Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Infrastructure & Control
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Updated encryption tool for al-Qaeda backers improves on first version, researcher says

Security exec's analysis shows code is well written but messages may be easy to track

February 4, 2008 12:00 PM ET

Active Comments
Anonymous says: They could have just use Skype and had a better encryption capability and it would be harder to track. Since...
tom brown says: Nice to see an article about encryption, and one that isn't full of hype and acknowledges that some questions aren't...


Computerworld - A recently released tool that allegedly was designed to help al-Qaeda supporters encrypt their Internet-based communications is a well-written and easily portable piece of code, according to a security researcher who has analyzed the software.

However, messages that are encrypted using the tool, which is known as Mujahideen Secrets 2, should be relatively easy for law enforcement authorities to spot and track, said Paul Henry, vice president of technology evangelism at Secure Computing Corp. in San Jose.

Henry said that based on his analysis of the encryption tool, "it will not be a difficult matter for law enforcement to identify files created using this software," because it puts a unique fingerprint on them. "You may not be able to read the messages, but you will be able to figure out where it was sent from and to whom," he added.

Mujahideen Secrets 2 was released last month via an Arabic-language Web site set up by an Islamic forum called al-Ekhlaas. At the time, the password-protected Web site was running on a server that belonged to a Web hosting firm in Tampa, Fla., after previously being on a system owned by another company in Rochester, Minn. But the URL that the group was using on the server in Tampa is no longer working.

As of last week, the al-Ekhlaas site had been moved to a server owned by yet another hosting firm, this one based in Phoenix, Henry said. But the link to the site on that server also now appears to be broken.

The new encryption software is an updated version of an easier-to-crack tool that was released early last year by the same group. Henry said the copy of Mujahideen Secrets 2 that he evaluated was provided to him by J.M. Berger, a Cambridge, Mass.-based freelance journalist and documentary filmmaker who focuses on terrorism as well as science and business topics.

Mujahideen Secrets 2 is a very compelling piece of software, from an encryption perspective, according to Henry. He said the new tool is easy to use and provides 2,048-bit encryption, an improvement over the 256-bit AES encryption supported in the original version. What makes the update especially interesting, he noted, is the fact that it can be used to encrypt Yahoo and MSN chat messages in addition to e-mails.

Another interesting aspect of the tool is its ability to take a binary file and encrypt it in such a way that the file can be posted in a pure ASCII or text-only format, Henry added. As a result, individuals could use Mujahideen Secrets 2 to encrypt files and post them on sites that aren't even on the Internet -- for instance, on a telephone-accessed bulletin board system. "If you wanted to do something covert, that's one way of doing it," Henry said.

The new version of the tool also has a much better graphical user interface than the initial release did, he noted. And he thinks the tool's developers have done a better job of integrating bits and pieces of RSA Security Inc.'s encryption code in order to handle functions such as key generation and key management. Many of the mistakes they made in the first version seem to have been addressed in the new one, thereby making it harder to crack, he said.

In addition, the revamped tool is highly portable, Henry said. For instance, he explained, someone could put the software on a USB memory stick, go to an Internet cafe, plug in the USB device and run Mujahideen Secrets 2 to encrypt any communications from that cafe.

According to Berger, the new version of the tool sounds worrisome both because of its increased sophistication and the ease with which it can be used. The software appears to be designed for use by relatively low-level operators in the al-Qaeda hierarchy, he said.

The capabilities offered by Mujahideen Secrets 2 fit a pattern for al-Qaeda groups, Berger said, noting that the terrorist organization "has always been pretty current with what they use — cutting edge, but not bleeding edge."

Berger added that there is a "robust discussion" taking place within the counterterrorism community over the issue of online forums such as al-Ekhlaas being hosted on U.S.-based servers. Some people believe it is easier to monitor what's going on in the forums when they are hosted on U.S.-based servers, he said. Others, though, want the Web sites to be taken down immediately.



Jump to comments

Mujihadeen Secrets

Additional Resources

WHITE PAPER
Approximately 60 percent of data migration projects overrun time or budget, while some fail completely. Download this white paper, "Enhancing Your Chance for Successful Data Migration," to learn the critical steps you need to take to execute a data migration project with minimum cost and risk to your business.
WHITE PAPER
Read the Gartner research note to learn why the TCO of a server-based computing deployment used to deliver all applications to users is around 50% lower than that of an unmanaged desktop deployment.
WHITE PAPER
Economic downturns have a tendency to accelerate emerging technologies, boost the adoption of effective solutions, and punish solutions that are not cost competitive or that are out of synch with industry trends. This IDC White Paper presents the results of an IDC survey of 330 companies in Western Europe, Asia/Pacific and the Americas that measures the receptiveness to Linux and takes into consideration changing views driven by the disruptive economic environment that businesses face today.

What People Are Saying

White Papers & Webcasts

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Optimizing Data protection Operations in VMware Environments
This Taneja Group Solution Profile identifies the data protection optimizations available in the VMware vSphere environment.  

Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.

How to Defend Against New Botnets
Get this paper now!  

Maximizing Site Visitor Trust Using Extended Validation SSL
Provide site visitors visual cues that indicate your site is legitimate with Extended Validation (EV) SSL available from VeriSign.  

Fraud Alert: Phishing - The Latest Tactics and Potential Business Impact
Read this white paper to learn how phishing attacks work, and how to avoid them.