Ads by TechWords

See your link here
Receive the latest technology news and information.
Networking
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

U.S. Web site said to offer strengthened encryption tool for al-Qaeda backers

Update of year-old software available on password-protected site, researchers say

January 23, 2008 12:00 PM ET

Active Comments
Kufr Akbar says: The Ekhlaas terrorist website was publicised once before by MEMRI, along with various other such sites hosted in the US...
Mike Amling says:

Here's some background: Ciphertext encrypted with 256-bit AES is not going to be decrypted without the key. Neither is 128-bit...



Computerworld - An Arabic-language Web site hosted on a server located in Tampa, Fla., is apparently offering a new version of software that was designed to help al-Qaeda supporters encrypt their Internet communications.

The new encryption tool is called Mujahideen Secrets 2 and appears to be an updated version of easier-to-crack software that was released early last year, said Paul Henry, vice president of technology evangelism at Secure Computing Corp. in San Jose.

The tool is being distributed free of charge on a password-protected Web site that belongs to an Islamic forum known as al-Ekhlaas, according to Henry and a blog posting by the Middle East Media Research Institute. MEMRI is a Washington-based organization that monitors what it describes as jihadist Web sites and publishes translations of online content originally posted in Arabic, Persian or Turkish.

Henry said that he contacted the FBI about the al-Ekhlaas site and its contents last weekend. But as of this afternoon, the site was still up and running. Prior to being hosted on the server in Tampa, the site appears to have been run off of a system in Minnesota, Henry said.

MEMRI identified the Web hosting firm that owns the server on which the al-Ekhlaas site is running as Tampa-based Noc4hosts Inc. Officials from the hosting firm didn't immediately return calls to a general toll-free number listed on its Web site.

Because of the password protection, Henry hasn't been able to download the new tool and therefore can't say what level of encryption it supports. But he said that a banner ad on the site claims that the software offers the highest level of encryption now available. That means it likely uses at least 1024-bit encryption, whereas the first version of Mujahideen Secrets used 256-bit AES encryption, he said.

A Reuters story posted Jan. 18 and datelined Dubai quoted the al-Ekhlaas Web site as saying that the new release was a "special edition" of the encryption tool created "in order to support the mujahideen in general and the Islamic State in Iraq in particular." That organization was described by Reuters as being linked to al-Qaeda.

Efforts by groups that support al-Qaeda to develop their own encryption tools appear to be driven by concerns about possible back doors being built into publicly available encryption software, Henry said. He added that the upgraded Mujahideen Secrets tool could cause problems for law enforcement and antiterrorism agencies that are tracking the activities of such groups.

"Up to this point in time, we have been able to discount al-Qaeda's use of the Internet as an attack vehicle because of their use of outdated and easily thwarted technologies," Henry said. But, he warned, that could begin to change if al-Qaeda backers start adopting more up-to-date tools.



Jump to comments

al-Qaeda

Additional Resources

Xerox
By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!
Microsoft
Save time and mitigate security risk. Deploy it now.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

What People Are Saying

White Papers & Webcasts

Southern Company
Download Now  

Aligning IT to Business: The Rising Importance of Application Delivery Networks
Application Delivery Networking (ADN) will play a vital role in helping enterprises incorporate strategic technologies to achieve business initiatives.

Mitigate Risk, Lower Costs and Improve Network Efficiency
Create a stable IP network that not only meets today's challenges, but is flexible enough to also meet future demands.

Share our Strength
Download Now  

Preparing Your Business Services for the Future
Would you trust your network monitoring tools enough to know when something is truly halting a business service?

IPAM: Slashing Network Costs
Slashing Network Costs by Consolidating and Automating Core Network Services

Horror stories: Managing IT Across Multiple Locations
How one extra sharp IT manager eliminates daily agony, hassle and repetition.

Disaster Recovery & Cost Savings Zone
Thousands of customers world-wide have turned to virtualization solutions from Riverbed as a way to reduce costs.