is spying on citizens unsuspected of any crime, but this seems to be precisely what they should be doing.  I'm even OK with secret FISA court warrants allowing automated monitoring (and even attacking) anyone using al Qaeda code.  Seems like that falls under "probable cause" to me.


Old NFO said...

Or is it a head fake???

R.K. Brumbelow said...

@old nfo I agree.

Also, why is possession of a cryptography tool now relegated to you are guilty? I sell one time pad encryption devices, does that automatically make me a terrorist?

Borepatch said...

Old NFO, I'm not sure what good the head fake would do. You'd need an al Qaeda associate to "do the fake" which is what would attract the attention. It would be different if AQ were hacking computers to set up a botnet to distract attention from their other comms, but even that seems a stretch.

R. K. Brumbelow, I wasn't talking about OTP but rather an al Qaeda designed custom cipher. That has their finger prints all over it in my book.

R.K. Brumbelow said...

@Borepatch, principle is the same. So I go to github and check it out, so now I am a terrorist?

As for needing someone to send messages too, what is the going price per 1k systems on botnets these days?

While I despise AQ and have no issue with their erasure, I also do not think of them as simpletons. When the NSA leaks something I assume it is untrue by default.

Example: NSA leaks system Y exists.
I assume either system Y just got retired, never existed or is a dummy line item/ fishing expedition. I never ever take it as face value.

So when someone says there is a custom built AQ cipher, I either expect it does not exist, it is for disinformation, or will be used to build parallel cases.

kahr40 said...

Falls under asking for it and getting three bags full.