• Starting today August 7th, 2024, in order to post in the Married Couples, Courting Couples, or Singles forums, you will not be allowed to post if you have your Marital status designated as private. Announcements will be made in the respective forums as well but please note that if yours is currently listed as Private, you will need to submit a ticket in the Support Area to have yours changed.

  • CF has always been a site that welcomes people from different backgrounds and beliefs to participate in discussion and even debate. That is the nature of its ministry. In view of recent events emotions are running very high. We need to remind people of some basic principles in debating on this site. We need to be civil when we express differences in opinion. No personal attacks. Avoid you, your statements. Don't characterize an entire political party with comparisons to Fascism or Communism or other extreme movements that committed atrocities. CF is not the place for broad brush or blanket statements about groups and political parties. Put the broad brushes and blankets away when you come to CF, better yet, put them in the incinerator. Debate had no place for them. We need to remember that people that commit acts of violence represent themselves or a small extreme faction.

  • We hope the site problems here are now solved, however, if you still have any issues, please start a ticket in Contact Us

Calling Puter Geeks

Jump to latest Follow Reply
Sort by date Sort by votes
eastcoast_bsc

eastcoast_bsc

Veteran
Mar 29, 2005
19,296
10,782
Boston
✟394,552.00
Faith
Christian
OK maybe I am missing something. CIA Director George Patreus and his Mistress were purported to have used "sophisticated methods to hide their IP addresses. But the FBI was able to catch her IP address.

They used a method that terrorists and spooks use. They create a drop box. Which is simply an e-mail account o file they both have access to. If it an e-mail account, the mail is never sent, but can be read from the draft box or if it is a file, they would both have access to it and communicate without allegedly leaving an IP trail.

My question to fellow Geeks, would a TOR server be safer ? Or does the GOVT. have a backdoor to them ? The methods they chose seemed sort of juvenile, and I thought that the head of the CIA would be more sophisticated. It leaves me blown away. I am almost embarrassed to think that I would be more secure and hide my tracks.



https://www.torproject.org/
 
MikeK

MikeK

Traditionalist Catholic
Feb 4, 2004
32,104
5,649
Wisconsin
✟105,821.00
Faith
Catholic
Marital Status
Married
I don't know the answer to your questions because I'm cool and I like girls, not video games....

....but I'm not shocked that Patreus didn't know a lot about cyber security on the local level. That was never really his job, he's spent the last 25 years being an administrator, not a technician, engineer or scientist.
 
Upvote 0
pgp_protector

pgp_protector

Noted strange person
Dec 17, 2003
51,914
17,818
57
Earth For Now
Visit site
✟475,111.00
Gender
Male
Faith
Christian
Marital Status
Widowed
Politics
US-Others
So much depends on what they're allowed to do on the computers.
If they're not locked down, Tor might of been a better solution.
Though I'd use a USB Bootable Live Linux with Tor that way nothing is left on the computer. But you can only do that if the Hardware allows booting from external devices, and a good IT Department would prevent that on office computers.

But add to that some good encryption software (Also ran from the USB Drive) and oh I don't know, NOT USING WORK COMPUTERS OR WORK NETWORK :doh:
 
Upvote 0
eastcoast_bsc

eastcoast_bsc

Veteran
Mar 29, 2005
19,296
10,782
Boston
✟394,552.00
Faith
Christian
pgp_protector said:
So much depends on what they're allowed to do on the computers.
If they're not locked down, Tor might of been a better solution.
Though I'd use a USB Bootable Live Linux with Tor that way nothing is left on the computer. But you can only do that if the Hardware allows booting from external devices, and a good IT Department would prevent that on office computers.

But add to that some good encryption software (Also ran from the USB Drive) and oh I don't know, NOT USING WORK COMPUTERS OR WORK NETWORK :doh:
Click to expand...


I was about to mention a USB, but not necessarily Linux. One can easily access the Bios, we never lock them down and I work in IT. Or you use the bootable USB at a neutral location.

Maybe I romanticize the Spooks, but it seems they should have known better. ????
 
Upvote 0
Fish and Bread

Fish and Bread

Dona nobis pacem
Jan 31, 2005
14,109
2,389
✟75,685.00
Gender
Male
Faith
Christian
Marital Status
Single
Politics
US-Democrat
Someone in his position probably assumed that his traffic was at least being casually monitored as a matter of routine. Maybe not at a level that would really get into the contents of e-mails or details, but maybe just in a casual way that would look for "red flags" in terms of the type of traffic that was coming through (For example, to detect if something on his computer was routinely sending something to a KGB server, or whatever the Russian intelligence agency is called these days, because it had been compromised by a specialized piece of Russian malware, or anything along those lines, but to not check on the details if his computer was doing something like contacting ESPN's servers, which would be assumed to be benign.).

The second he'd start using proxy servers or TOR servers or whatever, even if they shield him better from people seeing details of his communications, that might instantly send a red flag up that he's hiding something, and could trigger an investigation into whether or not he'd been compromised in some way. So, assuming that's the way they operate and assuming that he knew that (And you'd expect he would), he might have been intentionally using a less secure method of communication so as not to send up such a red flag. Without an active investigation on-going, maybe standard procedure is not to read personal e-mails and that sort of thing if the nature of the traffic looks non-suspicious-- i.e. "Oh, the General is using a personal Gmail account in the clear, no big deal there, probably just chatting with friends".

