I usually try to leave this kind of thing alone as far as replies are concerned but NPR ran this story this morning and I heard it on the way in to work. Then I saw that it was trending on the internet as well so I decided to read it in full. Here’s the story:
In it, the big data firm “Recorded Future,” which sounds exactly like an NSA front company, declares that they’ve discovered that two months after Edward Snowden’s leaks about the NSA’s unlawful vacuuming up of the entire internet, al-Qa’ida affiliated groups released a brand new encryption software package for terrorists to begin using.
Previous to this, they had reportedly been using a Windows only encryption package known as “Mujahedeen Secrets” which had reportedly changed little in seven years. The firm asserts that this software has now been abandoned in favor of the new software.
According to a new report to be released Friday by big data firm Recorded Future, a direct connection can be drawn: Just months after the Snowden documents were released, al-Qaida dramatically changed the way its operatives interacted online.
“We saw at least three major product releases coming out with different organizations with al-Qaida and associated organizations fairly quickly after the Snowden disclosures,” said Recorded Future’s CEO and co-founder Christopher Ahlberg. “But we wanted to go deeper and see how big those changes were.”
By “product releases,” Ahlberg means new software. And for the first time, Recorded Future says, it can now codify just how big a change it was.
So, we’re expected to believe that despite making almost no changes to their software over seven years, suddenly terrorist hackers were able to whip up a new software and encryption package that supported not just Windows but multiple platforms including both Macintosh and various mobile phone platforms. After seven years of doing nothing, suddenly the terrorist hacker community has discovered advanced open source software that they can use for secure communications? All of this, in two months?
No, that’s ridiculous. Anyone familiar with software development on any level will look at this and immediately know that these terrorist hackers must have been working on it long before the two months “Recorded Future” asserts it took to develop. It’s unproveable and illogical nonsense from a company that very likely is seeking to attain or maintain government contracts. It’s auditioning and advertising.
This is a negligent story by NPR. The impression in both the radio and written stories is that this firm has actually found a link when the truth is that they’re only asserting they’ve found a link without any plausible evidence that it’s the case. As a result, people that read the story who already believe that Snowden is a traitor will be bolstered and declare that there is now proof whereas people who were on the fence or undecided may very well read it and decide that, yes, there’s proof that Snowden has hurt America. Then, at the very bottom, there’s one quote from one person dissenting. It’s less than a quarter of the article.
Mujahedeen Secrets has been around OPENLY for forever. Software websites were doing reviews of the software as recently as 2008 and it’s openly available for download. You’re going to tell me that terrorism supporting hackers were somehow unaware that their secret was no secret? You’re going to tell me that they’d just assume the NSA would never getting around to cracking it immediately?
Here’s what security specialist Bruce Schneier had to say about the supposedly amazing Mujahedeen Secrets when it came out:
No one has explained why a terrorist would use this instead of PGP (Pretty Good Privacy) — perhaps they simply don’t trust anything coming from a U.S. company. But honestly, this isn’t a big deal at all: strong encryption software has been around for over fifteen years now, either cheap or free. And the NSA probably breaks most of the stuff by guessing the password, anyway. Unless the whole program is an NSA plant, that is.
Only fake jihadis were ever using this software with any confidence. That’s why Bin Laden wasn’t located for a decade. So much for ‘Recorded Future’ and cyber intelligence.
C’mon NPR, even Thought Catalog’s news coverage does better than this. Surely NPR can outclass us.