Category Archives: Department of Homeland Security

Omar Terrorist Went to Saudi via NYU

Posted on by

The boom happened already, how long has it been going on? And what are they really teaching and how is this promoted? It is called Tablighi Jama’at.

 

Harvard? Uh huh:

The Prince Alwaleed Bin Talal Islamic Studies Program At Harvard University

The Prince Alwaleed Bin Talal Islamic Studies Program promotes the scholarly study of Islam and the Muslim world in a broadly interdisciplinary context.

Department of Middle Eastern Studies

Established in 1997, the program in Islamic Studies is undergirded by the University’s belief that Islamic religion, culture and history are important areas of inquiry, and that students should be able to pursue such inquiry as a part of their undergraduate education.  At present, the University of Texas at Austin is one of only a handful of four-year institutions in the U.S. that offer Islamic Studies as an independent major; it is the only such program in the state of Texas.

Islamic Studies in U.S. Universities

As in Europe, Islamic studies in the U.S. originated in the tradition of Orientalist scholarship and Christian theology, with its strong textual emphasis, but it has gradually expanded to overlap with Middle East area studies as well as a number of humanistic and social science disciplines, especially religious studies.1 Over the past several decades, and especially since 9/11, scholarly interest in Islamic studies has mushroomed. This interest is visible in the number of doctoral dissertations produced on Islam and Muslims over the past half-century. Read more from Charles Kurzman and Carl W. Ernst University of North Carolina at Chapel Hill.

****

Orlando Shooter Traveled to Saudi Arabia on Trip Organized By NYU Center

University spokesman says Omar Mateen and three others thought to be family members joined tour group on 2012 trip

By: Damian Paletta

WSJ: An Islamic center in New York determined Thursday that Orlando shooter Omar Mateen was among a group of roughly 80 people who traveled to Saudi Arabia in 2012 as part of an annual pilgrimage facilitated by the organization.

Mateen and three others believed to be his family members joined a tour group that was organized by the Islamic Center at New York University, university spokesman John Beckman said.

International students continue to seek out the chance to enroll in Islamic universities and colleges in the US. Islamic colleges provide incredible education to international students who are looking to both advance their education while exploring deeper into their faith. Islamic universities seek to educate their students about the history of their religion as well as continue to build their faith and education for the future.

Islamic Education

The Islamic education main purpose is to educate Muslim students in the United States about the Quran as well as the deep rooted Muslim traditions, known as Sunnah. Islamic colleges are private institution based deep rooted aspects of the faith spread throughout the United States. All of these Islamic colleges share the same message and curriculum. Like most private religious colleges, Islamic universities in America instill an interdisciplinary curriculum with very challenging academic and extracurricular activities. Islamic schools also pride themselves in having incredible faculty and staff who are among the top Muslim educators and scholars in the world. Islamic universities in America follow the teachings of the Quran and their prophet Muhammad. Islamic teachings are the backbone of their universities, with values like knowledge being the upmost important. Islamic colleges seek to turn students into upstanding members of the Muslim community, preparing them for a life of leadership and devotion to their community and their religion. While not all students are expected to be practicing Muslims when they arrive at such a university, they all are expected to follow the basic teachings of the Quran as well as exploring the religion and its customs. Islamic universities seek to make the education affordable for potential students, while also being thoroughly available to all people. Though education is the main fixture for Islamic universities, improving the human experience is a very important function. Islamic colleges in America continue to educate international students and domestic students alike for decades.

Goals of Islamic Colleges and Universities in America

The goals of Islamic universities in America are much like those of any other religious university in the US. The first goal is to educate students on all aspects of the Islamic knowledge. In addition, these universities look to educate students in the proper methods of Islam in order to perform wholly as a Muslim each day. Students are also groomed to be great embers of their community and parish, while providing students with an unwavering sense of knowledge. Like most colleges, the curriculum is based on a four year plan with 120 credits. While each university differs, most Islamic universities push students to major in some sort of Islamic studies area.

Top Islamic Universities in America

There are several Islamic colleges and universities spread throughout the United States which teach a number of different students. While they contain some of the best academics of any college, finding these colleges are quite a bit more challenging. One Islamic college, the Islamic College of Minnesota educates many students. The college has both a graduate and undergraduate section, but only educate students in one major: Islamic Studies.

The Islamic American University is one of the most renowned Islamic colleges in the US. The IAU has several different campuses spread throughout the US in many different states. In addition, the university offers several different online programs for students. An important aspect for international students is to make sure that any classes they have taken transfer into the university, and as well be sure to check into the accreditation of any such college. Islamic education is exceptional in many facets. These universities regularly put out top Islamic leaders in the community and enroll top level international students.

