DOJ's Latest Child Porn Site Takedown Shows Encryption Isn't Really Stopping The Feds From Fighting Child Porn
from the welcome-to-basic-detective-work dept
The DOJ just delivered a counterargument to its own anti-encryption rhetoric. Attorney General William Barr, Deputy AG Jeffrey Rosen, and FBI Director Chris Wray recently spent some time decrying the increasing use of encryption to secure personal communications.
The latest attack on encryption was prompted by Facebook’s announcement that it would be adding end-to-end encryption to its Messenger service. Three governments (US, UK, Australia) joined forces to tell Facebook it was wrong. They promised Facebook’s inability to snoop on its users’ messages would allow thousands of child porn producers and consumers to escape justice.
And yet the DOJ, FBI, and others are still managing to track down and arrest criminal suspects — all without having access to encryption backdoors or compromised communication services. As Jason Koebler reports, another child porn investigation has led to the takedown of a dark web site.
The Department of Justice announced on Wednesday that it has seized and shut down Welcome to Video, one of the world’s largest dark web child porn websites in a worldwide law enforcement action.
Law enforcement has arrested 337 alleged pedophiles in 38 countries around the world and has rescued 23 children from abusive situations as part of the operation, the DOJ said in a press conference on Wednesday.
No backdoors were needed to track down the owner of the server or hundreds of the site’s visitors. For that matter, the FBI didn’t even need a warrant. The FBI did not deploy its infamous NIT (Network Investigative Technique) to track down site users. The flaw was the payment system linked to the site. Users may have thought their Bitcoin transactions couldn’t be traced back to them, but they were wrong.
According to an indictment, law enforcement was able to track users of the site on the blockchain not because of the design of Bitcoin itself, which is pseudonymous, but because “virtual currency exchanges were required by US law to collect identifying information of their customers and verify their clients’ identities.”
Many financial records are third-party records. No warrants needed. Investigators sent Bitcoin to the child porn site’s wallet multiple times, managing to suss out the wallet’s owner. Somewhat conveniently, the owner’s phone number and email account were listed with the exchange. Investigators then began digging up info on other users who were sending Bitcoin to the same wallet, using the mandated data collection to unmask site visitors. Coinbase was handed a subpoena and Coinbase handed over users’ info.
The DOJ’s overwrought anti-encryption arguments aside, there’s another concerning aspect of this investigation — one the DOJ is far less willing to discuss. As Koebler points out, the DOJ apparently let the site operate for months, if not years, to track down as many site visitors as possible.
The indictment [PDF] indicates investigators were aware of the site’s existence since 2015. At some point between then and the operator’s arrest in March of 2018, investigators purchased site credits and downloaded child porn. The indictment does not say when the DOJ took control of the site and/or shut it down. It doesn’t appear the FBI or any other law enforcement agency continued to run the site after its seizure (as the FBI has done in other cases), but it is disturbing multiple law enforcement agencies felt it was better to leave the site up and running — and victimize more children in the process — than shut it down as soon as possible with the understanding some site visitors might escape prosecution.
The facts of this case undermine the DOJ’s assertions about the necessity of encryption backdoors to successfully investigate and prosecute child porn producers and distributors. This case even undercuts its arguments about cellphone encryption, as the FBI’s testimony [PDF via Cyrus Farivar] shows it didn’t have to make any effort at all to access the contents of an arrestee’s phone.
Q. Did he have a cellphone on him at the time you encountered him?
A. Yes.
Q. Did you seize that?
A. Yes.
Q. Did he voluntarily provide the password —
A. Yes.
Q. — passcode to it?
A. Yes.
Encryption isn’t the roadblock the DOJ’s rhetoric makes it appear to be. It may make some investigations more difficult, but it certainly doesn’t make them impossible. The DOJ can still protect children without making communications less secure for millions of people. It’s not zero sum. It’s a tradeoff — something the DOJ is familiar with. It trades the continued exploitation of children for a few more prosecutions when it takes on child porn sites. If it’s willing to allow children to be hurt to save children, you’d think it would be a bit more cautious when suggesting the public should give up its security in exchange for the DOJ’s idea of “public safety.”
Filed Under: child porn, doj, encryption, fbi, investigations
Companies: welcome to video
Comments on “DOJ's Latest Child Porn Site Takedown Shows Encryption Isn't Really Stopping The Feds From Fighting Child Porn”
There was a comment from the cop who arrested the 13 year old for making a finger gun that I think is at the heart of this.
