14 DAY TRIAL // Everything you wanted to hear one lousy Tuesday morning is that Al-Qaeda has updated its file security and is now able to send messages that can't be understood by the people in charge with protecting us. A big bundle of joy, that is, it feels like leprechauns taking your hand over the rainbow, to their pot o' gold. Fortunately, there's a catch to this.
It's true that the authorities cannot understand the message, yet, but they can surely spot them in a million, provided they monitor the people suspect of such acts. The Mujahideen Secrets 2 was released last month and is an updated version of Mujahideen Secrets (thus the "2") that greatly increases the encryption, from 256 bit AES provided in the early version, launched early last year. It was too easy to crack, so al-Ekhlaas decided to go for 2048 bit encryption instead.
Paul Henry, the Vice President of technology evangelism at Secure Computing Corp, told PC World that "it will not be a difficult matter for law enforcement to identify files created using this software" because it puts a unique fingerprint on them. "You may not be able to read the messages, but you will be able to figure out where it was sent from and to whom."
Among the particularities Henry noted was that Mujahideen Secrets 2 (it sounds like a video game, I just had to say it) can take a binary file and encrypt it so that it can be posted in pure ASCII or text only format. That means that people using it could post those files on sites that aren't even on the Internet, such as telephone-accessed bulletin boards: "If you wanted to do something covert, that's one way of doing it," he said.
Like any update, it also brought a better graphical interface and several issues that made the early version easily crackable have been attended to, so it might take a while until the authorities manage to do it.