Al Qaeda Practiced Poor Data Management

Sinking Ship

In the long run, what might be more important to the war on terror than killing Osama Bin Laden was the seizing of his computers, thumb drives and hard drives, which pretty much delivered the keys of Al Qaeda’s kingdom to U.S. intelligence services. It’s the terrorist organization’s Wikileaks moment.

Sinking Ship

  • TrueCrypt – Free open source software that encrypts thumb drives and internal drives. You create a folder or volume, then create a key. You can even set up hidden volumes. That way if you’re, say, being extorted the volume won’t be revealed.
  • Drobo – Bin Laden was clearly at the mercy of data sprawl. With ten computers and 100 memory sticks, he would have greatly benefited from consolidating all that data into a central RAID environment. Yes, for him a few bullets would have destroyed it. The rest of us would find peace of mind by knowing where all our data is.
  • Carbonite – Local storage is saddled with some hefty limitations, like size and physical vulnerability.  Al Qaeda could have kept all of its data off premises and in the cloud with 1024-bit encryption.  Though Bin Laden had lots reasons to hole up in his Abbottabad bunker (like to avoid being killed. Oh well), keeping his data safe wouldn’t have been one of them.

Ah, if only Bin Laden had known about these data protection tools. They’re cheap, and you can learn from the late schmuck’s mistake and begin to use them. Combine them and you’re following best practices for data management and security. Encrypt the data, make two copies, and store one off site.

Comments

No Responses to “Al Qaeda Practiced Poor Data Management”

May 05, 2011 at 2:52 pm, Dave said:

No Carbonite: OBL’s compound wasn’t connected to the internet.

Reply

May 05, 2011 at 4:31 pm, mark gialo said:

why would you publish an article like this? use your knowledge for more fruitful things, not abetting the enemy.

Reply

May 05, 2011 at 4:49 pm, Robert said:

I don’t find this article appropriate – I’d expect something like this from an “application management engineer” in Pakistan.

Reply

May 05, 2011 at 5:59 pm, sarah said:

WTF!!! Dice!!! This is inappropriate on so many levels! You should be ashamed!

Reply

May 05, 2011 at 6:01 pm, Peter Piper said:

I know the article may seem kind of funny at first glance, but your efforts could cause irreparable harm to law enforcement. You could easily wind up in federal prison attempting to defend yourself on a charged of aiding and abetting the enemy. Sure you can claim that your intention is not to cause harm, but it’s not always intent that matters. If you think ‘it can’t happen here’, well lots of people have been detained for things that are much less harmless.

Reply

May 05, 2011 at 8:56 pm, Sanjay Verma said:

Are you from Beijing?

Reply

May 06, 2011 at 8:40 am, Mark Feffer said:

@Everyone: Obviously, I wouldn’t have posted this if I thought it was going to do any kind of harm to us. None of these are earth-shattering points, more like common sense, and unfortunately, I’m sure others are already figuring out how to make it more difficult next time. Plus, I have no doubt in my mind — none — that our intelligence services could break through these products if they wanted to. I don’t minimize your concerns, but the cat’s out of the bag on this as far as the enemy is concerned, just as they now know precisely how good our intelligence is.

Reply

May 06, 2011 at 10:20 am, MIke said:

This is hilarious!!!
Too many of you are over reacting to what would turn up in the first 3 results of any Google search. Harm to law enforcement? Give me a break. Thank you for writing an interesting blog.

Reply

May 06, 2011 at 12:41 pm, sarah said:

Hilarious Mike, really??? This is no joking matter!

Reply

May 06, 2011 at 2:01 pm, Mark said:

Funny,

To everyone who thinks a humorous tech posting on Dice that talks about common data protection strategy is going to destroy America ….. lighten up.

On second thought – you should all print out this article and put it where it will never be found – like in a Pakistani compound.

Reply

May 06, 2011 at 7:50 pm, Peter Piper said:

The fact is, the poster is literally instructing people who are have declared themselves to be enemies of the US in how to better evade law enforcement.

Imagine if this were the middle of WW II and someone posts an article about how Hitler could improve his ability to evade detection by the US. Do you think US authorities would just laugh it off?

Reply

May 06, 2011 at 7:57 pm, sarah said:

Well said Peter!!!

Reply

May 06, 2011 at 5:50 pm, sarah said:

Mark, I am not concerned about information leaking… but this article was done with poor taste. It may be accurate, but we are talking about terrorism and this is not a subject to be taken lightly. There is not a single person in my office that thought this was appropriate.

Reply

Post a Comment

Your email address will not be published.