Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Communications Privacy

Passive E-Mail Monitoring Leads To Arrest 921

Posted by CmdrTaco
from the dropping-the-echelon-bomb dept.
www.2advanced.net writes "The world's first arrest resulting from passive monitoring of electronic communications is being reported by Globe Technology. In the article, sources reveal that 'an e-mail message intercepted by NSA spies precipitated a massive investigation by intelligence officials in several countries that culminated in the arrest of nine men in Britain and one in suburban Orleans, Ont. -- 24-year-old software developer Mohammed Momin Khawaja, who has since been charged with facilitating a terrorist act and being part of a terrorist group.'"
This discussion has been archived. No new comments can be posted.

Passive E-Mail Monitoring Leads To Arrest

Comments Filter:
  • Orleans (Score:5, Interesting)

    by dolo666 (195584) on Wednesday April 07, 2004 @10:11AM (#8792300) Journal
    For those of you who have no idea where Orleans is in Ontario, its very close to Ottawa [mapquest.com] (minutes away), and about 2 hours from Montreal and 3.5 hrs from Toronto, making it an ideal spot to plan terrorist action in Canada. Ottawa is a couple hours from the US/Canadian border [mapquest.com], and for those of you who have never driven the distance, it's a very somber drive, with extremely easy access into the United States. I knew a rum-runner once who would move liquor out of the states at an alarming rate through the St. Lawrence River border; a hardly monitored area concerned more with tourism than security, then. Today, it's a different story, I'm told.
    • by rwiedower (572254) on Wednesday April 07, 2004 @10:15AM (#8792362) Homepage
      Today, we must FEAR those EVIL Canadians and their rum-running abilities. In fact, we have to use our "army of cryptographers, chaos theorists, mathematicians and computer scientists" to defeat just one of those crazy canuck masterminds.
      • There is no need to fear evil Canadians. There is a very significant need to fear apathetic Canadians.

        Our politicians still don't think we have a terrorist problem. Our politicians think the Americans are the cause of all their terrorist problems. Our politicians think that if the Americans would just be nice to everyone all the time, everything would be just fine.

        So, while we raise taxes for 'anti-terrorism' the money actually goes into a big pot and is spent on anything but solutions that the governm
        • Apathetic... (Score:3, Insightful)

          by Allen Zadr (767458)

          Apathetic Canadians are no worse than apathetic US Citizens. US politicians have no problem with terrorists, as it only creates more jobs (defense spending == jobs). More jobs means less to complain about, and (finally) less to complain about leads to apathetic citizens. The US voting system allows far more control and granularity on whom we put in office, and frankly I think US citizens (in general) are far less likely to pay attention to important issues and vote along issue lines.

          Already the US presi

          • Re:Apathetic... (Score:3, Insightful)

            by DrEldarion (114072)
            US politicians have no problem with terrorists, as it only creates more jobs

            Which is why we saw a huge economic takeoff after 9/11, right?
        • Fess up! Canada's insideous evil OOZES down over the border like Maple Syrup!
        • by pcb (125862) <{moc.liamg} {ta} {yeldarb.c.retep}> on Wednesday April 07, 2004 @01:28PM (#8794844) Homepage
          Why do Canadians always talk to Americans with that pathetic tone. We are, who we are. Don't be such an apologist...it makes everybody look bad. Canada, like every other country, is just a bunch of people trying to get through life as best they can. Sometimes we make mistakes, sometimes we get it right. There is nothing to apologize for.

          -PCB
    • Re:Orleans (Score:5, Interesting)

      by irix (22687) on Wednesday April 07, 2004 @10:28AM (#8792540) Journal

      For those of you who have no idea where Orleans is in Ontario, its very close to Ottawa

      Orleans is part of Ottawa [ottawa.on.ca] actually - one of the east end suburbs.

      Also, the guy alledgedly was planning something in the UK, not the US, so the proximity to the US border isn't really an issue. Besides, something like 90% or our population is within a few hours of the US border.

  • Doh... (Score:5, Insightful)

    by Mysticalfruit (533341) on Wednesday April 07, 2004 @10:14AM (#8792342) Homepage Journal
    All your base are belong to NSA

    Though it really surprises me that the NSA would actually take responsibility for passing along tips.