International students will truly enjoy the experiences at these great universities. With a strong education, a diverse and intellectual student body as well as a curriculum based on multiple disciplines and the overall educational experience, international students can find true success in these top universities. Islamic universities are committed to bringing the best education to international students so that they can seek to educate the world with their values of equality and service.

States Complying with DOJ/FBI Facial Recognition Database

Posted on by

 

 

GAO: The Department of Justice’s (DOJ) Federal Bureau of Investigation (FBI) operates the Next Generation Identification-Interstate Photo System (NGI-IPS)— a face recognition service that allows law enforcement agencies to search a database of over 30 million photos to support criminal investigations. NGI-IPS users include the FBI and selected state and local law enforcement agencies, which can submit search requests to help identify an unknown person using, for example, a photo from a surveillance camera. When a state or local agency submits such a photo, NGI-IPS uses an automated process to return a list of 2 to 50 possible candidate photos from the database, depending on the user’s specification. As of December 2015, the FBI has agreements with 7 states to search NGI-IPS, and is working with more states to grant access. In addition to the NGI-IPS, the FBI has an internal unit called Facial Analysis, Comparison and Evaluation (FACE) Services that provides face recognition capabilities, among other things, to support active FBI investigations. FACE Services not only has access to NGI-IPS, but can search or request to search databases owned by the Departments of State and Defense and 16 states, which use their own face recognition systems. Biometric analysts manually review photos before returning at most the top 1 or 2 photos as investigative leads to FBI agents.

DOJ developed a privacy impact assessment (PIA) of NGI-IPS in 2008, as required under the E-Government Act whenever agencies develop technologies that collect personal information. However, the FBI did not update the NGI-IPS PIA in a timely manner when the system underwent significant changes or publish a PIA for FACE Services before that unit began supporting FBI agents. DOJ ultimately approved PIAs for NGI-IPS and FACE Services in September and May 2015, respectively. The timely publishing of PIAs would provide the public with greater assurance that the FBI is evaluating risks to privacy when implementing systems. Similarly, NGI-IPS has been in place since 2011, but DOJ did not publish a System of Records Notice (SORN) that addresses the FBI’s use of face recognition capabilities, as required by law, until May 5, 2016, after completion of GAO’s review. The timely publishing of a SORN would improve the public’s understanding of how NGI uses and protects personal information.

Prior to deploying NGI-IPS, the FBI conducted limited testing to evaluate whether face recognition searches returned matches to persons in the database (the detection rate) within a candidate list of 50, but has not assessed how often errors occur. FBI officials stated that they do not know, and have not tested, the detection rate for candidate list sizes smaller than 50, which users sometimes request from the FBI. By conducting tests to verify that NGI-IPS is accurate for all allowable candidate list sizes, the FBI would have more reasonable assurance that NGI-IPS provides leads that help enhance, rather than hinder, criminal investigations. Additionally, the FBI has not taken steps to determine whether the face recognition systems used by external partners, such as states and federal agencies, are sufficiently accurate for use by FACE Services to support FBI investigations. By taking such steps, the FBI could better ensure the data received from external partners is sufficiently accurate and do not unnecessarily include photos of innocent people as investigative leads.

*** The Privacy Act of 1974 places limitations on agencies’ collection, disclosure, and use of personal information maintained in systems of records.3 The Privacy Act requires agencies to publish a notice—known as a System of Records Notice (SORN)—in the Federal Register identifying, among other things, the categories of individuals whose information is in the system of records, and the type of data collected.4 Also, the E-Government Act of 2002 requires agencies to conduct Privacy Impact Assessments (PIA) that analyze how personal information is collected, stored, shared, and managed in a federal system.5 Agencies are required to make their PIAs publicly available if practicable.  See the entire report here from the General Accounting Office.

 

How Terrorists use Encryption

Posted on by

 

How Terrorists Use Encryption

June 16, 2016

Author(s): Robert Graham

CTC: Abstract: As powerful encryption increasingly becomes embedded in electronic devices and online messaging apps, Islamist terrorists are exploiting the technology to communicate securely and store information. Legislative efforts to help law enforcement agencies wrestle with the phenomenon of “going dark” will never lead to a return to the status quo ante, however. With the code underlying end-to-end encryption now widely available, unbreakable encryption is here to stay. However, the picture is not wholly bleak. While end-to-end encryption itself often cannot be broken, intelligence agencies have been able to hack the software on the ends and take advantage of users’ mistakes.

