Posted in Twitter by an Islamic State ideological supporter with thousands of followers using the handle @AmreekiWitness, a new online guide explains to jihadists how to remain anonymous online. The manual comes with intercalated Quranic verses in between and a quotation of General’s Sunt-Zu that reads “War is deceipt“, found in the ancient book “The Art of War“, a mandatory reading for CIA intelligence officers, and also a quotation of the Islamic Hadith.
The anonymity manual is linked to a JustPasteIt page, one of the tools of choice for Islamic State supporters to post their propaganda. Online jihadist are using JustPasteIt to spread their ideas because you don’t have to register or open any account to upload photos and documents and it can be quickly done with Tor even if many of the pages are taken down by the company when someone reports them.
The manual recommended VPN provider is CyberGhostVPN (referred to as Ghost VPN). Trying to guess why this would be a good VPN for a jihadist I would say that it is free to use, no payment details can be traced back, the company claims no logs are kept and CyberGhost headquarters are located offshore in Romania. For extra security another security measure advised in the manual is to combine Tor and CyberGhostVPN at the same time. An excellent choice, it will slow down your Internet browsing but it adds an extra security layer, something that it is worth to do when your enemy is a country with lots of resources at their disposal to track you down. One more great tip given in the manual is to never check your real Facebook page or email account with the VPN or Tor, doing that would expose your real identity to anybody monitoring the traffic.
The live operating system Tails is also advised for online anonymity, Tails being my favourite tool for posting comments against the NSA on various forums, I believe it to be an accomplished tool. Specially as it leaves no recoverable traces on the hard drive, other than the BIOS being set up to boot from a CD first, and all settings in Tails are good to go by default, even people who don’t understand much about technology should be safe with it.
For email communications the anonymity manual suggests Bitmessage, a P2P email system that has no central server, optionally accessed using a Tor hidden node and which account can be nuked if it is compromised.
For instant messenger the manual recommends, Cryptocat and ChatSecure, I would agree with ChatSecure, an open source mobile app with Off The Record. Cryptocat doesn’t appear to be a bad but I don’t feel it is suitable for paranoid privacy because they have a central server. I would only feel safe with Cryptocat if I am behind Tor, and they warn you of this on their website.
The last part of the manual covers legal advice and it cautions people that if they use social media to avoid arrest a disclaimer should be added saying that they do not support violence and “study the radical Muslim community for recreational purposes“.
This Jihadist guide to remain anonymous online is fairly good. I could only see minor mistakes, the first one is that the manual capitalizes The Onion Router acronym, naming it TOR. This denotes that the author does not follow Tor development too close because the official name is Tor and everybody on the Tor mailing list knows this.
One big hole is that there is no mention of full disk or file encryption at all, DiskCryptor or similar software is very useful for anybody who wants to keep files locked out from unauthorized eyes, and they should have also mentioned steganography. As leaked Snowden’s document reveal, the use of encryption and Tor raises red flags in the security services, steganography on the other hand needs to be found first, it is extremely difficult to detect a hidden message inside a photo or MP3 posted on plain view in Flickr, unless it is known that the target is using steganography, they won’t search for it, and spy agencies would have to extract the data before decryption,it adds to their troubles.
The manual also does not include any warning about the trojan horses that security agencies are known to email or force download in target computers using Flash, Windows and Adobe updates, trojan horses that are not detected by any antivirus software. The only way around is being cautious, not using Windows if possible, or, the best choice, to only browse the Internet with a live CD for activism.
What the USA has in its favour is that Muslim terrorists are using USA companies like Twitter for their propaganda, giving the NSA easy monitoring of their accounts, knowing who their contacts are, what PMs they send to each other, what email addresses they have used to register, this facilitates wire-tapping and trying to download a trojan horse in the user’s computer to know more about them (it could thwarted if they use a live CD).
Other good news for the USA government is that a quick search of real life news show that although anonymity technologies have been around for over a decade, the number of terrorists and child pornographers bothering to learn about them are a rare exception. Apparently, although Tor and encryption can keep their asses out of 20 years in prison,targets are extremely foolish and don’t learn about computer security, if they did they would not post photos with blurred faces, they can be unblurred, this has been done in the past by German law enforcement, it is necessary to use opaque black colour squares to hide faces and stop experts from making them visible again.
Vertical Ellipse
Hi,
could you please explain me this sentence please: “never check your real Facebook page or email account with the VPN or Tor, doing that would expose your real identity to anybody monitoring the traffic.”
It is true that with Tor or VPN the exit node could eavesdrop the unencrypted facebook traffic but, specificaly using Tor, the exit node cannot track the initial IP because there are several other nodes before it.
In my opinion it would be a mistake not using VPN or Tor at all because in that way everyone monitoring any node between you and facebook servers can easily track down your real IP and link it to your identity.
Cheers
hacker10
Hello,
Notice the word “REAL” in the quoted sentence. A real Facebook account knows your name (contacts, email address, photos, name of your children, school and the last time you went to the toilet if you posted about it), the NSA has a backdoor in Facebook, there is no need to find out your IP, knowing the username is all they need.
Best regards,
hacker10
nobody
Advising people to click a link from terrorists and use the same vpn as them is horrible opsec!