Feds use key logger to thwart PGP, Hushmail in MDMA case

That's more trouble than it's worth.

How many top-level players do you think are willing to do all that? Even if they are willing to do that and communicate about shit online, the receiving computer(s) would need the same setup.

Less computers, more guns.
 
phrozen said:
They certainly didn't do anything like that with the Fentdope outbreak a year a go. As soon as it became widespread they issued warnings, stepped up prosecuting dealers, held a conference, and started looking for the source...
Well of course.

The plan would be to plant bad dope and then come gallantly to the rescue.

What could possibly be better PR for both the policy and the organization itself?

If it hasn't happened, it will.
 
garuda said:
First buy one of these: http://www.oqo.com/ if you are making MDMA you can easily afford it. NEVER let it leave your sight or pocket.
Now install Truecrypt, Tor, and Eraser which are all freeware.

http://www.heidi.ie/eraser/
http://www.truecrypt.org/
http://tor.eff.org/download.html.en
http://sourceforge.net/projects/gaim/


A keylogger will still circumvent all that software. Once they have the passwords to those programs, they become useless. There is one free anti-keylogger called snoopfree, but it has no password protection. There is also a program called keyboard scrambler which encrypts keystrokes on web logins. The full version encrypts all web forms. I don't know if it has password protection.

For now, the best anti-keyloggers are not free, but have trial versions. Advanced anti-keylogger and anti-keylogger(privacykeyboard) are the best ive seen.
 
I could see that happening if legalization was actually close. Then, they would be with their backs to the wall and desparate to save their jobs. Right now they don't need to pull anything like that. They get their budget increased every year. Being "hard on drugs" still gets votes.
 
^^^^ I'm not so sure. When you get a chance check out some transcripts of Karen Tandy wiggling her whore-ass in front of congress and begging for a budget so she can save the children.

The DEA has always had a big bark, but until the day comes when The People finally take that mad dog to the pound to be put to sleep, expect it to chew anyone and anything that comes within bitin' range...
 
TheDEA.org said:
Uh....

In light of his real contributions I hate to say it, but...

Perhaps you missed the beginning of my sentence - "I didn't believe it." Yeah, emanuel is a nutter, but it's not too far a step to get to a more rational idea: that certain parties with vested interests in the 'war on drugs' might be happy to have dangerous 'ecstasy' adulterants to point to. I mentioned it as an interesting anecdote to address the post above mine. *shrugs*
 
Blacksoulman said:
A keylogger will still circumvent all that software. Once they have the passwords to those programs, they become useless.

Thats why you never let the hardware leave your posession, once an enemy has had posession of the hardware there is no way to know what kind of nefarious software or hardware has been installed.

With the setup I posted keyloggers are useless, there is no way to install them.
Even theoretical software exploits are thwarted by the random wifi routers and Tor, good luck randomly guessing when and what the IP addy will be.
 
The IRA used RSA type key distribution for years and MI5 admitted that they couldn't read the messages. I think they were keeping the stuff on laptops so there was never the opportunity to mess with them... or MI5 are just dumb.
 
Blacksoulman said:
A keylogger will still circumvent all that software. Once they have the passwords to those programs, they become useless. There is one free anti-keylogger called snoopfree, but it has no password protection. There is also a program called keyboard scrambler which encrypts keystrokes on web logins. The full version encrypts all web forms. I don't know if it has password protection.

For now, the best anti-keyloggers are not free, but have trial versions. Advanced anti-keylogger and anti-keylogger(privacykeyboard) are the best ive seen.
the virtual keyboard is pretty good.

I built a pretty sweet keylogger back in the day. Worked too.
o.jpg
 
Some of you guys are still missing the fact that all of the computers that are receiving the sensitive data have to be as heavily secured as the original one. We are talking about transmitting sensitive data, not just saving it.
 
Hardware keyloggers are more sinister.

Keyloggers are fairly straight forward to detect. You dont need any fancy anti keylogger software. A good firewall would block a keylogger communicating to a remote computer anyway.
 
giantsquid said:
Hardware keyloggers are more sinister.

Keyloggers are fairly straight forward to detect. You dont need any fancy anti keylogger software. A good firewall would block a keylogger communicating to a remote computer anyway.
Physical data retrieval. Don't think that people won't break into your house and download the keys you logged.
 
tobala said:
EDIT: Anyone know if it's possible to detect a mirror port?

By definition, no. The ISP could use any form of packet sniffing or packet replication to obtain full copies of bidirectional data flow and there is structurally no way to identify that action. The only technology on the horizon that has such a capability is built on quantum principles, and works because anybody reading the "packet" (actually a quantum bit, or qubit) permanently alters the packet. Clearly, however, such a protocol is non-routable and difficult to envision in a real-world system in the next few decades.

It's pathetically easy to overcome the weaknesses the DEA used in this case to get their 30-year convictions:

1. Never allow unauthorized physical access to a machine being used for sensitive stuff. If you don't carry it with you and sleep in a room with it at night, have a few good protection dogs that live in the same room as the computer. Both these cases involved the cops breaking into someone's facility and installing software or hardware for key logging - and breaking in again to get it back (if memory serves me right). No access = no cops getting passwords for encrypted email.