Counterterrorism officials have grown increasingly concerned about terrorist groups using encryption in order to communicate securely. As encryption increasingly becomes a part of electronic devices and online messaging apps, a range of criminal actors including Islamist terrorists are exploiting the technology to communicate and store information, thus avoiding detection and incrimination, a phenomenon law enforcement officials refer to as “going dark.”

Despite a vociferous public debate on both sides of the Atlantic that has pitted government agencies against tech companies, civil liberties advocates, and even senior figures in the national security establishment who have argued that creation of “backdoors”[1] for law enforcement agencies to retrieve communications would do more harm than good, there remains widespread confusion about how encryption actually works.[a]

Technologists have long understood that regulatory measures stand little chance of rolling back the tide. Besides software being written in other countries (and beyond local laws), what has not been fully understood in the public debate is that the “source code” itself behind end-to-end encryption is now widely available online, which means that short of shutting down the internet, there is nothing that can be done to stop individuals, including terrorists, from creating and customizing their own encryption software.

The first part of this article provides a primer on the various forms of encryption, including end-to-end encryption, full device encryption, anonymization, and various secure communication (operational security or opsec) methods that are used on top of or instead of encryption. Part two then looks at some examples of how terrorist actors are using these methods.

Part 1: Encryption 101 

End-to-End Encryption
A cell phone already uses encryption to talk to the nearest cell tower. This is because hackers could otherwise eavesdrop on radio waves to listen in on phone calls. However, after the cell tower, phone calls are not encrypted as they traverse copper wires and fiber optic cables. It is considered too hard for nefarious actors to dig up these cables and tap into them.

In a similar manner, older chat apps only encrypted messages as far as the servers, using what is known as SSL.[b] That was to defeat hackers who would be able to eavesdrop on internet traffic to the servers going over the Wi-Fi at public places. But once the messages reached the servers, they were stored in an unencrypted format because at that point they were considered “safe” from hackers. Law enforcement could still obtain the messages with a court order.

Newer chat apps, instead of encrypting the messages only as far as the server, encrypt the message all the way to the other end, to the recipient’s phone. Only the recipients, with a private key, are able to decrypt the message. Service providers can still provide the “metadata” to police (who sent messages to whom), but they no longer have access to the content of the messages.

The online messaging app Telegram was one of the earliest systems to support end-to-end encryption, and terrorists groups such as the Islamic State took advantage.[2] These days, the feature has been added to most messaging apps, such as Signal, Wickr, and even Apple’s own iMessage. Recently, Facebook’s WhatsApp[3] and Google[4] announced they will be supporting Signal’s end-to-end encryption protocol.

On personal computers, the software known as PGP,[c] first created in the mid-1990s, reigns supreme for end-to-end encryption. It converts a message (or even entire files) into encrypted text that can be copy/pasted anywhere, such as email messages, Facebook posts, or forum posts. There is no difference between “military grade encryption” and the “consumer encryption” that is seen in PGP. That means individuals can post these encrypted messages publicly and even the NSA is unable to access them. There is a misconception that intelligence agencies like the NSA are able to crack any encryption. This is not true. Most encryption that is done correctly cannot be overcome unless the user makes a mistake.

Such end-to-end encryption relies upon something called public-key cryptography. Two mathematically related keys are created, such that a message encrypted by one key can only be decrypted by the other. This allows one key to be made public so that one’s interlocutor can use it to encrypt messages that the intended recipient can decrypt through the private-key.[d] Al-Qa`ida’s Inspire magazine, for example, publishes its public-key[5] so that anyone using PGP can use it to encrypt a message that only the publishers of the magazine can read.

Full Device Encryption
If an individual loses his iPhone, for example, his data should be safe from criminals.[e] Only governments are likely to have the resources to crack the phone by finding some strange vulnerability. The FBI reportedly paid a private contractor close to $1 million to unlock the iPhone of San Bernardino terrorist Syed Rizwan Farook.[6]

The reason an iPhone is secure from criminals is because of full device encryption, also full disk encryption. Not only is all of the data encrypted, it is done in a way that is combined or entangled[7] with the hardware. Thus, the police cannot clone the encrypted data, then crack it offline using supercomputers to “brute-force” guess all possible combinations of the passcode. Instead, they effectively have to ask the phone to decrypt itself, which it will do but slowly, defeating cracking.[f]

Android phones work in much the same manner. However, most manufacturers put less effort into securing their phones than Apple. Exceptions are companies like Blackphone, which explicitly took extra care to secure their devices.

Full disk encryption is also a feature of personal computers. Microsoft Windows comes with BitLocker, Macintosh comes with FileVault, and Linux comes with LUKS. The well-known disk encryption software TrueCrypt works with all three operating systems as does a variation of PGP called PGPdisk. Some computers come with a chip called a TPM[g] that can protect the password from cracking, but most owners do not use a TPM. This means that unless they use long/complex passwords, adversaries will be able to crack their passwords.

