dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1098

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

2 recommendations

Name Game

Premium Member

Finding treasures in Bin Laden computers

For the U.S. government, the raid on Osama bin Laden's compound in Pakistan represents a unique opportunity to test advanced computer forensics techniques called "media exploitation" that it's developed over the last few years.
The military's acronym for the process is DOMEX, which one Army team in Iraq cheekily sums up with this motto: "You check their pulse, we'll check their pockets."

The electronic gear hauled away by an assault team of Navy SEALs reportedly included five computers, 10 hard drives, and scores of removable media including USB sticks and DVDs. Some reports say the forensic analysis is taking place at the CIA's headquarters in Langley, Va., while others have placed it at a "secret location in Afghanistan." (See list of related CNET stories.)

While the U.S. government isn't exactly volunteering what's happening now, the Army has confirmed in the past that it provides "tactical DOMEX teams" to troops in Afghanistan. And a Defense Department directive (PDF) from January 2011 says the National Media Exploitation Center, or NMEC, will be the "central DoD clearinghouse for processing DoD-collected documents and media," a category that would include the bin Laden files.

»www.cbsnews.com/8301-501 ··· 465.html

(Tools they seem to be using are EnCase, Intella and HBGary Responder)
cerdan
join:2008-01-02

1 recommendation

cerdan

Member

Aren't these drives encrypted at the minimum?

Cudni
La Merma - Vigilado
MVM
join:2003-12-20
Someshire

Cudni

MVM

said by cerdan:

Aren't these drives encrypted at the minimum?

Not necessarily. They might have started like that but if it the main operator complained about it being to complex....

In any case encryption in itself and on its own will not protect. And so it doesn't

Cudni

KodiacZiller
Premium Member
join:2008-09-04
73368

KodiacZiller

Premium Member

said by Cudni:

said by cerdan:

Aren't these drives encrypted at the minimum?

In any case encryption in itself and on its own will not protect. And so it doesn't

What do you mean by that?

Cudni
La Merma - Vigilado
MVM
join:2003-12-20
Someshire

1 recommendation

Cudni

MVM

said by KodiacZiller:

What do you mean by that?

What I said. Encrypt something but then leave encryption keys/passwords in other form that can be retrieved from (on paper, files ect.), allow key logging software. Retrieve encrypted content after it was decrypted. Use lesser complexity keys etc etc. Share the keys with disloyal person

Encryption is powerful but not omnipotent

Cudni
90115534 (banned)
Someone is sabotaging me.Finding out who
join:2001-06-03
Kenner, LA

90115534 (banned) to Name Game

Member

to Name Game
Wow seems like any geeks dream come true! Sounds exciting! Not to say it actually is or will be though. It may not be we really have no idea.

KodiacZiller
Premium Member
join:2008-09-04
73368

1 recommendation

KodiacZiller to Cudni

Premium Member

to Cudni
said by Cudni:

said by KodiacZiller:

What do you mean by that?

What I said. Encrypt something but then leave encryption keys/passwords in other form that can be retrieved from (on paper, files ect.), allow key logging software. Retrieve encrypted content after it was decrypted. Use lesser complexity keys etc etc. Share the keys with disloyal person

I agree with that assessment, but you didn't say that in your first post. You just said "it's too complex for the operator" and "encryption on its own will not protect." I just needed a little elaboration.

Certainly leaving keys written on paper is a bad idea, but I doubt there was a software keylogger on any of the machines since they didn't have Internet access at the compound. Whether there were hardware keyloggers is more difficult to say. We do know that the CIA was watching the compound from a nearby location (they even placed voice sensors nearby to hear what was being said inside), but it's doubtful they got close enough to plant a physical keylogger on a computer.

In any case, we will probably never know if any of the data was encrypted. If it was and NSA breaks it, they will just say there was no encryption. If the files were encrypted and NSA can't break it, we will never hear about that either.

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

Name Game to KodiacZiller

Premium Member

to KodiacZiller
said by KodiacZiller:

said by Cudni:

said by cerdan:

Aren't these drives encrypted at the minimum?

In any case encryption in itself and on its own will not protect. And so it doesn't

What do you mean by that?

You never know
»twitpic.com/4sres6
Name Game

Name Game

Premium Member

The CIA task force is analyzing 10 cell phones, 10 computers and 100 thumb drives confiscated from the Abbottabad, Pakistan, compound Osama bin Laden was found in. The agency expects it will take days just to get through Bin Laden's lesbian porn stash. (ABC News)

»m.clatl.com/freshloaf/ar ··· b-drives
Name Game

Name Game

Premium Member

How bin Laden thwarted US electronic surveillance
Alert Print Post comment Retweet Facebook
Prolific emailer used thumb-drive proxy
By Dan Goodin

Posted in Security, 12th May 2011 23:11 GMT

Osama bin Laden didn't have a phone or internet connection, but for years he was a prolific user of email who frustrated Western efforts to track him by saving messages to a thumb drive and having them sent from a distant internet cafe, the Associated Press reports.

The process was so tedious that even veteran intelligence officials have marveled at the al-Qaida chief's ability to maintain it for so long, the news service said. Bin Laden would type the messages on a computer that had no connection to the outside world and then instruct a trusted courier to drive to a cafe so they could be emailed. The courier would then save messages addressed to bin Laden to the same drive and bring it back so his boss could read them offline.

US Navy Seals seized roughly 100 flash memory drives when they killed bin Laden at his Abbottabad, Pakistan, compound a week and a half ago. Officials told the AP they “appear to archive the back-and-forth communication between bin Laden and his associates around the world." The cache of messages is so big that the government has enlisted Arabic speakers from around the intelligence community to pore over them.

»www.theregister.co.uk/20 ··· l_cache/