Yes, ISIS Is Using Encryption -- But Not Very Well
from the a-comedy-of-errors dept
I've been seeing a few anti-encryption supporters pointing to a new ProPublica report on terrorists using encrypted communications as sort of proof of their position that we need to backdoor encryption and weaken security for everyone. The article is very detailed and thorough and does show that some ISIS folks make use of encrypted chat apps like Telegram and WhatsApp. But that's hardly a surprise. It was well known that those apps were being used, just like it's been well known that groups like Al Qaida were well aware of the usefulness of encryption going back many years, even predating 9/11. It's not like they've suddenly learned something new. So, the fact that they're now using tools like WhatsApp and Telegram is hardly a surprise. It also kinda highlights the idiocy of trying to backdoor American encryption. Telegram is not a US company and WhatsApp's encryption is based on the open source Signal protocol, meaning that any American backdoor encryption law isn't going to be very effective.But, really, what strikes me, from reading the whole article beyond the headline notion of "ISIS uses encryption," is that it lists example after example of the fact that folks in ISIS use encryption badly and often seem prone to revealing their information. This is not unique to ISIS. Lots of people are not very good about protecting themselves. Hell, I'm probably not very good about my own use of encryption. But, of course, I'm also not trying to blow things up or kill people. Either way, story after story after story in the article highlights the rather bumbling aspects of teaching ISIS supporters how and why to use encrypted communications and to avoid surveillance. My favorite example:
On Jan. 4, 2015, an exasperated coordinator repeatedly explained to a befuddled caller with a Lebanese accent that he could only bring a basic cell phone to Syria, according to a transcript.Then there was the case where someone planned a plot using an encrypted WhatsApp conversation, but police were already bugging the guy so they heard what he was saying anyway:
“The important thing is that when you arrive in Turkey you have a small cell phone to contact me,” the coordinator said. “Don’t bring smart phones or tablets. OK, brother?”
For the fourth time, the recruit asked: “So we can’t have cell phones?”
“Brother, I said smart phones: iPhone, Galaxy, laptop, tablet, etcetera.”
Sounding a bit like a frustrated gate agent at a crowded airport, the coordinator added: “Each of you can only bring one suitcase. If you come alone, just bring one suitcase. That is, a carry-on and one suitcase.”
“I didn’t understand the last thing, could you explain?”
“Brother, call me when you get to Turkey.”
In April, Italian police overheard a senior figure in Syria urging a Moroccan suspect living near Milan to carry out an attack in Italy, according to a transcript. Although the voice message had been sent through an encrypted channel, the Moroccan played it back in his car, where a hidden microphone recorded it.All of these examples keep making the same point that many people have been making for a long time. Yes, encryption hides some aspect of communications. That's part of the point. But the idea that it creates a "going dark" situation is massively exaggerated. There are many other ways to get the necessary information, through traditional surveillance and detective work. And the report suggests that's working. And the fact that many ISIS recruits are particularly unsophisticated in understanding how and when to use encryption only makes that kind of thing easier for people tracking them. In discussing the Paris attacks, for example, the article notes that while some of the attackers were told to use encryption, they didn't.
In the message, the unidentified “sheik” declared: “Detonate your belt in the crowds declaring Allah Akbar! Strike! (Explode!) Like a volcano, shake the infidels, confront the throng of the enemy, roaring like lightning, declare Allah Akbar and blow yourself up, O lion!”
The suspects exchanged recorded messages over WhatsApp, an encrypted telephone application that is widely used in Europe, the Arab world and Latin America
Abaaoud’s operatives did not always follow security procedures, however. In June of last year, Turkish immigration authorities detained Tyler Vilus, a French plotter en route to Paris with someone else’s Swedish passport. Allowed to keep his cellular phone in a low-security detention center, Vilus brazenly sent an unencrypted text message to Abaaoud in Syria, according to a senior French counterterror official.Anyway, it's no surprise that terrorists are going to use encryption. Of course they have been for over a decade and will continue to do so. The issue is that it's not as horrible as law enforcement is making it out to be. Just as plotters have always been able to plan in ways that law enforcement has been unable to track (such as discussing in person, in other languages, or through simple ciphers or codes). That's always happened and somehow we managed to get by. Yes, sometimes law enforcement doesn't get to know absolutely everything about everyone. And that's a good thing. And sometimes, yes, that means that terrorists will be able to plan bad things without law enforcement knowing it. But that's part of the trade-off for living in a free society.
“I have been detained but it doesn’t seem too bad,” the message said, according to the senior official. “I will probably be released and will be able to continue the mission.”
Instead, U.S. spy agencies helped retrieve that text and French prosecutors charged Vilus with terrorist conspiracy.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: encryption, fud, going dark, isis, law enforcement, terrorism
Companies: telegram, whatsapp
Reader Comments
The First Word
“One if by Land and Two if by Sea
Those colonial terrorists used encryption too. Let's get me out of the history books. Oops, they used lanterns, so they were actually going light instead of going dark......Subscribe: RSS
View by: Time | Thread
Security is hard
That's because security is not a matter of deploying a tool, no matter how powerful. To be secure against serious threats requires careful attention to every aspect of procedures and behavior, both electronic and not. Weakness in any aspect of the overall effort weakens all aspects.
As a common example of the truth of this, look at the excellent and common advice given regarding everyday passwords: never use a given password for more than one thing. That way if the password is exposed, only one thing is compromised.
Behavior is at least as important to security as technology is.