    Generally they just pass stuff to the other three letter organizations and they take it from there.

    • Re:Doh... (Score:3, Insightful)

      by pjt33 (739471)
      It isn't plausibly deniable that it was NSA who obtained the information. May as well be straight about it, because that will bolster denials on other subjects in the future.
    • Re:Doh... (Score:5, Insightful)

      by Dun Malg (230075) on Wednesday April 07, 2004 @10:25AM (#8792496) Homepage
      Though it really surprises me that the NSA would actually take responsibility for passing along tips.

      Generally they just pass stuff to the other three letter organizations and they take it from there.

      I suspect that with all the attention being paid to the traditional lack of cooperation between the various TLA orgs, they're probably falling all over themselves now to show how cooperative they can be. NSA has always been a little better than the others, as this is its primary function-- it doesn't use (ahem) "field operatives" to the same degree that the FBI and CIA does. The real head-butting goes on between the FBI and CIA. The culture of "cops" vs. that of "spooks" creates a lot of friction. They've never worked well together.

  • by Xshare (762241) on Wednesday April 07, 2004 @10:14AM (#8792344) Homepage
    It seems like YRO, I mean, they were monitoring his email, they probably are monitoring ours!
    • by andy1307 (656570) on Wednesday April 07, 2004 @10:18AM (#8792389)
      Come to think of it, spam makes the job of the NSA more difficult. Must be hard finding an e-mail about a terrorist plot among all the mail for a larger. Shouldn't the government do something about spam: It's a national security issue. OTOH, if the NSA has a good spam filter they use before reading my mail, i'd be happy if they could share the technology with the rest of the world.
      • Come on now dude. (Score:3, Interesting)

        by Lord Kano (13027)
        OTOH, if the NSA has a good spam filter they use before reading my mail, i'd be happy if they could share the technology with the rest of the world.

        Just look at this guy's name.

        Mohammed Momin Khawaja

        Consider the number of known Al-Queda operatived who have the first name Mohammed. It wouldn't surprise me in the least if the NSA, FBI, and CIA routinely monitored the communications of everyone in the western hemisphere who has an Arabic name.

        They can't have that much spam to weed through.

        LK
      • That is a simply amazing idea...you sir are a genius. How many spam e-mails are there floating around the internet purporting to be from some spurious e-mail at hotmail.com (anna342ds3421@hotmail.com)?

        If you wanted to communicate something to a person without the message being picked up, you get the person to sign up to porn and spam lists with their e-mail.

        When you want them to launch their attack, or to come over for some hawt loving behind their husband's back, you register an e-mail as anonymously
      • by fbform (723771) on Wednesday April 07, 2004 @11:23AM (#8793243)
        Shouldn't the government do something about spam: It's a national security issue. OTOH, if the NSA has a good spam filter they use before reading my mail, i'd be happy if they could share the technology with the rest of the world.

        Consider this steganographic method:

        1. Take a brief secret message you want to send (less than about 12 characters).
        2. Take a standard spam email.
        3. Set i to 0.
        4. Search for the next occurrence of (the ith character of the secret message) in the spam email.
        5. Replace that letter in the spam email with something else, such that the new word which is formed is NOT in the dictionary.
        6. Increment i and repeat for the whole secret message.
        7. Send the new spam email (with the grotesque misspellings) to intended recipient.

        To decrypt:
        1. Search the spam email for the first misspelled word and suggest replacements from the dictionary (knowing that exactly one letter was misspelled). Compare with the misspelled word and get all possible candidate letters for that position.
        2. Repeat for all such misspelled words.
        3. You will now have a (hopefully small) number of possible letters for each position. Do an exhaustive permutation of them all (hopefully it will not be larger than about 10^7) and search for messages with sequences of letters which DO exist in the dictionary.
        4. You will now have a small number of candidate decrypted messages. Decide for yourself (context-based) what the intended message was.

        I personally know someone who implemented this exact scheme and tried it with a few individual words (he wanted to send one word of secret message per spam email to keep the combinatorial explosion within bounds). Unfortunately most his fake spam emails were deleted by his spam filters. But it's an intriguing idea nonetheless.

