The Security of al Qaeda Encryption Software

The web intelligence firm Recorded Future has posted two stories about how al Qaeda is using new encryption software in response to the Snowden disclosures. NPR picked up the story a week later.

Former NSA Chief Council Stewart Baker uses this as evidence that Snowden has harmed America. Glenn Greenwald calls this "CIA talking points" and shows that al Qaeda was using encryption well before Snowden. Both quote me heavily, Baker casting me as somehow disingenuous on this topic.

Baker is conflating my stating of two cryptography truisms. The first is that cryptography is hard, and you're much better off using well-tested public algorithms than trying to roll your own. The second is that cryptographic implementation is hard, and you're much better off using well-tested open-source encryption software than you are trying to roll your own. Admittedly, they're very similar, and sometimes I'm not as precise as I should be when talking to reporters.

This is what I wrote in May:

I think this will help US intelligence efforts. Cryptography is hard, and the odds that a home-brew encryption product is better than a well-studied open-source tool is slight. Last fall, Matt Blaze said to me that he thought that the Snowden documents will usher in a new dark age of cryptography, as people abandon good algorithms and software for snake oil of their own devising. My guess is that this an example of that.

Note the phrase "good algorithms and software." My intention was to invoke both truisms in the same sentence. That paragraph is true if al Qaeda is rolling their own encryption algorithms, as Recorded Future reported in May. And it remains true if al Qaeda is using algorithms like my own Twofish and rolling their own software, as Recorded Future reported earlier this month. Everything we know about how the NSA breaks cryptography is that they attack the implementations far more successfully than the algorithms.

My guess is that in this case they don't even bother with the encryption software; they just attack the users' computers. There's nothing that screams "hack me" more than using specially designed al Qaeda encryption software. There's probably a QUANTUMINSERT attack and FOXACID exploit already set on automatic fire.

I don't want to get into an argument about whether al Qaeda is altering its security in response to the Snowden documents. Its members would be idiots if they did not, but it's also clear that they were designing their own cryptographic software long before Snowden. My guess is that the smart ones are using public tools like OTR and PGP and the paranoid dumb ones are using their own stuff, and that the split was the same both pre- and post-Snowden.

Posted on August 19, 2014 at 6:11 AM • 33 Comments

Comments

MetaAugust 19, 2014 6:22 AM

"they attack the implementations far more successfully than the algorithms."

If the NSA has an attack on an algorithm (like RSA), it would be so highly classified and compartmentalized that Snowden would not know about it. We should not assume that Snowden knows everything the NSA knows.

Oz OzzieAugust 19, 2014 6:33 AM

Agent Storm (http://www.amazon.com/Agent-Storm-Life-Inside-Qaeda/dp/0802123147) has an interesting bit about encryption, and humint on them; I think that the extremists are aware of how thoroughly they are penetrated. Heard on the radio today that the ISIS commander doesn't use electronic communications at all. Surely that's the real goal here

Andrew_KAugust 19, 2014 6:39 AM

@Meta:
If the NSA has an attack on an algorithm (like RSA), it would be so highly classified and compartmentalized that Snowden would not know about it. We should not assume that Snowden knows everything the NSA knows.

True, but Snowden would probably have noticed (and documented) some consequences of such knowledge. Several leaked techniques suggest it's still easier to work around encryption algorithms than breaking them.

Finally, has anyone already read all Snowden Documents (*looks to Bruce*)? Maybe the big fish is yet to come.

M WalshAugust 19, 2014 7:41 AM

You keep going back and forth - equating security with encryption (algorithms) and then, that attacks are not against the algorithms but the implementation (whatever that means). Snowden makes circuitous and unfounded statements, too, about using encryption.

It's like saying "this pill will cure anything, just as long as take it at some precise moment" and when it doesn't cure anything "oh, you must have taken it at the wrong time." This is the mindlessness that has frozen information security in the 90's.

All these years, hackers and authorities gone wild had no trouble honing and improving their skills, innovating and automating attacks. Meanwhile, all you had to do is sit back and attack anyone who even THOUGHT about moving the furniture. I noticed you never blew the whistle when big companies pumped out me-too products and services by the $billions without opening all their source code. The reason you beat up innovators is because you can. Just keep propping up the straw men . Stories about some guy way back when in some place, ole what's his name, who did something dumb.

First of all, no one can prove whether yours or anyone else's algorithm is secure. Forget the peer-review and experts crap.

