Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Communications Security IT

Bin Laden's Sneakernet Email System 240

Hugh Pickens writes "Osama bin Laden was a prolific writer who put together a painstaking email system that thwarted the US government's best eavesdroppers despite having no Internet access in his hideout. Holed up in his walled compound in northeast Pakistan with no phone or Internet capabilities, bin Laden would type a message on his computer, save it using a thumb-sized flash drive that he passed to a trusted courier, who would head for a distant Internet cafe. At that location, the courier would plug the drive into a computer, copy bin Laden's message into an email and send it. Intelligence officials are wading through thousands of the email exchanges after around 100 flash drives were seized from the compound by US Navy Seals."
This discussion has been archived. No new comments can be posted.

Bin Laden's Sneakernet Email System

Comments Filter:
  • Why couldn't he just use Tor? Heckuva lot simpler and less vulnerable to betrayal by associates.

    • by badran ( 973386 )

      A tor node in Pakistan would not be suspicious at all.

      • Re:The Onion Router (Score:5, Interesting)

        by conspirator57 ( 1123519 ) on Friday May 13, 2011 @10:19AM (#36118300)

        10,000 tor nodes with hundreds going up and down every day in different locations would be as difficult to track through as physically going door-to-door searching the entire populace. that's part of why tor was built: to enable communication of persecuted minorities. when we built tor we were thinking post-tienanmen democracy advocates in china. our noble intentions in building tor don't keep the technology from being useful to other persecuted minorities that we don't like.

        • Re: (Score:2, Informative)

          by BitZtream ( 692029 )

          that's part of why tor was built: to enable communication of persecuted minorities. when we built tor we were thinking post-tienanmen democracy advocates in china. our noble intentions in building tor don't keep the technology from being useful to other persecuted minorities that we don't like.

          ...

          Or it was designed for military communications between ships by hopping on other ships signals not under the control of the US Navy without needing direct secure links between US Navy ships.

          to enable communication of persecuted minorities

          Quit making shit up. You just totally made up a reason for creating Tor that has nothing to do with the actual reason it was created.

          • Re: (Score:3, Insightful)

            https://www.torproject.org/about/torusers.html.en#activists [torproject.org]

            * Human rights activists use Tor to anonymously report abuses from danger zones. Internationally, labor rights workers use Tor and other forms of online and offline anonymity to organize workers in accordance with the Universal Declaration of Human Rights. Even though they are within the law, it does not mean they are safe. Tor provides the ability to avoid persecution while still raising a voice.
            * When groups such

    • by x6060 ( 672364 ) on Friday May 13, 2011 @09:56AM (#36117980)
      Tor does have a few potential vulnerabilities and it would not surprise me in the least if the NSA did have a way of tracking it. The way Osama decided to do it shifted the vulnerability from an electronic one to a personal loyalty one. With his age, experience and knowledge im sure he was able to better control and protect the later rather than the former. Its also very similar to his previous methods. Low tech - High concept.
    • by darjen ( 879890 ) on Friday May 13, 2011 @09:58AM (#36118008)

      Because everyone knows the FBI/CIA/NSA operate "anonymous" Tor nodes.

    • by x6060 ( 672364 ) on Friday May 13, 2011 @09:59AM (#36118020)
      I also feel the need to point out that this was probably not so much an attempt to thwart eavesdropping, but to mask his location.
    • Tor may hide the endpoints to a midpoint party, but you can bet it would only be a matter of time before the closest exit node to Pakistan would be honeypotted.

      http://cryptome.org/0003/tor-spy.htm [cryptome.org]

    • Because a Tor user would have been a lot easier to track down.