        My point is: how would you keep track of all that spam and analyze them for such stunts? God knows we have enough spam with intentional misspellings to defeat Bayesian filtering already. Just add strong crypto to the plaintext message before embedding it in the fake spam and we now have much harder problems. Is there even a theoretical way to detect (leave alone decrypt) such messages?

  • Yeah right... (Score:4, Insightful)

    by bcmm (768152) on Wednesday April 07, 2004 @10:15AM (#8792356)
    Yeah right, like any terrorists would use unencrypted email.
    • Re:Yeah right... (Score:5, Insightful)

      by arc.light (125142) <dbcurry@@@hotmail...com> on Wednesday April 07, 2004 @10:20AM (#8792414)
      These guys aren't accused of being geniuses, just violent thugs.
    • Re:Yeah right... (Score:5, Interesting)

      by andy1307 (656570) on Wednesday April 07, 2004 @10:20AM (#8792420)
      Encrypted to you perhaps, but really encrypted to the NSA? I don't think so..

      I don't know where i read this. A terrorist group was using hotmail to plot terrorist attacks. One terrorist in Pakistan would compose a message and save it in the drafts folder without sending it. The other terrorist across the world would log into the same account and read the message from the drafts folder.

    • Re:Yeah right... (Score:5, Interesting)

      by davejenkins (99111) <.slashdot. .at. .davejenkins.com.> on Wednesday April 07, 2004 @10:22AM (#8792452) Homepage
      Yeah right, like any terrorists would use unencrypted email

      Hey, these are the same dipshits that confused AM/PM on their bomb in Spain, and blew themselves up in Gaza because they didn't account for daylight savings time.

      I am sure that some of them try to use encryption, but:
      1. I would guess a mojroity of the traffic is in the clear, "security through nonchalance and obfuscation"

      2. What makes you think that the encryption systems available to the general public aren't easily cracked by the boys in Virginia and Maryland?
      • Re:Yeah right... (Score:5, Insightful)

        by wishus (174405) * on Wednesday April 07, 2004 @10:26AM (#8792518) Journal
        2. What makes you think that the encryption systems available to the general public aren't easily cracked by the boys in Virginia and Maryland?

        Mathematics.
        • Re:Yeah right... (Score:3, Insightful)

          by meringuoid (568297)
          And the huge fuss they made when Phil Zimmermann released PGP on the net. If they could crack it easily, why would they have cared?
          • Re:Yeah right... (Score:5, Interesting)

            by rjelks (635588) on Wednesday April 07, 2004 @10:46AM (#8792797) Homepage
            Okay, tinfoil hat time: I'm not saying I believe this, but why couldn't the NSA develop a great encryption scheme like PGP, release it to the public under the guise of an individual, then scream bloody murder? Everyone grabs it up because they think it can't be cracked, and the NSA sits back decrypting what they want? Misinformation seems kind of easy. No offense to Phil.

            -
        • There are in many key types, such as RSA which relies on prime number factoring difficulties, where there is no published proof on how hard it has to be to crack the keys, (and no proof on how hard it has to be to find a previously-unknown weakness).

          No one has published how to easily crack RSA for long key lengths. A smart mathematician working for NSA could have solved the problem years ago if they can keep a good secret.

          And quantum computing seems to be on the horizon as well, and I would not put it pa

          • Yes, RSA is potentially insecure, as there is no mathematical proof guarenteeing that there is no polynomial-time algorithm for solving NP-complete problems.

            However, what makes you think that terrorists would use public key encryption? Presumably, these people meet in person, in secret, to discuss illegal activities. In such a scenario, they could give each other their passphrase by word of mouth. Public key encryption is only relevant when the medium for transmitting your keys is insecure.

            If I remember r
      • A few reasons... (Score:5, Interesting)

        by Kjella (173770) on Wednesday April 07, 2004 @11:21AM (#8793220) Homepage
        2. What makes you think that the encryption systems available to the general public aren't easily cracked by the boys in Virginia and Maryland?

