Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

How terrorists hide messages online
Scripps Howard News Service ^ | 10/4/01 | Scripps Howard News Service

Posted on 10/04/2001 6:46:51 PM PDT by Thanatos

For Editorial and Discussion use only:

How terrorists hide messages online

By LISA HOFFMAN
Scripps Howard News Service
October 04, 2001

- To terrorist cells such as Al Qaeda, a picture on the Web can be worth thousands of words.

Employing the 21st century version of a concept as old as secrets themselves, alleged terrorists affiliated with Osama bin Laden are believed to have exploited the vastness of the Internet to hide messages between conspirators in what amounts to plain sight.

According to declassified intelligence reports, court testimony and computer security experts, bin Laden's network has been a pioneer in adapting the ancient art of steganography to the Internet. U.S. officials and high-tech researchers seeking to counter such techniques are scrambling for methods to detect or derail them.

Online steganography - derived from the Greek words meaning "covered writing" - essentially involves hiding information or communications inside something so unremarkable that no one would suspect it's there. It's the cyber-equivalent of invisible ink or the "dead drops" that spies use to pass secrets.

Experts say Al Qaeda, along with the Palestinian terrorist groups Hezbollah and Hamas, have used computer software available for free on the Internet to communicate via virtually undetectable messages embedded electronically within innocuous photographs or music files of the sort that millions of Internet users send to each other each day.

Using it as a ruse, bin Laden's terror operatives allegedly have been able to bury maps, diagrams, photos of targets and messages within popular music, auction and sports sites as well as pornographic chat rooms - incongruous territory for devout Muslim fundamentalists.

Secrets even can be hidden in spam, the millions of unwanted e-mail messages ricocheting daily across the Internet that barely register with most users before they delete them. Communicating this way makes it extraordinarily difficult for law enforcement to pick up on, much less interdict or trace.

"The sender can transmit a message without ever communicating directly with the receiver. There is no e-mail between them, no remote logins, no instant messages," wrote Bruce Schneier of Counterpane Internet Security. "Steganography is a good way for terrorist cells to communicate... without any group knowing the identity of the other."

It's an old concept, written about in 474 B.C. by Greek historian Herodotus, who described how Histiaeus of Miletus shaved the head of a slave and tattooed a secret message on his scalp. When the slave's hair grew back, Histiaeus dispatched him to the Greeks, who shaved the slave's head and read the message.

During World War II, invisible ink was used by all sides. And the Germans perfected the use of "microdots," in which a page of writing could be reduced to the size of a dot on a letter - only to be enlarged by the recipients and read.

Computer steganography essentially piggy-backs information on empty or unimportant spaces in digital files. But those who want to employ the method don't need to understand the complex concepts at work - all they have to do is download software available free or for less than $50 from more than two dozen Internet sites.

Follow the instructions for using the software and, with a few mouse clicks, you've hidden a message that is all but undetectable, except by the person you have tipped to where to find it.

Photo or music files with such messages embedded are indistinguishable to the human eye or ear from identical ones lacking the secret data. (For an example of how this works, go to http://www.spammimic.com, and embed your own message in spam.)

That fact exponentially increases the difficulty for investigators trying to track terrorist communications online. "With the volume of documents, photos, video and sound files moving on the Internet, there is no system powerful enough to analyze every object for hidden messages," wrote Barry Collin(CQ), research fellow at the National Interagency Civil-Military Institute of the National Guard Bureau.

And an interceptor can be hamstrung even more if the hidden message is encrypted into code. Bin Laden's network allegedly does just that.

The Justice Department, citing the difficulty of monitoring and detecting cyber-communications among terrorists, is asking Capitol Hill to relax legal restrictions or force software writers to supply their secrecy code "keys" to the government in order to make it easier for agents to tap into everyday e-mail on a broad hunt for miscreants and de-scramble what they find.

Civil libertarians say such privacy invasions are unnecessary; efforts should be directed instead toward techniques to detect and disable cyber-steganography.

The intelligence community is hard at work with university researchers creating sophisticated detection programs that use complex algorithms to conduct statistical tests capable of identifying stenographic footprints.

