Friday, April 29, 2016

In the Cold War period of the 1950s, the CIA installed Radio Free Europe[21] in Glória do Ribatejo, Portugal, and on June 7, 1956, officially formalized the relation by inviting the new PIDE’s director, António Neves Graça, to visit CIA headquarters.[22] Here are two brief examples from a top-secret document with ten articles and several sections and clauses, entitled “Proposed Agreement Between the Policia International e de Defesa do Estado (PIDE) and the Central Intelligence Agency (CIA)”

...

In 1957 one of the prisoners, Humberto de Lima Morais, stated in his affidavit that after being subjected to the statue torture for several days, he had begun to hear a familiar voice at night. Listening more closely, he had been able to discern the words of a dialogue, in which one voice was clearly his mother’s. She was saying: “‘I am alone and I have no one else, please.’ And the deep male voice of an agent, he thought, had replied, ‘It is only for a day or two, madam.’”[19] However, he could be inclined to admit that it may have been a hallucination, due to his weak physical state. The power of memory on our deepest perceptions and desires is paramount, so that each memory of a voice or other sound is always mediated, deferred and transformed, to a point that “we no longer know what we heard and what we think we’d heard.”[20] Nevertheless, based on similar cases and statements, such apparent hallucinations were actually the result of the use of manipulated sound materials, assembled to produce a state of emotional and psychological confusion through indirect listening, characteristic of acousmatic violence, with the aim of breaking and invading the prisoner’s subjectivity and morale.  

 http://quod.lib.umich.edu/m/mp/9460447.0009.101/--acousmatic-and-acoustic-violence-and-torture-in-the-estado?rgn=main;view=fulltext

Sunday, April 17, 2016

What is Number26?

Number26 is a mobile first bank account interface for their own bank account (the actual bank license is provided by Wirecard Bank), which provides a full featured SEPA bank account and a couple of payment cards.
This bank account uses a rather new method to verify that the initiated SEPA transactions were made by the correct owner of the bank account. To do so, the user first has to link their smartphone with the bank account, using information only known to the account holder. Once this initial pairing is done and a payment via the desktop browser is made, a push notification is sent to the mobile phone and the app is asking for confirmation showing this dialog:
Once the user taps on “Release” (“Freigeben” in the German version), the transfer will be approved. The technical details of how that is done are not publicly disclosed by the time of this writing, but my best guess is that something is being cryptographically signed and sent back to the server.
For those not familiar with SEPA transfers I’ll quickly explain the information you have to provide to initiate a money transfer:
  • The recipient’s name (just for reference. Validity is never verified)
  • The recipient’s IBAN (International Bank Account Number) and BIC (Bank Identifier Code).
  • The amount to be transfered
  • A payment reference / subject
  • The transfer release pin (which is set once by the user when the bank account was set up)

Where is the problem?

The theory

Look at the information you have to provide to initiate a bank transfer and then look at the screenshot above. Usually, common banks™ use SMS to send a TAN (Transaction Number) to the owner of the bank account, stating at least the amount and some sort of recipient info (usually the IBAN) and ask the user to enter the TAN into the desktop browser to finally release the transaction.
This process has been streamlined with Number26. Instead of entering a TAN into the website received by the phone, the user has to release the transaction directly from the app, which opens once you tap on the notification you’ll receive. The app then shows the name of the recipient and the amount as shown in screenshot above. Once released the money is on it’s way to the recipient.
Stop right here… Let it sink in for a second…
So we just learned that common banks™ have their user verify their transactions. This is done by the user comparing the recipient’s info from the SMS with the info they have in their record, such as an invoice. However, with Number26, this verification is completely impossible as the recipient’s IBAN is never shown to the user once he initiates the transfer.

The attack

The attack on the desktop computer is rather simple. An attacker would install a malicious browser plugin or execute a man-in-the-middle attack exploiting computers with pre-installed insecure Certificate Authorities (see SuperFish on IBM or DELL). The attacking proxy or addon then waits for the user to initiate a bank transfer. It then secretly alters the IBAN and BIC in the background when sending the transaction request via the desktop site https://my.number26.de. Since the app does not show the modified IBAN (because it shows no IBAN at all), the user is in best belief that this transaction is legit and taps on release. In a sophisticated attack, the transaction history on the desktop would also be tampered with so the attack might go unnoticed for days.