        1. You can not brute force a 256+ bit encryption. It'd be like every atom of earth (2^171) solving at 1THz (2^40) for a million years (2^45). So it must be an algorithm attack.

        2. A lot of encryption theory is developed outside the US or in academia as theoretical mathematics. They do not have a monopoly on intelligence, or on trying to crack them.

        3. Most encryption protocols rely on well published, well researched topics, like difficulty of factorization as opposed to multiplication. For them to have it would imply that a) such a solution exists and b) that they, but not anyone outside of their community would find it.

        4. Most encryption protocols are vastly overengineered compared to the threats. Like, e.g. an opponent with a million times more computing power (-20 bits) or capable of instantly rejecting 99% of the keys (-7 bits) would have nearly no influence on the difficulty.

        In short, there's every reason to believe that your favorite three-letter agency will capture the input before encryption or after decryption, due to a flawed implementation, unsecure handshake or through a man-in-the-middle attack than breaking the encryption/algorithm itself.

        Kjella
    • Re:Yeah right... (Score:3, Insightful)

      by Coryoth (254751)
      Think about the amount of time you spend having to clean spam out of your mailbox. Now imagine the amount of time required to clean the spam out of everyones mailbox as you try to find any useful content. In theory you don't need encryption if you're lost in the noise. Or, at least, I imagine that would have been their thinking.

      Jedidiah.
    • Re:Yeah right... (Score:5, Insightful)

      by jfengel (409917) on Wednesday April 07, 2004 @10:41AM (#8792736) Homepage Journal
      At this point, using encrypted mail makes you stand out as somebody with something to hide. I don't believe that the NSA can easily break commercially-encrypted email, but I believe that if you give them cause to concentrate enough effort on your mail, they'll find a way. Especially since they can probably use various guessed-plaintext attacks. End every email with "Allah be praised" and you're pretty much toast.

      Even if they can't break the encryption, the traffic analysis allows them to figure out who is talking to whom, and that allows them to direct other forms of intelligence gathering.

      I've heard of small efforts to confuse and annoy the NSA by the regular use of encrypted email by people with nothing to hide, but such things are difficult to use at the moment, what with the key exchanges, the requirements to use particular mailers, and the fact that many people don't particularly want to participate in that little game, especially since it does leave you open to scrutiny.

      Combine that with a previous poster's observation that terrorists are more thugs than criminal masterminds, and yeah, I suspect that most of these efforts (at least at the low levels) do in fact use plaintext email.

      Not that that makes the NSA's life easy. There's an awful lot of email out there, and just looking for words like "bomb" in an email is going to be worthless.

      This case, I suspect, probably started with one email address that they suspected to be used by a terrorist through some other form of intelligence. That allows them to narrow down the search space.

      In other words, I doubt they have any techniques that allow them to take the entire firehose of email and sip out a manageable amount based just on the text. Which means that they're almost certainly not really reading your email, and you can include "I'm going to blow up the President" all you like without incurring the slightest notice, unless they've got some other bead on you already.

      Which doesn't mean that they couldn't read your email, if they so chose. They're not allowed to, if you're in the United States, but the capability certainly exists. Which is the remarkable part of this story: them admitting the capability. I really don't know why.
  • Nice to hear (Score:3, Insightful)

    by neoform (551705) <djneoform@gmail.com> on Wednesday April 07, 2004 @10:15AM (#8792357) Homepage
    That the NSA can just listen in to any/all communications like that. Makes me wonder if they're listening to me right now.
    • Re:Nice to hear (Score:5, Interesting)

      by I confirm I'm not a (720413) on Wednesday April 07, 2004 @10:29AM (#8792556) Journal

      Possibly not - obviously the various PATRIOT acts have changed the landscape somewhat, but hasn't it traditionally been against the law for the US government to monitor US citizens without a warrant? Echelon was established in the aftermath of the 2nd World War, and basically provided a mechanism for spying on your own citizens: Canada spies on US citizens, and alerts the US authorities, and vice verca. Insert any combination of UK, Australia and NZ governments here for the full horror.

      In other words - the NSA probably don't need to monitor you. They'll find out the naughty things you're plotting, regardless!