One new software package of interest to the Air Force was developed by research professor Jessica Fridrich at Binghamton University in New York state. Called "Securestego," it allows a user to return a digital image modified by steganography to its original state - that could derail such a message before it could reach its intended receiver.


TOPICS: Extended News; Foreign Affairs; News/Current Events
KEYWORDS: alqaeda; alqaida; communications
Navigation: use the links below to view more comments.
first 1-5051-78 next last

1 posted on 10/04/2001 6:46:51 PM PDT by Thanatos
[ Post Reply | Private Reply | View Replies]

To: Thanatos
The huge bandwidth of the internet makes the sending of covert messages very easy. I'm not surprised to learn that we think the bad guys are hiding the messages in pictures. I would think it would be very difficult to detect a little text encoded in a seemingly purely graphic file.
2 posted on 10/04/2001 6:54:22 PM PDT by conservatism_IS_compassion
[ Post Reply | Private Reply | To 1 | View Replies]

To: conservatism_IS_compassion
The monkey flies at noon! shhhhhh
3 posted on 10/04/2001 7:03:32 PM PDT by Texaggie79
[ Post Reply | Private Reply | To 2 | View Replies]

To: conservatism_IS_compassion
One night I was messing around on the 'puter and being new and learning by trial and error I brought up a coded web site. At first I was confused because I thought it was Chinese but at closer examination I realized it was not chinese or anything else. It was a lot of symbols and characters that I would'nt think a key board could make.it scared me and I got out of there as quick as I could. Now I wish I had looked at the web addy. But I was too nervous.!!
4 posted on 10/04/2001 7:04:50 PM PDT by poweqi
[ Post Reply | Private Reply | To 2 | View Replies]

To: Texaggie79
Ah hah! That's why some peoples sisters get moose bites =)
5 posted on 10/04/2001 7:08:09 PM PDT by fone
[ Post Reply | Private Reply | To 3 | View Replies]

To: poweqi
Was is similar to this or was it even funkier? Them Arabian sites have some weird looking writing. Did you delete your history?
6 posted on 10/04/2001 7:12:32 PM PDT by Texaggie79
[ Post Reply | Private Reply | To 4 | View Replies]

To: poweqi
Or was more like this? These are cool eh?
7 posted on 10/04/2001 7:14:35 PM PDT by Texaggie79
[ Post Reply | Private Reply | To 4 | View Replies]

To: Texaggie79
.....cute wingdingy thingies.....

.....but the "code" that is not shown by the browser.....

.....is where the really kewl stuff is.....

8 posted on 10/04/2001 7:16:49 PM PDT by cyberaxe
[ Post Reply | Private Reply | To 6 | View Replies]

To: Texaggie79
No, it is true. This stuff has been available on hacker bulletin boards since at least 1992 that I am aware of.

There was a bulletin board that was distributing soft porn avi files that had all kinds of text comments embedded in the files. The one I remember seeing was an avi of Jamie Lee Curtis removing a blouse. Opening this file with a text editor revealed instructions for hacking into TRW credit reports along with a bunch of jokes and show off scarism. They also had instructions for other bulletin boards to goto for obtaining the embedding software. It was pretty low tech stuff and judging from the maturity level of the writing, I would judge that the board was set up and being run by adolesents. I seem to remember reading that the board was busted by the FBI for one thing or another, it was located in Live Oak, CA, just North of Yuba City.

9 posted on 10/04/2001 7:18:47 PM PDT by SSN558
[ Post Reply | Private Reply | To 3 | View Replies]

To: Texaggie79
    Them Arabian sites have some weird looking writing.

No kidding, makes you wonder why they even need encryption..

