Al Qaeda suspect's porn film found to contain treasure trove of secret documents

May 04, 2012 by Lin Edwards report
Al Qaeda suspect's porn film found to contain treasure trove of secret documents

A suspected member of the Al Qaeda terrorist group, arrested in May last year in Germany, was found with a memory stick hidden in his underwear. Police discovered the stick contained a password-protected folder with pornographic videos inside it, but suspicious computer forensic experts thought there must be more. After weeks of analysis, they determined that one of the pornographic videos contained concealed documents detailing Al Qaeda operations and plans.

The files were hidden in the video file through a process called steganography or concealed writing. The term steganography includes methods used for centuries, such as , but now also includes techniques such as concealing (often unencrypted) content inside a , video or audio file. Steganography conceals data within “plain sight,” which makes it difficult to detect.

Digital steganography can be done on audio files by manipulating the waveform to hide data, but such changes produce noise that is more obvious than changes visible to the eye. Data can be hidden in image files opened in a text editor simply by inserting text at the end of the file, but more sophisticated and effective methods use special software to manipulate individual bytes or pixels of the media file.

For example, readily available software can be used to manipulate the properties of individual pixels within an image. The color of pixels is determined by vector values representing the intensity of each color (red, green and blue in RGB systems, for example), and these values can be manipulated to hide data.

Other steganographic software tools convert bytes of data to be concealed into individual binary bits (0 and 1) that are then substituted for the least significant bits in the media file. The substitutions are spread throughout the media file following a sequence or algorithm, to make detection more difficult and distortion of the media file less noticeable.

Another, even more sophisticated method is to manipulate the discrete cosine transform coefficients (DCTs) used to compress JPEG files to hide data into parts of an image. This method enables the hidden data to survive even if the image is later cropped, resized or compressed.

The forensic task of revealing data hidden within files is complicated because the area is rapidly developing and becoming ever more sophisticated, but security programs are available that can help researchers detect manipulations within images and other digital files.

The researchers from the German Federal Criminal Police (BKA), spent many weeks examining the hidden pornographic video found on suspected Al Qaeda member, the Austrian Maqsood Lodin, when he was arrested in Berlin after returning from Pakistan. The video, called “Kick Ass,” was stored in a password-protected folder and within the video they found a file called “Sexy Tanja.” Further analysis of this file eventually revealed that it contained more than 100 concealed unencrypted documents describing Al Qaeda plans and operations.

A video file has ample room for concealing documents, and would be relatively easy to distribute. In Maqsood Lodin’s , the porn video contained hidden terrorist training manuals in pdf form in English, German and Arabic, along with numerous documents detailing planned future Al Qaeda attacks, and lessons learned from previous operations.

Lodin is currently on trial in Berlin, and has pleaded not guilty to charges of terrorism.

Explore further: HP supercomputer at NREL garners top honor

Related Stories

Hide files within files for better data security

May 09, 2011

Steganography is a form of security through obscurity in which information is hidden within an unusual medium. An artist might paint a coded message into a portrait, for instance, or an author embed words in the text. A traditional ...

Embedding spy secrets in the hard drive fragments

Apr 26, 2011

(PhysOrg.com) -- A new way to hide your secrets has been created, which is good news for both the spies and the generally duplicitous regular people of the world. This new system, instead of relying on traditional methods ...

Researchers detect secret files lurking within digital images

May 24, 2006

Keeping computer files private requires only the use of a simple encryption program. For criminals or terrorists wanting to conceal their activities, however, attaching an encrypted file to an e-mail message is sure to raise ...

Multimedia search without detours

Apr 02, 2010

Finding a particular song or video is often no easy matter. Manually assigned metadata may be incorrect, and the unpacking of compressed data can slow up the search. DIVAS, a multimedia search engine, uses digital fingerprints ...

iPhone and iPad with iOS 4 records your moves (w/video)

Apr 20, 2011

(PhysOrg.com) -- Security researchers have discovered that any iPhone or iPad that has been updated with iOS 4 records everywhere you have been to a secret file. The file is also copied to the owner’s ...