Overland Park Police Chief Frank Donchez insists that his officer did absolutely the right thing when he handcuffed and arrested a Shawnee Mission eighth-grader who formed her fingers into a pretend gun and aimed at her classmates.
“I’ll take the heat all day long for arresting a 13-year-old,” Donchez told The Star this past week. “I’m not willing to take the heat for not preventing a school tragedy.”
In a climate of heightened fear, where people wonder which school in suburban America will be the scene of the next mass shooting, that sort of vigilance makes sense to some.
Not willing to take the heat for not preventing it.
Because fingers guns lead always to real guns.
They are TERRIFIED they will miss the next twin towers attack if they can’t look at every single thing they come across.
I’m reminded of "Thin Thread" which only needed a little information & when run after the fact would have identified the 9/11 hijackers, which was replaced with a much larger sinkhole of information where we don’t see them coming but we totally can construct a file of all the things we missed after the fact.
They fear the unknown.
We need to look in every phone, every hard drive… just to be safe. Because if something bad happens, it’ll be their ass for not having recruited the Amazing Kreskin to read their mind before hand.
They think the answer is more data added to the giant haystack of worthless crap that only cost us some of our rights for them to gather, but if they manage to stop 1 low iq person lead astray by a CI it was all worth it.
We can never be 100% safe & anyone who promises you that is lying. We can do something things to lower risks, but nothing will be 100%. We need to stop freaking out about possibilities & imagined dangers. 1 horrible event with a bodycount lower than a lot of preventable things in this country gets all of the attention and cash… b/c they promised us it would never happen again.
Somehow we hold them to those promises but not the promises to lower our taxes, provide better services, help the poor & needy, improve infrastructure. We need to let them off the hook for the stupid promise & tell them to stop wasting cash on chasing boogeymen.
Why should they care about hurt children?
Advancement in the DOJ is based on numbers of successful prosecutions, not rescued children.
Re: Why should they care about hurt children?
THAT is the problem.
delay in shuttering service
I think it depends greatly on how long the FBI let it stay up after seizing it and why it was left up.
If the second you identify a CP site and cause a shutdown then the people using it will flee to other sites and you will have missed some easy targets to arrest. Also they might have left it up till they could better identify and rescue some of the victims.
However if they left it up for months or years without trying to develop leads or rescue victims that would be terrible.
This case doesn’t have the same nasty feeling of corruption like the playpen incident where they deployed the NIT without correct authorization, improved the site, and left it running for a while.
So I might be willing to cut them a little more slack leaving the site up depending on why they left it up.
For sure, criminals use encryption to hide their activities from the authorities. You know what else criminals use: closed doors, window shades pulled down, light switches turned off, basements where they can hide from the authorities, and cars. Many use cars. Where does it end?
Re: Re:
Criminals also hide thing from the public with cloths
Re: Re: Re:
Who can say how many flashers remain uncaught because they were wearing coats?
Re: Re: Re: Re:
Old day flashers didn’t wear coats! They’d just show up in their birthday suits, a broad smile and running to all get out!
Re: Re: Re:
The police shot an unarmed, fleeing, naked man. Not even a lack of clothes will protect you.
Re: Re:
Criminals hide from authority within positions of authority. Clearly we need to abolish positions of authority.
".. would allow thousands of child porn producers and consumers to escape justice."
They let Epstein and friends slide for a very long time and now it does not look as though they are going to do anything at all other than the typical deflect and project. If the so called justice department wants any credibility at all, and at this point I doubt it, they should stop the hypocritical bullshit immediately.
Re: Re:
Because the people deciding how much their budget should be only care about awards & wins.
This encourages them to pick off the low hanging fruit & pile on charges.
The IRS flat out admitted they only audit us poor folks because rich people can fight back, so they don’t bother.
My favorite, Goldman Sachs got a pass for destroying the economy b/c the guy in charge decided it would be to hard to win. (The fact he left his job & landed at GS in a cushy job afterwards in no way should be viewed as a horrific thing where it looks like he was offered a golden parachute to just say oh to hard so we won’t even try.)
Rewarding only wins is stupid, but we need easy metrics.
Imagine what might happen if they got close to convicting one of the high and mighty… that might cause a ripple that oh shit they are coming after us. But instead we need slam dunks so nothing improves, the untouchable stay untouchable.
Leave your doors open
It makes it easier for cops to do wellness checks and arrest criminals. What do you have to hide?
Re: Leave your doors open
The cops battered wife!
Re: Re: Leave your doors open
Dont forget it could also be to the cops husband.
