Wednesday, May 16, 2012

Friday, May 11, 2012

Talk: digital steganography & steganalysis



今天晚上應元智大學資工系 王任瓚教授的邀請, 到元智資工和研究生聊什麼是數位隱寫術與隱寫分析(digital steganography & steganalysis), 主要是談論基本觀念與一些有趣的故事, 順便把自己這兩三年的研究成果的原始構想介紹出來。

前幾天, 剛好有一位蓋達組織的成員被逮, 藏在內褲的記憶卡被搜了出來。記憶卡中色情影片被分析後, 找到一百多份蓋達組織的機密文件。因此, 演講剛好就可以用這個故事開場, 時間還配合的剛剛好呢! 而 CNN 網站長達10分鐘的影片, 剛好可以在等待演講前, 在會場播放給早到的研究生觀看。

故事用蓋達最近的新聞開場, 但我真正想表達的是這樣的技術在學術界早就公開教人怎麼藏了, 所以我拍了一張 2003 年 Min Wu 在 IEEE 所發表的兩篇論文的照片, 主題就是 Data Hiding in Image and Video, 希望表達 steganography 並不是什麼新技術; 而且, Jack Kelly 在 911 事件發生之前, 就在 USA Today 新聞網站上發表了 2 篇文章, 指出恐怖組織可能使用隱寫技術進行秘密通訊。

接下來, 演講主題進入 steganography 專業術語的解說, 並且藉著與 cryptography 術語的異同比較, 指出這兩個領域其實是可以互相搭配與結合, 讓秘密通訊的安全性可以進一步獲得提升。演講中, 提到梅鐸新聞集團的醜聞, 除了指出密碼技術的新運用之外, 也點出密碼技術是可能被破解的。密碼與破解密碼的故事, 在許多書上都有精彩的描述, 在演講中, 順便介紹了一些我覺得可以閱讀的中英文相關書籍。沒錯! 其中還包含一本漫畫書。

其實這是一個有長達 2500 年歷史的研究領域。

Friday, May 04, 2012

News: Documents reveal al Qaeda's plans for seizing cruise ships, carnage in Europe

By Nic Robertson, Paul Cruickshank and Tim Lister, CNN
May 1, 2012 -- Updated 0930 GMT (1730 HKT)

CNN's Original Link



Editor's note: This story is based on internal al Qaeda documents, details of which were obtained by CNN. Hundreds of documents were discovered by German cryptologists embedded inside a pornographic movie on a memory disk belonging to a suspected al Qaeda operative arrested in Berlin last year. The German newspaper Die Zeit was the first to report on the documents.

(CNN) -- On May 16 last year, a 22-year-old Austrian named Maqsood Lodin was being questioned by police in Berlin. He had recently returned from Pakistan via Budapest, Hungary, and then traveled overland to Germany. His interrogators were surprised to find that hidden in his underpants were a digital storage device and memory cards.

Buried inside them was a pornographic video called "Kick Ass" -- and a file marked "Sexy Tanja."

Several weeks later, after laborious efforts to crack a password and software to make the file almost invisible, German investigators discovered encoded inside the actual video a treasure trove of intelligence -- more than 100 al Qaeda documents that included an inside track on some of the terror group's most audacious plots and a road map for future operations.

Future plots include the idea of seizing cruise ships and carrying out attacks in Europe similar to the gun attacks by Pakistani militants that paralyzed the Indian city of Mumbai in November 2008. Ten gunmen killed 164 people in that three-day rampage.

Terrorist training manuals in PDF format in German, English and Arabic were among the documents, too, according to intelligence sources.

U.S. intelligence sources tell CNN that the documents uncovered are "pure gold;" one source says that they are the most important haul of al Qaeda materials in the last year, besides those found when U.S. Navy SEALs raided Osama bin Laden's compound in Abbottabad, Pakistan, a year ago and killed the al Qaeda leader.

One document was called "Future Works." Its authorship is unclear, but intelligence officials believe it came from al Qaeda's inner core. It may have been the work of Younis al Mauretani, a senior al Qaeda operative until his capture by Pakistani police in 2011.

The document appears to have been the product of discussions to find new targets and methods of attack. German investigators believe it was written in 2009 -- and that it remains the template for al Qaeda's plans.

Investigative journalist Yassin Musharbash, a reporter with the German newspaper Die Zeit, was the first to report on the documents. One plan: to seize passenger ships. According to Musharbash, the writer "says that we could hijack a passenger ship and use it to pressurize the public."

Musharbash takes that to mean that the terrorists "would then start executing passengers on those ships and demand the release of particular prisoners."

The plan would include dressing passengers in orange jump suits, as if they were al Qaeda prisoners at Guantanamo Bay, and then videotaping their execution.

Lodin and a man called Yusuf Ocak, who allegedly traveled back to Europe with him, are now on trial in Berlin where they are pleading not guilty. Ocak was detained in Vienna two weeks after Lodin's arrest.

