One of my favorite podcasts is Reply All, which covers cyber issues in a creative and clever manner. The hosts recently had an interview (“Decoders,” episode #62) with New York Times’ journalist Rukmini Callimachi, as well as Runa Sandvik, the director of bureau security at this newspaper. In essence, Callimachi discovered a new means that ISIS had adopted to communicate, called Truecrypt. Messages are written in this code, then uploaded to files on a website. For all their sophistication and technical knowledge, however, ISIS also proved to be vulnerable to basic errors, such as failing to check the location of the server by examining its web address.
The hosts of Reply All argue that this case proves that encryption is not the key issue in fighting terrorism that one might think from the debate between Apple and the FBI, after Apple refused to cooperate with the government by decrypting a dead terrorist’s I-phone. Instead, Callimachi argues that terrorists are terrified of Western technology, including software. In addition, ISIS operatives generally have sloppy cyber security. They make blunders such as writing down their passwords on paper, or posting their activities on social media. Really.
The podcast provides a useful context to understand current arguments regarding encryption. I’m not as sure as the hosts that this argument invalidates the terms of the debate. Rather, the information underlines the fact that the ability to overcome encryption is not the only tool that Western intelligence needs to fight terrorism; it could be argued, though, that it is still a central tool, even while human intelligence remains critical. In any case, this podcast is an insightful and interesting look into the issues involved with encryption and terrorism.
Shawn Smallman, 2016