10 posted on 10/04/2001 7:19:11 PM PDT by Jhoffa_
[ Post Reply | Private Reply | To 6 | View Replies]

To: cyberaxe
like this:
11 posted on 10/04/2001 7:19:54 PM PDT by Texaggie79
[ Post Reply | Private Reply | To 8 | View Replies]

To: Texaggie79
Soon we'll all be wearing bar codes on our foreheads like a can of green beans in a supermarket.
12 posted on 10/04/2001 7:20:08 PM PDT by VA Advogado
[ Post Reply | Private Reply | To 7 | View Replies]

To: Thanatos
Hmm, sorta like Stegano for the GIMP (GNU Image Manipulation Program)?
13 posted on 10/04/2001 7:21:26 PM PDT by adx
[ Post Reply | Private Reply | To 1 | View Replies]

To: SSN558
Oh I know. A real easy way is to get a hex editor and just embed it in any software.
14 posted on 10/04/2001 7:22:39 PM PDT by Texaggie79
[ Post Reply | Private Reply | To 9 | View Replies]

To: Thanatos
M-O-O-N spells MOON
15 posted on 10/04/2001 7:24:47 PM PDT by Pistacio
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pistacio
The Stand
16 posted on 10/04/2001 7:28:16 PM PDT by Texaggie79
[ Post Reply | Private Reply | To 15 | View Replies]

To: Texaggie79
"Was is similar to this or was it even funkier? Them Arabian sites have some weird looking writing. Did you delete your history?"
17 posted on 10/04/2001 7:29:32 PM PDT by KingNo155
[ Post Reply | Private Reply | To 6 | View Replies]

To: Texaggie79
klinton i$ an @$$whole! (spread the word)
18 posted on 10/04/2001 7:31:10 PM PDT by rockfish59
[ Post Reply | Private Reply | To 3 | View Replies]

To: Pistacio
Has anyone typed Q33 NY in MS word or works? Type it in and then change the font size to 48 and the font style to Wingdings. It shows a plane flying into 2 towers and a skull and bones next to the star of David. How did this get there?
19 posted on 10/04/2001 7:31:26 PM PDT by Ron in Acreage
[ Post Reply | Private Reply | To 15 | View Replies]

To: Jhoffa_

20 posted on 10/04/2001 7:32:56 PM PDT by KingNo155
[ Post Reply | Private Reply | To 10 | View Replies]

To: Thanatos
We wouldn't have to worry about terrorists sending messages to each other within the U.S. if we never let them in the country. Throw the bums out!!
21 posted on 10/04/2001 7:33:18 PM PDT by NoControllingLegalAuthority
[ Post Reply | Private Reply | To 1 | View Replies]

To: Texaggie79
.....btw.....

.....FR's new software doesn't let us use the.....

.....!!!! thingy.....

22 posted on 10/04/2001 7:35:05 PM PDT by cyberaxe
[ Post Reply | Private Reply | To 11 | View Replies]

To: Texaggie79
.....btw.....

.....FR's new software doesn't let us use the.....

.....!!!! thingy.....

23 posted on 10/04/2001 7:37:16 PM PDT by cyberaxe
[ Post Reply | Private Reply | To 11 | View Replies]

To: cyberaxe
Explain this:

How terrorists hide messages online
Reply 23 to Texaggie79 by cyberaxe
9261858 posted on 10/04/2001 19:37:16 PDT

How terrorists hide messages online
Reply 22 to Texaggie79 by cyberaxe
9261802 posted on 10/04/2001 19:35:05 PDT

24 posted on 10/04/2001 7:39:29 PM PDT by Texaggie79
[ Post Reply | Private Reply | To 23 | View Replies]

To: Ron in Acreage
read #19
25 posted on 10/04/2001 7:41:35 PM PDT by Ron in Acreage
[ Post Reply | Private Reply | To 19 | View Replies]

To: Texaggie79
TRANSLATION: ALL YOUR BASE ARE BELONG TO US.
26 posted on 10/04/2001 7:42:49 PM PDT by Dick Bachert
[ Post Reply | Private Reply | To 6 | View Replies]

To: Texaggie79
.....i could.....

.....but then i'd have to.....

.....well u know.....

27 posted on 10/04/2001 7:48:04 PM PDT by cyberaxe
[ Post Reply | Private Reply | To 24 | View Replies]

To: cyberaxe
That is a price I'm willing to pay!
28 posted on 10/04/2001 7:51:29 PM PDT by Texaggie79
[ Post Reply | Private Reply | View Replies]

To: Texaggie79
....."Forum Version 2.0a Copyright © 1999 Free Republic, LLC".....

.....still gotta few bugs.....

29 posted on 10/04/2001 7:57:03 PM PDT by cyberaxe
[ Post Reply | Private Reply | To 28 | View Replies]

To: Thanatos
Two dogs, four fliers, 50,000 walkers, and 91101, does it add up to>>>>>terrorism?
30 posted on 10/04/2001 7:59:42 PM PDT by Grassontop
[ Post Reply | Private Reply | To 1 | View Replies]

To: DonQ
Seems to me that the keys to being able to receive the messages is to just have an unencrypt program and know which website to visit. If thats the case then the confiscated computers should reveal some really useful stuff.

PCs keep records of website visits and ISPs keep records of website visits by a paticular computer so it shouldnt be too difficult to crack this thing open. Not as difficult as cracking the Enigma Machine during WW2.

I can imagine that there are some folks that will find this challenge irresistible to tackle.....and just for the fun of it.

31 posted on 10/04/2001 8:01:04 PM PDT by backtobasics
[ Post Reply | Private Reply | To 22 | View Replies]

To: cyberaxe
.......can you type........

......any other way......

...... than this?........

32 posted on 10/04/2001 8:02:54 PM PDT by Texaggie79
[ Post Reply | Private Reply | To 29 | View Replies]

To: Thanatos
There was a blurb on this on Dateline I think it was. They would set up an email account with an ISP. Then, they would compose emails, but never send them. The emails remained in the "out" box and could be read by anybody having the userid/password. But never actually get sent.
33 posted on 10/04/2001 8:03:12 PM PDT by djf
[ Post Reply | Private Reply | To 1 | View Replies]

To: Texaggie79
yes

.....but it's easier to find your place in code.....

.....when you put in some markers.....

34 posted on 10/04/2001 8:07:09 PM PDT by cyberaxe
[ Post Reply | Private Reply | To 32 | View Replies]

To: Texaggie79
Ibgd Yehrw Knexl!

Hint: Caesar Cipher

35 posted on 10/04/2001 8:24:04 PM PDT by Hoosier Patriot
[ Post Reply | Private Reply | To 3 | View Replies]

To: Hoosier Patriot
.....Èä áÇÏä ÓíÌÇÑÉ.....

.....(if you have arabic fonts you'll get it).....

36 posted on 10/04/2001 8:50:21 PM PDT by cyberaxe
[ Post Reply | Private Reply | To 35 | View Replies]

To: ALL
Reading thru the Replies to this posting.. It seems that most are from "Skeptics" who seem to want to blow off the fact that the very people who murdered over 5000 AMERICAN and International Citizens used this method to plan and coordinate their attack against our Homeland.

A couple of Years ago, here on Free Republic, there was alot of discussion about the Clinton Administration wanting encryption suppliers to give "Back-Door" Codes to allow Federal Law Enforcement and Intelligance Agencies to be able to access and "Crack" messages used to encrypt messages.. The General Consense here on Free Republic was "Whoa.. no way.. Clinton just wants to infringe on our Constitutional Rights".. There were even people Freaking when Microsoft was developing WindowsME and they thought Microsoft had put in "Back-Door" keys in it's encryption. Well, I hate to break it to everyone.. This whole Article I posted is the reason why our Goverment was and is pushing for these codes.

As 20/20 Hindsight is our most infallible way of finding out what happened.. Here are some White Papers, Articles, and links to Software that shows how this is done and the Information that was linked to Osma Bin Laden's group Al-Qaida was using this for YEARS before the 911 attack on US Soil, our Embassies overseas, and the USS Cole.

US Today, Dated June 19, 2001
Terror groups hide behind Web encryption
Excerpt:
"Uncrackable encryption is allowing terrorists — Hamas, Hezbollah, al-Qaida and others — to communicate about their criminal intentions without fear of outside intrusion," FBI Director Louis Freeh said last March during closed-door testimony on terrorism before a Senate panel. "They're thwarting the efforts of law enforcement to detect, prevent and investigate illegal activities."