According to a senior Western counterterrorism official, their names were on a watch list, and when they handed over documents at a European border crossing, their names registered with counterterrorism agencies.

Both men have pleaded not guilty to terrorism charges. Ocak is also charged with helping to form a group called the German Taliban Mujahedeen, and is alleged to have made a video for the group threatening attacks in Germany.

Prosecutors believe the pair met at a terrorist training camp in Pakistan's tribal territories and were sent back to Europe to recruit a network of suicide bombers.

"We do not know what those men were up to but there are certain files of information that would make it plausible that they were probably thinking of a Mumbai-style attack," says Musharbash.
In the fall of 2010, a year after the document was written, European intelligence agencies were scrambling to investigate a Mumbai-style plot involving German and other European militants -- which sparked an unprecedented U.S. State Department travel warning for Americans in Europe.

"I think it is plausible to think that the 'Future Works' document is part of that particular project," says Musharbash.

"Future Works" suggests al Qaeda was an organization under great pressure, without a major attack to its name in several years, harried by Western intelligence. If anything, its predicament is even more dire today.

"The document delivers very clearly the notion that al Qaeda knows it is being followed very closely," Musharbash tells CNN. "It specifically says that Western intelligence agencies have become very good at spoiling attacks, that they have to come up with new ways and better plotting."

Part of the response, according to the document, should be to train European jihadists quickly and send them home -- rather than use them as fighters in Afghanistan and Pakistan -- with instructions on how to keep in secret contact with their handlers.

What emerges from the document is a twin-track strategy -- with the author apparently convinced that al Qaeda needs low-cost, low-tech attacks (perhaps such as the recent gun attacks in France carried out by Mohammed Merah) to keep security services preoccupied while it plans large-scale attacks on a scale similar to 9/11.

Those already under suspicion in Europe and elsewhere would be used as decoys, while others would prepare major attacks.

That is yet to materialize, but Musharbash believes a complex gun attack in Europe is still on al Qaeda's radar.

"I believe that the general idea is still alive and I believe that as soon as al Qaeda has the capacities to go after that scenario, they will immediately do it," he says.

While "Future Works" does not include dates or places, nor specific plans, it appears to be a brainstorming exercise to seize the initiative -- and reinstate al Qaeda on front pages around the world.

Wednesday, May 02, 2012

News: Al Qaeda ship secret plans encrypted in porn movie

Written by Nick Farrell
Wednesday, 02 May 2012 09:59

Original Link

Spooks didn’t see that one coming

Al Qaeda has been distributing its top secret plans across the internet embedded and encrypted within a file of a porn movie.

According to the German newspaper Die Zeit the file was discovered on a 22-year-old Austrian named Maqsood Lodin. When he was questioned his interrogators were surprised to find that hidden in his underpants were a digital storage device and memory cards. Buried inside them was a pornographic video called "Kick Ass" and a file marked "Sexy Tanja."

These are not the usual thing you expect to find on a Muslim fundamentalist, although it was viable for a Christian fundamentalist politician, so the investigators smelt a rat. It took several weeks to crack the a password and software to make the file visible and it turned out that there were more than 100 al Qaeda documents included inside the file. These included some plans for taking over cruise ships and carrying out attacks in Europe similar to the gun attacks by Pakistani militants in Mumbai in November 2008.

There were terrorist training manuals in PDF format in German, English and Arabic were among the documents, too, according to intelligence sources. Investigative journalist Yassin Musharbash, a reporter with the German newspaper Die Zeit said that one plan was to hijack a passenger ship. They would dress passengers in orange jump suits, as if they were al Qaeda prisoners at Guantanamo Bay, and then videotape their execution. That was before the idea of travelling on a cruise ship turned out to be such dangerous exercise, particularly if it was piloted by an Italian.

News: 'Sexy Tanja' Porn Movie Hid al Qaida's Plot for Mumbai-style Attack on Europe

By EWAN PALMER, May 1, 2012 12:08 PM GMT
Original Link

Hundreds of al-Qaida documents have been discovered embedded inside a pornographic movie, including a plot to carry out an attack in Europe similar to the 2008 Mumbai attacks.

The documents were found after 22-year-old Austrian Maqsood Lodin was detained and searched by investigators in Berlin after flying from Pakistan via Budapest.

The investigators discovered a storage device and a memory card hidden in Lodin's underwear which contained a pornographic film called Kick Ass and a file marked Sexy Tanja.

Several weeks later, investigators decoded the device and found more than 100 al-Qaida documents embedded in the video, including terrorist training manuals and plans to seize cruise ships to launch an attack on Europe similar to the 2008 Mumbai attacks in which 10 gunmen killed 164 people.

US intelligence told CNN the materials discovered are the most important since the trove which were discovered during the killing of Osama Bin Laden last year.

One of the documents, entitled Future Works, was reported to appear to show discussions by al-Qaida to find new targets and methods of attacks. German investigators believe the document was written in 2009 and still forms a large part of al-Qaida's plans.

