Entries Tagged "Iran"

Page 3 of 3

WikiLeaks Insurance File

Now this is an interesting development:

In the wake of strong U.S. government statements condemning WikiLeaks’ recent publishing of 77,000 Afghan War documents, the secret-spilling site has posted a mysterious encrypted file labeled “insurance.”

The huge file, posted on the Afghan War page at the WikiLeaks site, is 1.4 GB and is encrypted with AES256. The file’s size dwarfs the size of all the other files on the page combined. The file has also been posted on a torrent download site.

It’s either 1.4 Gig of embarrassing secret documents, or 1.4 Gig of random data bluffing. There’s no way to know.

If WikiLeaks wanted to prove that their “insurance” was the real thing, they should have done this:

  1. Encrypt each document with a separate AES key.
  2. Ask someone to publicly tell them to choose a random document.
  3. Publish the decryption key for that document only.

That would be convincing.

In any case, some of the details might be wrong. The file might not be encrypted with AES256. It might be Blowfish. It might be OpenSSL. It might be something else. Some more info here.

EDITED TO ADD (8/9): Weird Iranian paranoia:

An Iranian IT expert warned here on Wednesday that a mysterious download file posted by the WikiLeaks website, labeled as ‘Insurance’, is likely a spy software used for identifying the information centers of the United States’ foes.

“The mysterious file of the WikiLeaks might be a trap for intelligence gathering,” Hossein Mohammadi told FNA on Wednesday.

The expert added that the file will attract US opponents and Washington experts can identify their enemy centers by monitoring individuals’ or organizations’ tendency and enthusiasm for the file.

Posted on August 4, 2010 at 7:52 AMView Comments

Security Trade-Offs and Sacred Values

Interesting research:

Psychologist Jeremy Ginges and his colleagues identified this backfire effect in studies of the Israeli-Palestinian conflict in 2007. They interviewed both Israelis and Palestinians who possessed sacred values toward key issues such as ownership over disputed territories like the West Bank or the right of Palestinian refugees to return to villages they were forced to leave—these people viewed compromise on these issues completely unacceptable. Ginges and colleagues found that individuals offered a monetary payout to compromise their values expressed more moral outrage and were more supportive of violent opposition toward the other side. Opposition decreased, however, when the other side offered to compromise on a sacred value of its own, such as Israelis formally renouncing their right to the West Bank or Palestinians formally recognizing Israel as a state. Ginges and Scott Atran found similar evidence of this backfire effect with Indonesian madrassah students, who expressed less willingness to compromise their belief in sharia, strict Islamic law, when offered a material incentive.

[…]

After giving their opinions on Iran’s nuclear program, all participants were asked to consider one of two deals for Iranian disarmament. Half of the participants read about a deal in which the United States would reduce military aid to Israel in exchange for Iran giving up its military program. The other half of the participants read about a deal in which the United States would reduce aid to Israel and would pay Iran $40 billion. After considering the deal, all participants predicted how much the Iranian people would support the deal and how much anger they would feel toward the deal. In line with the Palestinian-Israeli and Indonesian studies, those who considered the nuclear program a sacred value expressed less support, and more anger, when the deal included money.

Posted on March 19, 2010 at 6:58 AMView Comments

Security Fears Drive Iran to Linux

According to The Age in Australia:

“We would have to pay a lot of money,” said Sephery-Rad, noting that most of the government’s estimated one million PCs and the country’s total of six to eight million computers were being run almost exclusively on the Windows platform.

“Secondly, Microsoft software has a lot of backdoors and security weaknesses that are always being patched, so it is not secure. We are also under US sanctions. All this makes us think we need an alternative operating system.”

[…]

“Microsoft is a national security concern. Security in an operating system is an important issue, and when it is on a computer in the government it is of even greater importance,” said the official.

Posted on March 27, 2009 at 5:52 AMView Comments

NSA Backdoors in Crypto AG Ciphering Machines

This story made the rounds in European newspapers about ten years ago — mostly stories in German, if I remember — but it wasn’t covered much here in the U.S.

For half a century, Crypto AG, a Swiss company located in Zug, has sold to more than 100 countries the encryption machines their officials rely upon to exchange their most sensitive economic, diplomatic and military messages. Crypto AG was founded in 1952 by the legendary (Russian born) Swedish cryptographer Boris Hagelin. During World War II, Hagelin sold 140,000 of his machine to the US Army.

“In the meantime, the Crypto AG has built up long standing cooperative relations with customers in 130 countries,” states a prospectus of the company. The home page of the company Web site says, “Crypto AG is the preferred top-security partner for civilian and military authorities worldwide. Security is our business and will always remain our business.”

And for all those years, US eavesdroppers could read these messages without the least difficulty. A decade after the end of WWII, the NSA, also known as No Such Agency, had rigged the Crypto AG machines in various ways according to the targeted countries. It is probably no exaggeration to state that this 20th century version of the “Trojan horse” is quite likely the greatest sting in modern history.

