Erstellt am: 24. 11. 2015 - 16:19 Uhr
Ein Katz- und Mausspiel
von Sarah Kriesche
Auf der Deespec-Konferenz in Wien hab ich die Französin Julie Gommes von Econocom getroffen und mit ihr über die Recherchen zu ihrem Talk "Cryptography Tools, Identity Vectors for 'Jihadists'" gesprochen.
How is the situation for you living and working in France at the moment?
A bit crazy - there are less and less people in the metro when I go to work every morning, because people now prefer to take the car. They think that is more secure. Police arrested some people last week, who intended to put a bomb in la defence quarter. This is an area with lots of companies and people working there. When I heard that, I just went for a drink with a colleague in the middle of the day and we had a big lunch just to celebrate life. At the same time, I am working as a security expert on cryptography used by jihadists, so a lot of people asked me, if I wanted to comment on the police who arrested those guys. Seriously, no. I am working on security, data, cryptography. That's what I do.
That leads to my next question - due to the attacks some people say "if Snowden wouldn't have spread the word, Jihadists wouldn't know how to encrypt their stuff"…
Cryptography was used a really, really long time before Snowden's revelations. In 2007, they used a platform called Mujahedeen Secrets - some sort of an E-mail-platform. They didn't wait for Snowden's revelation to use cryptography. Now, after Snowden we see more tools for Smartphones. Because in some countries you ususally don't have internet access at home. So a lot of people have internet on their phone. And if you want to reach these people, you have to create smartphone applications.
FM4
So how do Jihadists hide their communication nowadays?
I identified three groups. The first one tries to create their own tools. They think: I don't want to use American stuff, they spy on us etc. But they create their tools around an algorithm called "twofish", that was created by a group of american people.
Bruce Schneier is a security technologist and author
Schneier…
Yes, and some friends of him. So they create tools but they're not totally selfmade. The second group tries to use strong tools, we all know. Like Tor, like tails. They publish some guidelines in Arabic and. They think, if that's good for hackers, if that's good for privacy, that's good for us. The third group are the crazy jihadist people. They just use applications, programs, validated by the religious boss, even it it's shit.
FM4
What other tools are they using to hide their communication?
Before Snowden it was Pidgin, that's just a chat program, but you can have it with OTR. After Snowden we see lots of tools developed around twofish with assymetric encryption keys. Tey also used Tor to publish some news in the darknet. Some people are going to Diaspora too. That's crazy, because in France Diaspora is used by anarchist people, in order to use Twitter without having to go there etc. Since a few years you have more and more Jihadists using this tool….
We heard about a lot of extremists using whatsapp or PS4-Chat and everyone went like "OMG" - is it really that astonishing?
It' s like a game between cats and mice. You will always have the mice trying to find new tools, new ways to send information and you have cats following and say "Oh, there is a new thing". So the cats must be faster but the problem is, there are a lot of mice.
FM4
How did you find out about all this?
Before I went into security, I worked as a journalist for twelve years. I did stories about Jihadists, but within the field of geopolitics. I was living in Egypt, Tunisia, Lebanon, Sudan etc. So I already knew, what to look for. But it is difficult. Sometimes you can begin with a Twitter-Account. Some of them are really talkative about the tools they are using and tell you about a forum where you can dig deeper. But it's a long process. You go to the first forum, after a long time they accept you and invite to another forum and so on. You can spend time in 5, 6 or 7 forums, before you can really talk to paranoid people. A French Researcher called that Wiki-Terrorism. It's like a Wikipedia-Process on Terrorism. Touching a lot of people through Social networks - and everybody participates. But they aren't all educated in security, they aren't all paranoid and publish just everything on the net. So sometimes you can even find the infos on Facebook or Twitter.
During your research, did you find something like a trend, a next step, to see where the communication/encryption might be going?
That's just my opinion, but: if they have a lot of money from Saudi Arabia, they will send some people to great schools to become engineers in order to make their tools better.
... like an investment in education
Yes. But the problem is: If you want to send a guy to a high level school, you have to have really high level guys. And high level guys aren't interested in religious groups. Because if you have a brain, you don't go there.
FM4
How important is social media really for Jihadists?
They work a lot on mass communication. Before the year 2000 they used VHS-Videos. Then they switched to Internet. In 1997 it was just 28 Websites asking people to do the Jihad. In 2015 we can see more than 20.000 Websites. About Twitter: Most of the accounts are from Saudi Arabia. Followed by Syria, Iraq, USA, Egypt and Kuwait. 73 percent are in Arabic, 18 percent in English, 6 percent are in French. Between September and December 2014 the number of twitter accounts calling for jihad went from 46.000 to 90.000. They communicate a lot to access new people and to publish their news. There is a group on Anonymous - in March they said "OK, we will expose 9.000 accounts". But after that, the Jihadists still tweeted, and now we have 15.000 jihadi twitter accounts. So you see: When the accounts are closed, they simply create new ones.
Do you think the approach of Anonymous is a good idea?
Be careful with Anonymous, because… Do you remember the Charlie Hebdo-murders? There were two Anonymous-"operations" to shut down websites. They brought in very young people to break into websites and hand them over the database. Then they sold the database on the black market. So maybe the kids did that for politics, for ideology. But some guys behind them, who are the leaders, did that simply for money. So we also could see random websites, like camping websites or little town websites being attacked. That wasn't to attack Jihadists, that was just to attack.
FM4
In France you have data redemption since 2006 I think - now the whole discussion about every country wanting to store communication data of every citizen started again. There are also people, who say, they want backdoors within encryption. From your point of view - is this the right reaction?
I think, now it is really hard to talk about that, because we are all still very emotional about these events. I think, politics in France is going too fast - that's just my point of view but we have to focus on the events and have to look what happened before we release strict security laws. What lessons can we learn about 911- About privacy about freedom and security? Was it a good law or bad? We have to analyze it and learn from it.