[ link to this | view in chronology ]
odd phrasings
As far as the effort itself, these folks are going to be quite shocked to find out that it is possible to create and install android apps on your own. When they find out it is possible to employ encryption without being blessed by the google they are likely going to blow a hemorrhoid. By their reasoning, that is going to mean it is time to make android illegal because terrorists use it.
Then again terrorists use toilets. We should get rid of those things too. Nothing good ever came out of a toilet.
[ link to this | view in chronology ]
viva l'italia!!!
The whole exchange:
"The important thing is that when you arrive in Turkey"
Reminds me of 15 years ago when I started out as a level 1 tech helping clueless users use fairly simple technology.
There has to be something said about the person that's willing to blow themselves up for a "God." The law and media acts like these are sophisticated individuals when in reality they are borderline retarded.
I read that somewhere else yesterday and just laughed at the Abbot and Costello-esque nature of the conversation.
Even the "sheiks" rant was South Parkish in nature.
[ link to this | view in chronology ]
One if by Land and Two if by Sea
[ link to this | view in chronology ]
Re: One if by Land and Two if by Sea
[ link to this | view in chronology ]
"Hidden in the x-rated pictures on several pornographic web sites"
Um... are we really going to believe devout Muslims are going to hide messages in porn and go to porn websites?(And visit strip clubs)
Sound farfetched? It may because:
"Us officials and experts say it's the latest method of communication"
Oh. Whew. As long as its US officials and unnamed "experts" I'm ok. /s
I thought the method was flash drives and couriers? Oops, there I go thinking again.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
ABC News reported on this yesterday. Retired Lt. Gen. Michael Flynn, a former head of the Defense Intelligence Agency is quoted as saying:http://abcnews.go.com/International/jihadists-computers-80-percent-full-porn-official/s tory?id=40564987
[ link to this | view in chronology ]
Not seeing the Forrest for the Terrorists
But you are missing the real issue about Going Dark.
American Citizens are increasingly Going Dark by using encryption. For everyone's protection, decryption must be very easy, or even unnecessary for even the dumbest of cops. This makes it easier to access everything about your private life when looking for something to charge you with.
[ link to this | view in chronology ]
Re: Not seeing the Forrest for the Terrorists
[ link to this | view in chronology ]
Re: Re: Not seeing the Forrest for the Terrorists
Yep. Sounds like a violation of the DMCA's ban on circumvention tools to me. Ban statistics!
[ link to this | view in chronology ]
Hidden messages
[ link to this | view in chronology ]
When you fail to achieve your despot desires legally, just do it illegaly.
[ link to this | view in chronology ]
Released into the Wild
If a 'real, unbreakable encryption' was released onto the internet, with any time at all before it was noticed, especially in code-form (where any programmer could download it and compile it at his will), the whole fantasy of 'encryption control' would be forever gone. What then, once the government worked on a leveled playing field with the 'average Joe'? Governments seem to think they can print money, to finance any 'overcoming' of the little guy they might deem needed. What if that wasn't 'really' the case? It's only a matter of time...and a good C-programmer.
[ link to this | view in chronology ]
Re: Released into the Wild
One specifying a particular CD, the other the starting bit. This trivializes the bane of prePC one time pads -- the complexity of passing on the pad definition.
[ link to this | view in chronology ]
Re: Re: Released into the Wild
The hard part is the key exchange. After all, if you have a secure channel to exchange keys, then why not send the message itself through that channel?.
PKE is an engineering tradeoff -- the crypto is strong but not mathematically unbreakable, but the win is that the key exchange problem is rather dramatically improved (and, if you do it right, is solved).
[ link to this | view in chronology ]
Re: Re: Re: Released into the Wild
Because of temporal and spacial differences. Keys can be exchanged at a time and place that secure channels are available, and then used later to communicate when secure channels are not available.
[ link to this | view in chronology ]
Re: Re: Re: Re: Released into the Wild
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Knowing Daesh, their alcoholic, drug-taking paedophilic leader probably just fell into a drunken stupor, rolled their heads on the keyboard and accidentally pressed POST.
[ link to this | view in chronology ]
Terrorists
Terrorists win by inducing the leaders to exert more and more restrictions on the citizenry, and creating irrational fears in the population. I have reason to be more afraid of police and other LEOs than I do of terrorists. Police will kill far more people in the US this year than terrorists will. Indeed, including the deaths from 2001, police have killed more people, many innocents, in five years than terrorists have killed in the last 15.
Who is more to be feared?
[ link to this | view in chronology ]
Re: Terrorists
But don't complain when your credit card information gets stolen because Amazon can't encrypt their site. And don't complain when your bank account is drained because banks aren't allowed to encrypt their sites either.
[ link to this | view in chronology ]
Re: Terrorists
[ link to this | view in chronology ]
Re: Re: Terrorists
How have they managed to miss you so far?
[ link to this | view in chronology ]
Re: Re: Terrorists
Cops don't get to decide who "deserves" it.
And that "most" there in your sentence doesn't bother you any?
[ link to this | view in chronology ]
Do you keep your writers well restrained in cages? If not you could be contributing to the cause, even if unknowingly. /derp
[ link to this | view in chronology ]
Morbid Fascination
[ link to this | view in chronology ]
I read somewhere that 'terrorists' use online forums to communicate on a regular basis. Some of these can be erotic sites. Who's gonna think that is even possible for bearded asexual anarchists? Perfect.
[ link to this | view in chronology ]