Al Qaeda Practiced Poor Data Management

In the long run, what might be more important to the war on terror than killing Osama Bin Laden was the seizing of his computers, thumb drives and hard drives, which pretty much delivered the keys of Al Qaeda’s kingdom to U.S. intelligence services. It’s the terrorist organization’s Wikileaks moment.

Sinking Ship

  • TrueCrypt – Free open source software that encrypts thumb drives and internal drives. You create a folder or volume, then create a key. You can even set up hidden volumes. That way if you’re, say, being extorted the volume won’t be revealed.
  • Drobo – Bin Laden was clearly at the mercy of data sprawl. With ten computers and 100 memory sticks, he would have greatly benefited from consolidating all that data into a central RAID environment. Yes, for him a few bullets would have destroyed it. The rest of us would find peace of mind by knowing where all our data is.
  • Carbonite – Local storage is saddled with some hefty limitations, like size and physical vulnerability.  Al Qaeda could have kept all of its data off premises and in the cloud with 1024-bit encryption.  Though Bin Laden had lots reasons to hole up in his Abbottabad bunker (like to avoid being killed. Oh well), keeping his data safe wouldn’t have been one of them.

Ah, if only Bin Laden had known about these data protection tools. They’re cheap, and you can learn from the late schmuck’s mistake and begin to use them. Combine them and you’re following best practices for data management and security. Encrypt the data, make two copies, and store one off site.

Related

No Responses to “Al Qaeda Practiced Poor Data Management”

  1. Peter Piper

    I know the article may seem kind of funny at first glance, but your efforts could cause irreparable harm to law enforcement. You could easily wind up in federal prison attempting to defend yourself on a charged of aiding and abetting the enemy. Sure you can claim that your intention is not to cause harm, but it’s not always intent that matters. If you think ‘it can’t happen here’, well lots of people have been detained for things that are much less harmless.

  2. @Everyone: Obviously, I wouldn’t have posted this if I thought it was going to do any kind of harm to us. None of these are earth-shattering points, more like common sense, and unfortunately, I’m sure others are already figuring out how to make it more difficult next time. Plus, I have no doubt in my mind — none — that our intelligence services could break through these products if they wanted to. I don’t minimize your concerns, but the cat’s out of the bag on this as far as the enemy is concerned, just as they now know precisely how good our intelligence is.

  3. This is hilarious!!!
    Too many of you are over reacting to what would turn up in the first 3 results of any Google search. Harm to law enforcement? Give me a break. Thank you for writing an interesting blog.

  4. Funny,

    To everyone who thinks a humorous tech posting on Dice that talks about common data protection strategy is going to destroy America ….. lighten up.

    On second thought – you should all print out this article and put it where it will never be found – like in a Pakistani compound.

    • Peter Piper

      The fact is, the poster is literally instructing people who are have declared themselves to be enemies of the US in how to better evade law enforcement.

      Imagine if this were the middle of WW II and someone posts an article about how Hitler could improve his ability to evade detection by the US. Do you think US authorities would just laugh it off?

  5. sarah

    Mark, I am not concerned about information leaking… but this article was done with poor taste. It may be accurate, but we are talking about terrorism and this is not a subject to be taken lightly. There is not a single person in my office that thought this was appropriate.