Discussion in 'privacy general' started by ronjor, Apr 26, 2012.
I remember the "American Greed" episode that featured a major hacker on a Carder site. They caught him because a trusted friend turned on him. They could never find him until that happened. He would always rent a hotel room in a major city and then hack into multiple networks so nothing ever came back to him. In the end he got what he deserved! He is now behind bars.
I've seen that episode as well. As far as I was able to deduce (although they did not say this directly and intentionally avoided giving out more info), the hacker used TrueCrypt for disk encryption and the authorities managed to get to his encryption key via a cold boot attack.
I NEVER heard TC mentioned and I have wondered about this for awhile now. At this point how did you "deduce" that TC was used? I know the guy was a linux guru and used linux for almost everything.
I also remember that the guy's "friend" told the Feds that he had encryption in place. It took months of preparation by a major Fed team to accomplish whatever it is that they did to gain access. Had they been unaware of his configuration they would have busted him and come up empty. So much for a good friend huh?
I would just love to know how they did it for my own learning. I hope I never have that much "smoke" looking for me. LOL!!
The hacker did mention that he had a certain program in place which would turn his entire hard drive into "nothing more than a brick" after it has been turned off. His "friend" also mentioned that the hacker had a dead man's switch (I'm assuming it's something that would immediately shut down the computer). Then we are shown the feds taking advice from a group of encryption experts.
After that the FBI raid the hacker's safe house, who I assume managed to hit the dead man's switch (otherwise the hacker's later statement that "the FBI has got some pretty smart people over there" wouldn't make sense). Then we are shown a black computer screen, or during POST (not sure right now) and some hand is inserting a CD into the computer's drive. This leads me to believe that they turned on the computer immediately and used some boot CD to dump the RAM contents (which will still include the encryption key for even a minute after the PC has been shutdown, and for much longer if the RAM units are cooled down).
Separate names with a comma.