    • by LWATCDR ( 28044 )

      Well Tor has been shown to be vulnerable from time to time http://www.google.com/search?aq=1&oq=Tor+vu&sourceid=chrome&ie=UTF-8&q=tor+vulnerabilities [google.com] and the US has a lot of resources to throw at the problem I wouldn't bet on that being as good of a solution.
      Frankly The lack of wifi, cell, internet, and phone in a big expensive home in a well to do town in Pakistan was probably a bit red flag. I mean really it is like going to a Rave in a three piece suit, sunglasses and sporting a buzz cut.

    • Why couldn't he just use Tor?

      He didn't encrypt anything either, from the accounts I've read.

    • by Shotgun ( 30919 )

      What makes you think he, or anyone in his organization, had/have any idea, whatsoever, what Tor is? Why do you assume that your area of expertise is common knowledge throughout the world?

  • by Shanrak ( 1037504 ) on Friday May 13, 2011 @09:43AM (#36117828)
    RFC 1149?
  • Painstaking? (Score:4, Insightful)

    by j00r0m4nc3r ( 959816 ) on Friday May 13, 2011 @09:44AM (#36117838)
    How is that painstaking? That's like calling writing a telegram painstaking.
    • RTFA (Score:3, Funny)

      by Anonymous Coward

      They called it painstaking because the courier was forced to use hotmail to forward the emails.

    • Re:Painstaking? (Score:4, Interesting)

      by gstoddart ( 321705 ) on Friday May 13, 2011 @09:48AM (#36117894) Homepage

      How is that painstaking? That's like calling writing a telegram painstaking.

      Or, no more complicated than the tradecraft of cold-war era spies.

      This sounds like nothing more than well-established stuff that likely goes back to WWII if not before, and that you can read about in any Tom Clancy novel.

      Who knew ... the easiest way to avoid getting detected by a massive, international signals intelligence network, is to not use methods that give them anything to listen to.

      I'm completely shocked ... next thing they'll tell us about one-time-pads.

    • by vinn ( 4370 )

      I totally agree - that was the first thought that crossed my mind when I read this. This system is dumb and simple.

      What would be more interesting to find out is why the US couldn't eavesdrop on the email and figure out where it came from. I was under the impression with things like ECHELON we could just read every email ever sent anywhere in the world. Or, did bin Laden write in such a way that it didn't trigger it to get picked up? Or, did he actually use some kind of encryption?

      • I was under the impression with things like ECHELON we could just read every email ever sent anywhere in the world.

        Maybe OBL was hard to track because he wasn't saying anything that only he could have said - but then, how could he have remained in power? If the medium for your communications is obfuscated enough that it can't be tracked back to you, how do your followers know your messages are authentic? If you signed your messages with a private key, for example, then the first people to have your new

    • by 228e2 ( 934443 )
      I agree. I was expecting to hear some complicated eluding system where the courier didnt use the same cafe twice in a year and often went as far as 50 miles and created a new email address each time composed of some longitude/constellation combination. For a paranoid mastermind, this is full of weaksauce.
  • Merely delayed it. A bullet in the head is a bullet in the head.
    • Hmm, semantics. He did prevent himself being killed because of the email system. If a doctor cures you from an illness, hasn't he saved you because you die of other causes later?

      • by Skuto ( 171945 ) on Friday May 13, 2011 @10:00AM (#36118026) Homepage

        They found him through a courier. So actually, email did get him killed, sortof.

        • Network lag killed him?

        • Very much so, I'd say. The lesson here is they can find you no matter what. Even if you're paranoid enough to hide in a hole, buried in someones backyard under a pile of trash, like Hussein.

          There's no such thing as the perfect hiding spot in the real world. There's always someone or something that will eventually betray your location. Except maybe for wherever 2-Pac and Elvis have been hiding.
          • Saddam was found in his cook's house near his own home town because most likely somebody ratted him out for a good chunk of money. It still took almost 9 month to get him.

            OBL, well, it took you guys 10 years to find the guy living in a huge compound in an upper-class neighborhood in a major government/military hub city of your regional parter/foe. And you couldn't (or maybe didn't want to) even capture him alive.