For DHS, Terror Attacks are Really Just Violent Extremism

Posted on by

  

Press Release

Statement By Secretary Johnson On The New NTAS Bulletin

June 15, 2016 — In December 2015, I announced the revision of the Department of Homeland Security’s National Terrorism Advisory System, or “NTAS,” to include an intermediate level NTAS “Bulletin.” We then issued a new NTAS Bulletin at the same time. The duration of the December Bulletin was six months, and expires tomorrow.

June 15, 2016

Statement By Secretary Johnson On The New NTAS Bulletin

National Terrorism Advisory System Bulletin

Date Issued:  Wednesday, June 15, 2016
View as PDF:  National Terrorism Advisory System Bulletin – June 15, 2016 (pdf, 1 page, 876.65KB)

Summary

In December, we described a new phase in the global threat environment, which has implications on the homeland. This basic assessment has not changed. In this environment, we are particularly concerned about homegrown violent extremists who could strike with little or no notice. The tragic events of Orlando several days ago reinforce this. Accordingly, increased public vigilance and awareness continue to be of utmost importance. This bulletin has a five-month duration and will expire just before the holiday season. We will reassess the threats of terrorism at that time.

Duration

Issued:  June 15, 2016
Expires:  November 15, 2016

Details

  • Since issuing the first Bulletin in December, our concerns that violent extremists could be inspired to conduct attacks inside the U.S. have not diminished.
  • Though we know of no intelligence that is both specific and credible at this time of a plot by terrorist organizations to attack the homeland, the reality is terrorist-inspired individuals have conducted, or attempted to conduct, attacks in the United States.
  • DHS is especially concerned that terrorist-inspired individuals and homegrown violent extremists may be encouraged or inspired to target public events or places.
  • As we saw in the attacks in San Bernardino, Paris, Brussels, and, most recently, Orlando, terrorists will consider a diverse and wide selection of targets for attacks.
  • Terrorist use of the Internet to inspire individuals to violence or join their ranks remains a major source of concern.
  • In the current environment, DHS is also concerned about threats and violence directed at particular communities and individuals across the country, based on perceived religion, ethnicity, nationality or sexual orientation.

U.S. Government Counterterrorism Efforts

  • DHS and the FBI continue to provide guidance to state and local partners on increased security measures.  The public may observe an increased law enforcement and security presence across communities, in public places and at events in the months ahead. This may include additional restrictions and searches on bags, more K-9 teams, and the use of screening technologies.
  • The FBI is investigating potential terrorism-related activities associated with this broad threat throughout the United States.  Federal, state, and local authorities are coordinating numerous law enforcement actions and conducting community outreach to address this evolving threat.

Types of Advisories

Bulletin

Describes current developments or general trends regarding threats of terrorism.

Elevated Alert

Warns of a credible terrorism threat against the United States.

Imminent Alert

Warns of a credible, specific and impending terrorism threat against the United States.

How You Can Help

  • Report suspicious activity to local law enforcement or public safety officials who are best positioned to respond and offer specific details on terroristic indicators.
  • Suspicious activity or information about a threat may also be reported to Fusion Centers and the FBI’s Field Offices – part of the Nationwide Suspicious Activity Reporting Initiative.
  • Learn how to recognize signs of pre-operational planning associated with terrorism or other criminal activity.

Be Prepared

  • Be prepared for increased security and plan ahead to anticipate delays and restricted/prohibited items.
  • In populated places, be responsible for your personal safety. Make a mental note of emergency exits and locations of the nearest security personnel. Keep cell phones in your pockets instead of bags or on tables so you don’t lose them during an incident. Carry emergency contact details and any special needs information with you at all times. For more visit Ready.

Stay Informed

  • The U.S. Government will provide additional information about any emerging threat as additional information is identified. The public is encouraged to listen to local law enforcement and public safety officials.
  • We urge Americans to continue to travel, attend public events, and freely associate with others but remain vigilant and aware of surroundings.
  • The Department of State issues international travel alerts and warnings.

If You See Something, Say Something™. Report suspicious activity to local law enforcement or call 911.

G4S Secure Solution Facts, BP, Orlando Terrorist

Posted on by

Omar’s Facebook posts are here. Yet there is also reference to the BP oil spill from ABC News.

PHOTO: Omar Mateen is seen working as a security guard in the documentary The Big Fix in 2012.
The Big Fix, Omar Mateen is seen working as a security guard in the documentary “The Big Fix” in 2012.