Say I design a block cipher. Then I document it and post it on the Internet. Then I wait ten years and if no one finds anything wrong with it YOU'RE saying that means it's secure.

CatMatAugust 19, 2014 7:48 AM

There's nothing that screams "hack me" more than using specially designed al Qaeda encryption software. There's probably a QUANTUMINSERT attack and FOXACID exploit already set on automatic fire.
Hmm... if so, how hard would it be for someone to arrange a friendly fire incident? How likely is it that someone already has?

JoeAugust 19, 2014 7:49 AM

The fact that OBL was entirely off the grid and used human couriers and air-gapped computers well before the Snowden revelations tells you something -- that Al Qaeda knew of the NSA/CIA/etc.'s capabilities long ago.

Secondly, every time some new software comes out I have the option of testing or installing it. This includes encryption software, which I try to keep current. These options are available to so-called "terrorists," as they are to anyone. Many of the adaptations that Al Qaeda has made in recent years would have occurred whether or not Snowden had informed the public of the NSA's crimes against the American people.

M WalshAugust 19, 2014 8:00 AM

I keep saying how hard it is to design aircraft. And flying new and untested aircraft is dangerous. Don't do it. Only fly in well-tested peer-reviewed designs like the DC-3.

Now recently, I was asked about the Russians designing a new and faster plane. Well, this is nothing to worry about. I told them how foolish it was to even think about designing their own aircraft.

Now, what's this about some guy out in CA named Burt Rutan designing new kinds of aircraft? What's wrong with the DC-3? My advice is to ignore him.

JayAugust 19, 2014 8:02 AM

@M Walsh:

that attacks are not against the algorithms but the implementation (whatever that means)
It means that Rijndael is a known, strong block cipher, and CBC is a well-documented mode of operation. But if you re-use IVs or your random number generator is bad, then ultimately your cipher text can be broken. Many home-brew crypto solutions fall into this category of failure. Just because you use mcrypt with AES doesn't mean you're actually securing your data well.
Say I design a block cipher. Then I document it and post it on the Internet. Then I wait ten years and if no one finds anything wrong with it YOU'RE saying that means it's secure.
Specifically Schneier has said before that that is not secure. A secure cipher has had a lot of published work on attempts to break it over the years; obscure does not equal secure. Have a look at Schneier's Memo to the Amateur Cipher Designer.

TIMAugust 19, 2014 8:09 AM

I think it will be interesting to see, on what basis the al Quaida programers will get random numbers, if they want to prevent a lower strength (because of special NSA hardware manipulations in the field).


@Andrew_K
Finally, has anyone already read all Snowden Documents

Looking on the mass of documents he took from NSA I don't think that even ES has read all of them.

Scott "SFITCS" FergusonAugust 19, 2014 8:20 AM

@Joe

The fact that OBL was entirely off the grid and used human couriers and air-gapped computers well before the Snowden revelations tells you something -- that Al Qaeda knew of the NSA/CIA/etc.'s capabilities long ago.
Secondly, every time some new software comes out I have the option of testing or installing it. This includes encryption software, which I try to keep current. These options are available to so-called "terrorists," as they are to anyone. Many of the adaptations that Al Qaeda has made in recent years would have occurred whether or not Snowden had informed the public of the NSA's crimes against the American people.

Wasn't Al Qaeda, like ISIS, trained in OpSec by US Intelligence?

Surely the NSA spin/story that AQ only adapted off-line communication as a result of Snowden, can only be true if the writers of SEAL Team Six had access to a time machine. Or am I reading too much into popular fiction? In which case why did SEALs get knuckles rapped for 'leaking' to the writers if it was a fiction?

Scott "SFITCS" FergusonAugust 19, 2014 8:27 AM

@bruce

I'm not surprised that a company owned by In-Q-Tel would say that. Given your non-partisan stance it's not surprising your credibility would be questioned (indirectly) either.
As someone once said "either you're with us, or you're with the terrorists" - though I can't recall if it was a former US president or a character in Terry Gilliam's Brazil (maybe both?).

Clive RobinsonAugust 19, 2014 9:17 AM

@ Bruce,

Stewart Backer is at best woefully ignorant at worst he is deliberatly hiding the truth that he knows his story is both false and malicious.

Why the article was not "fact checked" by editors or subs before it was published, indicates just how far the newspaper concerned has sunk.