Recommended for you

Apple issues security warning for iCloud

1 minute ago

Apple has posted a new security warning for users of its iCloud online storage service amid reports of a concerted effort to steal passwords and other data from people who use the popular service in China.

Review: Better cameras, less glare in iPad Air 2

3 minutes ago

If I've seen you taking photos with a tablet computer, I've probably made fun of you (though maybe not to your face, depending on how big you are). I'm old school: I much prefer looking through the viewfinder ...

Apple sees iCloud attacks; China hack reported

11 hours ago

Apple said Tuesday its iCloud server has been the target of "intermittent" attacks, hours after a security blog said Chinese authorities had been trying to hack into the system.

User comments : 44

Adjust slider to filter visible comments by rank

Display comments: newest first

Musashi
1.2 / 5 (23) May 04, 2012
This is such bs...
antialias_physorg
4.2 / 5 (20) May 04, 2012
The researchers from the German Federal Criminal Police (BKA), spent many weeks examining the hidden pornographic video

I hope it was at least some good porn.

This is such bs...

Not really. Video, image (and even audio) steganography are pretty easy to do and are also pretty secure. I've actually written a tool for doing it (though I used put the data in videogame leveleditor files - but the idea is the same). It's easy to detect that SOMETHING is in there, but getting out what and where it is exactly can be very hard.

There's legitemate use for it, too. Watermarking of files is done using the same method. The trick is to use a watermark that survives everything photoshop can throw at it: cropping, distortion, cut and paste, color palette changes, filters, ... you name it. There's no perfectly robust way to do this, yet - so this is still a hot research topic.
Husky
1.4 / 5 (18) May 04, 2012
it could be true, but now the door is open for the goverment to "produce" incriminating evidence from your innocent movies...
i can write a custom algorhythm that finds a satanic message in your facebook pic pixels, lock him up!
Tseihta
2.8 / 5 (12) May 04, 2012

I hope it was at least some good porn.


Probably the donkey variety...
mrtea
1 / 5 (9) May 04, 2012
Why would governments bother with this complicated method? They can just plant documents, weapons or drugs, or just claim that they were found at your premises.

I would have thought they would have been better to use less noticeable video material, like Tupac music videos. No-one will suspect anything there. :)
antialias_physorg
4.6 / 5 (11) May 04, 2012
it could be true, but now the door is open for the goverment to "produce" incriminating evidence from your innocent movies...

That's always been a possibility. Digital information is always open to manipulation.
But watermarking/steganography goes back to way before digital (Ancient Greeks already used invisible inks, Mongols planted information in idograms, etc.).
If you want to plant any incriminating evidence then that type of manipulation can always be done after the fact.

The most fun (and freaky) steganography I've seen is a prgramming language called whitespace.
http://en.wikiped...guage%29

With it you can actually hide the source code of a program WITHIN the source code of another program. It's there in plain sight. But since the language consists only of tab, space and linefeeds you cannot see it (or even print/photograph it) unless you have a compiler for it. All you see is unusual formatting
Eikka
4.5 / 5 (8) May 04, 2012
They didn't cover the use of combination steganography, which is ideally impossible to decipher. You basically take two copies of the same image, embed the data in both, and send them along on different routes.

The way to obfuscate it so is to take two sets of data, one that is the real information, and another one that is random gibberish. you add one to the other, and you get a third dataset that contains both but is meaningless. You then put your random set into one image, and the obfuscated dataset into the other.

In the images they appear simply as noise, but when you subtract the two images from each other, you get the original data out.

A one time pad is virtually impossible to break unless you always use the same pad, so you cannot decipher the message without all of the images, and there can be as many as you want.

Eikka
1.6 / 5 (7) May 04, 2012
Why would governments bother with this complicated method? They can just plant documents, weapons or drugs, or just claim that they were found at your premises.


