Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Feds Cracked El Chapo's Encrypted Comms Network By Flipping His System Admin (gizmodo.com)

Posted by BeauHD on from the flip-of-a-switch dept.

With signs that the New York trial of notorious Mexican drug lord and alleged mass murderer Joaquin "El Chapo" Guzman is entering its end phase, prosecutors on Tuesday played copies of what they said were audio recordings of Guzman the FBI obtained "after they infiltrated his encrypted messaging system" with the help of Colombian and former cartel systems engineer Cristian Rodriguez, Reuters reported. Gizmodo reports: As has been previously reported by Vice, Colombian drug lord Jorge Cifuentes testified that Rodriguez had forgot to renew a license key critical to the communications network of Guzman's Sinaloa Cartel in September 2010, forcing cartel leaders to temporarily rely on conventional cell phones. Cifuentes told the court he considered Rodriguez "an irresponsible person" who had compromised their security, with a terse phone call played by prosecutors showing Cifuentes warned the subordinate he was in "charge of the system always working."

But on Tuesday it was revealed that the FBI had lured Rodriguez into a meeting with an agent posing as a potential customer much earlier, in February 2010, according to a report in the New York Times. Later, they flipped Rodriguez, having him transfer servers from Canada to the Netherlands in a move masked as an upgrade. During that process, Rodriguez slipped investigators the network's encryption keys. The communications system ran over Voice over Internet Protocol (VoIP), with only cartel members able to access it. Getting through its encryption gave authorities access to roughly 1,500 of Guzman's and other cartel members' calls from April 2011 to January 2012, the Times wrote, with FBI agents able to identify ones placed by the drug lord by "comparing the high-pitched, nasal voice on the calls with other recordings of the kingpin, including a video interview he gave to Rolling Stone in October 2015."

21 of 111 comments (clear)

  1. Biggest security vuln by phantomfive · · Score: 4, Interesting

    In every organization, there's always someone who has too much access. And there's not really a good way to avoid it.

    --
    "First they came for the slanderers and i said nothing."
    1. Re:Biggest security vuln by ShanghaiBill · · Score: 3, Insightful

      Indeed. If the possibility of a horrible violent death for you and your family does not keep you loyal nothing will.

      Especially now knowing that the FBI will rat out their informers.

    2. Re:Biggest security vuln by phantomfive · · Score: 2, Insightful

      "Don't talk to the cops" is doubly true for the FBI, whether as an informer, a suspect, or even as a decent human being. Those guys are rather messed up.

      --
      "First they came for the slanderers and i said nothing."
    3. Re:Biggest security vuln by Rockoon · · Score: 2

      The FBI is far more professional and less likely to...

      I was expecting you to say "DOX THEIR INFORMANTS" because, you know, thats what you were trying to refute.

      Meanwhile, TFA is about the FBI DOXing one of their informants.

      --
      "His name was James Damore."
    4. Re:Biggest security vuln by phantomfive · · Score: 2

      Bro you need to watch this and educate yourself. Please don't comment again until you at least skim through that and see the 10 reasons not to talk to a cop.

      --
      "First they came for the slanderers and i said nothing."
  2. FBI and encryption by dlleigh · · Score: 5, Insightful

    This shows that the FBI doesn't need to force key escrow or any other form of weakened encryption on the public.

    If they really want the crypto keys, they can get them.

  3. always, always pay lots of $$$ to your sysadmins! by kiviQr · · Score: 2

    ...they never learn!

  4. chingados consultants, man! by Jahoda · · Score: 4, Funny

    Colombian drug lord Jorge Cifuentes testified that Rodriguez had forgot to renew a license key critical to the communications network of Guzman's Sinaloa Cartel in September 2010

    I mean, Jesus H. Christo - it is goddamned *tough* to find competent IT support. If they can't do it with automatic weapons and methamphetamine torture parties, what hope do the rest of us have?

    1. Re:chingados consultants, man! by Gravis+Zero · · Score: 3, Insightful

      I mean, Jesus H. Christo - it is goddamned *tough* to find competent IT support. If they can't do it with automatic weapons and methamphetamine torture parties, what hope do the rest of us have?

      Offer a good wage and free skills training and you can find lots of competent IT people. Be a cheap bastard and shun people because of their age and you get what you get.

      --
      Anons need not reply. Questions end with a question mark.
    2. Re:chingados consultants, man! by Opportunist · · Score: 2

      Why do you think a drug cartel works any different than the average corporation? Having a budget of millions just for brib... political donations don't mean that you waste more than a dime on the guy running your IT.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  5. Obligatory by Nkwe · · Score: 2

    Obligatory xkcd

    1. Re: Obligatory by Nkwe · · Score: 2

      You're an idiot.

      If you don't see how the referenced xkcd is relevant to a compromised sysadmin, I doubt your qualifications to evaluate idiocy.

  6. Re:RIP System Admin by NicknameUnavailable · · Score: 4, Informative

    0) It makes it harder to flip people in the future when he turns up strung up by his intestines after having his penis flayed off and stuffed down his throat along with his fingers and toes with evidence it all happened while he was still alive and conscious.

  7. How to survive that? by manu0601 · · Score: 5, Insightful

    Now that everyone knows sysadmin Cristian Rodriguez betrayed drug cartel, I wonder what is the plan to keep him alive.

    1. Re: How to survive that? by AHuxley · · Score: 4, Funny

      +1 for computer repair shop in Montana.
      The only shop in the village that can support a middle class lifestyle doing working class electronics repair work.

      --
      Domestic spying is now "Benign Information Gathering"
    2. Re:How to survive that? by DigiShaman · · Score: 2

      Turn Amish and blend in. His only chance now is a 2nd life as someone completely different. New identity and everything!

      --
      Life is not for the lazy.
  8. License key, eh? by bill_mcgonigle · · Score: 5, Insightful

    Fascinating that this kind of organization trusts proprietary software. Too easy to sneak in back doors.

    But I guess if this shop were well run the headlines wouldn't be what they are.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    1. Re:License key, eh? by darkmeridian · · Score: 2

      Dude, the FBI compromised the sysadmin. I don't give a fuck if you use open source software, but if your sys admin is compromised by a "hostile" actor, then you're fucked.

      --
      A NYC lawyer blogs. http://www.chuangblog.com/
  9. Re:RIP System Admin by CohibaVancouver · · Score: 2

    Why would the announce that?

    Likely to override defense accusations of illegal wiretapping.

  10. Re:And that someone is always a sysadmin by phantomfive · · Score: 3, Funny

    Not everyone's like this. How do you find someone like that?

    --
    "First they came for the slanderers and i said nothing."
  11. underpaying, to keep the commoners common by astrofurter · · Score: 5, Insightful

    A long time ago I worked as a security sysadmin for a well known Wall Street company. As part of my work I was given access to the master passwords for ALL the financial systems.

    At the same time, they paid me so little (by Manhattan standards) that I had to live with two roommates. So obviously I was living far below a comfortable middle class lifestyle. While holding the master keys to a system that processed billions of dollars a day...

    As it happens, I was young, and I'm an honest man from a good family. So I did nothing dishonorable. But WHAT THE FUCK WERE THEY THINKING?

    Just goes to show that most rich folks are inbred half-wits who would be flipping burgers at McDonald's if they'd been born commoners like the rest of us.