The "Recorded Future" artical was debunked on this blog, it's very clear from their timeline graph that not only was encryption in use prior to the Ed Snowden revelations, but that the supposed new version was also being tested prior to the revelations.

So either Mr Baker is an incompetant or he is malicious, further the same can be said of the publishing newspaper of his turgid prose, as well as those at Recorded Future.

Why he either failed to do basic research because he was ignorant of such requirments, --which I fail to believe if he ever held the positions he claims on his CV-- or he produced his story maliciously and is pretending it was honest comment not dishonest invective for the sake of malicious self promotion I don't know but it reflects badly on him and the organisation he currently works at.

Thus I would advise anyone to stay away from Stewart Barker and treat anything he has or has had involvement in with the deepest suspicion untill you can prove it not to be untrustworthy.

Clive RobinsonAugust 19, 2014 9:30 AM

Curses to the auto correct on this phone it has corrected Baker to backer and barker... I'm guessing because of it's adjacency to the top of the on screen keyboard, and my more than minuscule finger tips, hurumph hurumph...

AlanSAugust 19, 2014 9:55 AM

Earlier comments on Baker here. Baker is just smearing NSA critics and distracting from the real issues.

NobodySpecialAugust 19, 2014 11:49 AM

>If the NSA has an attack on an algorithm (like RSA), it would be so highly classified and ....

If the NSA had an attack against RSA it would have been sold to criminal gangs by an NSA employee and be well known by now.

Or is it only the CIA/FBI/SS/DEA that have corrupt/blackmailed/spies among their employees?


MetaAugust 19, 2014 12:48 PM

If NSA could break RSA, they would rarely use this ability, because use would reveal capability. It would be held in reserve, in case of emergency, break glass.

AlexAugust 19, 2014 1:54 PM

The whole thing is funny.
If you're a terrorist, you really don't need a high IQ to assume that phones or computers are intercepted. So they're probably using things like old verbal phone codes "the bird is in the nest" and this may still work. In case they use encryption, they probably use short messages like "bomb the towers" which probably evade any cryptographic "attack", no matter the algorithm..unless they under hardware surveillance.
The bullthing with al quaida screenshots, plus malware(???) and funny graphics showing how evil Snowden was is just illogical and hilarious.
So the whole thing actually looks like NSA trying to score back against Snowden one day after the whole world found out that they were using innocent computers as platforms for malware and spyware.
Well, for a large part of audience they may have scored, for others, it may be popcorn time. The game "Who did more damage?" is still playing.

Nick PAugust 19, 2014 2:07 PM

@ Bruce

"There's nothing that screams "hack me" more than using specially designed al Qaeda encryption software. There's probably a QUANTUMINSERT attack and FOXACID exploit already set on automatic fire."

Exactly. And very well said, too.

@ All

Private communications against an NSA-like threat

OPSEC against TLA's dictate you must be invisible or blend into the crowd. There's only so many communication strategies and NSA's interception is vast. That means being invisible is unlikely to work. This leaves blending in: whatever you're doing must look like what everyone else is doing. This led me to define a scheme a few years ago for covert communication over the Internet. Here's its components.

1. Dedicated, highly secure system for sending or receiving messages. Might be one piece of hardware or even a combo of several like Tinfoil Chat.

2. A HTTPS library that defaults on (and rejects changes to) a secure configuration.

3. A piece of hardware or software that tricks OS fingerprinting tools into thinking your comms system is a hardened Windows, Linux, Mac, etc desktop.

4. A good router/firewall with all patches applied and any unnecessary stuff turned off.

5. A similar setup on the server side running side by side with web servers running a web site that uses HTTPS to protect sensitive information, a dedicated HTTPS appliance for acceleration (read: covert use), and is otherwise uninteresting to NSA.

The way the scheme works is that the site is a message drop and message router. The client's secure machine establishes a HTTP connection with the site. Similarly to SILENTKNOCK, it embeds somehow information that tells the receiving system it's a special connection. The data is forwarded to an internal secure system instead of the web servers. The data itself can optionally be PGP/GPG'd messages. Systems connecting can deliver or request messages tied to a specific ID.