To convince the people who are actually working on the case.

After all, you got hundreds of professionals tracking the person, collecting information, and then analyzing the results. If they simply said he was guilty of such and such, someone would spill the beans eventually.

Or, the whole steganography story is a red herring and none of it actually happened.
Burnerjack
1.3 / 5 (13) May 04, 2012
Musashi is right. There is no such thing as Al Qaeda. And there is no such thing as the Mafia. And of course, Obama is an American citizen. Oh, yeah, and the tooth fairy is real too.
barakn
2.3 / 5 (3) May 04, 2012
The most fun (and freaky) steganography I've seen is a prgramming language called whitespace.
http://en.wikiped...guage%29

With it you can actually hide the source code of a program WITHIN the source code of another program. It's there in plain sight. But since the language consists only of tab, space and linefeeds you cannot see it (or even print/photograph it) unless you have a compiler for it. All you see is unusual formatting

...Unless you have a text editor that makes all characters visible. Free or trial versions include Notepad and Textpad. Non-visible characters have been an issue in the programming and data worlds for ages, so of course there are tools for dealing with it.
antialias_physorg
4 / 5 (4) May 04, 2012
A one time pad is virtually impossible to break unless you always use the same pad,

As soon as you use it twice you're in serious trouble. Here's a good example of what happens (there's a reason why they are called one-time pads):
http://www.crypto...hives/70

I love one-time pads, but one really needs to be careful when employing them. Especially how you generate your noise is critical or your message is open for analysis/attack
Ideally you use something like radioactive decay as the generator - e.g. from a setup like here:
http://www.fourmi...hotbits/

You basically take two copies of the same image, embed the data in both, and send them along on different routes.

Unless the original image is available to others (which is probably the case with porn).
Random keys have another drawback: They draw attention to the fact that something is there. The knowledge that someone is hiding something can be enough - without even knowing the content.
DavidW
1 / 5 (14) May 04, 2012
If this is there, then someone put it there, but who, how and when? Given John Lear, the piliot with the most FAA certifications says that it was not possible for the planes to have hit the towers due many factors based on the laws of physics and these people are the ones responsible for what could not have happened, based on his words, I would have question this nine ways to Sunday.
kochevnik
1 / 5 (14) May 04, 2012
The question without an answer at this point is whether the same mossad company in charge of airport security for all Al Qaeda attacks dating back to Lockerbie were also in charge of security at this airport. BTW two of the four flights on 9/11 weren't even scheduled to fly that day. Here's a charming video of Cheney casually admitting he murdered hundreds of innocent passengers: http://www.youtub...QAR5gQrc
Ooo O
1 / 5 (4) May 04, 2012
it could be true, but now the door is open for the goverment to "produce" incriminating evidence from your innocent movies...
i can write a custom algorithm that finds a satanic message in your facebook pic pixels, lock him up!


True. Kind of like you can find predictions of world events using different algorithms in the book Moby Dick.

But it would be easier for them to just make a file and put it there. Why would they hide it? Seems like more work for a lazy government who is looking to pin something on you.

All that being said I cant believe they didnt use any encryption. Even a basic ROT. IDK how these guys made it past puberty let alone into a world threatening organization.
TheGhostofOtto1923
3.4 / 5 (5) May 04, 2012
IDK how these guys made it past puberty
I am sure they would be wondering the same thing about you if they knew you ritchie.
But it would be easier for them to just make a file and put it there. Why would they hide it?
Because they are BAD GUYS.
mosahlah
3.8 / 5 (17) May 04, 2012
The question without an answer at this point is whether the same mossad company in charge of airport security for all Al Qaeda attacks dating back to Lockerbie were also in charge of security at this airport. BTW two of the four flights on 9/11 weren't even scheduled to fly that day. Here's a charming video of Cheney casually admitting he murdered hundreds of innocent passengers: http://www.youtub...QAR5gQrc


Right,.. the whole world has been fooled. But not only do you know the truth, you downloaded the proof from the internet. Hey, I'm totally with you. By the way, I have a secret formula that will give you superpowers for only $100. (Don't tell the goverment.) Post your address and I will send it to you.
mosahlah
4 / 5 (16) May 04, 2012
If this is there, then someone put it there, but who, how and when? Given John Lear, the piliot with the most FAA certifications says that it was not possible for the planes to have hit the towers due many factors based on the laws of physics and these people are the ones responsible for what could not have happened, based on his words, I would have question this nine ways to Sunday.