The temporary workaround

Luckily I was able to keep using my bank account without being vulnerable to this attack. As a workaround, the user would have to create a standing order which executes the payment in the future (Terminüberweisung). After releasing the transaction it is reviewable in the standing order section in their app.

The Fix

After the update distributed on January 5th 2016, transactions have to be released with this new dialog:
The user finally has the possibility to verify the transaction on a separate channel, thus preventing malicious software on their desktop to secretly alter transaction data. An attack to SEPA payment verification now has to be much more sophisticated, i.e. by adding a rootkit to the potential victim’s cellphone.

Conclusion and personal note

What a clusterfail. It gets worse once you read Number26’s security information page. My favourite gem is this:

Partial screenshot of https://number26.eu/security/ taken on 2016-02-05
This states that TAN via SMS should be avoided for mobile banking because the text messages are sent to the same device that is being used for online banking. Number26, do you know that your method of payment release of mobile initiated transactions is just as bad as mTAN? This is the reason why from a security perspective you have to initiate transfers from your dektop instead of from the linked phone exposing you to the vulnerability that I just explained in length.
Fancy new user experience and a high security datacenter will never be able to protect the user if the design is flawed. Flawed? Broken beyond repair!

Communication with Number26

The support chat (a.k.a the bottomless pit)

Communication was always quite one-sided. I reported the issue to multiple support agentsover the course of six months, but all I ever heard was, “I am giving that to the developers”. I never heard back. So I upped the ante and told them that I am going to disclose my findings, when suddenly one support agent asked me to send a mail with the details to them, they will forward this mail to the developers. Success!
For full transparency, this is the email I sent to the developers – as always with no reply coming back. It just went into a black hole. But this time, an update to the app came back. Hooray!

My Mail to the developers

Dear Developers, Dear Product Owner,
after studying your mobile app and transaction release mechanism for a while, I have found a severe design flaw which lead to me coming up with a proof of concept how to unknowingly redirect transactions to unwanted destinations with little to no effort.
I am a big advocate for using responsible disclosure, as putting your customers at risk is neither in my, nor in your interest. However, this design flaw is so apparent, that I am baffled that it is not being actively abused yet.
I will outline the problem for you, so you can take appropriate action to prevent abuse of this flaw after the full release of my findings on Feb-22 2016. I feel it is my responsibility to inform the public about the risks involved and how to minimize them. Should you feel that nothing has to be changed, I’ll be happy to get a mail from you stating so, so I can release my findings earlier.
Here are the details:
When creating a bank transfer via the desktop website on https://my.number26.de, you are asked to enter
* The recipient’s name
* The recipient’s IBAN and BIC
* The amount to be transfered
* A payment reference / subject
* The transfer release pin

In the next step, a push notification is sent to the owner’s smartphone. In my case, it is an android phone. The user is asked to either approve or delete the request. The information provided for this decision is:
* The recipient’s name
* The amount to be transfered

And here lies the severe design flaw. The user does not see the actual IBAN/BIC that has been sent to the server.
In my proof of concept, a browser plugin (which malicious software could install) can secretly alter the recipient’s IBAN and BIC in the HTTPS request so the money gets sent to the bank account of the “evil hacker”. When releasing the transaction on the Android phone, the user has no chance to see that the transaction has been tampered with. Other banks using mTAN verification methods include the recipient’s IBAN and BIC as this information is more crucial than the recipient’s name. They also state in their mTAN terms, that the IBAN in the SMS has to be checked against the IBAN from the invoice document.
Multiple test transfers have shown that with a completely wrong recipient’s name, transfers are still successful. Further, another point of intrusion could be a transparent proxy inbetween. Sure, there is SSL and certificates, but we are seeing manufacturers adding weird CAs to their computers (see superfish), so some computers might be vulnerable to this kind of attack.
I have reported this issue as a regular chat via the customer support half a year ago. Nothing happened since, so I am taking this to the next level. In my full disclosure on Feb-22 2016, I will advise your customers to only create one time standing orders for a date in the future (i.e. tomorrow), so the content of the transfer can be checked with the phone after it has been released, but before it has been executed.
If you have any further questions, don’t hesitate to contact me. Unfortunately according to ***** [your support agent], you do not offer a pgp key for encryption, if someone else should pick up this conversation, I can not be held responsible for any earlier reporting about this issue. Should you use gpg nevertheless, we can upgrade the conversation anytime. Please use https://sks-keyservers.net/pks/lookup?op=vindex&search=0xCADA0055 as encryption key. I will also sign [my mails] with this key. Alternatively, you can call me at +xxxxxxxxxxxxxxxxx
Best Regards,
Christian Hawkins