US Today, Dated June 19, 2001
Terrorist instructions hidden online
Excerpt:

"Through weeks of interviews with U.S. law-enforcement officials and experts, USA TODAY has learned new details of how extremists hide maps and photographs of terrorist targets — and post instructions for terrorist activities — on sports chat rooms, pornographic bulletin boards and other popular Web sites. Citing security concerns, officials declined to name the sites. Experts say it's difficult for law enforcement to intercept the messages.

"It's something the intelligence, law-enforcement and military communities are really struggling to deal with," says Ben Venzke, special projects director for iDEFENSE, a cyberintelligence company."

U.S. officials and militant Muslim groups say terrorists began using encryption — which scrambles data and then hides the data in existing images — about five years ago.

But the groups recently increased its use after U.S. law enforcement authorities revealed they were tapping bin Laden's satellite telephone calls from his base in Afghanistan and tracking his activities."

NetSecurity, About. Sep, 17, 2001:
Methods Terrorists Use

August 2001, CITI Techreport
Detecting Steganographic Content on the Internet

US alert: coded message reveals bin Laden terror plot, July 20, 2001
US alert: coded message reveals bin Laden terror plot
Excerpt:
"The United States is expecting a terrorist attack orchestrated by the Saudi extremist Osama bin Laden soon, and has placed its forces in the Middle East on the highest level of alert.

State Department officials said intelligence services had intercepted a coded message to one of bin Laden's senior operatives outlining plans for the attack."

Newsmax, Feb. 9, 2001
U.S. Makes Cyberwar on Bin Laden
Excerpt:
"Since 1994, bin Laden has used modern technology such as laptop computers, regular computers, faxes, cell phones, e-mails and the Internet to help set up his networks in Western Europe and 50 other countries, U.S. government officials said.

But to counter his vulnerability to the NSA and America's superior electronic warfare resources, including Vortex satellites that vacuum up microwave transmissions, bin Laden has resorted to "the application of traditional tradecraft" to the Net world, Venzke said. In the past, spies "hid micro dots in letters," he said. Today, bin Laden operatives hide encrypted messages "in the middle of a porno picture." or use chat rooms or other seemingly harmless venues to deliver covert orders."

Wired News, Feb. 7, 2001:
Bin Laden: Steganography Master?
Excerpt:
"WASHINGTON -- If there's one thing the FBI hates more than Osama bin Laden, it's when Osama bin Laden starts using the Internet. So it should be no surprise that the feds are getting unusually jittery about what they claim is evidence that bin Laden and his terrorist allies are using message-scrambling techniques to evade law enforcement.

The Clinton administration substantially relaxed -- but did not remove -- regulations controlling the overseas shipments of encryption hardware and software, such as Web browsers or Eudora PGP plug-ins.

Three years ago, FBI Director Louis Freeh spent much of his time telling anyone who would listen that terrorists were using encryption -- and Congress should approve restrictions on domestic use.

"We are very concerned, as this committee is, about the encryption situation, particularly as it relates to fighting crime and fighting terrorism," Freeh said to the Senate Judiciary committee in September 1998. "Not just bin Laden, but many other people who work against us in the area of terrorism, are becoming sophisticated enough to equip themselves with encryption devices."

steganographic software

There is more, but you all get the Idea..

37 posted on 10/04/2001 9:06:17 PM PDT by Thanatos
[ Post Reply | Private Reply | To 33 | View Replies]

To: Texaggie79
Well, now, we all can do that too. We can post messages that no one can read, unless they know how to read it. Do you know how to read this?

Are there many foreign Arabs where you live? We have some in a few our out cities out there, but I’ve never seen any in the small city near where I live.

