Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Encryption Communications Network Privacy Security Technology

The Feds Cracked El Chapo's Encrypted Comms Network By Flipping His System Admin (gizmodo.com) 111

With signs that the New York trial of notorious Mexican drug lord and alleged mass murderer Joaquin "El Chapo" Guzman is entering its end phase, prosecutors on Tuesday played copies of what they said were audio recordings of Guzman the FBI obtained "after they infiltrated his encrypted messaging system" with the help of Colombian and former cartel systems engineer Cristian Rodriguez, Reuters reported. Gizmodo reports: As has been previously reported by Vice, Colombian drug lord Jorge Cifuentes testified that Rodriguez had forgot to renew a license key critical to the communications network of Guzman's Sinaloa Cartel in September 2010, forcing cartel leaders to temporarily rely on conventional cell phones. Cifuentes told the court he considered Rodriguez "an irresponsible person" who had compromised their security, with a terse phone call played by prosecutors showing Cifuentes warned the subordinate he was in "charge of the system always working."

But on Tuesday it was revealed that the FBI had lured Rodriguez into a meeting with an agent posing as a potential customer much earlier, in February 2010, according to a report in the New York Times. Later, they flipped Rodriguez, having him transfer servers from Canada to the Netherlands in a move masked as an upgrade. During that process, Rodriguez slipped investigators the network's encryption keys. The communications system ran over Voice over Internet Protocol (VoIP), with only cartel members able to access it. Getting through its encryption gave authorities access to roughly 1,500 of Guzman's and other cartel members' calls from April 2011 to January 2012, the Times wrote, with FBI agents able to identify ones placed by the drug lord by "comparing the high-pitched, nasal voice on the calls with other recordings of the kingpin, including a video interview he gave to Rolling Stone in October 2015."

This discussion has been archived. No new comments can be posted.

The Feds Cracked El Chapo's Encrypted Comms Network By Flipping His System Admin

Comments Filter:
  • by phantomfive ( 622387 ) on Wednesday January 09, 2019 @08:08PM (#57934672) Journal
    In every organization, there's always someone who has too much access. And there's not really a good way to avoid it.
    • In every organization, there's always someone who has too much access. And there's not really a good way to avoid it.

      Indeed. If the possibility of a horrible violent death for you and your family does not keep you loyal nothing will.

      • by ShanghaiBill ( 739463 ) on Wednesday January 09, 2019 @08:21PM (#57934716)

        Indeed. If the possibility of a horrible violent death for you and your family does not keep you loyal nothing will.

        Especially now knowing that the FBI will rat out their informers.

        • Re: (Score:3, Insightful)

          by phantomfive ( 622387 )
          "Don't talk to the cops" is doubly true for the FBI, whether as an informer, a suspect, or even as a decent human being. Those guys are rather messed up.
        • by AHuxley ( 892839 )
          The FBI should have kept its method secret. They could have used the same method all over the world.
          Now every criminal group of any size knows what the FBI and any police that work with the FBI will be looking for.
          Decades of useful method lost to a few days of police publicity.
          • Decades of useful method lost to a few days of police publicity.

            The same thing happened when the CIA publicly bragged about nailing OBL by tracking Al Qaeda's cell phones. They all went dark within minutes.

            • by AHuxley ( 892839 )
              The use of satellite phones was well understood well before it all went dark.
              The West knew of the satellite phones. The US media had seen the satellite phones. The satellite phone use had been reported on.
              The fear about a satellite phone been part of tracking was not new.
              The real new fear was the use of the US mil to follow the network down with a real time missile strike.
              Chechnya was the real new mil fear re news a satellite phone was getting tracked and a direct missile strike resulted.
              So the net
      • You kill the family. You leave the perpetrator alive to suffer. You might pulp his hands to prevent him being able to suicide. Keep him around "pour encourager les autres". (page 123 [gutenberg.org])
    • Nothing beats thermorectal cryptanalysis.

    • Not just "someone", but the sysadmin. The guy who actually enters the commands to give the boss access to stuff can use the same commands to give himself access. Don't hire shady people for those roles, and don't shortchange them on pay so they need a few bucks from someone else.

    • In every organization, there's always someone who has too much access. And there's not really a good way to avoid it.

      I agree with the first sentence, not so much with the second.

      It is absolutely possible to divide responsibilities so that no single person has deep access. The larger the number of people who must collude in order to destroy your security, the stronger your actual security is.

      The problem is that security is rarely a high priority, and few organizations bother to do the analysis to decide whether they have any single points of failure. Apparently, even incredibly well-funded crime syndicates fail at this

  • FBI and encryption (Score:5, Insightful)

    by dlleigh ( 313922 ) on Wednesday January 09, 2019 @08:08PM (#57934674)

    This shows that the FBI doesn't need to force key escrow or any other form of weakened encryption on the public.

    If they really want the crypto keys, they can get them.

    • by AHuxley ( 892839 )
      All the people who say the math will always be secure, not no "big" US brand would use junk crypto. PRISM and this shows the methods the US gov/mil/police use.
      The US gov reads along in real time with all messages sent as they get all the keys.
  • by kiviQr ( 3443687 ) on Wednesday January 09, 2019 @08:08PM (#57934676)
    ...they never learn!
  • by Jahoda ( 2715225 ) on Wednesday January 09, 2019 @08:12PM (#57934686)
    Colombian drug lord Jorge Cifuentes testified that Rodriguez had forgot to renew a license key critical to the communications network of Guzman's Sinaloa Cartel in September 2010

    I mean, Jesus H. Christo - it is goddamned *tough* to find competent IT support. If they can't do it with automatic weapons and methamphetamine torture parties, what hope do the rest of us have?
    • by Gravis Zero ( 934156 ) on Wednesday January 09, 2019 @08:32PM (#57934792)

      I mean, Jesus H. Christo - it is goddamned *tough* to find competent IT support. If they can't do it with automatic weapons and methamphetamine torture parties, what hope do the rest of us have?