            What I'm saying is that I'm not too worried. Sure, now it would be trivial to find me based on m

        • by treeves ( 963993 )

          More like a phone call got him killed. That the courier also used email in the past is circumstantial. He probably also delivered food to OBL at some point, but you wouldn't say that he got killed by a falafel.

      • Hmm, semantics. He did prevent himself being killed because of the email system. If a doctor cures you from an illness, hasn't he saved you because you die of other causes later?

        SLASHDOT: Keeping those happy thoughts and cheerful reminders coming every Friday at work!

  • by Dynamoo ( 527749 ) on Friday May 13, 2011 @09:46AM (#36117874) Homepage
    Kind of like mail over UUCP then. (Yes, I am showing my age)
  • by wjousts ( 1529427 ) on Friday May 13, 2011 @09:49AM (#36117900)

    I was about to submit this from New Scientist [newscientist.com]:

    If this newly discovered messaging method is a surprise to western intelligence, however, it means they may not have been monitoring the recipients of his USB-facilitated missives - possibly because Al-Qaida is thought to be using short-lived email addresses after an earlier trick of theirs was rumbled.

    That trick? Before 9/11 some of the attackers evaded email surveillance by not sending email. Instead they used webmail services but saved messages as drafts - and then shared their logins with their co-conspirators.

    • by Chrisq ( 894406 )

      I was about to submit this from New Scientist [newscientist.com]:

      If this newly discovered messaging method is a surprise to western intelligence, however, it means they may not have been monitoring the recipients of his USB-facilitated missives - possibly because Al-Qaida is thought to be using short-lived email addresses after an earlier trick of theirs was rumbled.

      That trick? Before 9/11 some of the attackers evaded email surveillance by not sending email. Instead they used webmail services but saved messages as drafts - and then shared their logins with their co-conspirators.

      Mow they just store it on their private facebook profiles.

      • Mow they just store it on their private facebook profiles.

        Is that why Facebook is so 'all your data belongs to us' insecure?

        disclaimer: That comment was not paid for or otherwise sponsored by Google [google.com]. ;-)

    • by mcmonkey ( 96054 ) on Friday May 13, 2011 @10:12AM (#36118194) Homepage

      That trick? Before 9/11 some of the attackers evaded email surveillance by not sending email. Instead they used webmail services but saved messages as drafts - and then shared their logins with their co-conspirators.

      That's pretty clever.

      I've often wondered if some gibberish spam contains convert messages of nefarious intent. If you're a known bad guy and want to send email without identifying your cohorts to anyone watching, why not send the same message to thousands (or millions) of addresses? (Assuming your message is adequately coded/encrypted. You don't want to broadcast your plans in plain text.)

      Even if the good guys know one of the recipients is a bad guy, they don't know which recipient, and burn a lot of resources eliminating the red herring.

      Yes, I know supposedly those gibberish emails are for poisoning spam filters. At least, that's what they want you to believe.

      I've thought the same about those spams that were sections of text from famous literature. Again, supposedly targeted to spam filters. Could be a signal for a terrorist in a sleeper cell to go to the local library, go to a certain book, open to a certain page, where the secret plans have been hidden.

      Yes, I am convinced all spammers are terrorists.

      • People that clever usually have enough smarts to get a decent job, make enough money for maher (bride price) for at least one wife. One bird in the hand is worth a lot more than 72 in the sky after death. So they usually don't turn suicide bombers.

        In fact the stark raving lunacy and incompetence of the terrorists, people who could not set their pants on fire, is the reason why we are safe. Our safety is definetly not because of the mass gate rape by the TSA.

        BTW we always append the suffix -gate to for

        • That generalization is wrong, not every member of Al-Quaeda is poor or stupid (as in, unable to get a decent job). In the 9/11 hijackers and associates there was a son of a wealthy business owner, a brother of a chief of police, law students, an architect, a doctor, etc.