  • by ichthus (72442) on Wednesday April 07, 2004 @10:16AM (#8792371) Homepage
    EOF
  • by Rectal Prolapse (32159) on Wednesday April 07, 2004 @10:17AM (#8792376)
    Would the NSA investigate if PGP or similar encryption was used?

    Whatever the NSA is doing to monitor all the traffic, I'm sure the RIAA and MPAA are drooling at the prospect of using this technology to catch so-called copyright violators. Civilian applications for a military technology, natch!
    • Sure they can. Check your congress' budget book and try to look for those 'missing' numbers. NSA is known to try to implant backdoors inside commercial algorithms or prodcuts, with certain '3rd party' experts coming to your office and asking to help you 'strenghten' your algorithm. For a real life example of Cryto AG surrendering: Look here [mediafilter.org] or Lotus notes [cypherspace.org]. It just makes it harder, not impossible. Remember, PGP/SSL/GnuPG is part of the solution to a secure communication channel. If your Private key is co
    • Military technology indeed! What would the Internet be without the military's efforts on the original DOD backbone on which the Internet was founded?
  • by Dr_Ish (639005) on Wednesday April 07, 2004 @10:20AM (#8792422) Homepage
    Although this news is probably bad for YRO issues, there may be an upside. If the NSA is packet-sniffing e-mail traffic, then maybe they will be motivated to find a way of reducing the amount of Nigerean printer cartridge enlargement spam messages. If we are really lucky, they may even share the solution with us all. Of course, it is also possible that the guys at the NSA may all suddenly become hung like donkeys, NOT!
  • US Law? (Score:5, Interesting)

    by l33t-gu3lph1t3 (567059) <arch_angel16 AT hotmail DOT com> on Wednesday April 07, 2004 @10:24AM (#8792482) Homepage
    Foreign traffic that comes through the U.S. is subject to U.S. laws, and the NSA has a perfect right to monitor all Internet traffic," said Mr. Farber
    Yeah...no. Am I the only person here who finds this incredibly objectionable? Internet traffic is/should not be subject to any law except for the laws governing the sending/receiving points for it. Under their reasoning, they can apply their own laws to almost the entire Internet, since so much of the Internet is routed through the US's pipes.

    Apply American laws to events occuring in America. The United States is big, but it's not everything in the world. How DARE they presume to police the world and its communications.
    • Re:US Law? (Score:4, Interesting)

      by Ieshan (409693) <ieshan@gGAUSSmail.com minus math_god> on Wednesday April 07, 2004 @10:43AM (#8792766) Homepage Journal
      Eh.

      It's a big country with a big military and big economic weight. That's how they Dare it.

      I'm not saying I agree with their policy, I just don't neccessarily degree on the grounds you've described. How is the NSA supposed to tell where a particular X is heading before it gets there without reading it?

      Your arguement seems to make sense, but it's not quite logical.
  • Oh, good (Score:5, Insightful)

    by 0x0d0a (568518) on Wednesday April 07, 2004 @10:25AM (#8792490) Journal
    Well, I've probably got a ton of fans at the NSA due to discussion of privacy issues, security, and how to design systems that disallow monitoring that I've send through AIM/ICQ/mailing lists and other non-secured messaging systems.

    Seriously, I'd say that it's a pretty reasonable bet that AIM/ICQ/MSN/Yahoo are routinely monitored. They're easy to data-mine (heck, the commercial data from that *alone* is phenomenal -- if people hear on a show that "Debora Mullins and Sandra Walker will be possibly starring in 'Shredded Metal 2', and there's a mass of messages saying "Debora Mullins sucks", that'd be awfully useful to the production company.

    As for the NSA/CIA/FBI, messaging services are frequently used, easy to log and data-mine (no speech recognition necessary) systems that provide no end-to-end encryption that pass through a single point -- in the United States.

    Jabber is the only reasonably well-designed IM system I've seen, and nobody *uses* Jabber, sadly enough.
  • by dmoore (2449) <[moc.liamg] [ta] [eroom.divad]> on Wednesday April 07, 2004 @10:26AM (#8792519)
    I know this story is probably going to get a lot of people riled up. However, it is still my understanding that the NSA goes to great pains to avoid intercepting any communication that comes from a U.S. citizen. They are strictly prohibited from doing so.

