Upon finding out that I study information security, a question people often ask me is:
“Alright dude, so like, if all these terrorists go around posting stuff on the Internet, why can’t we just use their Internet posts to track them down?”
What annoys me is that I can think of several answers to this question but I do not know which one is in actuality most of the times true.
The several answers I can think of are:
1. These are public forums that have no direct ties with Terrorists organizations, and terrorists post stuff from either compromised boxes or from Internet cafes.
2. These are sites whose content is directly controlled by terrorists groups, but they are hosted on a Web Hosting company’s server. All registration info is falsified and updates to the site are done anonymously so that the individuals controlling the content cannot be tracked.
3. The terrorist group compromises a box, registers a domain for it, and posts all their stuff there.
4. The problem is logistics. Most of these hosts are outside of the U.S. and there are legislative issues that hinder investigative authorities from gathering evidence before it disappears.
What are your thoughts on this? Does anyone know which, if any, is most often the case? Does anyone know of another scenario that is often the case? How would you answer this question to a layman?
Loading ...
As for number 4, the US is mining foreign computers [everywhere?] for intelligence right now. But anyone with a connection, hackers in China and Russia or ’secret agents[?]‘ in the UK are doing the same to us. There’s nothing stopping our ‘friends’ from keeping an eye on us too, as it happened officially last year during Cyber Storm. But I found it really funny that the US carried out the ‘international’ exersize without China or Russia. Only “Australia, Canada, New Zealand and the United Kingdom” were co members (http://www.dhs.gov/xnews/releases/press_release_0863.shtm).
As for terrorist activity visibly on the net? I don’t think the ‘bad guys’ need their own site; they can do what they do and Al Jazeera will put it on their site (english.aljazeera.net). Actually I didn’t know that the Supreme Court is releasing a US citizen into the hands of an Iraqi court to be hung for being involved with taking a group of Romanian journalists hostage. For some reason, after reading that story an hour ago, I can’t find it anywhere on the site again. How strange!
What to tell your friends? Have they really seen what looks like terrorists talking? Just as the US government doesn’t, I doubt the people they are talking about use public forums to discuss plans.