      • I've often wondered if some gibberish spam contains convert messages of nefarious intent.

        I don't think that's the case. Money is a sufficient motivator.

        Yes, I am convinced all spammers are terrorists.

        Nevermind, I'd like to subscribe to your newsletter. :)
      • A clever idea. Now when I communicate with all my terrorist buddies, the subject will always be something about V1agra and in the body there will be a GIF of something about "Online pharmacy". Then any gibberish text is bound to fly under every radar.

        Or, if not - if the CIA really does have to hire some dweebs to sort through all gibberish spam - that's sure to hasten the inevitable death to America. [BTW, if this is being monitored, I should make clear that my "cell" confines its terrorist activities to ou

      • by nusuth ( 520833 )

        A great idea, having a numbers station for peanuts.

      • > I've often wondered if some gibberish spam contains convert messages of nefarious intent

        IIRC there was a group on usenet for this in the 80s or 90s, you could post a message, encoded with a key à la PGP, then everyone could access/read the encoded message, but only one person was able to decode it properly.
    • I'm not sure how "surprising" or novel that is... when I was on Prodigy back around 1991, a bunch of us belonging to a AD&D "group" did something quite similar to avoid the per-message fees for sending to other people. We'd all share a sub-account and deliberately bounce messages so others could log on and read them. If Prodigy closed a sub-account after noticing irregularities (high number of bounces, multiple people trying to log onto the account at the same time, etc), we'd all move to a different su
      • So what you are saying is that AD&D nerds are actually terrorists? I always suspected as much....
  • Yet he never discovered that flash drives are rewritable...
    • More likely he didn't trust using them again after they were plugged into an internet cafe computer. Virus anyone?
      • More likely he didn't trust using them again after they were plugged into an internet cafe computer. Virus anyone?

        What's a virus or trojan going to do with a computer that isn't plugged in to the internet?
        It's rare these days that you come across a malicious piece of code that deletes or encrypts your files.

    • I thought it was interesting that he didn't destroy those drives after using them.
      • by khr ( 708262 )

        I thought it was interesting that he didn't destroy those drives after using them.

        Maybe he expected that after he was successful and took over the world he'd have an archive of his communications to put in the equivalent of the presidential archives. Or planned on writing his memoirs when he got old, rich and famous...

  • by Anonymous Coward on Friday May 13, 2011 @09:51AM (#36117912)

    Totally explains why he took forever to accept FB friend requests.

  • by amw ( 636271 ) on Friday May 13, 2011 @10:00AM (#36118024) Homepage
    Although people seem amazed about this, it's not the first time that this has happened.

    Back in '98, I worked on a network where it was against Government regulations to connect it in any way to the Internet, and an 'air gap' was required between the two. I was one of a very small team that wrote a system (using Zip disks for storage) that pulled data from a mail server on our secure network and pushed it to a mail server on the Internet, and vice versa. It had very high latency - people were assigned to do the mail drop only twice a day - but it worked well.
    • and you had no air gap anymore... since your user were now reachable from the net. It was now easy for them to slowly leak information....

    • Iran also had a system like this for their uranium enrichment, I think.
    • I was one of a very small team that wrote a system (using Zip disks for storage) that pulled data from a mail server on our secure network and pushed it to a mail server on the Internet, and vice versa.

      Are you sure this is how it worked? Who sanitized the data? Generally speaking any writable media that enters a secure network then also becomes secure and must be verifiably erased (commonly just destroyed) before plugging back into an nonsecure network.

      So nonsecure -> secure is fine. Secure -> non

    • by pz ( 113803 ) on Friday May 13, 2011 @12:59PM (#36120378) Journal

      Although people seem amazed about this, it's not the first time that this has happened.