Also today, video footage emerged of a disgruntled Mateen working as a security guard in 2010, in “The Big Fix,” a documentary about the BP oil spill.

“No one gives a [expletive] here,” he tells an undercover reporter. “Like, everybody’s just out to get paid. They’re, like, hoping for more oil to come out and more people to complain so they’ll have a job.”

BizPac: Mateen applied to be a part of a six-month law enforcement academy at the Indian River State College’s Criminal Justice Institute in his hometown of Fort Pierce, his demeanor so concerned them that they reported him to the Florida Department of Law Enforcement, according to a source who spoke to the Daily Mail.

Security Firm Moved Mateen After Al Qaeda Boast, But Didn’t Fire Him

NBC News has learned that the security firm that employed Orlando shooter Omar Mateen concluded his inflammatory comments while an armed guard in 2013 were serious enough to transfer him to an unarmed position and to conduct a special background check to see if he had become a problem employee.

But the company, G4S Secure Solutions USA Inc., apparently did not pursue the issue of whether Mateen should continue to serve as a guard after a check of local, state and national criminal databases showed he had a clean record, a G4S spokesman told NBC News. The company apparently also did not take away his company-issued service weapon, a .38 handgun.

Mateen ID

That decision, coupled with the fact that Mateen underwent three separate inquiries by the FBI in 2013 and 2014, raises questions about whether G4S — the U.S. subsidiary of one of the world’s largest security firms – properly vetted Mateen in the years before Sunday’s mass shooting at the Pulse nightclub that killed 49 people and injured more than 50 others.

 

 

 

 

 

 

Graphics below by Reuters:  For a full summary of events crafted by Reuters, go here.

 

The company official acknowledged in an interview with NBC News that it is now conducting a thorough internal inquiry to determine if it missed any warning signs that should have prompted it to take away Mateen’s company-issued service weapon and to either discipline or fire him.

“Of course as any decent company would in the wake of an incident like this, G4S is closely reviewing everything that happened to see if there is anything it could have done better and if there are any lessons to be learned,” the spokesman said, speaking on the condition of anonymity per G4S company policy. “At the same time the company believes that what Omar Mateen did was in no way correlated with his employment at G4S.”

Mateen worked at G4S from 2007 until the time of Sunday’s shooting, and the company said he had undergone – and passed – an extensive background check when he was hired.

The G4S spokesman said the firm has investigated some of the most serious allegations against Mateen, in which former G4S security guard Daniel Gilroy has claimed that his former colleague at the PGA Village resort in Port St. Lucie was a ticking time bomb who talked of killing other people and went on angry rants.

Gilroy, a former police officer, has told NBC News and other media outlets that he complained repeatedly about Mateen to supervisors at G4S but that they ignored his concerns and his requests for a transfer. Ultimately, Gilroy said, he quit rather than have to face Mateen, who he said threatened him in a barrage of angry text messages even after he left the job.

But the G4S official said the company has done a thorough scrub and found no record of emails, phone calls or conversations in which Gilroy complained to superiors. He also said the company has debriefed Gilroy’s two immediate superiors extensively and that they have no recollection of Gilroy making any complaints about Mateen.

The spokesman also said G4S has so far found no evidence of any other employees making complaints about Mateen, including those who worked at the St. Lucie County Courthouse with him in 2013. FBI Director James Comey said earlier this week that colleagues said Mateen claimed to have family connections to terror groups al Qaeda and Hezbollah, and that he hoped law enforcement would raid his home “so he could martyr himself.”

Those remarks prompted courthouse officials to request Mateen’s immediate removal from the St. Lucie County Courthouse, and to make “the appropriate notifications to inform our federal partners,” including the FBI, according to county Sheriff Ken Mascara.

Image: US-CRIME-SHOOTING
Omar Mateen in this undated photo from his Myspace page.MySpace via AFP – Getty Images

G4S did immediately transfer Mateen to the PGA gated retirement community, where the spokesman said he sat in a kiosk and checked the IDs of visitors.

The G4S spokesman said that even while Mateen technically could still carry a weapon for the firm, and probably had one in his company car, the shift was from an armed position to one considered unarmed.

The G4S official said he did not know the specific details of the transfer except that it did not appear to be for disciplinary or precautionary reasons. “It’s not as if a decision was taken that he was never again going to be given an armed position,” he said.

After the transfer, Mateen had at least one discussion with G4S about the events, but it does not appear that any kind of inquiry was done that included formal interviews with him or others who might have had information about it.

He also said G4s did not talk to the FBI about the substance of the bureau’s investigation into Mateen or why it concluded it was without merit to continue.