Another possibility is that the technical details of exactly what he was doing to avoid getting caught and how he was caught are being altered for public consumption. Intelligence agencies probably don't want the general public worldwide to know exactly what they can crack and what they can't, what triggers investigations, how they conduct such investigations, and so on and so forth. It'd make sense to "rewrite" the details so that you're not revealing something the entire world doesn't already know, and simply telling them something they already do know- which is that Gmail is not exactly designed with privacy in mind, and that the government pretty much has open access to it.

It's entirely possible that the General *was* doing a bunch of complex things to hide his communications with his mistress, and that those details are all classified for reasons of national security (i.e. it'd impede future investigations if people knew what methods were used to hide things and which of those methods were crackable by investigative agencies). So you put out a story about G-mail instead that conveys the general point of what happened to the public without compromising national security by getting too specific.
 
Last edited:
Upvote 0
A

Ad4m

Newbie
Nov 9, 2012
64
4
Czech Republic
✟22,699.00
Faith
Lutheran
Marital Status
Married
Personally I would never have used email in the first place. The best solution (instead of hiding your IP) which never really works anyway, I would create a secure TCP/IP tunnel to either send files (.txt) to another computer anonymously or I would link the tunnel to a secure back end of a basic terminal based (linux shell) Chat IM.
 
Upvote 0
eastcoast_bsc

eastcoast_bsc

Veteran
Mar 29, 2005
19,296
10,782
Boston
✟394,552.00
Faith
Christian
Ad4m said:
Personally I would never have used email in the first place. The best solution (instead of hiding your IP) which never really works anyway, I would create a secure TCP/IP tunnel to either send files (.txt) to another computer anonymously or I would link the tunnel to a secure back end of a basic terminal based (linux shell) Chat IM.
Click to expand...

But can't they hijack the packets and decrypt ? :D Just saying. They say the drop box is as common method that various groups use. I also read that they use the TOR servers. That way they don't find the originating IP address.

But encryption makes sense, but if they know that a tunnel is set up, they then know something is being hidden. Just doing the Socratic on myself.
 
Upvote 0
A

Ad4m

Newbie
Nov 9, 2012
64
4
Czech Republic
✟22,699.00
Faith
Lutheran
Marital Status
Married
eastcoast_bsc said:
But can't they hijack the packets and decrypt ? :D Just saying. They say the drop box is as common method that various groups use. I also read that they use the TOR servers. That way they don't find the originating IP address.

But encryption makes sense, but if they know that a tunnel is set up, they then know something is being hidden. Just doing the Socratic on myself.
Click to expand...

You can easily encrypt the files with AES256, nothing will break that kind of encryption easily. Yes they could very well intercept the packets if they knew, but the golden rule is.. don't let them know in the first place :)

Sure they can trace IP addresses, but it is the evidence they want and they won't have a very good story with a bunch of almost unbreakable AES files. Of course there is also TrueCrypt.. plausible deniability.
 
Upvote 0
H

holyorders

Miserable Pile of Secrets
Aug 27, 2004
2,477
187
45
✟3,631.00
Faith
Catholic
Marital Status
Single
Politics
US-Others
The most secure way for them to communicate would have nothing to do with anything IT. There are several pre-paid cellphones (like the "Go" phone) that they could of used and continued to replace (to prevent sniffing of the phones). Sadly this is how most drug deals are done in the US.

Anyway all this stuff is interesting because I am studying for my Comptia Security+ Certification.
 
Upvote 0
eastcoast_bsc

eastcoast_bsc

Veteran
Mar 29, 2005
19,296
10,782
Boston
✟394,552.00
Faith
Christian
Ad4m said:
You can easily encrypt the files with AES256, nothing will break that kind of encryption easily. Yes they could very well intercept the packets if they knew, but the golden rule is.. don't let them know in the first place :)

Sure they can trace IP addresses, but it is the evidence they want and they won't have a very good story with a bunch of almost unbreakable AES files. Of course there is also TrueCrypt.. plausible deniability.
Click to expand...

Makes sense. I do mostly server and desktop support, that level, but I am working on my security and virtual server certs. I like security.

So I called a former friend and colleague , who works in security. He said that the TOR Server with encryption, preferably 256 Bit would be as good solution, another that had, I think three keys, sort of a tunneling protocol with encryption.

I just thought, that the head of intelligence would be a bit more astute. :doh:
 
Upvote 0
You must log in or register to reply here.

Similar threads

Say it aint so
I'll take "what autocrats do" for $200 Alex.
Replies
3
Views
207
American Politics
Richard T
R
zeland2236
"TIME"
Replies
3
Views
193
The Junk Drawer
RileyG
RileyG
essentialsaltes
‘Traditional family values’ Michigan lawmaker Bryan Posthumus appears in adult hookup sites
Replies
8
Views
701
News & Current Events (Articles Required)
Tinker Grey
Tinker Grey
snowbound
Biblical evidence Islam is the Beast
Replies
5
Views
339
Eschatology - Endtimes & Prophecy Forum
Douggg
Douggg
Michie
Ten observations about the Eucharist-at-ICE incident in Illinois
Replies
1
Views
506
One Bread, One Body - Catholic
chevyontheriver
chevyontheriver
Top Bottom
Jump to latest Follow Reply
Jump to latest Follow Reply