We don’t know the truth here, but the article lays out the evidence pretty well.

See this essay of mine on how the NSA might have been able to read Iranian encrypted traffic.

Posted on January 11, 2008 at 6:51 AMView Comments

Online Hacker Forums

Really interesting article about online hacker forums, especially the politics that goes on in them.

Clearly enterprising and given to posting rambling messages explaining his strategic thinking, Iceman grew CardersMarket’s membership to 1,500. On Aug. 16, he hacked into four rival forums’ databases, electronically extracted their combined 4,500 members, and in one stroke quadrupled CardersMarket’s membership to 6,000, according to security experts who monitored the takeovers.

The four hijacked forums — DarkMarket, TalkCash, ScandinavianCarding and TheVouched — became inaccessible to their respective members. Shortly thereafter, all of the historical postings from each of those forums turned up integrated into the CardersMarket website.

To make that happen, Iceman had to gain access to each forum’s underlying database, tech-security experts say. Iceman boasted in online postings that he took advantage of security flaws lazily left unpatched. CardCops’ Clements says he probably cracked weak database passwords. “Somehow he got through to those servers to grab the historical postings and move them to CardersMarket,” he says.

Iceman lost no time touting his business rationale and hyping the benefits. In a posting on CardersMarket shortly after completing the takeovers he wrote: “basically, (sic) this was long overdue … why (sic) have five different forums each with the same content, splitting users and vendors, and a mish mash of poor security and sometimes poor administration?”

He dispatched an upbeat e-mail to new members heralding CardersMarket’s superior security safeguards. The linchpin: a recent move of the forum’s host computer server to Iran, putting it far beyond the reach of U.S. authorities. He described Iran as “possibly the most politically distant country to the united states (sic) in the world today.”

Posted on October 23, 2006 at 2:54 PM

Causes of Suicide Terrorism

Here’s an absolutely fascinating interview with Robert Pape, a University of Chicago professor who has studied every suicide terrorist attack since 1980.

RP: This wealth of information creates a new picture about what is motivating suicide terrorism. Islamic fundamentalism is not as closely associated with suicide terrorism as many people think. The world leader in suicide terrorism is a group that you may not be familiar with: the Tamil Tigers in Sri Lanka.

….TAC: So if Islamic fundamentalism is not necessarily a key variable behind these groups, what is?

RP: The central fact is that overwhelmingly suicide-terrorist attacks are not driven by religion as much as they are by a clear strategic objective: to compel modern democracies to withdraw military forces from the territory that the terrorists view as their homeland. From Lebanon to Sri Lanka to Chechnya to Kashmir to the West Bank, every major suicide-terrorist campaign — over 95 percent of all the incidents — has had as its central objective to compel a democratic state to withdraw.

….TAC: If you were to break down causal factors, how much weight would you put on a cultural rejection of the West and how much weight on the presence of American troops on Muslim territory?

RP: The evidence shows that the presence of American troops is clearly the pivotal factor driving suicide terrorism.

If Islamic fundamentalism were the pivotal factor, then we should see some of the largest Islamic fundamentalist countries in the world, like Iran, which has 70 million people — three times the population of Iraq and three times the population of Saudi Arabia — with some of the most active groups in suicide terrorism against the United States. However, there has never been an al-Qaeda suicide terrorist from Iran, and we have no evidence that there are any suicide terrorists in Iraq from Iran.

….TAC: Osama bin Laden and other al-Qaeda leaders also talked about the “Crusaders-Zionist alliance,” and I wonder if that, even if we weren’t in Iraq, would not foster suicide terrorism. Even if the policy had helped bring about a Palestinian state, I don’t think that would appease the more hardcore opponents of Israel.

RP: I not only study the patterns of where suicide terrorism has occurred but also where it hasn’t occurred. Not every foreign occupation has produced suicide terrorism. Why do some and not others? Here is where religion matters, but not quite in the way most people think. In virtually every instance where an occupation has produced a suicide-terrorist campaign, there has been a religious difference between the occupier and the occupied community.

….TAC: Has the next generation of anti-American suicide terrorists already been created? Is it too late to wind this down, even assuming your analysis is correct and we could de-occupy Iraq?

RP: Many people worry that once a large number of suicide terrorists have acted that it is impossible to wind it down. The history of the last 20 years, however, shows the opposite. Once the occupying forces withdraw from the homeland territory of the terrorists, they often stop — and often on a dime.

Pope recently published a book, Dying to Win: The Strategic Logic of Suicide Terrorism. Here’s a review.

UPDATED TO ADD: Salon reviewed the book.

Posted on July 18, 2005 at 8:10 AMView Comments

Sidebar photo of Bruce Schneier by Joe MacInnis.