A year after the document was written; European intelligence agencies investigated a Mumbai-style plot involving Germany which sparked a US State Department travel warning for Americans in Europe.
Investigative journalist Yassin Musharbash, a reporter with theGerman newspaper Die Zeit, was the first to report on the documents. He was quoted as saying: "I think it is plausible to think that the 'Future Works' document is part of that particular project."

Musharbash told CNN: "The document delivers very clearly the notion that al Qaeda knows it is being followed very closely.

"It specifically says that Western intelligence agencies have become very good at spoiling attacks, that they have to come up with new ways and better plotting."

Lodin and alleged compatriot Yusuf Ocak, who was detained in Vienna two weeks later, was stopped in Berlin, are currently on trial in the German capital.

They have pleaded not guilty to terrorism charges. The men, who reportedly met in a terrorist training camp in Pakistan, were both listed on a watch list. Prosecutors said they believe the men were sent back to Germany to recruit others to take part in the attacks outlined in the documents.

News: 賓拉丹遭斃週年 解碼情色片藏攻擊訊息

賓拉丹遭斃週年 解碼情色片藏攻擊訊息

(自由時報 即時新聞 2012/5/1 17:42 原始新聞連結)

台灣時間5月2日,是911事件主謀賓拉丹(Osama bin Laden)遭美軍擊斃屆滿週年的日子,現在傳出,當時賓拉丹住處擁有大量色情片,經過情報人員解碼後,這批色情片原來藏有恐怖攻擊的訊息。

賓拉丹的住處遭搜出大量色情片,其中一支叫「Kick Ass」的片子,裡面藏有「Sexy Tanja」的資料夾,恰巧與德國警方去年逮捕的一名恐部分子所擁有的內容相同,經交叉比對後,色情片原來暗藏恐怖攻擊計畫,包括炸彈攻擊與劫持郵輪等。

「Sexy Tanja」的資料夾裡共有上百個開打恐怖組織(Al-Qaeda)檔案,檔案顯示開打欲以殺死乘客為籌碼,逼迫美國或德國當局釋放特定囚犯,若不從,將錄製殺害乘客的過程,寄給有關當局。

美國情報人員表示,種種資料顯示,這份資料可能是在2009年完成,雖然未真實發生類似事件,但攻擊的手法,已經成為日後恐怖組織進行攻擊活動時,主要的模仿方式。


暗藏基地情報 A片變恐怖片

(中時電子報 2012/5/2 5:30 am 記者陳文和 綜合報導 原始新聞連結)

德國當局破解恐怖分子嫌犯偽製成色情影片的數位檔案後赫然發現,裡頭竟隱藏「基地」國際恐怖組織上百份內部文件,宛如挖出一座情報寶庫。而基地組織一些膽大包天的攻擊計畫也因而曝光,其中包括劫持遊輪,以及在歐洲地區重演二○○八年印度最大城市孟買傷亡慘重的連環恐怖攻擊。

德國警方去年五月十六日在柏林盤問廿二歲奧地利籍恐怖活動嫌犯洛汀,意外查獲他內衣褲裡藏匿數位儲存裝置和記憶卡,而裡面存有一部名為《Kick Ass》的成人影片,以及一個標示為「性感坦雅」(Sexy Tanja)的檔案。

洛汀與籌組「德國塔里班人民聖戰士」組織的另一名嫌犯歐卡克都到過巴基斯坦,在恐怖分子訓練營相識,並奉派返回歐洲召募人員準備發動自殺式炸彈攻擊。洛汀被捕後兩周,歐卡克也在維也納落網,兩人正接受法庭審判。

洛汀所持有檔案的真實內容經編碼加密,且有保護程式使其隱而不見,德國調查人員經數周努力才成功破解。據美國情報界描述,裡面所暗藏的基地內部文件如同「高純度黃金」,和美軍擊殺基地首腦賓拉登後斬獲的情資等量齊觀。

該批文件內含德文、英文與阿拉伯文版PDF格式的恐怖分子訓練手冊,以及基地組織未來的運作計畫,其中包括劫持客輪,讓乘客換穿如同關達那摩灣美軍基地監獄恐怖嫌犯的橙色囚服,以殺害乘客為要脅,甚至將他們處決並公布相關錄影,以迫使有關當局釋放特定囚犯。
此外,基地也計畫在歐洲發動連環恐怖攻擊,手法近似二○○八年的孟買事件。當年十一月廿六日到廿九日,來自巴基斯坦的恐怖分子接連襲擊孟買十多處地點,以槍械和炸彈奪走一百六十四人的生命,並造成逾三百人受傷。

而一份名為「未來工作」的文件明確顯示,基地組織自知受到嚴密監控,西方國家情報機構對偵破其攻擊計畫越來越得心應手,因此亟欲「構想新攻擊方式並進行更完善規畫」,包括訓練歐洲的伊斯蘭聖戰士並派遣他們回國執行任務,以及運用低成本且低科技的攻擊,讓歐洲各國安全單位疲於奔命,再趁機擘劃「九一一事件」規模的攻擊行動。