
U.N. report reveals secret law enforcement techniques - zoowar
http://www.hacker10.com/other-computing/u-n-report-reveals-secret-law-enforcement-techniques/
======
wololo
> _198\. In the United Kingdom, it is a criminal offence under the Regulation
> of Investigatory Powers Act 2000 to refuse to hand over an encryption key
> when required. Care must be taken, however, to ensure that suspects do not
> seek to evade the provision by utilizing several layers of encryption and
> multiple keys to protect different data sets. For example, a setting of
> TruCrypt, a common free encryption tool, allows a suspect to encrypt a hard
> drive and create two passwords: one for the “clean” drive and the other
> containing the incriminating material. This can be circumvented by ensuring
> that the forensic examination of the hard drive takes into consideration
> whether there is any “missing volume” of data._

If they had actually installed TrueCrypt and created a hidden partition or
read the documentation, they would see that the other partition lies about
space usage to prevent its existence from being provable

~~~
MichaelGG
There's other hints though. For instance, you might start the clean volume and
find it hasn't been run for a month. Or, if the volume is being mounted inside
another OS, there could be cached paths in various places pointing to the
secret volume.

If you're being seriously investigated, you have to work on the cover story
and make sure your clean volume looks legit.

~~~
wololo
Any other problems?

------
Vivtek
Sigh. They create a honeypot to catch terrorists, then "finally hav[e] to
dismantle their own website when law enforcement realised that it was also
being used to plan attacks against US troops in Iraq."

What? If they know the plan, then ... they act on it. Why would you stop using
an information source like that?

~~~
lost_name
Quite simply, they decided it was worse to leave it up and allow the
communication as the risk/reward was not sufficient.

The relevant text of that point (listed as 218, but is actually 228):

    
    
      For example, a “honey pot” jihadist website reportedly was designed by the [Central 
      Intelligence Agency] and Saudi Arabian Government to attract and monitor terrorist
      activities. The information collected from the site was used by intelligence 
      analysts to track the operational plans of jihadists, leading to arrests before the 
      planned attacks could be executed. However, the website also was reportedly being 
      used to transmit operational plans for jihadists entering Iraq to conduct attacks
      on U.S. troops. Debates between representatives of the [National Security Agency, 
      Central Intelligence Agency, Department of Defense, Office of the Director of 
      National Intelligence and National Security Council] led to a determination that 
      the threat to troops in theater was greater than the intelligence value gained
      from monitoring the website, and a computer network team from the [Joint Task
      Force Global Network Operations] ultimately dismantled it.

~~~
krenoten
I don't think it's very likely that the shutdown stopped them from
communicating. Risk/reward? The risk is that the honeypot was the only way
they could communicate, and that keeping it alive was the only way these
attacks could continue. I don't think this is a very large risk. The reward,
however, is foreknowledge of an attack. Maybe they don't think this is very
useful knowledge?

In any case, I don't think these were the reasons for taking it down.

~~~
JabavuAdams
Possible, but remember that these are political animals.

How are they going to explain to the American people (or talk-radio hosts)
that President Obama authorized a website that was used to plan attacks on
U.S. soldiers?

~~~
mturmon
Yes, when law enforcement gets that enmeshed with the plans of criminals,
things go sideways. Compare the ATF scheme ("Operation Fast and Furious") for
letting illegal gun sales proceed so that criminal gun distributors higher up
the food chain could be caught:

<http://en.wikipedia.org/wiki/ATF_gunwalking_scandal>

When you count all the guns that the US let leak into Mexico over the years,
it's hard to justify the operation.

Basically, such an operation deserves a fuller debate and examination of all
the consequences. But by their nature, secret operations can't have full
debates.

------
ISL
Anyone have any further insight into the software HF radio?

~~~
dhughes
Try:

<http://www.reddit.com/r/RTLSDR/>

<http://www.reddit.com/r/amateurradio/>

And/or search the Web for "packet radio".

------
cpcsearch
Wow, this as a big industry for hackers. It's only going to get bigger.