    If you are a U.S. citizen, your main privacy concerns should be with the FBI and the DoJ with their powers granted by the Patriot Act.
    • by applemasker (694059) on Wednesday April 07, 2004 @10:38AM (#8792703)
      History of the NSA and its various pre-911 ops can be found in The Puzzle Palace and Body of Secrets, both by James Bamford. The story of Glomar Explorer in those books alone is worth the read.

      Although NSA is technically prohibited from performing incercepts on U.S. citizens, they do not shy away from operating against non-citizens here in the U.S. An interesting tale in those books is how, back in the day that Western Union was the only way to transmit internationally, NSA leaned on them to in effect "Bcc" the U.S. Gov't on all incoming / outgoing faxes from the U.N. without the knowledge of our friends or allies. Sweet.

    • by parvenu74 (310712) on Wednesday April 07, 2004 @10:53AM (#8792883)
      One of the big pushes after 9-11 was for all of the intelligence agencies to "cooperate."

      When I was in the navy we conducted counter narcotics patrols off the coast of Colombia and Panama. Since the military is not allowed to engage in law enforcement (that pesky Constitution and all) we simply had a Coast Guard team (they're Dept of Transportation and not Defense, so they *can* do law enforcement) that took care of the actual boarding of vessles and law enforcement. In fact, it had to be the Coast Guard person on watch who initiated the request to investivate/board a vessle. There was no "official" cooperation between the military and the Coast Guard on this, but when you get orders on the secure circuit to "think about getting to these coordinates in exactly 12 hours" which result in the Coastie on watch saying "Oh hey -- there's a boat... let's board him!" can you deny that there is unofficial cooperation going on?

      (There were further stories about SEALS and other special forces folks who were officially discharged from the military and transferred to "another agency" for two weeks at a time in order to engage in "direct action law enforcement" before "deciding to reenter the military." It's call "sheep-dipping" and is just one more thing for the tin-foil-hatters to worry about...)

      I suspect that this is probably what's going on with the NSA et al. If the agency in question either thinks/knows they're looking at a US citizen, they can just drop a pointer to the intel in the inbox of an agency who *can* legally handle it (Oh geez -- I wonder where *that* lead came from?). Or there are teams of "not officially NSA folks" who just happen to be working at NSA alongside the others who are legally allowed to investigate US citizens (similar to Coasties on US Naval vessles for counter-narc activities).

      Take your pick as to the method in use or make up another, but I am pretty sure it's going on and will not be going away anytime soon.

    • . However, it is still my understanding that the NSA goes to great pains to avoid intercepting any communication that comes from a U.S. citizen.

      I'm sure that's a great comfort to the people living in England, France, China, Japan, Israel, Italy, Macedonia, Comoros, The Philippines, Cyprus, Antigua, Nicaragua, Haiti, Kazakhstan, Germany, Serbia, Cuba, Belize, Peru, Lesotho, Hungary, Barbados, Mali, Ecuador, Chile, Romania, Gabon, Mauritania, Greece, Laos, Seychelles, Korea, Tanzania, Russia, Argentina,

  • by manavendra (688020) on Wednesday April 07, 2004 @10:28AM (#8792552) Homepage Journal
    The quoted article seems kinda wierd to me.

    The article starts off with a diabolically, highlighting the boast of a mysterious hacker who works as NSA. No names are quoted. The whole thing is given a hollywood-esque charm (the hacker known only as "Mudhen" (mud hen? duh!), a charming pseudonym for NSA - Puzzle Palace).

    After adding sufficient soundbites to attract reader's attention, besides making one thing is it one of those devious secrets about NSA, it suddenly changes tone and highlights the achievement of NSA "spies". Charming. Other gems:

    "army of cryptographers, chaos theorists"

    "that may have pulled in the first piece of evidence"

    "massive investigation in several countries "

    And then finally a quick rundown on TCP/IP.

