Electronic Jihad (merged thread)

[zenpundit]

Would it really be better, from an IO and IC perspective, to drive these sites into less visible formats than open websites? We can barely catch the most significant variables of the material out there now.

A smarter option would be slick psuedo-jihadi of our own to spread disinformation, fratricidal factional strife, intra-jurisprudential controversies and so on and network-maap the traffic.

[selil]

Zenpundit,

I still owe you that coffee...

On topic we (google, yahoo, dogpile, etc.) can see about thirty percent of the Internet (optimistically). Darknet for example on SWC is the area that the registered users, admins, and selected individuals have access to. Darknet is the other side and is where a lot of the coordination, training, and planning activities of the adversary are likely occurring. This can happen on forums, wiki's, IRC, and p2p networks. Like a periscope breaking the surface the recruiting efforts and open Jihadist websites portend much more danger below the surface that their targets may not see.

The openly communicating enemy of the state may expose substantial and influential information simply by the volume of what they are saying. Driving them to ground will only piss them off, and result in little if any security.

[sgmgrumpy]

Do not forget about Deep Web.

I stumble onto many "questionable websites", and I only do it for a hobby.

Not sure where the Army is going with this, but even if you do find the websites, what next? And something Army may not think of and I am sure the XXX would beg to differ (another one of those turf struggles) on just which sites get shut down or monitored.

TAKES AIM They just keep hopping onto another IP address.

I would compare this to tossing one of those ping pong balls at those fish bowls at a county fair. Darn thing bounces around all over the place until it either goes off table or lands in bowl. After a couple dozen balls when you do land one in the bowl, they don't give you that one, they grab some fish in totally different tank and slaps it in a plastic bag and hands it off to you, and now your like, Now what?


Deep Web Research Resources and Sites

A Subject Tracer™ Information Blog developed and created by Internet expert, author, keynote speaker and consultant Marcus P. Zillman, M.S., A.M.H.A. for monitoring deep web research resources and sites on the Internet.

[marct]

Hi Selil,

The openly communicating enemy of the state may expose substantial and influential information simply by the volume of what they are saying. Driving them to ground will only piss them off, and result in little if any security.

There are a couple of other implications as well. First, these sites can be used to track narrative changes as they emerge and, in some ways, are a fantastic source of predictive intel. Second, the legalities of attacking these sites are interesting. Certainly if they are located on servers in the US they can be shut down - at least for the n2 seconds it takes for the mirror in some other country to pen up . What if they are in Finland or Kenya or Nigeria?

Personally, I don't care if thy are PO'd - "bad cess" to them as my grandmother would say. I would far rather use their own necessities against them in a proactive way.

Marc

[Ratzel]

Would it really be better, from an IO and IC perspective, to drive these sites into less visible formats than open websites? We can barely catch the most significant variables of the material out there now.

A smarter option would be slick psuedo-jihadi of our own to spread disinformation, fratricidal factional strife, intra-jurisprudential controversies and so on and network-maap the traffic.

This is exactly right. Why would we want to make it harder for us to watch them? Its much easier to monitor the Internet than sort through sail mail, monitor cellphones, or catch a messenger. I would hope that all the ideas you stated are already being implemented? One argument people make is that they can recruit via the Internet and motivate people through images of attacks on US personal. While this may be true, at the same time, we can monitor who visits these sites and geographically analyze the major nodes and networks of the regular visitors. GIS would be a great tool for this type of analysis. I'm pretty sure our intelligence people must be doing this already. Anyway, good post.

One more thing, and this might sound a little too "sci-fi" or crazy but here goes. Someone should develop the technology that would enable us to send some sort of "shock" through the system or even something that could cause an explosion at the enemy's computer[s]. A known enemy, would think he was visiting a "friendly" site and when he clicked on to the site, he would feel something very unpleasant. This may be impossible, as I know very little about computer networks or computer technology, but I thought I'd mention it anyway?

[JeffC]

This is exactly right. Why would we want to make it harder for us to watch them? Its much easier to monitor the Internet than sort through sail mail, monitor cellphones, or catch a messenger. I would hope that all the ideas you stated are already being implemented? One argument people make is that they can recruit via the Internet and motivate people through images of attacks on US personal. While this may be true, at the same time, we can monitor who visits these sites and geographically analyze the major nodes and networks of the regular visitors. GIS would be a great tool for this type of analysis. I'm pretty sure our intelligence people must be doing this already. Anyway, good post.

We don't know the identity of visitors or members to these sites since they post under pseudonyms. And their use of anonymizers like TOR (and more sophisticated tools) defeats geographical analysis.

[Steve Blair]

One more thing, and this might sound a little too "sci-fi" or crazy but here goes. Someone should develop the technology that would enable us to send some sort of "shock" through the system or even something that could cause an explosion at the enemy's computer[s]. A known enemy, would think he was visiting a "friendly" site and when he clicked on to the site, he would feel something very unpleasant. This may be impossible, as I know very little about computer networks or computer technology, but I thought I'd mention it anyway?

This sort of thing is very difficult due to the fact that someone could be broadcasting a site or link through a zombie system (more or less a third party computer that's been taken over by an outside network). You might also end up frying a casual surfer or someone who just blundered into an area (not to mention your own guys who were out gathering and didn't get the word...).

Interesting idea, but in many ways it may be better to let some of this stuff stay out in the open so you can monitor and track it.

[selil]

I recently completed a project looking at the OSI 7 layer model. The concept of the paper was to identify a variety of methods to obscure or remove all traces of the orginators message. This is a project related to my PhD research on cyber warfare. The idea of traitor tracing (usually watermarks and encryption) being expanded to other methods of tracing or identifying rogue entities in an organization. Looking at the OSI 7 layer model we can remove every trace, at every level, between two end points of any communication. And, even if detected it is encrypted in such a way as any message would be OBE before forced decryption. Literally keyboard of sender to monitor of receiver the message is untraceable. For some reason people don't want me to publish the paper. I wonder why.