this post was submitted on 29 Aug 2024
401 points (97.9% liked)
Technology
59472 readers
4969 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
If you distribute encrypted materials you also need to distribute a means of decryption. I'm willing to bet a honeypot was used to trick him into distributing his csam right to the government hinself.
Hey, could I get some info on the
Thing?
I'm quite curious and haven't been able of finding anything on the internet about it
Neither Tor nor end-to-end encrypted messengers will cover the endpoints. It's possible that they caught him using good old fashioned detective work. You don't need a software back door for that.
Well it probably wasn't a Vic Mackey-style rubber hose attack, because it sounds like this chump is getting hauled into court.
Tor was created by NSA, half of Tor servers are run by NSA, not that secure
Tor was created by the NRL, which is a part of the US Navy and Marine Corps.
Meh, I heard wrong them sorry
Tor was created by the Naval Research Labs, and was released to the public because it is secure.
The problem is that if it's only the CIA or DIA using it, it's easy figure out who is using it and where. Make it global and now there is a lot of noise to separate out.
Yeah, the security of tor relies on the nodes being different, but when most of them are owned by the same person/government body the security go downhill, sadly i2p isn't that popular, because every person is a node
Please don't talk about child predators, and use the term "back door" in the same sentence. It ain't right....
we’re talking about encryption here, not…that. please get your mind out of the gutter
He didn’t use encrypted everything. He had a public telegram group chat in which he stored a lot of his material. Which, as many people in the comments on the article pointed out, is not encrypted, but is presented by telegram as if it is. That’s likely how they caught him.
To be clear, it’s encrypted*.
* If you enable it
Recent events have taught me that only individual chats are encrypted*. Group chats don't have that feature.
In telegram nothing is e2e encrypted unless you specifically ask it to be and when you do, it kills all the functionality that makes it better than others.
That's what I said. The person I replied to said that all messages are encrypted* with the asterisk being only if you specifically enable it. I clarified that it doesn't apply to group chats though. I don't use Telegram so the loss of functionality is actually a bigger deal to me than the argument around E2EE. Can you explain what features are lost when you enable it? It's a messaging app so I'm curious what you sacrifice for E2EE.
Telegram groups are not E2E.
Chats are encrypted, but the servers hold the encryption keys (I believe).
There are one-to-one chats that are full e2e, but you have to enable it. And it has all sorts of compromises.
Qualifier: this is as dicumented by telegram. Since it's not open source, we can't really verify it
There is no point in encrypting a public group chat since anyone can join and decrypt it anyway.
The secret chats feature isn’t between anyone I believe, it’s between two people. But I don’t actually know for certain because I’ve not looked into it beyond a cursory googling.
That said, you’d be correct in that just like any service out there, the moment you let random people join there’s no level of encryption that can keep your secrets secret.
It works well in Matrix, and you can restrict who joins on that platform.
If you restrict it, then it isn't public. I'm not saying that encrypted group chats are useless. But if it is public and anyone can join anyway, then encryption adds no secrecy.
Right, I'm just saying that other platforms give you the option of E2EE group chats, which makes sense if you know your group will remain fixed to a certain size. For truly public groups, yeah, encryption just adds a lot of processing overhead without much benefit.
I, personally, would prefer a platform that gives me the option rather than doesn't.
AFAIK chat contents are stored unencrypted on the server.
They got it by running a honeypot exit node like they always do
my guess is that a large number of tor exit nodes is run by government agencies.
Certainly some are. How many is an entertaining question.
.onions: am i a joke to you?
It's better they don't disclose it and catch more people doing the same.
I'm all for transparency but if that means less caught child molesters, I'm ok with a little obfuscation, even from the fucking pigs.