      Offer a good wage and free skills training and you can find lots of competent IT people. Be a cheap bastard and shun people because of their age and you get what you get.

    • They never tried ALL the alternatives, e.g.outsourcing, and so on.

      Not that I was waiting for the phone to ring, or anything like that. Just saying, that's all.

  • Why would the announce that?
    • Why would they announce that?

      1) The FBI didn't announce anything.
      2) The sysadmin is a criminal that assisted El Chapo. (no sympathy for the Devil's assistant)
      3) It makes for a good story.

    • by guruevi ( 827432 )

      Most likely the dude got him and his family emigrated to America and in witness protection. Dreams come true - no longer living in the hole he came from, living in the US provided for by government funds.

      • by Anonymous Coward

        Yeah, I'm sure none of the 1500 drug lords and cartel members he ratted on bears him any grudge, they're known to be a forgiving and kind-hearted folk who don't take loyalty all that seriously. Poor too, so it's unlikely any have the resources to track him down and arrange for him to die painfully.

        • Depends if you think witness protection doesn't involve new identities which would be the minimum I would request.
    • Why would the announce that?

      Likely to override defense accusations of illegal wiretapping.

    • Your assumption is that Rodriguez is still at his admin job with the cartel. Don't you think that by the time he's been named, he's been extracted and possibly given a new identity. If I were Rodriguez that would have been essential of any agreement I made with the Feds.
  • by Nkwe ( 604125 ) on Wednesday January 09, 2019 @08:17PM (#57934700)
    Obligatory xkcd [xkcd.com]
  • by manu0601 ( 2221348 ) on Wednesday January 09, 2019 @08:30PM (#57934770)
    Now that everyone knows sysadmin Cristian Rodriguez betrayed drug cartel, I wonder what is the plan to keep him alive.
    • Re: (Score:1, Interesting)

      by Anonymous Coward

      Witness Protection. Unlike the movies, it generally doesn't result in people getting killed after the fact.

    • by Anonymous Coward

      They will just him and his family another name, move him to like Montana or whatever, and that will be that. Hopefully they give him enough cash to make turning on the bad guy actually profitable instead of just "enjoy this harsh cold pseudosiberia" or whatever.

    • by AHuxley ( 892839 )
      The networks will go back to the old ways. A week round trip for a message by using a human.
      Face to face messages for the long term strategic planning.
    • From the QOTD below: ""Security is mostly a superstition. It does not exist in nature... Life is either a daring adventure or nothing." -- Helen Keller"

      I guess he's opted for the daring adventure.

    • Comment removed based on user account deletion
  • License key, eh? (Score:5, Insightful)

    by bill_mcgonigle ( 4333 ) * on Wednesday January 09, 2019 @08:39PM (#57934838) Homepage Journal

    Fascinating that this kind of organization trusts proprietary software. Too easy to sneak in back doors.

    But I guess if this shop were well run the headlines wouldn't be what they are.

    • If your sysadmin has flipped, it doesn't matter if RMS wrote all the software himself.
    • Dude, the FBI compromised the sysadmin. I don't give a fuck if you use open source software, but if your sys admin is compromised by a "hostile" actor, then you're fucked.

    • by AHuxley ( 892839 )
      The Soviet Union faced a problem in the 1950's.
      They knew the NSA and GCHQ had total control over all emerging crypto computer systems.
      The Soviet Union had two option. Stay with a one time pad system and transport new codes all over the world using humans. Slow and not good for the vast numbers of longer messages
      Upgrade to a new computer system and allow communication at a mil/gov level like a normal nation.
      But have the NSA/GCHQ be part of all further crypto communications.

      The Soviet Union had to
      • by Megol ( 3135005 )

        The USSR did develop their own encryption standards (e.g. GOST), don't know what you are talking about.
        However in the 50's nobody used computer networks to transfer encrypted data so I _really_ don't know what you are talking about.

        • by AHuxley ( 892839 )
          Re "The USSR did develop their own encryption standards"
          That failed when the NSA and GCHQ could read along with the communications sent.
          Lots of nations had fast new methods to move transfer lots of encrypted data.
          All kinds of innovations to Teleprinters https://en.wikipedia.org/wiki/... [wikipedia.org] :)
    • How different would the outcome have been if they used open source software? Not much different. They flipped the admin. The proprietary license key renewal was a cover for something else that had been planned by the Feds. The admin could have easily sabotaged open source software requiring software to be "upgraded".
  • Your biggest security problem is always the human factor.

    This is why you keep the wife and kids of your sysadmin in a safe place.

  • They didn't crack anything at all, but rather got someone to hand over the private keys.

    That's not cracking. Just sayin'

  • The cryptography rarely is the weak link in the security chain. The Snowden papers revealed that the NSA carries out its chores most by social engineering and eavesdropping, not by scientifically breaking cryptosystems, and I think it is a safe bet that the same is true in the FBI.
  • So the system was so secure that it did not use public-key encryption between clients and had no provisions for perfect forward secrecy?

New crypt. See /usr/news/crypt.

Working...