How did Osama bin Laden email without the US discovering?


54 Responses to “How did Osama bin Laden email without the US discovering?”

  1. emmdeeaych says:

    Anonymous sources are not used to protect the source.

    Not for about 40 solid years now.

    “Official speaking under condition of anonymity” == lying for propaganda purposes.

    Say it and put your career on the line, Anonymous military dude.

    Or do the American people not deserve that?

  2. Anonymous says:

    My boss has a similar system. he insists his secretary to print every email he gets out of his printer and he gets them in his in tray. he then writes his replies on them and outs them back in the out trap where his sec types them out and replies them.

  3. Anonymous says:

    They just walked down the street to one of the open computer labs at the local army school. They may have even sent the e-mail while sitting next to a US “advisor.”

  4. Anonymous says:

    Don’t forget our CIA operative in Islamabad from a few months back, gunning down those guys on the motorcycle. I find it highly likely this was part of the tracing operation. Remember how the administration tried to play it down as much as possible?

  5. halfacre says:

    I’m thinkin’ his safe combo is probably 1-2-3-4-5

  6. Glippiglop says:

    So the emails were encrypted in… Arabic? No wonder the NSA’s keyword scanning systems for terrorism were thwarted. Genius!

  7. shadowfirebird says:

    1) put me down as a +1 for the “how is this an ‘epic sneakernet’?” thing.

    2) Basic media test. “Who is saying this?” The US government. “What do they have to gain if I believe it?” That OBL was still a genuine threat, which makes killing him look sensible.
    Not saying that the information is false; just that there is reason to think that this might be spin.

  8. jphilby says:

    “We know now…”

    We don’t know anything. All we ‘know’ about anything connected with this is second- or third-hand.

    We do know who gets to write history … and that there are billions and billions of reasons to make it come out right.

  9. awjtawjt says:

    Pretty sure Hitler and Pol Pot were doing the same thing, those bastards.

    • dragonfrog says:

      “Were” doing the same thing. Sure. That’s what they want you to believe…

    • turn_self_off says:

      Reminds me of the US combined arms exercise in the middle east, where at one point the OPFOR commander had to resort to motorcycle couriers to get his orders out.

      Even so, the end result was a “sunk” carrier. This using what amounted coastal fishing boats and small civilian aircrafts “carrying” anti-ship missiles.

      Basically it was a demonstration that the Carrier was a potential liability in a modern naval engagement.

  10. SteveKiwi says:

    So now Homeland Security will consider anyone carrying a flash drive to be a terrorist, right?

    • Rob says:

      I’m ashamed of you, assigning that level of incompetence to Homeland Security.

      Anyone with a computer is more likely.

  11. Anonymous says:

    Low-Tech Maxim: Low-tech attacks work (even against high tech devices and systems).

    ~D. Walker

    Original Author,
    Roger G. Johnston – Argonne Vulnerability Assessment Team

  12. Anonymous says:

    oh, btw – what’s with all the encryptin’ and plain text mailing? why not just take a screenshot of your typed message and attach it to your mail as .png or . jpg? wouldn’t this add another level of security, unless all e-mail attachments get OCR’ed?

  13. Anonymous says:

    GPG? TrueCrypt?

    Come on, this flash drive nonsense is obvious and not sexy. Where is the real spy $h1t?

  14. mwschmeer says:

    We used to call that kind of file transfer between non-networked computers “sneaker net”. Bin Laden was kickin’ it old skool!

  15. Anonymous says:

    I’m sorry but I don’t get it. The cunning aspect of his plan was that he used a thumb drive and an underling to walk to the internet cafe. Is that it? The gobsmacking revelation, cut and paste? How did this remove any electronic fingerprints? For that matter, what are electronic fingerprints?

    OK, so when the email was sent, it didn’t trigger any statistical triggers, contained no keywords and was completely transparent to the suite of NSA’s interception and analysis tools for which several billion dollars a year are allocated? How was this possible. Was it encrypted or don’t we talk about that possibility? How is encryption, such an important aspect of email security missing from a revelation about how the most wanted man in the world maintained email security?

    Presumably Goldman and Apuzzo are simply reporting a government release so this article tells more the people behind the release than anything about Bin Laden’s employment of email security.

    • Lagged2Death says:

      OK, so when the email was sent, it didn’t trigger any statistical triggers, contained no keywords and was completely transparent to the suite of NSA’s interception and analysis tools for which several billion dollars a year are allocated? How was this possible. Was it encrypted or don’t we talk about that possibility? How is encryption, such an important aspect of email security missing from a revelation about how the most wanted man in the world maintained email security?

      These are excellent points, and there is one very simple possible answer that occurs to me, although I have no proof of its correctness one way or another:

      Maybe all that fancy Echelon / Carnivore stuff doesn’t actually work. Maybe all the spying is for naught.

