http://www.wired.com/dangerroom/2011/05/what-theyre-looking-for-inside-osama s-thumb-drives/
What They're Looking For Inside Osama's Thumb Drives * By Michael Tanji <http://www.wired.com/dangerroom/author/mwtanji/> <mailto:[email protected]> Email Author * May 6, 2011 | * <http://www.wired.com/images_blogs/dangerroom/2011/05/040107-M-0484-L-thumb2 .jpg> http://www.wired.com/images_blogs/dangerroom/2011/05/040107-M-0484-L-thumb2- 660x430.jpg U.S. forces picked up more than a hundred thumb drives, hard drives, computers, and discs from Osama bin Laden's compound. Now that the gear is in the hands of American intelligence, what are they looking for? Some of the more pressing questions that are likely being asked right now: Who was he talking to? Whether or not bin Laden had internet access - and there are growing signs he did <http://www.washingtontimes.com/news/2011/may/3/how-bin-laden-led-operations /?page=1> - the man needed some kind of contact database (the world's most wanted customer relationship management app ever). It most certainly includes names, nicknames or aliases of al-Qiada allies and operatives. These guys are probably already known to U.S. intelligence, but having this data may shed new light on the relative importance of individuals and the role they play in AQ. Forensic tools that allow for the use of keyword lists - useful for a language like Arabic where a name could have many spelling variations - would come in useful. What was he reading or watching? Bin Laden inevitably got information from the outside world. There is a fair chance that some of that material came in via CDs, DVDs, or thumb drives. This gives us some insight into what his cohorts were writing to him, and what issues he was interested in, etc. USB sticks are particularly useful, since a PC will record the serial number of a thumb drive in its registry. Pictures taken with a digital camera will contain data that can indicate where they were taken and when. We may be able to correlate where certain documents or files came from or who created them, giving further insight into the inner-workings of the organization. What was he thinking? Unless one writes fiction for a living, what someone puts into their computer tends to be the most focused and factual data available. Since we can't actually read bin Laden's mind (at least not anymore), the next best thing is reading and trying to make sense of the ideas he put down on (virtual) paper. What didn't he want us to know? It's a safe bet that bin Laden didn't want anything of this to fall into the hands of U.S. forces. But unless he had a forensically-sound data erasure tool, almost anything bin Laden simply deleted is probably available to be recovered. That includes plots and ideas considered and discarded, orders issued, you name it. The use of encryption could complicate matters, but as with many security mechanisms, encryption is only useful if it is employed soundly and every time. Any system that was on at the time of the raid could contain encryption keys or pass phrases that could in turn be used to unlock any encryption mechanism. How sophisticated is his crew? We may be able to determine a bit about AQ's technological capabilities based on file formats and the presence of specialized software. Data files with file extensions from engineering or CAD/CAM programs, for example. But even if there are so signs of anything that advanced, don't miscalculate: the al-Qaida's element may still be able to inflict damage. The faster and more completely we make sense of what bin Laden was doing on his computer the better off everyone who may be in al-Qaida's crosshairs will be [Non-text portions of this message have been removed] ------------------------------------ -------------------------- Want to discuss this topic? Head on over to our discussion list, [email protected]. -------------------------- Brooks Isoldi, editor [email protected] http://www.intellnet.org Post message: [email protected] Subscribe: [email protected] Unsubscribe: [email protected] *** FAIR USE NOTICE. This message contains copyrighted material whose use has not been specifically authorized by the copyright owner. OSINT, as a part of The Intelligence Network, is making it available without profit to OSINT YahooGroups members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of intelligence and law enforcement organizations, their activities, methods, techniques, human rights, civil liberties, social justice and other intelligence related issues, for non-profit research and educational purposes only. We believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtmlYahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/osint/ <*> Your email settings: Individual Email | Traditional <*> To change settings online go to: http://groups.yahoo.com/group/osint/join (Yahoo! ID required) <*> To change settings via email: [email protected] [email protected] <*> To unsubscribe from this group, send an email to: [email protected] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
