Until recently, al-Qaida didn't pose much of a threat online because it used outdated technology. Having modern encryption tools changes the equation.

Thomas Claburn, Editor at Large, Enterprise Mobility

January 24, 2008

2 Min Read

Last week, an Islamist Web site called Al-Ekhlas released updated encryption software to help keep secret communications from prying eyes. The site is allegedly frequented by al-Qaida supporters.

According to the Middle East Media Research Institute, the first version of the software, "Mujahideen Secrets," was released a year ago as "the first Islamic computer program for secure exchange [of information] on the Internet." MEMRI says that the program includes "the five best encryption algorithms, and with symmetrical encryption keys (256 bit), asymmetrical encryption keys (2048 bit) and data compression [tools]."

Reuters reports that the new version of the software, "Mujahideen Secrets 2," was developed by Al-Ekhlas "in order to support the mujahideen (holy war fighters) in general and the (al Qaeda-linked group) Islamic State in Iraq in particular."

The Al-Ekhlas Web site is hosted by Florida-based Noc4hosts. Calls and e-mail to the company were not returned.

In an e-mail message, Paul Henry, VP of technology evangelism at Secure Computing, said that until recently al-Qaida didn't pose a credible threat online because of its use of outdated technology. Having modern encryption tools, he said, changes the equation.

The reason al-Qaida supporters would bother making their own encryption software, said Henry in a phone interview, is that they don't trust the software that's out there. "They're concerned with the backdoors in publicly available code ... so they decided to write something themselves," he said.

Henry also acknowledged that the encryption software served a political purpose as much as a technological one. "They're trying to drive membership," he said.

Still, given the sophisticated methods of information gathering available to intelligence agencies, serious terrorists likely know enough to avoid computers entirely. For those likely to be watched by such agencies, sending encrypted files is merely an invitation for the sort of all-encompassing scrutiny that encryption can't block.

Moreover, worries about cyberjihadists have long been overstated. For example, a well-regarded Israeli Web site warned last year that al-Qaida hackers planned a major online offensive against Western, Jewish, Israeli, Muslim apostate, and Shiite Web sites on Sunday, Nov. 11. Needless to say, the Internet was still standing on Nov. 12 and thereafter. Chances are that if the Internet goes down, it will be because of a careless communications worker and a backhoe.

Henry said that he had spoken with federal agents about the site and that the law enforcement community is aware of it.

Offering encryption software is not a crime, though some would support making it so. And while naming software "Mujahideen Secrets 2" may be inflammatory, being provocative is not illegal. It's not clear yet whether Noc4hosts will remove the Al-Ekhlas site for violating its Acceptable Use Policy. As of Thursday afternoon, the Al-Ekhlas site appeared to be inaccessible.

About the Author(s)

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights