My Life Is a Weapon: A Modern History of Suicide Bombing by Christoph Reuter

What kind of people are suicide bombers? How do they justify their actions? In this meticulously researched and sensitively written book, journalist Christoph Reuter argues that popular views of these young men and women--as crazed fanatics or brainwashed automatons--fall short of the mark. In many cases these modern-day martyrs are well-educated young adults who turn themselves into human bombs willingly and eagerly--to exact revenge on a more powerful enemy, perceived as both unjust and oppressive. Suicide assassins are determined to make a difference, for once in their lives, no matter what the cost. As Reuter's many interviews with would-be martyrs, their trainers, friends, and relatives reveal, the bombers are motivated more by how they expect to be remembered--as heroic figures--than by religion-infused visions of a blissful life to come.

Reuter, who spent eight years researching the book, moves from the broken survivors of the childrens' suicide brigades in the Iran-Iraq war of the 1980s, to the war-torn Lebanon of Hezbollah, to Israeli-occupied Palestinian land, and to regions as disparate as Sri Lanka, Chechnya, and Kurdistan. He tells a disturbing story of the modern globalization of suicide bombing--orchestrated, as his own investigations have helped to establish, by the shadowy Al Qaeda network and unintentionally enabled by wrong-headed policies of Western governments. In a final, hopeful chapter, Reuter points to today's postrevolutionary, post-Khomeini Iran, where a new social environment renounces the horrific practice in the very place where it was enthusiastically embraced just decades ago.

Assessing the Tradecraft of Intelligence Analysis by Gregory F. Treverton, C. Bryan Gabbard

RAND Corporation Technical Report

Most public discussions of intelligence address operations—the work of spymasters and covert operators. Current times, in the wake of September 11th and the intelligence failure in the runup to the war in Iraq, are different.1 Intelligence analysis has become the subject. The Weapons of Mass Destruction (WMD) Commission was direct, and damning, about intelligence analysis before the Iraq war: “This failure was in large part the result of analytical shortcomings; intelligence analysts were too wedded to their assumptions about Saddam’s intentions.” To be sure, in the Iraq case, what the United States did or did not collect, and how reliable its sources were, were also at issue. And the focus of post mortems on pre-September 11th was, properly, mainly on relations between the Central Intelligence Agency (CIA) and the Federal Bureau of Investigation (FBI) and on the way the FBI did its work. But in both cases, analysis was also central. How do the various agencies perform the tradecraft of intelligence analysis, not just of spying or operations? How is that task different now, in the world of terrorism, especially Islamic Jihadist terrorism, than in the older world of the Cold War and the Soviet Union?

The difference is dramatic and that difference is the theme of this report. The United States Government asked RAND to interview analysts at the agencies of the U.S. Intelligence Community and ask about the current state of analysis. How do those analytic agencies think of their task? In particular, what initiatives are they taking to build capacity, and what are the implicit challenges on which those initiatives are based? Our charter was broad enough to allow us to include speculations about the future of analysis, and this report includes those speculations. This report is a work in progress because many issues—the state of tradecraft and of training and the use of technology and formal methods—cry out for further study. This report was long delayed in the clearance process. It has been updated and remains a useful baseline in assessing progress as the Intelligence Community confronts the enormous challenges
it faces.

Microsoft Gives Out Back Door Key

Last Summer, Microsoft Corporation quietly introduced a powerful tool for getting past security on laptops and PCs running the Windows operations system (which about 90 percent do). The device is a USB thumb drive called COFEE (Computer Online Forensic Evidence Extractor). When you capture an enemy computer, you plug in COFEE and then use over a hundred software to quickly get whatever information is on the machine. COFEE can quickly reveal passwords, decrypt files, reveal recent Internet activity and much more. A lot of this can be done without COFEE, but with the Microsoft device, intelligence collection is a lot faster.

Microsoft has distributed thousands of COFEE devices to police and military intelligence personnel in the United States, and some foreign countries. COFEE was developed mainly to assist the investigation of Internet based crime. But military intelligence operators find it very useful in uncovering enemy plans.

COFEE is a USB drive that allows law enforcement to run more than 150 commands on a live computer system and save the results on the portable drive for later analysis. This preserves valuable information that could be lost if the computer had to be shut down and transported to a lab--files that are stored in active memory would otherwise be lost, for example.

COFEE was developed in 2006 by Ricci Ieong and Anthony Fung, both members of the High Tech Crime Investigators Associate's (HTCIA) Asia South Pacific Chapter. Fung now works for Microsoft's Internet Safety Enforcement team in Hong Kong and used to be on the police force there. Ieong is founder and principal consultant for eWalker Consulting.

COFEE consists of plain text scripts; the data collected from these scripts is routed to a provided USB drive. Although intended for use with a command line, there is also an option for GUI. Raw text captures generate either SH1 or md5 checksums. The results for an acquisition are then presented in either plain text or HTML. Each operation produces its own log file to help investigators.

Although Microsoft would not confirm any specific tools included within COFEE, it did say that all the tools were publicly available. A quick search by CNET revealed several free Windows-based digital forensic tool kits available for download. These include:

Several news reports have suggested that Microsoft is also providing law enforcement with new tools to defeat BitLocker in Windows Vista or access to a secret back door within Windows. A Microsoft spokesperson denied this, saying, "COFEE does not circumvent Windows Vista BitLocker encryption or undermine any protections in Windows through secret 'backdoors' or other undocumented means." Microsoft also stressed that COFEE is still in beta.

"The key to COFEE is not new forensic tools," said Tim Cranton, associate general counsel for Microsoft, "but rather the creation of an easy to use, automated forensic tool at the scene. It's the ease of use, speed, and consistency of evidence extraction that is key."

More than 2,000 officials are using it worldwide, according to Microsoft.


Q&A with Tim Cranton, Associate General COunsel for Microsoft at the Law Enforcement Technology 2008 conference: Microsoft Calls on Global Public-Private Partnerships to Help in the Fight Against Cybercrime

Media Exploitation:

Low Level:

Blackbird Data Surveyor/Scavenger
ADF Triage-G2
EnCase Portable

High Level:

Digital Intelligence FRED-L
High Tech Crime Institute EDAS FOX