No Comment

Unfortunately, Number26 was not available to me for a comment, whether or not there is an indication that this vulnerability has already been used.

But worry not…

…your data was always protected. For your amusement, a statement on the security of Number26.

Partial screenshot of https://number26.eu/security/ taken on 2016-02-05
 
 https://metabubble.net/payment-cards-bank-accounts/number26-pushtan-or-when-transaction-verification-is-impossible/

Thursday, April 14, 2016

IED ENVELOPE



Triacetone triperoxide (TATP) "Mother of Satan"

Triacetone triperoxide (TATP) is a highly unstable explosive prone to unintended detonation. Yet terrorists, such as those responsible for the March 22 bombings in Brussels and the November 2015 attacks in Paris, are increasingly using the compound to inflict carnage....
Acetone Peroxide is known as "Mother of Satan" because of its instability. This is a primary explosive, normally used as initiators. Storage of this chemical should be done with great care and in a cool, dark, and dry location. It is sensitive to shock, flame, or abrasion.
Materials
Hydrogen Peroxide
Acetone
Sulfuric Acid
Eye Dropper
Graduated Cylinder
Thermometer
Ice
NaCl (Salt)
Method
Add 30 ml acetone and 50 ml hydrogen peroxide into glass container and mix.
Cool the mixture in an ice/salt bath
Cool mixture to 5°C
While stirring, add dropwise 2.5 ml sulfuric acid, making sure temperature stays around 5°C and never above 10°C
Stir for 5 minutes after all the sulfuric acid is added
Cool mixture in some kind of ice bath or box for 12-24 hours.
Filter out the precipitate (white crystals) using paper towels or filter paper
Wash the crystals using small amounts of ice cold water, handling the crystals gently
Allow crystals to dry, store for use in a cool, dry, dark location.
*Note: Acetone peroxide is viable for aproximately 7 days after creation.


Wednesday, April 13, 2016

Lithium Battery Causing Extreme Fumes When Cut

Fire: AA battery and gum wrapper

X RAY FILM AND SILVER BROMIDE

After researching a bit, I found out that aluminum oxide is used in crystals for instance, missile guidance systems; this kind of crystals are also detemrine by chromium 51, anyway that gave me another clue, which was , this solubles in silver; what silver? its silver radioactive? well, silver 107 might be, than what's silver 107, well its silver bromide; which is an old x ray film; when exposure to light, however, we could say silver 107 becomes activated; what's activated? its that silver bromide on a gelatine base its not only active in light but also have too fast particles; what are fast particles? fast particles are unstable electrons; therefore atomic neutrons; therefore, radioactive; what's the conclusion? the conclusion is, the old film that gives the x ray image is impregnated of radioactive, which is silver bromide (when activated by sunlight)

Tuesday, April 12, 2016

toxic dust released in the bauxite mining process

The dust contains hazardous elements like mercury, arsenic and highly radioactive uranium

Naturally occurring radioactive material from the aluminium industry--a case study: the Egyptian Aluminium Company, Nag Hammady, Egypt.