  16. kspraydad says:

    Bah…my Fidonet kicks this plans ass.

  17. johnnyaction says:

    The sneaker net is alive in Cuba too. Really tough to track content creators when it never touches the internet except for downloads or uploads.

  18. Laina Lain says:

    Really? And they never picked up on that?

  19. jon_anon says:

    I don’t understand how the sneakernet thing helped him avoid US scrutiny. The emails still go through an email account, even if OBL isn’t the one physically logging in. I thought the US government were snarfing up all the email they could get their hands on – what difference does it make to the CIA that it’s the courier pasting the textfiles into an email instead of OBL heading down to the cybercafe in disguise, or going to his trusted neighbour’s house, and typing them himself?

    • enkiv2 says:

      I was wondering that too. Maybe it’s a matter of being sent through a variety of machines? Between that, normal security measures, the (possible) cooperation of the Pakistani government, and the (almost certain) incompetence and semicompetence dominant in US intelligence (and, you know, every other large group of people) that might be enough, but it really sounds like a terrible excuse. At best it acted as a red herring, which would work until someone follows one of the couriers back.

    • emmdeeaych says:

      Seriously. What a flimsy story. I hope it’s a bad summary of something more clever.

      The details in that piece seem oriented not to inform us of what was going on with bin laden’s communication, but rather to be all scary to terrorists who want to use the internet.

  20. 2k says:

    Write note on paper.
    Burn paper.
    Wait for eventual destruction of all matter in universe and state of near thermodynamic equilibrium wherein all possible logic-states of energy happen; specifically the recreation of our entire universe but with the note transported to a pre-addressed location.

  21. amanicdroid says:

    Can’t wait until this gets posted to /. in approx. 2-4 months. They’ll have some wickedly insightful comments.

  22. musicman says:

    Yo Xeni, the Wikipedia Sneakernet link is missing the last t :

    should be

  23. Rider says:

    I love the way they try to make this sound like it sound like this is some masterful genius plot.

  24. DrSquid says:

    That’s all fine and good about the email, but I think the real question here is how did he get his Lolcats?

  25. Anonymous says:

    Putting it on a flash drive and sending it from a cafe? That’s the meticulous sneaky way he did it? YOU HAVE GOT TO BE KIDDING.

  26. Aleknevicus says:

    “I don’t understand how the sneakernet thing helped him avoid US scrutiny.”

    Assume that the US is able to determine that the e-mails in question originate from Osama Bin Laden. Had they all been sent from his “secure” compound, they would then know where he was (most likely) located. If instead, they were sent from multiple machines spread out over a wide geographical area, determining his exact location becomes a much harder task.

    The important thing is not what e-mail address(es) OBL was using (although that certainly would be handy), but where he was physically living.

  27. Anonymous says:

    So to avoid detection, instead of emailing from home, he sent all his emails from a distant internet cafe.

    The devious bastard was obviously a criminal genius on a par with Moriarty. And I’ll bet he used an ‘alias’ too. No wonder it took so long to find him.

  28. Anonymous says:

    Do they mean he didnt have a hard-wired telephone connection? If so, big deal, lots of people use only mobile phones now. I dont see why that is such a big deal???

  29. Anonymous says:

    You have all missed the point.

    This clearly proves, beyond the shadow of a doubt, that Windows XP’s dreadful “Safely Remove Hardware” function is what set Bin Laden off in the first place.

    Ladies and gentlemen, we were never dealing with a madman here. We were dealing with an unfortunate victim of bad design and poor engineering.

  30. DaHoss says:

    Is there another meaning for “epic” of which I am unaware?

  31. pjcamp says:

    Wow. How sophisticated. If only someone had thought to warn NSA they were wasting their time on Carnivore.

  32. Antinous / Moderator says:

    On the plus side, we could coordinate the takeover of all the world’s governments from this comment thread and they would never even notice.

  33. Anonymous says:

    You gotta be kidding! The organization that is alleged to be preparing bi-bombs and dirty bombs did not even have the technology of basic spammers (hiding the origins of the spam). Also, if there was to be a response, what address did it go to and the NSA could not get that? The whole explanation looks completely bogus…

  34. rundorkasrun says:

    so is anyone else picturing that scene in GoodFellas where Paulie’s minions are dashing back and forth between payphones in the rain to “take care of his calls”?

  35. Anonymous says:

    Gotta say, I had a great mental image of Osama finally getting his long-awaited flash drive from his trusted courier. He opens it up excitedly, waiting to find out the latest news from the front, only to find 20 emails offering to give him a larger penis.

  36. alowishus says:

    He could’ve used pigeons. Or ravens. Or, you know, owls.