Yeah, planes couldn't possibly fly straight into buildings. Those things landing on airport runways every 5 minutes must be hallucinations from all the drugs you are taking.
mindmasher
3.8 / 5 (5) May 04, 2012
It's easy to do this in a fashion where they couldn't detect it. Take your own video clip of random, chaotic crap (say the interior of a store), and then run a specific algorithm to mess with the RGB data in a linear fashion to encode additional data. For instance break the frame into 10x10 squares, and change the RGB value of a specific one based on the time stamp and square coordinate. Subtle shifts of a couple shades of red or blue in an RGB value would be totally undetectable (who is to say that the camera recorded a 144 or a 145 R for a pixel?). Unless you had access to the original (which of course you destroy), you could never recover the encrypted data unless you fluked upon the method by which the pixels were shifted.
Red Badger
4.2 / 5 (5) May 04, 2012
Oh great, now the TSA will be watching porn 24/7/365..................
jet
5 / 5 (4) May 04, 2012
And this info would be not available had a Predator / Reaper just "eliminated" the targeted with an AGM-114 HellFire
Deathclock
2 / 5 (11) May 04, 2012
"The researchers from the German Federal Criminal Police (BKA), spent many weeks examining the hidden pornographic video"

I bet they did!

But the real question is did the video contain goats? I know those guys really like their goats over there...
Deathclock
3 / 5 (8) May 04, 2012
It's easy to do this in a fashion where they couldn't detect it. Take your own video clip of random, chaotic crap (say the interior of a store), and then run a specific algorithm to mess with the RGB data in a linear fashion to encode additional data. For instance break the frame into 10x10 squares, and change the RGB value of a specific one based on the time stamp and square coordinate. Subtle shifts of a couple shades of red or blue in an RGB value would be totally undetectable (who is to say that the camera recorded a 144 or a 145 R for a pixel?). Unless you had access to the original (which of course you destroy), you could never recover the encrypted data unless you fluked upon the method by which the pixels were shifted.


The method you just described is significantly less sophisticated than manipulating the discrete cosine transform coefficients as mentioned in the article, and they can still detect that...
mindmasher
2.5 / 5 (2) May 04, 2012

The method you just described is significantly less sophisticated than manipulating the discrete cosine transform coefficients as mentioned in the article, and they can still detect that...


Less complicated does not mean 'more easily detected' - there is no logical basis for making such an assumption.

This is essentially turning the film into a one-pad encrypted document, but with the added benefit of hiding the data in plain sight.
KingDWS
3 / 5 (2) May 04, 2012
Musashi is right. There is no such thing as Al Qaeda. And there is no such thing as the Mafia. And of course, Obama is an American citizen. Oh, yeah, and the tooth fairy is real too.

Hey the toothfairy is too real! They just made another dokumentalry about him an we all know movies always tell the truth.
CHollman82
2.6 / 5 (5) May 04, 2012

The method you just described is significantly less sophisticated than manipulating the discrete cosine transform coefficients as mentioned in the article, and they can still detect that...


Less complicated does not mean 'more easily detected' - there is no logical basis for making such an assumption.

This is essentially turning the film into a one-pad encrypted document, but with the added benefit of hiding the data in plain sight.


I didn't say complicated, I said sophisticated. Your method is significantly easier to defeat than DCT. There are only so many patterns you can choose from to partition and modify the data in your scheme, and with sufficient hardware you can test them all in parallel in seconds.
mindmasher
5 / 5 (1) May 04, 2012

I didn't say complicated, I said sophisticated. Your method is significantly easier to defeat than DCT. There are only so matter patterns you can choose from to partition the data in your scheme, and with sufficient hardware you can test them all in seconds.


How exactly would you be able to detect patterns? If 400 pixels out of say 160000 in a frame were modified, how would you be able to tell those pixels from any others? Both the ordering and arrangement of the data could be changed on a per frame basis, making it virtually impossible to ascertain the scheme at which the pixels were shifted.

The main problem is you simply cant identify easily which elements are encoded data, and which aren't because all of the data is relatively homogeneous in the frame.
mindmasher
5 / 5 (1) May 04, 2012
I didn't say complicated, I said sophisticated. Your method is significantly easier to defeat than DCT. There are only so many patterns you can choose from to partition and modify the data in your scheme, and with sufficient hardware you can test them all in parallel in seconds.


I'll elaborate further.

Your decoding/encoding instructions would look something like, take value in the first 5x5 block, and then the second pixel that divides most evenly into 13, and shift its R 1 if the sum of its RGB values are even, or its B - 1 if its sum of RGB values are odd. Now repeat arbitary remainder checks for the rest of the frame with arbitrary shifts based on sums and factorials etc.

You'd need an algorithm that could find the shifted pixels in each frame, not an easy task considering the amount of small pixel variability within any given 5x5 block. And when I say not easy I mean I don't even know how to describe on a high level how you would be able to do it.
kochevnik
1.6 / 5 (7) May 04, 2012
http://www.youtub...QAR5gQrc

@mosahlah zionist bs...
Who ran security at all three airport of "alleged" hijackings? ICTS International / Huntsleigh USA (wholly owned subsidiary) .Owned by Ezra Harel and Menachem Atzmon . Both Israeli Zionists.

It is run by "experts" in the security and intelligence field. Israeli intelligence that is. Most employees were ex- Shin Bet agents.

Is this airport security company, who ran the security at Dulles, Logan, and Newark, really that shotty to allow 19 arabs on board 4 different planes with boxcutters, mace, and even a gun, or is there something else going on here? ICTS was also in charge of airport security when the shoe bomber Richard Reid boarded a plane with a shoe bomb(allegedly).

So sweet you can laugh about Cheney murdering hundreds of Americans outright. You are one POS. I'm not even American how can people not care about people in their own country? You make me want to vomit more than your piss beer.
Burnerjack
5 / 5 (1) May 04, 2012
@KingDWS: I hate to break it to you but South Park blew the lid on the REAL Tooth Fairy!
Vendicar_Decarian
not rated yet May 05, 2012
This would only be true for an uncompressed image. Compression makes dealing with individual frames more difficult and constraining. In order to hide data in a "clean" image, you have to modify pixels. And to do that without noticing, you have to define a specific palette.

"Both the ordering and arrangement of the data could be changed on a per frame basis" - MindMasher
finitesolutions
5 / 5 (1) May 05, 2012
I guess Al Qaeda wants to make love and war.
Future adult titles to be realeased by an Al Qaeda affiliate:
"Blowing together"
"Sex to die for"
"F U C K America"
"Al Qaeda does America"
"Last orgasm"
"Love is hell"
...
Claudius
1 / 5 (2) May 05, 2012
Substitute "Al CIAda" for "Al Qaeda" and this becomes much more believable. Did they also find cocaine in his underwear, and signs of recent lap-dancing?
GaryB
not rated yet May 05, 2012
The question without an answer at this point is whether the same mossad company in charge of airport security for all Al Qaeda attacks dating back to Lockerbie bla bla bla


Right,.. the whole world has been fooled. But not only do you know the truth, you downloaded the proof from the internet. Hey, I'm totally with you. By the way, I have a secret formula that will give you superpowers for only $100. (Don't tell the goverment.) Post your address and I will send it to you.