The activity concentrations and the gamma-absorbed dose rates of the terrestrial naturally occurring radionuclides (226)Ra and (232)Th were determined in samples of bauxite, alumina and aluminium dross tailings industrial waste (used to produce two types of alums) using high purity germanium (HPGe) gamma ray spectrometry. The bauxite and alumina are imported by Egyptalum (The Egyptian Aluminium Company, Nag Hammady, Egypt) from Guinea and India. The activity concentrations in the bauxite range from 29 +/- 1 to 112 +/- 6 Bq kg(-1) for (226)Ra, and 151 +/- 8 to 525 +/- 12 Bq kg(-1) for (232)Th, with mean values of 62 +/- 8 and 378 +/- 50 Bq kg(-1), respectively. With respect to alumina and tail, the mean values are 5.7 +/- 1.1 and 8.4 +/- 0.8 Bq kg(-1) for (226)Ra and 7.2 +/- 1.6 and 10.7 +/- 1.2 Bq kg(-1) for (232)Th. Potassium-40 was not detected in any of the studied samples. The measured activity concentrations of (226)Ra and (232)Th in bauxite are higher than the world average while in alumina and tail they are lower. As a measure of radiation hazard to the occupational workers and members of the public, the Ra equivalent activities and external gamma dose rates due to natural radionuclides at 1 m above the ground surface were calculated. The external gamma-radiation doses received by the Egyptalum workers are 97, 409, 8.5 and 12.7 microSv y(-1) for the Guinean and Indian bauxite, the alumina and tail, respectively, which is well below the recommended allowed dose of 1 mSv y(-1) for non-exposed workers.

http://www.ncbi.nlm.nih.gov/pubmed/17146126
So, we have here "red mercury" discovered by the soviets in 1968!!! of course all over world labs sell it under restricted orders!!! However, this chemical is also supllied under another name, antimony III oxide, however, its also called "Technetium (/tɛkˈniːʃiəm/) is a chemical element with symbol Tc and atomic number 43. All of its isotopes are radioactive" 

and special used as..... " technetium-99m is a metastable nuclear isomer of technetium-99 (itself an isotope of technetium), symbolized as 99mTc, that is used in tens of millions of medical diagnostic procedures annually, making it the most commonly used medical radioisotope."


TRANSPORTATION OF THE "DIRTY CAKE"

as you see here, the ionization is almost complete with alumminum lead, but there's still the alpha particles.which needs therefore this gunn diode for emission of negative frequencies



The negative differential resistance, combined with the timing properties of the intermediate layer, is responsible for the diode's largest use: in electronic oscillators at microwave frequencies and above. A relaxation oscillator can be created simply by applying a DC voltage to bias the device into its negative resistance region. In effect, the negative differential resistance of the diode cancels the positive resistance of the load circuit, thus creating a circuit with zero differential resistance, which will produce spontaneous oscillations. The oscillation frequency is determined partly by the properties of the middle diode layer, but can be tuned by external factors. In practical oscillators an electronic resonator is usually added to control frequency, in the form of a waveguidemicrowave cavity or YIG sphere. The diode is usually mounted inside the cavity. The diode cancels the loss resistance of the resonator, so it produces oscillations at itsresonant frequency. The frequency can be tuned mechanically, by adjusting the size of the cavity, or in case of YIG spheres by changing the magnetic field. Gunn diodes are used to build oscillators in the 10 GHz to high (THz) frequency range.
Gallium arsenide Gunn diodes are made for frequencies up to 200 GHz, gallium nitride materials can reach up to 3 terahertz.[



Friday, April 8, 2016

Why is it thought that carbon paper can escape detection by X-ray machines?

"....Well gentlemen,
I just got off the phone with my freind who is an x-ray tech for many years now(going over 25 that is), and he has informed that carbon paper does in fact distort the object that it is wrapped around, but does not totally make the object invisable to the x-ray.
Example given--If u were to take a CD(4 distinct edges) and wrap the CD in the carbon paper and shoot a film of it, it will lose it distinct edges, u will be able to tell that there is something there but it will blend into the film.


