Pages

Monday, November 30, 2015

Details Of How The Paris Attacks Were Carried Out Show Little Effort By Attackers To Hide Themselves   ~  Oops

from the but-we-blame-encryption? dept https://www.techdirt.com/articles/20151127/22282132933/details-how-paris-attacks-were-carried-out-show-little-effort-attackers-to-hide-themselves.shtml

On Friday, the Wall Street Journal's Stacy Meichtry and Joshua Robinson published an in-depth bit of reporting on the planning and operational setup of the Paris attackers, revealing a bunch of previously unknown details. The key thing, however, isn't just the total lack of anything that looks like sophisticated encryption, but the opposite. The attackers basically did nothing to hide themselves, communicating out in the open, booking houses and cars in their real names, despite some of them being on various terrorist watch lists. It discusses how Brahim Abdeslam booked a house using an online website (Homelidays -- a French service that is similar to Airbnb, though it predates Airbnb by a lot), using his own name. So did his brother, Salah Abdeslam, who booked a hotel for a bunch of the attackers (using his real name) on Booking.com.

The piece mentions, as we noted earlier, that the attackers appeared to communicate via unencrypted SMS. It also mentions how the guy who planned the attacks, Abdelhamid Abaaoud, bragged about his plans in ISIS's English-language glossy magazine months ago. Again, you'd think that this would alert the intelligence community to actually watch the guy, but again it appears he did little to hide his movements or communications.

In fact, the report notes that after Abaaoud shot up a restaurant, he went back to check out the aftermath of the attacks that he had helped put together -- and kept his mobile phone with him the whole time, making it easy to track his whereabouts:
An hour after Mr. Abaaoud finished shooting up restaurants, he emerged from a metro station in the 12th district, according to data police pulled from his cellphone. He headed west toward the sound of sirens, his path zigzagging as he returned to the scene of his crimes.

For two hours after the massacre ended, prosecutors say, Mr. Abaaoud surveyed his handiwork, at one point blending in with panicked crowds and bloodied victims streaming from the Bataclan
You can read the entire thing and note that, nowhere does the word "encryption" appear. There is no suggestion that these guys really had to hide very much at all.

So why is it that law enforcement and the intelligence community (and various politicians) around the globe are using the attacks as a reason to ban or undermine encryption? Again, it seems pretty clear that it's very much about diverting blame for their own failures. Given how out in the open the attackers operated, the law enforcement and intelligence community failed massively in not stopping this. No wonder they're grasping at straws to find something to blame, even if it had nothing to do with the attacks.

No comments:

Post a Comment