al-qaeda:communication "cutouts" secure comm
Cut-outs, public or disposable mechanisms that provide ‘anonymity’ through sheer
volume of users/transactions and little or no connection to the ‘real’ you. Such webbased
email systems as Hotmail and Yahoo were used by the 11September2001 sleepers
to communicate with each other or with the Al-Qaida command hierarchy according to
media coverage. Other cut-outs are available—instant messaging (ICQ, AIM, etc.), chat
rooms (AOL, IRC channels, MUDs/MUSHes, etc.)—but such systems work ‘best’ from
stable machines, and U.S. cover operators appeared to rely heavily on public machines
(libraries, cyber-cafes, etc.). Even more secure email systems such as Hushmail ‘expose’
the side of the transaction connected
n Dead-drops, locations (including ‘virtual’ ones) that are readily available to anyone and
where things can be left easily, are a favorite mechanism in intelligence: public lockers;
drop boxes; and now in the age of the Internet, USENET newsgroups or public
websites. Key features of dead-drops are that they are public, they are deniable (“that
isn’t mine”), and they are plausible—a pattern of behavior can be developed that, even if
monitored, keeps communication below ‘observational threshold,’ and possibly prevents
‘hostile’ knowledge of communication taking place at all
‘Best practice,’ then, would utilize ciphers or codes, some sort of ‘intermediation’ (such as remailers or
relays provide), utilization of a cut-out, and certainly a dead drop.
No comments:
Post a Comment