I'm a physicist whose field deals with imaging, I'm not sure but I'd assume customs uses a fluroscopy (sp) type machine which uses longer wavelength x-rays as compared to normal x-ray machines people are usually familiar with. But, even with these lower energy x-rays, carbon paper will not cause "blurring" by attenuating any incident radiation. However, if u wanted to, I would get real tin foil and place amps, etc. inside tin foil which has been shaped into something which would not raise susspecion. Tin has a high enough atomic weight to cause some sttenuation of lower energy x rays. Now this is off the top of my head, but I KNOW I could determine how to shield (fuck up) the transmission of x rays which would conciel what you would be sending....."

What is the Difference Between Carbon Paper and Carbon Cloth Based Gas Diffusion Layers (GDL)?...


they also do not chip or break as easily as Toray paper while still being available in thin sizes. Some GDLs are very hard and brittle with little compressibility (e.g. Toray); others are much more pliant/flexible but still don’t have much compressibility (e.g. Sigracet, Freudenberg).  Also, papers may or may not have Microporous Layers (MPL) and/or additional hydrophobic (Teflon) coatings.

...sometimes with old X-ray films use to blur the contours of the object




Sunday, April 3, 2016

Free Shipping 20 Channels Wireless Remote Control Fireworks Firing System



http://www.amazon.com/Shipping-Channels-Wireless-Control-Fireworks/dp/B00H79VI4E
the Ijtimah aims to reflect the movement’s international dimension and dynamism as well as facilitating contacts between Tabligh members from different countries. The TJ is currently using Portugal as a platform for spreading its pan-Islamic message to Africa (especially to Portuguese-speaking countries like Mozambique) and Latin America (particularly Brazil). Within Portugal, the group relies on mosques and religious sites on the outskirts of Lisbon (eg, in Palmela, Laranjeiro and Odivelas) and on their corresponding madrassas.
Though fairly discrete and committed to projecting an apolitical image, the Portuguese TJ branch has not escaped controversy, at least on one occasion. In January 2008 a terrorist cell composed of 12 men (11 Pakistanis and an Indian) was dismantled in Barcelona before carrying out an attack on the city’s subway system. One of its members admitted to the existence of plans for attacks Germany, the UK, France and Portugal. After the Spanish authorities issued a terrorist alert for these three countries, the Portuguese security agencies started searching for two Pakistani nationals, allegedly members of the Barcelona cell that would have entered Portugal through the TJ’s Jamaats (proselytising groups) on their way to an Ijtimah. However, neither the Pakistanis’ entry or presence was ever confirmed, nor was there any solid evidence pointing to a possible attack in Portugal. Nonetheless, three of the men detained in Barcelona had attended the Ijtimah in the past, between 2004 and 2007.
There was at least another high-profile participant at a Portuguese Ijtimah. Abdelaziz Benyaich, a Moroccan national accused by his country’s authorities of being involved in the Casablanca attacks of May 2003, was in Portugal for an Ijtimah when the bombs exploded. In 2005 Abdelaziz was convicted of belonging to al-Qaeda’s Spanish cell and was sentenced to eight years in prison. Salahedin Benyaich, alias Abu Muhgen, Abdelaziz’s brother, was convicted for the Casablanca attacks and is currently serving time in prison in Morocco, and was a mujahedeen in Bosnia, Chechnya and possibly other countries. Furthermore, Salahedin was close to Allekema Lamari, one of the terrorists responsible for the 11 March 2004 terrorist attacks in Atocha Station, Madrid, who committed suicide when surrounded by the police in Leganés, in the suburbs of the Spanish capital.
Known Cases of Possible Jihadist Activities in Portugal
Particularly since 2001, the Portuguese media has echoed some cases of possible Islamist terrorist activities in Portugal. The cases presented below were all reported in the national media, although here we present new data, analysis and conclusions.
(a) Operation Alfarroba
In March 2003 a police operation carried out in Lisbon and Quarteira (in southern Portugal) lead to the arrest of 13 Algerians suspected of being involved in the forgery of documents. The identity of these men was never very clear, nor what their intentions were –a lack of information that would become habitual in future cases of possible Jihadist activities in Portugal–. Nonetheless, a name emerged from these arrests: Sofiane Laïb, a 25 year old Algerian national who was in Germany at the time of the arrests in Portugal.
