
The Mastermind, Episode 7: The Next Big Deal - jaxonrice
https://mastermind.atavist.com/the-next-big-deal?src=longreads
======
Worksheet
>Le Roux admitted that he had created the encryption software E4M but denied
that he had developed TrueCrypt, its famous progeny.

To me the picture that is being painted is that Truecrypt was a project funded
by criminals and maintained by people associated with organised crime.

Yet we still don't know what happened in 2014 that ended the project and the
circumstances in how they 'gassed' their canary. Was it something to do with
Le Roux's informing? Was it connected to the Snowden revelations?

~~~
nickpsecurity
It was ridiculous that the author even brought it up. The privacy-aware and
technologist audiences will be smart enough to see that he in no way connected
Le Roux to Truecrypt in the whole series. The others will mentally connect
"mass murdering, drug lord" to "Truecrypt" due to repetition. This image will
be the one they hear the likes of Comey say in public media where encryption
is the tool of thugs and must be backdoored/squashed. The author is doing a
disservice to both Truecrypt and encryption in general by constantly trying to
tie it in.

It should've been mentioned in the beginning with his E4M work and then later
in the follow-up question. That's it unless the author has more evidence with
a solid or highly-probable tie-in to Truecrypt.

~~~
gothenburg
What do you mean? It was explained on part 2 that the code for TrueCrypt was
built on top of E4M.

"I asked him what he meant, and Hafner told me that in the middle of the
development work for DriveCrypt, he discovered that Le Roux was still working
on E4M and had incorporated some of his work for SecurStar into his personal
project. (...) In 2004, a group of anonymous developers did exactly what
Hafner had feared: They released a new and powerful, free file-encryption
program, called TrueCrypt, built on the code for E4M. “TrueCrypt is based on
(and might be considered a sequel to)” E4M, a release announcement stated."

In: [https://mastermind.atavist.com/he-always-had-a-dark-
side](https://mastermind.atavist.com/he-always-had-a-dark-side)

~~~
nickpsecurity
It was. It also has almost nothing to do with anything in the whole series. It
should've been one fact in isolation about one part of Le Roux's history.
Instead, the author keeps dropping lines about Truecrypt as if to tie Le
Roux's name to it and imply he's been behind its funding or shutdown. Without
evidence. Repeatedly.

He's better off just leaving it off except the E4M-Truecrypt beginning and the
question in court. It wasn't relevant to anything else unless I'm overlooking
something. THe rest of the article is about pharmacies, call centers, hitmen,
and so on. Nothing to do with TrueCrypt.

~~~
gothenburg
I don't agree with your view. The author briefly mentioned the relation
E4M-Truecrypt only 2 times as it found some kind of evidence or relation
between those two projects. And it is valid as the involvement of Le Roux in
the Somalia wars, for example.

I don't feel the author is milking any of it to make the article more
interesting.

~~~
nickpsecurity
I get why you're saying it and all. It's just that this article really plays
on the E4M-Truecrypt connection and jumps between Le Roux and its story. See
here:

[https://mastermind.atavist.com/he-always-had-a-dark-
side](https://mastermind.atavist.com/he-always-had-a-dark-side)

The Hacker News comments and title showed many were already thinking a grand
reveal was forthcoming of how Le Roux was financing Truecrypt all this time.
It keeps getting mentioned even though it has nothing to do with Le Roux's
life or story post E4M. Here's an alternative that's more accurate for the
significance of Truecrypt to the story:

The original paragraphs on E4M and Truecrypt spinoff stay. After sentence
"...message boards for good," the author stops talking about Truecrypt
entirely. He should mention PhoneCrypt offer in isolation as it was
significant. Later on, might mention for the trial question the context that
some people suspected Le Roux might have funded or worked on Truecrypt all
this time. Then show he was asked, said yes for E4M, and no for Truecrypt.
Then move on.

I mean, there's not much reason to talk so much about Truecrypt, Snowden's
view of it, and so on if there's nothing tying Le Roux to Truecrypt. That
someone built on his work and it turned into a solid tool would be enough to
say. The only good thing I could think of is that the author is trying to
encourage people to use Truecrypt and such strong, OSS encrypt by embedding it
into his piece. That would be annoying but justifiable in a greater good
sense. Still not relevant to Paul Le Roux, though, past fork of E4M without
evidence he was behind Truecrypt.

~~~
Trundle
I'm not sure there's a need for the author to be trying to encourage the
audience to do anything. A central theme of the story is building Le Roux up
to seem as big/talented/accomplished as possible. Things like the fact that he
has logging and mining concerns are brought up repeatedly despite them not
being directly related to him getting busted for meth, but they serve to keep
you thinking "this guy is achieving a lot". You can pick it even from the
title of the series.

Truecrypt is very well known amongst tech literate people and Snowden at least
is well known amongst the rest. By repeatedly driving home the fact that Le
Roux was responsible for the foundation of this software, it makes him seem
more impressive in the readers mind.

~~~
nickpsecurity
I could see that. Yet, Truecrypt and its successes were some other group's
work. He just made essentially the prototype that had enough functionality to
give them a head start. In its original form, it wouldn't have achieved all
the stuff described for Truecrypt in the article.

So, saying he made E4M that others' turned into Truecrypt... then dropping
Truecrypt... is more honest if we're talking _his_ accomplishments. Not
Truecrypt developers' accomplishments.

------
at-fates-hands
This whole thing just seems off to me. LeRoux was the guy they wanted, he was
the boss, the mastermind, the guy who ordered all the murders, set up the
operations. It makes no sense why the Gov. would give him a deal to get all
the guys _under_ him, when they already had the Kingpin in their custody!
Normally cops work the lower level guys to get to the Kingpin. In this case
they took a top down approach, which seems off to me.

Also, the sting operation on Hunter's crew is a classic example of entrapment.
Lured by big money, and egged on by LeRoux, it looks like Hunter's crew was
lead into this, and they went along with whatever LeRoux told them to do. It
would be relatively easy to say these guys would not have ever done any of
what their accused of without LeRoux's involvement.

Again, this seems completely backwards to me.

~~~
Trundle
They turned a high volume illicit prescription drug seller case in to multiple
arrests of hitmen. We also don't know what, if any, deal he has been offered.
That seems like it was probably a great score for the DOJ.

Keep in mind, a lot of the crimes we've read about in this story are himself,
a non-US citizen not in the US, doing things with/to non-US citizens not in
the US. I imagine the prosecutors are fare less concerned about a South
African living in The Philippines having a Filipino killed than they are with
the fact that the killers were brought in from the US.