      Back in '98, I worked on a network where it was against Government regulations to connect it in any way to the Internet, and an 'air gap' was required between the two. I was one of a very small team that wrote a system (using Zip disks for storage) that pulled data from a mail server on our secure network and pushed it to a mail server on the Internet, and vice versa. It had very high latency - people were assigned to do the mail drop only twice a day - but it worked well.

      My understanding is that in Victorian England, the Royal Mail made hourly deliveries daily to The City (the central-most part of London), and it was entirely possible to carry on a conversation through the day via post, rather like we do today via email. The point here is that nominally the latency in a conversation is not always dominated by the delivery method, but rather the delays associated with being away from one's desk for meetings, coffee, lunch, events, seminars, errands, flirting with the cute receptionist downstairs, etc., performing work unrelated to reading email, in addition to the time it takes to compose replies to received messages. How often do you manage to get 3 or more back-and-forth cycles on an email thread with someone in one day? Yes, it happens, but probably not that often for most correspondence. It was readily possible in London over 100 years ago!

  • Now, I may not be all in on the IT/Security lingo, but this seems to be over selling it a bit. Or at least giving it a much cooler name than it really is.

    All he was doing was saving a text file and then having someone else email it from an internet cafe? I think a 10 year old could come up with this simple scheme. But I guess it was simple and effective.
    • Re:Sneakernet? (Score:5, Informative)

      by x6060 ( 672364 ) on Friday May 13, 2011 @10:04AM (#36118088)

      The term sneakernet harkens back to the early days of computing where the only way to get information was to put it on a disk and walk it over to another computer and load it there. Thus a network using your sneakers (your shoes) as the transportation method. So this would be partially true for this instance.

      http://en.wikipedia.org/wiki/Sneakernet

      • I figured it was a made up name, so I didn't bother to wiki it. Thanks for the info. It still sounds more cool than it really is.
        • I figured it was a made up name, so I didn't bother to wiki it. Thanks for the info. It still sounds more cool than it really is.

          Oh, you so get geek demerit points ... the term sneakernet [wikipedia.org] is old ... like maybe the 70s.

          Essentially, it is the same as any other packet switching network [wikipedia.org] ... like carreir pigeons [wikipedia.org]. :-P

        • by mcmonkey ( 96054 )

          I figured it was a made up name, so I didn't bother to wiki it. Thanks for the info. It still sounds more cool than it really is.

          As it is with most things geek-related.

        • Sneakernets are actually pretty cool, never under estimate the bandwidth of a truck full of hard drives. I mean sure, the latency is horrible, but 1000 2 Tbyte hard drives at 60 mph will achieve ludicrous transfer rates even driving halfway across the continent.

      • Camelnet? Bombed-out Yugo-net? Predator-net?

      • From http://en.wikipedia.org/wiki/Sneakernet [wikipedia.org]:

        The theoretical capacity of a Boeing 747 filled with Blu-Ray discs is 595,520,000 Gigabits, resulting in a 37,000 Gbit/s flight from New York to Los Angeles.

  • by tm2b ( 42473 )
    All I can say is that I am glad he wasn't sophisticated enough to use PGP with a strong passphrase.
    • by tm2b ( 42473 )
      I should add - or if he did, his passphrase must have been on a post-it next to his computer.
    • Something tells me when they heard that RSA encryption was named after Rivest, Shamir and Adleman they would think it was part of a Jewish conspiracy.

    • I hope actionable information will come out of this, but so far the only reports have been more "death to American" evangelism. Why encrypt that? The New Scientist article says they got email addresses, but that operatives change them constantly. And you can bet they'll be changing them now.
  • by pushing-robot ( 1037830 ) on Friday May 13, 2011 @10:05AM (#36118102)

    "Hey, are you headed to the Internet cafe? Could you send this for me? I'd love to go myself, but you know, the $25000000 bounty..."

    "You ALWAYS use that excuse! 'I'd love to go to the grocery store, but my bounty...I'd love to go to the laundromat, but my bounty...'"

    "Oh, and could you print out the latest Digg articles?"