With a record of petty crime –namely small-scale theft and the forgery of documents–, Laïb was party to a money transfer carried out by one of the 13 Algerians arrested. It has been reported that between 1998 and 2000 Laïb shared an apartment in Hamburg with Mohamed Atta, the leader of the cell responsible for the 11 September 2001 attacks in the US. Whatever the case, it has been confirmed that the young Algerian knew Atta and frequented the same religious and social circles in Hamburg. A few months after the arrest of the 13 Algerians in Portugal, Sofiane Laïb was arrested in downtown Lisbon in possession of forged documents, the sole crime for which he was convicted. After serving a short time in prison, Laïb was expelled to Algiers in April 2006 by the Portuguese authorities. One of his known associates was a Tunisian national called Ben Yamin Issak, alias Ben Youssef Boudhina, himself close to Atta in German Islamist circles.
In September 2002 Ben Yamin Issak tried to board an airplane in Lisbon headed for London. He carried a false French passport which was detected by a steward at the boarding gate. The extremely poor quality of the documentation suggests that he was eager to get to the UK. Although detected, Ben Yamin Issak was able to leave the airport and later use false Portuguese ID to catch several buses until he arrived in London. Sofiane Laïb was waiting in a car outside the airport in case something went wrong –as it did– and helped Issak evade capture. When he arrived in the UK, he stayed at Kamel Bourgass’s house in Wood Green, north London. Bourgass is an Algerian national who trained in Afghanistan and is suspected of having fought for the Algerian GIA (Groupe Islamique Armée –Islamic Armed Group–). While in the UK, Ben Yamin Issak and Bourgass attended the Finsbury Park mosque, then run by the notorious Imam Abu Hamza al-Masri. In January 2003 they managed to anticipate a police raid which found Jihadist propaganda, Issak’s false Portuguese ID and castor-oil beans (typically used to produce ricin toxin) in Bourgass’s house, thus foiling the well-known ‘London Ricin Plot’. Issak’s false ID had been stolen by Sofiane Laïb from an African staying at a hostel in Lisbon which is associated with illegal immigration and prostitution. Kamel Bourgass was captured a few days later in Manchester after stabbing five police officers with a knife, one of whom died. He is currently serving a life sentence and his arrest triggered a raid by the British authorities on the Finsbury Park mosque, where false documentation used to support Jihadist activities was found. On 12 July 2003 Ben Yamin Issak was arrested in Liverpool trying to board an airplane heading for Barcelona.
(b) The Alleged Euro Cup Plot and the Hofstad Group link
In June 2004, just before the beginning of the Euro Cup –held in Portugal that year–, the Portuguese media reported that 11 men of Maghrebi origin had been deported to the Netherlands. Despite the fact that the arrest involved more than 20 individuals, only three were considered to be of interest, among them Nouredine el-Fathmi and Mohammed el-Morabit, both Moroccan nationals. Nouredine el-Fathmi had lived in Amsterdam with Mohamed Bouyeri who, in November of that same year, had assassinated the film director Theo van Gogh.
At the time of the arrest in 2004 there was an established link between el-Fathmi and el-Morabit, who were arrested in a hostel in Oporto, and the Hofstad Group –a well known Jihadist organisation in the Netherlands–.
Among other material, the Dutch authorities had previously seized a declaration by Nouredine al-Fathmi in which he declared his intention of dying in the name of Allah. However, no evidence sufficient to ensure a conviction for terrorist activities was ever found in Portugal, and therefore he and the others were deported to the Netherlands where they were interrogated by the Dutch authorities and then released due to lack of evidence.
There was some speculation about a possible attack on the foreign dignitaries attending the Euro Cup, also aimed at the then Portuguese Prime Minister, José Manuel Durão Barroso. Although it was a plausible, no actual evidence of a planned terrorist attack was ever discovered.
Given the intelligence gathered by the Dutch authorities, and the surveillance and efforts of the Direcção Central de Combate ao Banditismo of the Polícia Judiciária (at present theUnidade Nacional de Combate ao Terrorismo, or Counter Terrorism Unit of the Judicial Police), the arrest of these three men seems to have been a relatively over-hasty and ill-considered decision.