I would like some to explain to me how one can determine which set of ones and zeros in a file are legal and which set illegal.
If I have a data file created by an application and I open that data file in a image viewer application and the image viewer shows some bad pictures is that set of ones and zeros legal or illegal?
Re: Re:
Very generally, the law uses language like "an image depicting" this provides an umbrella for prosecutors to work with establishing (with a judge and jury) the Jurisprudence for the subject.
Re: Re: Re:
I bet the feds have the largest collection in the world of those 1s and 0s. Its not like anyone has ever seen them burning piles of it.
Re: Re: Re: Re:
What happened to those ten children from Canada that were taken by british royalty that they were found guilty of by european court? Pizzagate? All swept under the rug…
Re: Re: Re:2 Re:
Drain the swamp? I knew that was pure bullshit.
Re: Re:
If a child was abused for the purpose of generating that sequence of ones and zeroes, it’s illegal. If not, it’s (probably) legal.
Re: Re: Re:
I would consider Chris Wray’s existance to be abusive.To both children and adults.
So if I take a picure of a childs reaction to exposure to the existance to Christ Wray (Something I’d never do in real life… I think that’d just be too cruel) that would count as illegal.
What bothers me about this article is that the U.S. government requires potentially identifying information to be collected about BitCoin. The gut reaction to this story is "Yea! They tracked BitCoin and arrested a bunch of pedophiles!", but if it can be tracked for that, it can be tracked for anything. So this can be used to track down people for other purposes as well. Like cooperating with a foreign government to track down people that government doesn’t like.
Normally that shouldn’t be a problem as the U.S. shouldn’t be helping other countries track down their political enemies, but with the current administration, I wouldn’t be surprised to see them tracking down Putin or MBS’s enemies for them.
If the US didn’t set up a giant man-in-the-middle machine to serve warrants decades ago I would be really really surprised. The DOJ is either full of it (probably) or they’re complaining about encryption using shared secrets exchanged offline that protects against MITM. (or they don’t want good encryption by foreign nations where they don’t have the giant mitm machine set up) If they have access to the line they should be able to intercept the communications generally still.
I guess they could be complaining about encryption on mediums not conducive to mitm attacks such as on your local hard disk, and other non-network communications but there is no reason that most communications between anonymous people over the internet can’t be intercepted.
i generally like Tim’s articles. Or, rather I appreciate the grim necessity for them. But he occasionally goes a step too far. A premise of the article is that busting the site right away minimizes child harm, but an obvious argument to the contrary could easily be anticipated. I would prefer TechDirt to explore entire issues and not just make arguments.
Re: Re:
I went backwards and there is just enough information to read.
The ever so humble DOJ need lots of foreign agencies on board.
The ability to cooperate in this while children ….
I will speculate that every country got what it needed to fight their local sites or citizens using such sites.
The link to the bitcoin tool lists countries. No mater what I think Tim has it right, however, when there are many agencies involved in taking down adults from everywhere that is impossible. This site probably had pointers to big number of small sites.
It is possible to find where the server is.
With a program like BeeThink, you can find the ip of the server, if you examine the traffic carefully.
During the SOPA fight, I considered giving a big f you to copyright maximalist by starting a .onion streaming site, but after some tests, I gave it up when Beethink showed my ip address, even through Tor
That is how the Feds took down Silk Road, they used something like BeeThink to get the ip of the server.
That is likely how the found Welcome To Video
DOJ is so humble
Nothing New — Follow the money.
Site in Korea.
Bummer now every country will be involved. YES! That is the only way to get these animals.
If this level of cooperation is preserved then there is hope that children will be saved.
The Tool:
https://blog.chainalysis.com/reports/chainalysis-doj-welcome-to-video-shutdown
And each country gets to go on TV and say I got the monster.
Remember this the next time Lawmakers or DOJ or Whatever says it needs to weaken security or BuzzWordOfTheDay to find/catch/arrest child porn sites.
Please note : 2015 to 2018 is how long the site was allowed to operate in order to collect all the data possible.
Personal Point: My dead spook father could handle this. He loved East Berlin and all that insanity but it was part of his job too.
Living day2day with this makes post war Berlin a Disney theme park. There is no way to fix the adult users except 9mm bad dog method. Glad that is not my problem.
Another reason he got caught
The other reason Woo was caught was because he was naive enough to not conceal his origin IP addresses. All these cops had to do to know where Woo was from was to right-click the page and click “View Page Source.” Not the sharpest tool in the shed!