    One could almost mistake it for communistic propaganda, if only it hailed the fatherland (or the motherland) as well...

    ps: don't forget, there are no facts or figures mentioned anywhere in it well.
  • by mackman (19286) * on Wednesday April 07, 2004 @10:29AM (#8792569)
    We need a group of people to start discussing how cheap Viagra, a larger penis, and low-interest home mortages can be used for terrorism. Blip! Suddenly all the spam vanishes off the internet. I always hoped the NSA could be used for good as well as evil.
    • Yea, you know all the spam that have unassociated keywords and whole sentances that appear randomly throughout the spam so they bypass mail filters designed to find repetitious emails

      opensource this- a program designed to pass messages via spam, undetectable without the key...if 50,000 people get the message, and only one can read it....

      release it.. BAM! the government (homeland security) will suddenly find a way to stop spam.

  • It's sad... (Score:5, Funny)

    by waterford0069 (580760) on Wednesday April 07, 2004 @10:30AM (#8792582) Homepage
    when the most interesting thing to you about the entire story is the fact that there is now an IT job open in Ottawa.
  • E-Mail is public? (Score:5, Interesting)

    by flogger (524072) <non@nonegiven> on Wednesday April 07, 2004 @10:34AM (#8792639) Journal
    Several years ago I taught some workshops to teachers to let them learn the joys of email. I made apoint to show them that email was not sure and anything written can be read by anyone with some knowledge. After sending some emails back and forth as a class, I logged into the mail server and showed them what they had written to each other. Even though they were upset that I could see the email, they walked away remembering the message:

    Don't send anything in the email that you don't want printed in the classified ads of the local paper. Because sending email is like sending a postcard. Every postman between here and there can read what you've said.

    What makes me wonder is that these "terrorist" were sending email that was unencrypted? [tinfoil hat] Or maybe, the NSA were able to get backdoors to encryption technology and that what what is passively being listened to. [/tinfoil]
  • by zz99 (742545) on Wednesday April 07, 2004 @10:40AM (#8792719)
    My favourite in devious encryption is currently Spam Mimic [slashdot.org]

    If you were scanning all e-mails, would you put your resources on mails that looked encrypted or those that look like junk mail?
  • wardriving analogy (Score:3, Interesting)

    by WormholeFiend (674934) on Wednesday April 07, 2004 @10:40AM (#8792724)
    I find the slashdot reaction funny... when the NSA is sniffing packets that basically pass through their networks, it's bad, but some guy driving around with a computer and wireless gear is cool.

    And that's on top of all the arguments about whether broadcasting information through the Internet is/should be/isnt/shouldnt be private.

    Can you be accused of being a voyeur if the person you're looking at is walking around in public naked?

  • by ninejaguar (517729) on Wednesday April 07, 2004 @10:53AM (#8792886)
    This is the reason why most of my replies remain thoughts, and not posts.

    = 9J =

  • Stenography (Score:5, Funny)

    by pr0nbot (313417) on Wednesday April 07, 2004 @10:54AM (#8792894)
    Oh for ALLah's sake! I can't believe the waY OUR governments spy on us. Any AraB, AS Ever, is a suspect. This is going too fAR Even for Bush. It won't BE LONG before they'll be trawling slashdot looking for hidden messages. I certainly won't be moving TO the US any time soon.
  • by kakapo (88299) on Wednesday April 07, 2004 @10:55AM (#8792924)
    My guess is that encrypting your email makes it easier for the NSA -- only a tiny fraction of email traffic is encrypted. Outside of the tinfoil hat community, very, very few people bother to secure their email, so the simple act of sending an encrypted message (which can be spotted due to the low information content of cyphertext, or due to specific comments in the message header) probably flags you for attention.

    And if that message is routed from an IP address in England to a cybercafe in Pakistan then so much the better. And if mail from the same address was sent to a known bad-guy last week then better still -- and before you know it, your door gets kicked in and several burly men are asking you questions about the half-tonne of fertilizer you just purchased.
  • Media coverage (Score:5, Insightful)

    by kbahey (102895) on Wednesday April 07, 2004 @11:00AM (#8792970) Homepage
    I do not know if the guy is guilty or not. A trial will tell us, in due time.