Another scheme is putting this device between the desktop and the Internet router. The scheme would work similar to SSL proxies. It normally just passes the traffic back and forth while doing nothing to indicate it's even there. When desktop connects to specific site over HTTPS, the device MITM's the connection. The agent uses the site on their desktop while checking messages on the other machine. If the site has a high refresh rate or uses AJAX, there will be plenty of messages flowing in the background that can cover for the covert messages. The advantage of this scheme is the use of the service on the desktop creates data in service's database and logging systems that provide a cover story. The disadvantage is that, if they hack the desktop, they might easily be able to detect the scheme by looking at what leaves the desktop and what leaves the network.

The ultimate drawback of both schemes is that there's still a way to know your using the software: the users would be the only ones they couldn't hack (or among a few). The pervasive insecurity of commonly used software makes most anonymous communication methods insecure because (a) it highlights the higher priority targets for NSA and (b) can be bypassed with endpoint attacks. It's why I don't buy into anonymous, Internet-based communication that leverages crypto. Innocent code words delivered over email from disposable computers on public wifi with long-range antennas works much better. Serious usability problems there. If the goal is merely private communication, there plenty of options there and NSA's main strategy would be interdiction. That interdiction or field attacks are the best they can do actually gives hope that NSA immune hardware/software can be built or acquired.

Sancho_PAugust 19, 2014 6:20 PM

This is disingenuous:

Since years, each and every week dozens of mostly innocent people are blasted,
but “Snowden’s leaks” press them to “increased pace of innovation”.

One could laugh if there were not thousands of innocents suffering.

policia secratoAugust 19, 2014 7:53 PM

If you read their twitter accounts, Qadi/shari'i rulings and letters these terrorist outfits are basically a full blown military now solely concerned with overthrowing each other and the regimes of Syria, Libya and Yemen at present and not interested in foreign attacks. They use hand held radios and couriers to pass letters off to figurehead commanders like al-Zawahiri and then only for rulings on internal disputes and protocol clarification, like asking to declare war on ISIS. AQ/Nusra even tweeted that the Qadi had received a letter by courier about "the apostates of ISIS". Al-Nusra also recently published a warning for everybody to stay off mobile and wifi networks and to use couriers and radios. The rest of their warning was basically 3 pages of ground tactical advice like digging tunnels to avoid SAA bombings and splitting up conveys, practical military stuff since that is what their goals are now.

ISIS on the other hand show next to zero opsec/comsec. They are using personal twitter accounts like complete idiots and if you look at their released propaganda and field footage, you'll notice all the top level dudes have American weapons while the bottom tier jihadis all have your standard AKs. That's like wearing a shirt that says "pls shoot me I'm VIP" so if the US wants to discover their command structure just look for the guy carrying around Uncle Sam rifles with a radio on his jacket. ISIS so far has sent 1 recommendation which was to download Guardian apps for Android, and they all retweeted it. That's not going to protect you from any nation state. I also noticed a lot of their phony threats, like pics showing IS flags on a phone in front of a landmark make no effort to edit for OPSEC considerations, like clearly showing the date and time in the picture. In one pic somebody holds up a card with IS scribbles on it to threaten a building and there's a huge clock in the background not obscured by the card.

That encryption program is almost certainly a ruse, I don't think they encrypt anything because if they did read the Snowden docs they'd know that the more encryption you use the more flags are raised for analysis automatically, extra heat a major terrorist group wouldn't want. Local commanders give radio orders and money is all raised from stolen local resources and taxes/robberies, so there is zero reason for any of them to communicate outside the immediate area unless by hand written courier very infrequently, and only about some petty internal politics.

All this spying sure didn't prevent 300+ Westerners from contacting online jihadi social media accounts and organizing entry into Syria to fight for them. This was all done well before Snowden

policia secratoAugust 19, 2014 8:02 PM

Something else I noticed was before it was taken down, @jihadnews2 was publishing IS ransom demand letters to pastebin.it and the reply to them was just a regular gmail account. They're all living in areas with infrequent or no electricity, in bombed out buildings waging a ground offensive I bet 90% of them never even go near a phone or computer and just pass off a message to somebody "above ground" who does it for them (calling family, issuing ransom demands, publishing propaganda ect).

FigureitoutAugust 20, 2014 1:16 AM

Bruce
My guess is that the smart ones are using public tools like OTR and PGP and the paranoid dumb ones are using their own stuff
--Well I think PGP has probably been a keyword since around the late '90s and you can re-arrange OTR to TOR and they can go hand-in-hand in many cases. So, that may be an "automatic fire" for anyone using that software.