2. Maintain a generally secure OS installation to prevent simple, remotely-installed keystroke loggers from infecting your machine. As others said, a decent firewall would see the outbound data stream from the logger, block it, and warn you something odd was going on.

3. Run a good VPN service until your internet traffic leaves Amerika for a more secure jurisdiction. OpenVPN is an excellent, open-source tool for this. There are several commercial companies that run OpenVPN-based services that make the whole process very easy to do. With a good VPN tunnel established, your local ISP (and backbone provider, and so forth) see nothing but encrypted traffic from your connection - no readable data, no internet address. Let 'em keep copies of those encrypted packets forever if they want to! :p Tor is great, but does nothing to secure your traffic from your local ISP's prying eyes.

I always laugh that many folks think "computers are insecure" but will gladly use idiotic codewords on unencrypted phonecalls over a national phone system built from the ground up to be piss easy to eavesdrop on. Drug cops must thank the stars every day that their targets aren't wise enough to throw out their phones and use secure data communications. Without chatty drug dealers and their cherished cellphones, the drug cops would have to reinvent their approach to building cases.

Note, for example, that there are exactly two cases in which the DEA or FBI are known to have used keystroke loggers to gather evidence. Ever. Two. How many cases have been won by easy-to-get wiretap orders? Tens of thousands. . . . which do you think is, on balance, more secure?

Peace,

Fausty
 
^^^^ Thanks for the info and putting things in perspective, Fausty.
 
Fausty said:
Tor is great, but does nothing to secure your traffic from your local ISP's prying eyes.

I'd never looked at Tor until one minute ago, but a quick read of the overview suggests that traffic is encrypted as it leaves your machine to the next Tor client.
htw2.png
 
carl0s said:
I'd never looked at Tor until one minute ago, but a quick read of the overview suggests that traffic is encrypted as it leaves your machine to the next Tor client.

Thanks for posting that diagram - it's a great overview of TOR and helps lay out what's so good about the system. The open-source nature of TOR is also a huge plus.

The Wikipedia article on TOR indicates that it is possible to drop into the TOR cloud via a SOCKS connection - which is encrypted. The text reads:

At the same time, the onion proxy software presents a SOCKS interface to its clients. SOCKS-aware applications may be pointed at Tor, which then multiplexes the traffic through a Tor virtual circuit.

That said, I think that most folks link into TOR not via an encrypted, SOCKS-compliant connection but via an unencrypted, proxy-style redirect of their web browser. If one does point a SOCKS-compliant browser at a TOR-enabled router, it'll pick up a SOCKS-encrypted, VPN-style connection. . . theoretically. I also don't know that TOR itself will grab non-browser traffic and pull it through the TOR network, encrypted local connection or otherwise. That's something to consider when using non-web applications such as messaging apps and whatnot.

I'm still learning more about the inner guts of TOR, so please don't take my word as final in regards to that project.

Peace,

Fausty
 
Ok to make it clear you cannot just install Tor and all your internet traffic goes through the network, you have to do tweaking to get each program to use it.
And any program can use Tor, though the creators have asked for people not to overload it with torrents and P2P traffic, but there is nothing stopping you.
 
Fausty said:
Thanks for posting that diagram - it's a great overview of TOR and helps lay out what's so good about the system. The open-source nature of TOR is also a huge plus.

The Wikipedia article on TOR indicates that it is possible to drop into the TOR cloud via a SOCKS connection - which is encrypted. The text reads:

At the same time, the onion proxy software presents a SOCKS interface to its clients. SOCKS-aware applications may be pointed at Tor, which then multiplexes the traffic through a Tor virtual circuit.

That said, I think that most folks link into TOR not via an encrypted, SOCKS-compliant connection but via an unencrypted, proxy-style redirect of their web browser. If one does point a SOCKS-compliant browser at a TOR-enabled router, it'll pick up a SOCKS-encrypted, VPN-style connection. . . theoretically. I also don't know that TOR itself will grab non-browser traffic and pull it through the TOR network, encrypted local connection or otherwise. That's something to consider when using non-web applications such as messaging apps and whatnot.

I'm still learning more about the inner guts of TOR, so please don't take my word as final in regards to that project.

Peace,

Fausty

(ignore what I put here first.. I didn't read your post properly)

The way I had/have assumed it works, it that you configure your clients (web browser, anything) to run through your *own* Tor client as a proxy, as you have suggested (unencrypted web proxy), or SOCKS proxy for protocols other than HTTP and FTP. Regardless of whether this loopback conection is encrypted or not, it's only a connection to your own machine, which then pumps it out encrypted over Tor.

Like I said, I really know nothing about it, but I had a quick read of the overview and the fact that they say: "Warning: Want Tor to really work?

...then please don't just install it and go on. You need to change some of your habits, and reconfigure your software! Tor by itself is NOT all you need to maintain your anonymity. There are several major pitfalls to watch out for.

First, Tor only protects Internet applications that are configured to send their traffic through Tor — it doesn't magically anonymize all your traffic just because you install it. We recommend you use Firefox with the Torbutton extension."

Kind of implies to me that it's used as a local HTTP or SOCKS proxy.
 
Last edited:
Top