Careless use of Windows folders cost a Scottish student a lengthy prison stretch today, as an Edinburgh High Court Judge sentenced Mohammed Atif Siddique to eight years for possession of terrorism-related items. During his trial the jury had been told by Michael Dickson, a forensics analyst for the National Hi-Tech Crime Unit, that Siddique's laptop computer had contained material placed in a Windows folder where it would be difficult for an inexperienced user to find.
The folder in question was c:\windows\options, which is usually present on OEM Windows systems and is used for installation purposes. It is not widely frequented by most computer users, but it's not secret either. Siddique seems not to have encrypted the material, which was described as videos, pictures and sound files "concerned with radical Islamic politics", and which included footage of Osama Bin Laden and the World Trade Center attack. It is not clear why Siddique put the material, which he claimed he had collected because he was interested in the motivations of terrorists, in the Options folder. Dickson however said that in his opinion, if someone put something in the Options folder, they did so "to hide it." So watch out, Michael Dell. And those of you out there researching terrorism for your own interest would be well-advised to keep your Osama Bin Laden videos where they're supposed to be, in the My Movies folder (you'll find it right next to My Warez).
Siddique was also convicted of "providing instruction or training in the making or use of firearms and explosives by means of the Internet", and of "distributing or circulating terrorist publications with the intention of encouraging or inducing or assisting in acts of terrorism." Siddique did this simply by linking from his web site, Al Battar, to two sites containing instructions on weapons, explosives, terrorism and Jihad. One, Mu'askar Al Battar (translated for the court as "The Camp of the Sword that Cuts") claims to be issued by "the military committee of Al Qaeda". The other, Sawt al-Jihad (The Voice of Jihad) includes details of explosive manufacture and concealment.
The judge concluded that "the only purpose in setting up a website containing links to this material could have been to provide others with instructions or training material in the making and use of firearms and explosives. So the links were enough for him to be found guilty of distributing or circulating. Similarly with the charge of encouragement: "Given that you were providing internet access to what are admittedly terrorist publications, it is difficult to see what else was intended other than the encouragement etc of terrorism."
Be careful which folder you use, be careful what you link to, be careful what you read, and what books you sell...
When police arrested Siddique in April of last year, over 100 police officers were involved in an operation which broke down the door of his family home with a battering ram, closed off roads, and searched adjacent houses and shops. Over 60 officers were involved in the investigation, along with 12 translators and experts from the National High Tech Crime Unit. "Some 34 computers and hard drives were examined. More than 5,000 computer discs and DVDs were removed, along with 25 mobile phones and another 19 SIM cards. Almost 700 documents were taken from the computers and more than 1,000 statements taken." (Source: The Scotsman).
In addition, professional witness Evan Kohlmann (covered in more depth by The Reg here) was flown over to tell the jury how scary the contents of Siddique's laptop were. If Al Qaeda really was pulling Siddique's strings, then they can count this police budget blowout as a highly successful operation. (Lord Carloway's full sentencing document can be read here) ®