Interesting article about the expiration date of Saudi-binladin-group.com. Although the site may be down, Google caches information from sites, and many pages from the site are available through Google. Enter "site:www.saudi-binladin-group.com arab" and you get many hits back. Click on "Cached" for an item, and you can see the pages. Interestingly, Google doesn't cache the pictures. I've tried various keywords, and all that show up are pretty innocuous, business-oriented pages. I am not equipped to look for encoded messages (steganography). I would think the expiration date was a coincidence, except for the fact that the domain name was not renewed. Renewal is generally done well in advance of the expiration date, so lack of renewal probably has little to do with wanting to avoid publicity due to the 9/11 attacks. The business of the expiration date being "intentional" seems like a red herring. You sign up for a domain for one year, and it automatically will expire on the date of registration plus one year. So what "Antonette" (with the truly suspicious employee ID of 001) said seems spurious. Mike Ellsworth Stratvantage Consulting, LLC 8273 Westwood Hills Curve St. Louis Park, MN 55426 952-525-1584 mellsworth@private www.stratvantage.com They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. Ben Franklin, ~1784 -----Original Message----- From: owner-crime@/var/spool/majordomo/lists/crime [mailto:owner-crime@/var/spool/majordomo/lists/crime]On Behalf Of Tao, Greg Sent: Friday, October 19, 2001 3:21 PM To: 'crime@private' Subject: Web site cert used as a countdown timer to 9/11 attacks? Check out the story below. I looked into the Verisign registration info, and it appears to confirm the details in the story. Registrant: Saudi Binladin Group (SAUDI-BINLADIN-GROUP2-DOM) Prince Abdullah Street Jeddah, 21492 SA Domain Name: SAUDI-BINLADIN-GROUP.COM Administrative Contact, Technical Contact, Billing Contact: Lumsden, Philip (PLP239) philip@private Arq Limited The Old Post Office George Street Bath, BA1 2EB UK 01224 312 391 Record last updated on 11-Sep-2000. Record expires on 11-Sep-2001. Record created on 11-Sep-2000. Database last updated on 19-Oct-2001 06:34:00 EDT. Domain servers in listed order: NS0-S.DNS.PIPEX.NET 158.43.129.83 NS1-S.DNS.PIPEX.NET 158.43.193.83 Perhaps another example of the ancient art of steganography... Greg from http://citypaper.net/articles/101801/sl.howcol.shtml ---------- BEGIN STORY ---------- October 18-25, 2001 pretzel logic Date with Destiny? by Howard Altman It is a matter of public record that the bin Laden family has vociferously disavowed their wayward 17th child. And who could blame them? No mere wanton wastrel, the world's most wanted man has brought great shame upon this wealthy family. Even worse than shame, though, Osama's actions have endangered the clan's coffers. So it is not surprising that the bin Ladens have cut ties to "the evildoer," as George Dubya likes to refer to him. Or did they? A web domain registered to the Saudi Binladin Group (the megabucks corporation uses the alternate spelling of the family name) raises questions about what role, if any, the family has played in the Sept. 11 terrorist attacks. The domain was registered on Sept. 11, 2000, with a preset expiration date of Sept. 11, 2001, according to a technician with VeriSign, an Internet domain registry service formerly known as Network Solutions. Coincidence? Or was this website set up to start the countdown on the most devastating attack in U.S. history? Like a lot of information that has been pouring in to me since shortly before 9 a.m. Sept. 11, the tidbit about www.saudi-binladin-group.com was amazingly tantalizing. Unlike a lot of the tidbits, however, this morsel, delivered last week by an anonymous source I will refer to as Deep Spore, has a paper trail attached to it. The paper trail began with a web search of the Binladin Group that revealed the aforementioned website. A check of that site showed that it no longer existed. A quick "whois" check on VeriSign's website - which lists who set up a particular site and when - showed that, unlike Binladin-related sites that were taken down right after the attacks on New York and Washington, saudi-binladin-group.com expired on the day of the attacks. This was no accident, according to a VeriSign technician in Mountainview, Calif. "This was timed so it would expire on that date," says the technician, who identified herself only by her first name, Antonette, and by her employee number, 001. Antonette also verified that the information listed in the whois search was accurate and not tampered with by an outside party. Antonette added that VeriSign had already been contacted by law enforcement about other attack-related domain names the company had registered. "I had a call from the L.A. police," she said. "He was also asking about a domain name that expired on Sept. 11. I can't remember the name of it, but it had something to do with the WTC." The Binladin website was created by a company called Arq Limited, a U.K. web design firm. The administrative, technical and billing contact listed on the whois search is a man named Philip Lumsden. After several calls to the U.K., I learned that Arq Limited went out of business, replaced by a company called Active 8 Solutions, which shares the same Bath, England, mailing address and a telephone number that is only one digit off from Arq Limited's old number. I learned one more interesting thing. "Mr. Lumsden left a week ago," said a man who answered the phone at Active 8 Solutions. "I am not aware of why he left." The man, who would not give his name, added that he had "no clue" about the saudi-binladin-group.com website. A half-dozen odd calls Tuesday, October 15, to the Saudi Binladin Group's headquarters in Jedda, Saudi Arabia, turned up little other than assurances that if I called back in 20 minutes or a half-hour, then somebody would be able to give me some information about the website. Each time I called, I explained that I wanted to ask somebody at the company why the website expired on Sept. 11, 2001, a rather significant date in world history. Each time I was told to call back until, finally, I spoke with someone who could answer my questions. But not for long. "You can check with VeriSign," said a man who did not identify himself. "VeriSign has all the details." The man then asked me to hold on because he had to take another call. Then I was disconnected. I called back, only to be disconnected again. When I called back a third time, another man answering the phone asked if I could send an e-mail listing my questions. "It is already after 6 p.m. here," said the man. "Nobody is in anymore." The next day, I called again and again was told to call back later. By deadline, neither of the two emails I sent seeking comment were answered. If the attackers did use this website, the FBI, which is tracking down thousands and thousands of leads, may be interested. "I am not aware of [the website], and I do not know whether the FBI is aware of it, but I can't speak for the entire FBI," said Joe Valiquette, spokesman for the FBI's New York office. "Generally speaking, we would be interested in something like that." ---------- END STORY ----------
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:28:26 PDT