    However, the media coverage of the whole thing sucks.

    His father, Mahboob A. Khawaja, has been detained in Saudi Arabia, where he is a professor at some university. The media reports that the father wrote articles critical of the West's meddling with the Muslim World's affairs. He wrote a book called Muslims and the West [amazon.com].

    How is that relevant to anything? Is it an attempt to tie genuine legitimate criticism to terrorism somehow?

    I did some searching [google.ca] on the father, and found quite a few articles, most of it critical to the Arab rulers than anything else. Seems he places blame where it belongs, whether in the West or in the Arab world.

    This reminds me of the terms "terrorism", "anti-Americanism", ...etc. all these are misused terms in these confusing times.

    This whole thing about "guilt by association" got to stop.
  • net rules. (Score:3, Insightful)

    by medelliadegray (705137) on Wednesday April 07, 2004 @11:35AM (#8793373)
    1.) expect to be evesdropped on for EVERYTHING that is not encrypted, wether you're IN the US or outside of it. Use STRONG encryption whereever possible.

    2.) expect weak encryption to be easily broken--it's prettymuch a given that the NSA has hardware *specifically designed* to break or brute force crypto. they employ many of the worlds greatest mathmatic savants out there, do not underestimate their capabilities.

    3.) All your base ae belong to U.S.
  • by HangingChad (677530) on Wednesday April 07, 2004 @11:45AM (#8793487) Homepage
    If we changed "Email" to "mail" and made the same statements? Do we grant ourselves the right to read every piece of postal mail that goes through the US? Why stop there? Why not search mail and packages? And luggage...oops, we already do that one. Where does it stop? The Supreme Court has never met an unreasonable search.

    It's all well and good when the bad guys get caught...right up until the definition of "bad guys" gets changed. Yesterday there was an article about the DOJ labeling pornographers as "bad guys." There's no logical end. What's to stop someone being labeled as a bad guy for not going to church, or not supporting the government, or not going along with whatever intrusion-of-the-day on your privacy? It's not that big of a change from where we are now.

  • Some questions (Score:4, Interesting)

    by Ryu2 (89645) on Wednesday April 07, 2004 @11:55AM (#8793603) Homepage Journal
    I realize that the real answer may be classified, but I'm interested in informed speculation as well.

    Is the monitoring with the cooperation of the ISPs who control the gateways/routers? Is it mandated that they have the monitoring taps? Or is it unknown to them (NSA are tapping into the signal unbeknownst to the ISPs)?

    (I think this has a known answer.) Is is true that pretty much all intercontinental traffic goes through the USA? ARe there any routes eg, Europe to Asia, or other continents that are just direct routes not passing via the USA?
  • by Stavr0 (35032) on Wednesday April 07, 2004 @12:04PM (#8793730) Homepage Journal
    • Suspected terrorist, who's been watched by UK anti-terrorists for months, buys hundreds of kilograms of Ammonium Nitrate
    • Task force raids suspect's home
    • Suspect's computer found on premises
    • Task force opens Outlook, looks in Inbox, Sent Items
    • Incriminating email to or from Mohammed_Momin_Khawaja@?????.ca discovered.
    Sounds to me like someone is trying to spin this as justification for email surveilance.
  • by KlausBreuer (105581) on Wednesday April 07, 2004 @12:21PM (#8793926) Homepage
    All I hear is "planning a terrorist act".

    These days, planning a street party can be a 'terrorist act'. Handing out pamphlets in Washington, despicting GWB as a sheep, explaining why he's such a nut, could be a terrorist act.
    Mooning the traffic on an interstate could be a terrorist act.

    Anybody know?
  • by Danny Rathjens (8471) <slashdot2&rathjens,org> on Wednesday April 07, 2004 @01:13PM (#8794625)
    Headers also pick up the numeric or Internet Protocol (IP) address of all the computers a packet touches as it travels from its originating machine all the way to its destination. Every computerized device connected to the Internet has its own unique IP number.

    Evidently they are confusing packet headers(envelope, as they call it) with e-mail headers.
    And the counterexample to the second statement is NAT(Network Address Translation).

6 Curses = 1 Hexahex

Working...