38 posted on 10/04/2001 9:17:52 PM PDT by Fred25
[ Post Reply | Private Reply | To 6 | View Replies]

To: Alamo Girl, JohnHuang2 , Jimrob, Clinton's a liar, Askel5, Ed_in_NJ,Travis McGee,
Info Bump..
39 posted on 10/04/2001 9:22:34 PM PDT by Thanatos
[ Post Reply | Private Reply | To 37 | View Replies]

To: Thanatos prism
Yes but you still have to communicate otherwise so your partner can unlock the image.

Where the hell is prism when you need him?

40 posted on 10/04/2001 9:25:57 PM PDT by Askel5
[ Post Reply | Private Reply | To 1 | View Replies]

To: Legion59

41 posted on 10/04/2001 9:26:34 PM PDT by Askel5
[ Post Reply | Private Reply | To 40 | View Replies]

To: Jim Robinson; Bob J; kattracks; Howlin; Republic; Alamo-Girl
Info bump
42 posted on 10/04/2001 9:29:21 PM PDT by Thanatos
[ Post Reply | Private Reply | To 39 | View Replies]

To: Askel5
Pre-set codes (passwords) are easy to pre-set.. Especially since all if not most of these terrorist were trained in Bin Laden's camps..
43 posted on 10/04/2001 9:30:49 PM PDT by Thanatos
[ Post Reply | Private Reply | To 40 | View Replies]

To: Ron in Acreage
Really?? Wow, I hadn't heard about that. By the way, I did hear that there was some sort of patriotic statement written by Ted Nugent, but I just can't seem to find it anywhere.

</bitter sarcasm>

44 posted on 10/04/2001 9:35:53 PM PDT by GOPmember
[ Post Reply | Private Reply | To 19 | View Replies]

To: Thanatos
Anyone been reading my secret embedded "messages"?
45 posted on 10/04/2001 9:36:45 PM PDT by Registered
[ Post Reply | Private Reply | To 43 | View Replies]

To: Registered
I haven't been getting them. Are you sure you are logged on?
46 posted on 10/04/2001 9:42:45 PM PDT by Gadsden1st
[ Post Reply | Private Reply | To 45 | View Replies]

To: Thanatos
Pre-set codes (passwords) are easy to pre-set.. Especially since all if not most of these terrorist were trained in Bin Laden's camps..

Encription does not just involve passwords, which would be relatively easy to hack into with certain programs. Encription involves using public and private keys (long series of random characters) that must be shared. I encript using my public key and you decrypt using the private part that I shared with you earlier.

47 posted on 10/04/2001 9:44:31 PM PDT by GallopingGhost
[ Post Reply | Private Reply | To 43 | View Replies]

To: Thanatos
Keep your eyes peeled!

they are out there and are even so arogant they are doing it on boagus sites with clearly no legitament purpose.

You or I can't afford to purchase .com extensions and have nothing of any logical sense placed on them.

These guys are send messages right in front of our faces and very blatently!
48 posted on 10/04/2001 9:49:39 PM PDT by Soul Citizen
[ Post Reply | Private Reply | To 1 | View Replies]

To: Askel5
'Yes but you still have to communicate otherwise so your partner can unlock the image.'

Easily done. We meet in a virtual public place, like a chat room...
49 posted on 10/04/2001 9:59:31 PM PDT by al-andalus
[ Post Reply | Private Reply | To 40 | View Replies]

To: Thanatos
"the very people who murdered over 5000 AMERICAN and International Citizens used this method to plan and coordinate their attack against our Homeland."

That's right they probably used a tool to accomplish some task. I also use tools and this one would come in handy for some tasks I might want to do. I'm not about to give a blank check to any government to check out my activities whenever they see fit. If the government, educators and certain other folks were not in the prohibition business, all of whatever planning and preparation they did in secret would have gone down the toilet if the pilots would have plugged 'em when they exposed themselves.

Most of them weren't supposed to be here anyway. It's the liberal handlers in govm't, media and education that are the problem, not Freedom and individual rights.

50 posted on 10/04/2001 10:05:08 PM PDT by spunkets
[ Post Reply | Private Reply | To 37 | View Replies]


Navigation: use the links below to view more comments.
first 1-5051-78 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson