Feeds

Jailed terror student 'hid' files in the wrong Windows folder

And 'provided terror instructions' via web links

SANS - Survey on application security programs

Careless use of Windows folders cost a Scottish student a lengthy prison stretch today, as an Edinburgh High Court Judge sentenced Mohammed Atif Siddique to eight years for possession of terrorism-related items. During his trial the jury had been told by Michael Dickson, a forensics analyst for the National Hi-Tech Crime Unit, that Siddique's laptop computer had contained material placed in a Windows folder where it would be difficult for an inexperienced user to find.

The folder in question was c:\windows\options, which is usually present on OEM Windows systems and is used for installation purposes. It is not widely frequented by most computer users, but it's not secret either. Siddique seems not to have encrypted the material, which was described as videos, pictures and sound files "concerned with radical Islamic politics", and which included footage of Osama Bin Laden and the World Trade Center attack. It is not clear why Siddique put the material, which he claimed he had collected because he was interested in the motivations of terrorists, in the Options folder. Dickson however said that in his opinion, if someone put something in the Options folder, they did so "to hide it." So watch out, Michael Dell. And those of you out there researching terrorism for your own interest would be well-advised to keep your Osama Bin Laden videos where they're supposed to be, in the My Movies folder (you'll find it right next to My Warez).

Siddique was also convicted of "providing instruction or training in the making or use of firearms and explosives by means of the Internet", and of "distributing or circulating terrorist publications with the intention of encouraging or inducing or assisting in acts of terrorism." Siddique did this simply by linking from his web site, Al Battar, to two sites containing instructions on weapons, explosives, terrorism and Jihad. One, Mu'askar Al Battar (translated for the court as "The Camp of the Sword that Cuts") claims to be issued by "the military committee of Al Qaeda". The other, Sawt al-Jihad (The Voice of Jihad) includes details of explosive manufacture and concealment.

The judge concluded that "the only purpose in setting up a website containing links to this material could have been to provide others with instructions or training material in the making and use of firearms and explosives. So the links were enough for him to be found guilty of distributing or circulating. Similarly with the charge of encouragement: "Given that you were providing internet access to what are admittedly terrorist publications, it is difficult to see what else was intended other than the encouragement etc of terrorism."

Be careful which folder you use, be careful what you link to, be careful what you read, and what books you sell...

When police arrested Siddique in April of last year, over 100 police officers were involved in an operation which broke down the door of his family home with a battering ram, closed off roads, and searched adjacent houses and shops. Over 60 officers were involved in the investigation, along with 12 translators and experts from the National High Tech Crime Unit. "Some 34 computers and hard drives were examined. More than 5,000 computer discs and DVDs were removed, along with 25 mobile phones and another 19 SIM cards. Almost 700 documents were taken from the computers and more than 1,000 statements taken." (Source: The Scotsman).

In addition, professional witness Evan Kohlmann (covered in more depth by The Reg here) was flown over to tell the jury how scary the contents of Siddique's laptop were. If Al Qaeda really was pulling Siddique's strings, then they can count this police budget blowout as a highly successful operation. (Lord Carloway's full sentencing document can be read here) ®

High performance access to file storage

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Reprieve for Weev: Court disowns AT&T hacker's conviction
Appeals court strikes down landmark sentence
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.