Right. If in fact the Mossad or the US government could actually pull off all these stunts, they would be so powerful and efficient that: (a) there would be absolutely no way of stopping them from ruling the world and anyhow, (b) the world would be better off being ruled by them.
TheGhostofOtto1923
2 / 5 (4) May 05, 2012
a) there would be absolutely no way of stopping them from ruling the world and anyhow, (b) the world would be better off being ruled by them.
You don't need near as much power as you would expect if 'adversaries' above a certain Level are all working for the same People. 2 Sides = 1 Coin.

The most Useful enemies are the ones you create yourself. And if enemies are Inevitable then it behooves you to create them before they appear independently and beyond Influence.

The very BEST way of sharing sensitive info with 'adversaries' is through intelligence networks. They are not used to find out who knows what, but to strictly Control who knows what.
Skepticus
1 / 5 (2) May 06, 2012
"suspect's treasure trove of Al Qaeda porn film found to contain secret documents". He he
slayerwulfe
1 / 5 (1) May 06, 2012
it could be true, but now the door is open for the goverment to "produce" incriminating evidence from your innocent movies...
i can write a custom algorhythm that finds a satanic message in your facebook pic pixels, lock him up!
that is not true and you know it.
Parsec
5 / 5 (1) May 06, 2012
This is such bs...

What is? The techniques described here are widely known. There is also software that can both embed and retrieve data from images (and thus videos) using all of these techniques.

So exactly what are you saying is either untrue or unlikely?
antialias_physorg
1 / 5 (1) May 07, 2012
i can write a custom algorhythm that finds a satanic message in your facebook pic pixels, lock him up!

You could, but your algorithm would contain more information than the medium in which you purport to find the message (i.e. your algorithm would be easily defeated in court)
..and besides: Satanic messages aren't illegal in the first place.

(And please look up what satanism is. I guarantee you that you'll be MASSIVELY surprised. It has nothing to do with what you think it does. If you live a life in which you accept personal responsibility for your actions (i.e. no automatic foregiveness from a god) and "judge others as you would be judged" then you may even come to the conclusion that you are, at heart, a satanist)

Xharlie
not rated yet May 07, 2012
Too convenient by half.

There are only two possibilities here: It's all a story or Al Quaeda are idiots and don't have a clue about cryptography or digital security.

Hang on! There's a third: Al Quaeda WANTED "The Authorities" to find the documents!
antialias_physorg
3 / 5 (2) May 07, 2012
Steganography is not a low level cryptography method. The point of steganography is to transmit messages over an insecure channel (e.g. email). It takes considerable resources and time to find out whether there is a message in a audio/video-file if you don't have the original file to work back from.

Steganography is very suitable to defeat low level analysis (i.e. any sort of analysis that is done routinely to any data stream passing through the system)

Really secure encryption has its own drawbacks. One time pads require a 100% secure channel for transmitting the pad. It also requires as much data as the messages you wnat to pass. Additionally it only allows one specific recipient to read the message (i.e. if you have 4 people in your group you already need to securely exchange 16 one-time pads between them)
Most other 'secure' systems make it very obvious that there is SOMETHING hidden. (encrypted) steganography is a good middle road between security and obscurity.
kochevnik
2.3 / 5 (3) May 07, 2012
The most Useful enemies are the ones you create yourself...The very BEST way of sharing sensitive info with 'adversaries' is through intelligence networks. They are not used to find out who knows what, but to strictly Control who knows what.
Otto nailed it.
Bog_Mire
not rated yet May 07, 2012
I call BS too
tasha90
1 / 5 (2) May 09, 2012

like Arthur replied I am shocked that a student able to earn $9035 in four weeks on the internet. have you seen this web link NuttyRich.com
jewelblade
1 / 5 (2) May 12, 2012
And it's no big deal for the national defense people to reveal when they've uncovered a major enemy's plans, one shared by many enemies... Boasting more important to the governments of the world, most of them, that says it all and explains their harmful vain behavior.