I really don't care about islamists/whatever trying to blow me up b/c of their religion (I can see why having our troops blowing up their homes *just might* piss them off a little); calling everyone "rolling their own" paranoid and dumb is a bit much. Again, I invite the readers to try and crack some of my custom methods, there is no existing literature on the internet and no files on my computer. I'm in the upper echelon of paranoid too, so you have to try a little. You have to come near me and risk me finding you; and that's good for attackers to know. Every individual doing that just makes mass attackers fairly worthless. Using standard encryption, w/ an attack that works, makes that mass attack more easy.

You also left out the fact that corrupted encryption standards and "common assumptions" make people a little paranoid that maybe the crypto-guru's don't always know what's best when the bigger threat is reading your keystrokes as you type in your keys...

Really, I think this is more about you being pissed that they are attacking your life's work. Your book got me into crypto and security; and to see it being torn apart like it is now is frustrating, I can only imagine.

ThothAugust 20, 2014 1:49 AM

@Nick P

Your HTTP/S private communication is an interesting approach and I have thought of that too for sometime. HTTP/S (with SSL or not) is one of the most common modes of communications and is a very easy way to hide encrypted contents within such modes of communication. It is almost impossible to block HTTP/S since it's so ubiquitous.

Dedicated secure channels would have protocol formats that will definitely give a way the intention of the messages being sent and will arouse suspicion and actions might be taken to handle such incidences.

A protocol over HTTP/S to negotiate protocol flags, negotiate ephemeral keys and exchange messages securely under a plausibly deniable circumstance would be much favorable especially in a HTTPS setting but would be applicable in a HTTP-only insecure setup to lower suspicion.

The first hurdle is how a hidden service provider's web server publishes itself a plausible indicator so that someone visiting the site would pick up the plausible looking flag and on the other hand, be able to deny existence.

An example would be a website that has a user comments box as the mechanism to send either normal comments to a website that would append to it's comment section or to send a hidden secure message in the comments box that would not be appended to the comment section and provides plausible deniability. It should also withstand scenarios where users view the source code and sees the plausible protocol flag but it's use can be denied as a kind of session cookie or session information of sorts to ordinary or malicious users but to authentic users who have certain knowledge, they would understand the flag and begin key exchange and subsequently exchange of secure messages.

Here's my first stab at the problem from a high level view:

Definition:
SI (User Session Information Bytes)
OTB (One Time Bytes)
SI-IF (Session Information - Init Flag Bytes)
(X) (Information Permutation - this is not simply XOR)
UK (User Key)
SK (Server Key)
SMSG (Sends Secure Message)
GENR (Generate srandom bytes)

1.) Server -> OTB (X) SI-IF where OTB = (SK (X) GENR) and SI-IF = (SI (X) SI)
2.) Server publishes (OTB (X) SI-IF) in HTML fragment.
3.) Normal user views and thinks it's some random cookie or SI.
4.) User with program -> (GENR (X) UK) (X) (OTB (X) SI-IF) (X) SMSG -> send to server.
5.) Server -> SI-IF = ((GENR (X) UK) (X) (OTB (X) SI-IF)) (X) User SI -> changes user's SI and sends back to user.
6.) Server -> Plain MSG = SMSG (X) (OTB (X) SI-IF)

The main thing to note is all user SI would always be permutated so that normal users and authentic users would look similar as their session information always changes. The plausibility of the entire protocol is to have a plausible flag and the computation of the secure messages and bytes are based on the fact of plausibility as well which should not have hard proof of identity. Example, a MAC is calculated when sending encrypted messages in a secure channel in most secure messaging but this protocol leaves open room for speculation because one string of bytes permutates another without proper proof so even if a person with their own keys tries to pick up their OTB and sends messsages to the server and receives their updated SI, they would not be able to proof the server is a hidden service enabled web server (some kind of dead drop) unless they know the OTB which the user's SI is permutated by itself (SI (X) SI) to create a SI-IF and the OTB is permutated with the SI-IF before placing on the HTML as some innocent looking SI or as cookies.

The permutations are not defined yet for now as this is very high level as a random thought. Each process step's permutation may not be the same from each other. The permutation to derive the SI-IF is definitely different from all other permutation algorithms.

