5 comments

[ 3.3 ms ] story [ 19.2 ms ] thread
That his VPN provider "ratted him out", actually gives me a little more faith in such services vs the current NSA revelations. (i.e. they couldn't simply do some kind of timing analysis to find him).

Or maybe they just don't waste - or admit to - their resources for such low profile targets?

I'd wager that the LEOs investigating him (and the others in the incidents) likely weren't cleared to anywhere near the level needed to be briefed on those programs. They almost certainly didn't know that such capabilities even existed.
All FBI and Secret Service special agents get top secret security clearances. While I doubt everyone in those agencies is briefed on such programs, it certainly is likely that some are, especially those investigating computer crime.
> Or maybe they just don't waste - or admit to - their resources for such low profile targets?

Bingo, it's all about cost-effectiveness. The NSA likely has a large variety of SSL certificate keys and other keys for decrypting things, and the continuing usage of them depends on their perceived security.

They can use all of their decryption keys to read everything and provide it as evidence to the courts, but it'll tip the world off that some keys aren't secure and the NSA's targets would defend themselves accordingly.

It's a catch-22 -- they need to use decryption keys for gathering evidence for convictions, but there is such a thing as using too many. They're a resource that takes longer to build up than CPU/storage/memory/network IO.

> The only communication between LulzSec and WikiLeaks was between an FBI informant on their end and an FBI informant on our end, both trying to entrap each other to incriminate both groups further, and likely both oblivious to the fact that the other was working for the same organization.

I've often wondered how often this happens when law enforcement are trying to catch child pornographers and such.