    "...fuck it, I'm calling the Americans."

  • courier could have been pasting just PGP armoured blobs. Or maybe he did encrypt buy his password was "infidel".
  • I can certainly see why there would be the need to disclose personal information about some of the recipients/senders of these email exchanges.
    Of course, knowing that Bin Laden is no dummy, you have to wonder if any of them are faked. You know he had plenty of time to plan all kinds of things out.. so why not fake a few of them to stick it to his enemies after he's gone? He had to know that he'd eventually be caught and misinformation can be just as powerful as information.

  • Now the TSA will demand to inspect, copy, or seize removable media crossing such vulnerable public infrastructure as airports, train and bus stations, and sidewalks. Schumer and Lieberman will introduce legislation to require 3G transmitters in all thumb drives.
  • by brit74 ( 831798 ) on Friday May 13, 2011 @10:34AM (#36118566)
    > "thwarted the US government's best eavesdroppers despite having no Internet access in his hideout."

    So, here's my question: by having an intermediary go to the internet cafe, Bin Laden could avoid being seen. However, how does this avoid eavesdropping? It seems to me that if they ever find one of Bin Laden's emails (by sniffing packets or by capturing one of his email targets and tracing back his email to the original IP address), then you could get back to the original internet cafe. Depending on the number of internet cafes in the area, you could start monitoring traffic and figure out which guy was sending them. Then, you could follow the guy to see where he went, which would lead you to Bin Laden. Also, if you infect the computers in the local internet cafes with a keylogger, you could get into Bin Laden's email accounts. By using the intermediary, Bin Laden only added a step or two to the whole procedure and avoided being seen in an internet cafe himself. It wasn't some sort of foolproof method for sending emails.
    • by JSBiff ( 87824 )
      1. We're talking about Pakistan here. There is CIA presence in Pakistan, of course, as recent international diplomatic crises have demonstrated, but I think the CIA might be somewhat limited in their ability to operate in Pakistan
      2. Instaling keyloggers on EVERY machine? That would have to imply you're logging EVERYONE's passwords *before* emails are sent, because you can't know that an Osama email has just been sent until it's been sent. I definitely don't think the CI
  • The same could be done if you got a massive botnet out there. send your encrypted payload, it bounces around the world for a while before getting sent. also have random hacked email servers used as incoming points...

    "bin.laden@sales.cisco.com" would be used this week, "deathtoamerica@whitehouse.com" for next week, etc......

    there are a lot of ways to stay ahead of the feds while being online. The courier setup is a nice old skool setup.. have level 1 couriers hand off to level2, who hands off to level

    • You can easily hack a server and put something in there that is NOT causing problems but acts as a relay for a S2S comms channel to hand off communication in a round robin or even random way. and if it's small messages like email it could go un-noticed on a server for years.

      His method worked for 10 years with none of that work. You have to remember that Bin Laden is not an uber l33t haxxor or anything. The botnet method you describe would involve the inclusion of people unlike the sort he'd normally trust anyways, probably a money trail, intermediaries, etc. All weaknesses. And it's not like they never find people who create and manage botnets as it is. Imagine how fast we'd infiltrate each botnet and catch every operator if they were, "Enemy of the World #1".

  • It would be a lot easier to wardrive around and log into open wireless access points, or hack into weakly secured ones. Internet cafes in Pakistan could easily have CIA cameras, or at minimum witnesses who could identify you in a photo lineup. I'm pretty sure that the CIA is working with Microsoft to take a closer look at low-usage or short-lived Hotmail accounts opened from Pakistani, Afghani and Yemeni internet cafe IP addresses. That wouldn't even be such a hard thing to do.
    • The CIA has a nice budget, but not THAT good a budget: Something that big and that overt is not only expensive, but it'd easily leak.