I am thinking if this protocol should be heavily based on some form of Diffie Hellman ? This stuff is still too generic. The returned permutated user SI should not be recognizable by any user but only by the server if it's OTB is still in memory.

cryptorAugust 20, 2014 2:37 AM

There's companies like Matasano which specialize in finding faults with custom crypto libraries and implementations. I would only 'roll my own' if I also was breaking bad crypto code F/T and keeping up with worldwide research, like Neils F who has been attacking XTS successfully whenever block encryption is uploaded to the cloud to be used as regular backup. Even then why bother when djb's crypto blackbox exists or Skein and have already been tested.

The only technically sophisticated irregulars fighting in Syria I've seen are the Chechen groups, they wear GoPro helmet cams and use intel agency grade post processing to black out their faces instead of blurring them, which if anybody who has kept up on arxiv forensic papers knows isn't suitable to keep identities secret. They're also outfitted in professional gear and seem heavily disciplined in opsec editing out maps and layouts of their command posts. One video uploaded to youtube they are using encrypted radios too as the cam wearing jihadi types in a password out of view to hear what's going on in Russian.

Wesley ParishAugust 20, 2014 2:55 AM

Homo sum, humani nihil a me alienum puto

I am a human being, I consider nothing that is human alien to me.

Publius Terentius Afer's considered comment on human foibles and outright stupidity, from his play Heauton Timorumenos.

What is most distressing is the contortions Stewart Baker underwent to be able to insert his foot into his mouth, right up to the gluteus maximus.

The United States once underestimated the capabilities of a major power in the Asia-Pacific region, out of racist bigotry. They lived in a world where such things could not occur.

The picture that emerged by 1941 in Washington of a primitive Japanese air force that lacked both the technology and pilot training for refueling in mid-air, launching torpedoes in shallow water, conducting long-range missions proceeded both from self-deception and other-directed deception. The former grew out of the stereotyped of Asian incompetence. The latter, out of a deliberate Japanese program to project weakness prior to the attacks.

It seems to be a habit.

paulAugust 20, 2014 10:05 AM

Evildoers have a perfect way to test their new software (or new choices of old software): just plan some horrific but nonexistent operations over the new channels and watch for a response. At some point, even modulo a Coventry scenario, they'll get a pingback.

RonKAugust 20, 2014 3:53 PM

@ Clive : "Curses to the auto correct on this phone it has corrected Baker to backer and barker ..."

Sure, Clive, we all believe that it's just that and not that you know what the NSA search thresholds are for certain string combinations...

sena kavoteAugust 21, 2014 5:35 PM

Re:Home brew crypto

The "paranoid" thing would be to encrypt gpg public key encrypted message with own symmetric encryption program. It won't reduce security. It helps even if the encryption consists of XORing (separate) passphrase repeatedly. At least for one time, it makes the data look like just bits, so that outsiders can't tell if it is encrypted or just something well compressed or something incompressible or just output of /dev/urandom.

Re: Jihadists

If we talk about jihadists directly, I think the ideology makes them not like science, math and computers. Knowing about science etc. "leaves less room for god" or something like that. They like real violence but with excuses, danger and authority.

They might not want to be serial killers, because they need some fake reason and excuse for killing and other violence so they can explain it to themselves & others and forget about it when they are not doing it. By the way, this applies to some percentage of police officers too, worldwide.

Jihadists don't like bioweapons and poison gas because it is so scientific and it is not really violence from their point of view and they don't get to see the results so much. For similar reasons they may also dislike artillery and mortars...

Scott "SFITCS" FergusonAugust 22, 2014 1:33 AM

@T

@Scott "SFITCS" Ferguson


Rumor has it, that they had complete access to the US army computer systems, in 1998, and that they used weapon data from a honey pot setup by the US army. Looking back at what was floating around the web at the time some al Qaeda might have been able to pass the navy seals/rangers test or what ever.

Absolutely no need to refer to rumour. It's not secret, despite the constant denials by the US government AQ was originally trained, funded, and armed by the US. Very well documented. For an overview, read the Blowback series by Chalmers Johnson.

I don't believe the US assistance of AQ was part of any "New World Order" conspiracy (or any "troofer" nonsense) - just a practical measure given the war in Afghanistan at the time. Likewise the secrecy surrounding it (the US could not afford to be caught assisting in a war against the USSR) - so any "cover-ups" began well before 9/11.

NOTE: I take wikipedia "information" with a measure of salt relative to the resources of those concerned. Adjust the seasoning to suit your taste.

Kind regards

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient Systems, Inc.