Nouredine el-Fathmi was again arrested in 2005, this time in Amsterdam on his way to Lelylaan Station while in the possession of firearms and ammunition. In January 2006 the Dutch public prosecutor claimed to have ample evidence that the Hofstad Group was indeed a Jihadist organisation, directed by a six-man council to which Mohamed Bouyeri and el-Fathmi belonged. In March 2006 el-Fathmi and Mohammed el-Morabit were sentenced by a Rotterdam court to five and two years imprisonment respectively. Bouyeri was also convicted at the trial for being the ringleader, although he was already serving a life sentence for the assassination of Theo van Gogh. Nouredine el-Fathmi was also implicated in what the Dutch intelligence called the ‘Piranha Network’, a group plotting to assassinate senior Dutch politicians and bomb a government building.
(c) Serguei Malischev and Spain’s Audiencia Nacional
It has been reported that in October 2004 the Spanish authorities warned Portugal of a terrorist cell trying to acquire explosives in Bragança, in northern Portugal, with the aim of perpetrating an attack against Madrid’s Audiencia Nacional. However, there are members of the Portuguese intelligence community who claim there was no such tip-off.
In May 2005 Portugal deported Serguei Malischev, a man suspected of being involved in this plot as well as having strong connections to Jihadist groups. Malischev, a Belarus national, remained under arrest in Portugal for two months due to immigration irregularities before being deported to Belgium, the country that had issued his Schengen visa. During his time in Portugal, as in many other cases, no evidence of terrorist activity was discovered. Still, Malischev had an apparently real interest in entering the country since he tried to do so twice: the first attempt failed, while the second was successful.
Serguei Malischev surfaced later in Palma de Mallorca, Spain, were he was accused in December 2005 of belonging to a Jihadist cell led by an Iraqi called Abu Sufian, who –according to police sources quoted in the Spanish media– had direct contact with Abu Musab al-Zarqawi, then leader of al-Qaeda in Iraq. According to Fernando Andreu, the Spanish judge who presided over the trials of Malischev, Sufian and others, this terrorist cell endorsed proselytising activities and recruited individuals to be later sent to fight in Iraq, Chechnya and other countries in Asia.
Malischev was a chemical-weapons expert with a background in Pakistan and Azerbaijan. He also went by the names of Andrey Misiura and Amin al Anari and died in prison in 2009.
(d) The Four Cape-Verdean Dutch
In February 2006 the Netherlands issued an alert for four Dutch citizens of ethnic Cape-Verdean descent. The group had been involved in a shootout in a Rotterdam pub causing five deaths, after which they fled to Portugal.
It was said that at least one of them was an Islamist terrorist related to the Hofstad Group, and that the gang’s leader had been trained in the Yemen. However, there is no solid evidence that either the alleged leader, Fernando Jorge Pires, had been trained in the Yemen or that there was any significant link with the Hofstad Group. The shootout in Rotterdam was related to a diamond-trafficking deal that had gone wrong, and the alleged Hofstad link was no more than contact with a Turkish group that, in turn, had some ties with the Dutch terrorist cell. Fernando Jorge Pires was arrested on Christmas Eve trying to board a plane in Lisbon, while two other members were arrested two months later near Amadora, on the outskirts of Lisbon. The fourth man, José Barbosa, was able to escape to Cape Verde.
(e) The Last Public Case: Samir Boussaha
In a European joint operation started by the Italian Carabinieri in Genoa, an Algerian national called Samir Boussaha was arrested in Oporto in November 2007. Although it was argued in the Portuguese media that he had frequent and firm connections with the group arrested in 2004 in Oporto, it seems that the only link was that both Samir and those related with the Hofstad Group attended the same mosque –the only one in that area of Oporto at the time–.
According to the Italian public attorney, the 35-year-old Samir Boussaha and his brother Mourad were suspected of having been members of the GSPC (Groupe Salafiste pour la Prédication et le Combat –Salafist Group for Preaching and Combat–) and of participating in a recruiting network that sent fighters to Afghanistan and Iraq, as well as of collecting funds for Jihadist operations. There was no evidence of Mourad ever having been in Portugal and, with respect to Samir, although he was under surveillance for years, no hard evidence of terrorist activities was unearthed. The lack of proof from Samir’s surveillance is not necessarily due to his innocence, but rather a result of his caution. Nonetheless, when Boussaha was arrested by the Judicial Police, the apartment where he lived was also found to contain no evidence. Finally, the barbershop where Samir often worked was also above suspicion and the locals who knew him were surprised since they saw the Algerian as a kind, polite and sociable person. Samir Boussaha was extradited to Italy in mid-November 2007.