    • The population of Pakistan, Afghanistan, and Yemen total about the same as the USA. There are literally hundreds of thousands of internet cafes. I'm sure the CIA is trying, and they did find Osama, but it is a huge difficult task.
  • by joh ( 27088 ) on Friday May 13, 2011 @11:11AM (#36119154)

    Why? Let's check possible scenarios:

    1) They have indeed found loads of data, disks, CDs and DVDs, hundreds of thumb drives and so on. They can now do one of two things:
    a) Go through that data and come up with press releases every few days to keep the media interested in this. The news will spread everywhere. Every terrorist who even suspects his name, e-mail adress or similar among this data will now immediately try to cover his tracks, abandon accounts, change his location and generally get away. Rather silly to warn them, isn't it?
    b) Keep silent, don't tell anyone about what they've found and try to track down whoever they can find with this silently. That would be clever.

    2) They haven't found anything to speak of. Now they can again one of two things:
    a) Tell the media and anyone interested they haven't found anything. Terrorists may believe this or not, but they won't be in any hurry to get away. Silly.
    b) Despite finding nothing, come up with a media campaign telling all the world they have found a "mother lode" of data and make sure to refresh this lie again and again with made-up stories. The terrorists will now change names, delete accounts, change location, cut communication channels, build new ones, etc. This not only disrupts their organizations, it may also create a certain buzz which makes it easier to catch them. Again, clever idea.

    So, what do you think: Have they found a "mother lode of data" or not? I don't think so. Because if they did, they wouldn't tell all the world about that. They would silently analyze that data and act on it. What we're seeing here is a carefully orchestrated campaign as a second choice because they didn't find anything useful.

    • Because if they killed Bin Laden and kept quiet, terrorists all over the world would sleep well knowing that Bin Laden's data is safe.
      • Hardly. Anyone willing to strap on a vest of C4, or snug the straps on someone else's vest, is already wearing a tinfoil hat. The moment the new broke every AQ member who even thought they might be linked to the data in OBL's possession was abandoning/poisoning accounts and moving their data.

        • by joh ( 27088 )

          Anyone willing to strap on a vest of C4, or snug the straps on someone else's vest, is already wearing a tinfoil hat.

          And at the same time the top terrorist himself isn't clever enough to store this sensible data in a cabinet with a pound of thermite in case he gets raided? Or to use a thumb drive only once and then destroy it?

          I think it's in no way above the DoD to have a second-choice strategy in case they don't find anything useful. In fact this is the thing I would do in such a case. The only bad thing

          • And at the same time the top terrorist himself isn't clever enough to store this sensible data in a cabinet with a pound of thermite in case he gets raided? Or to use a thumb drive only once and then destroy it?

            It happens... often. Just look at a former "World's Most Wanted". Hitler may have been a political savant, and an expert in personal security - but as a Military Strategist, he was an utter buffoon. It appears that Bin Laden was so secure in the idea that he'd never get caught, that he didn't ha

            • by joh ( 27088 )

              It appears that Bin Laden was so secure in the idea that he'd never get caught, that he didn't have any real contingencies planned for the day that someone came knocking.

              But still had an AK47 and a pistol in arm's reach, yeah.

      • by joh ( 27088 )

        I guess there're lots of terrorists out there who have no better idea what amounts of data Bin Laden stored in his hiding place than you or me. Telling all the world about thousands of messages found before actually trying to hunt down whoever you can find with this would be totally idiotic if true. This makes sense only if it actually isn't true, so you have nothing to lose and can at least disrupt and panic the guys.

  • "Osama bin Laden was a prolific writer who put together a painstaking email system that thwarted the US government's best eavesdroppers despite having no Internet access in his hideout" ..

    Then why does the Gov need to spy on us all in order to protect us from the terrorists ?

    New US bill would require ISPs to retain user info to aid police [myce.com]

We were so poor we couldn't afford a watchdog. If we heard a noise at night, we'd bark ourselves. -- Crazy Jimmy

Working...