  37. dj_topher says:

    To everyone who said “will, this is easy, they should have caught him a long time ago,” please remember that OBL is not the only terrorist sending emails. This is how I imagine the setup:

    Each captain has an email address that receives emails only from OBL. The courier goes to a random internet cafe and sets up a throwaway email address on yahoo/hotmail/gmail/etc., then sends the email. If OBL has specified “wait for a reply,” the courier does so. Then the courier doesn’t use that email address again, effectively “burning” that identity. This makes a pattern hard to establish, because the address sending it is always different. And, because the dedicated address of the captain doesn’t receive a lot of traffic, he is hard to find, too.

    In order to establish patttern and trap said terrorist “mastermind” using this system, a security agency would first have to identify a captain’s account. Then, tracking back the IP’s of the emails sent to that captain’s account, they realize they all come from Internet cafe’s in one region. They then start keeping an eye on the cafe’s, looking for a person randomly using all of them. Once this preson is identified, they start tracking the person. Then once they figure out what’s going on, they STILL have to find out who is in the blasted compound, because he NEVER LEAVES. Depending on security, that could take many months. Then they have to set up the actual operation to nab said terrorist, which could take further months of planning.

    So, to boil it all down, real-life counterterrorism, espionage, and military operations are much more complicated than Modern Warfare 2 would lead you to believe.

  38. dgeiser13 says:

    Hey, that’s how Richard Stallman uses e-mail and the web, too.

  39. js7a says:

    Of course they were watching the email to and from the net cafe courriers, they just don’t want to brag about that in hopes that the next target will make the same mistakes. Bin Laden was killed exactly 10 years to the hour that he sent the final order to proceed with the WTC attack, after the muscle hijackers had been sent to the U.S. The U.S. prefers exactly 10 years from the offending act when possible, in order to obtain the most intelligence in the mean time. The only question is how long they’d had him under surveillance.

  40. trommelkopf says:

    I thought we learned a while back that AQ members communicate by using the same email account. Write the message, save it as a draft. Someone else logs in, opens the draft, writes the reply and saves it as a draft. It’s never transmitted so it can’t be traced to/from anywhere. Or did I dream that?

  41. serpent says:

    I, for one, think this thumbdrive-to-cybercafe is realistic. It corresponds to my general idea of those terrorist networks – a band of not very inteligent losers, out-siders and borderline psychos. They tend to gather in groups of the same kind (like neo-nazis here in Europe). They want to be part to something greater (a feared terror network). They want payback for everything the society (America, the West, everybody else) did to them. And they want to hurt people, because deep inside, they are just bullies.
    What I want to say is that the super intelligent, Lex Luthor or Moriarty like ubervillain is just a product of media sensationalism or hystery. Their success is more luck than genius. To me, Four Lions is more realistic than 24.

  42. penguinchris says:

    I’m going to assume that there was encryption or some other obfuscation scheme going on, but, even if there wasn’t, this simple method is still effective. It greatly extends the effort needed to trace the source of the e-mails, and if done extremely carefully it would be near-impossible to figure out. And even if they managed to nab a courier in the act of sending Osama’s emails and downloading his cat videos, that would only ensure that Osama disappeared immediately and so wouldn’t really help.

    However, if it was really plain-text email, it’s probably safe to say that the CIA was able to intercept some of it (which is giving them the benefit of the doubt – perhaps they aren’t actually capable of reliably doing this if random internet cafes are used, other than just permanently monitoring all internet cafe traffic, which I guess is a possibility). Even if the courier knew to not always use the same internet cafe, he inevitably would have ended up with some sort of pattern in his usage that the CIA could track. They could then presumably post people at the cafe they thought he would show up to next, and either capture him or follow him.

    I mean, how do we know this isn’t what happened? We know they knew Osama was in the house for at least a few months before the raid, monitoring as best they could from across the street (or wherever). We know they found out because of the couriers. Has it been explained exactly how the couriers were traced? I haven’t really paid close attention.

    But, yeah, as described it’s pretty lame. Perhaps that was the intent, to imply that Osama wasn’t that smart, despite his ten years of evasion being evidence to the contrary

  43. Blackbird says:

    I always thought that sneakerNET meant a network…otherwise, if it was just the one carrier, it would be just Sneaker-Dude.

  44. DarthVain says:

    Seems to me, depending on how lazy the couriers were this should have been easy to spot.

    Unless they actually mailed the memory cards to other countries to be used in internet cafes, they could have at the very least figured out that every single email was coming from Pakistan, and gee drawn the conclusion that he was located somewhere there. Depending on how lazy they were, you could look at the locations and frequency and probably pin point the neighborhood he was in.

    Makes me wonder what it took so long.

Leave a Reply