Conclusion: Apart from suggesting that the authorities should remain on the alert, the cases presented above show that several individuals with disturbing profiles connected with Jihadist activities have entered and spent time in Portugal. However, it has been impossible to establish either their intentions or their activities –ie, the solid evidence needed to guarantee a conviction for terrorism–. The general difficulty in distinguishing between insurgents, terrorists and criminals and of obtaining sound evidence to satisfy a court of law is a reality in Portugal, as it is throughout Europe. But in the process of fitting together the pieces in the jigsaw puzzle of Jihadism in Europe, Portugal is an informational black hole. Many explanations can be offered for such an unsatisfactory state of affairs: the legal framework under which security agencies operate, the shortcoming of the penal code and the lack of preparation and awareness of the country’s political decision makers, among others. The complexity and variety of these possible explanations requires separate research and analysis. Nonetheless, and with regard to this paper’s topic, what is important is that the succession of inconclusive cases –from an empirical perspective– reflect structural problems which should be addressed as they could ultimately signal to Jihadist organisations the sort of weaknesses that they might decide to exploit for their own benefit.
Despite being nebulous and for the most part inconclusive, these cases of possible Jihadist activity in Portugal do suggest some similarities with the situation elsewhere in Europe.
Considering what time and research has taught us about Jihadism in the EU, Portugal complies with the general picture in the following aspects: most individuals involved in suspected Jihadist activities are originally from the Maghreb, the forgery of documents is often associated with possible cases of Islamist terrorism, the security forces have found it difficult to obtain evidence sufficient to ensure a conviction for the crime of terrorism and individuals suspected of engaging in terrorism or parallel activities are often highly mobile.
However, there is another important characteristic of Jihadism in Europe that seems to be absent from the Portuguese context. As far as is known, there is no sign of internal radicalisation or recruitment or of self-starter cells –even considering the potential perils represented by TJ–. Such a difference with the rest of European could have two explanations: (1) the degree of integration and sense of identity of Portugal’s traditional Muslim community; or (2) the simple fact that home-grown terrorism has not yet been detected. However, given the similarities of the phenomenon throughout Europe, nothing should be ruled out for the future.
Finally, taking into consideration, on the one hand, the high degree of mobility of the suspects involved in the inconclusive episodes detected in Portugal and, on the other, the long-established Jihadist activity in Spain, it is puzzling why there has been no spill-over effect. The existence of a settled and well-integrated migrant community certainly plays a role. Nonetheless, given Spain’s strong commitment to countering terrorism as well as the scores of suspects arrested and then convicted by the Spanish authorities, it is curious that there is no obvious transit of Islamist terrorists across the Iberian Peninsula.

http://www.realinstitutoelcano.org/wps/portal/web/rielcano_en/contenido?WCM_GLOBAL_CONTEXT=/elcano/elcano_in/zonas_in/international+terrorism/ari113-2010
On 11 June, 2004, Portuguese police arrested a group of Islamist militants in Porto. It is suspected that they planned to assassinate the Portuguese president-designate of the European Commission, Jose Manuel Durao Barroso, as well as other foreign guests, at a reception at the Freixo Palace on the night before the opening match of the Euro 2004 championship soccer tournament. Portuguese intelligence received a warning from their Dutch colleagues that three Dutch-Moroccan members of the Hofstad Network had travelled to Portugal. One of the terrorist suspects had shared an apartment with Van Gogh’s killer, and they drove from the Netherlands to Portugal in a VW Golf registered in the name of Bouyeri.

Man in the Rain