this post was submitted on 26 Feb 2024
164 points (98.8% liked)

Privacy

31949 readers
518 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
all 29 comments
sorted by: hot top controversial new old
[–] delirious_owl@discuss.online 59 points 8 months ago

Ah shoot, it'll take them a whole month to recreate replacement accounts

[–] PoliticalCustard@lemmygrad.ml 43 points 8 months ago (1 children)

Interesting piece. It's a bit weirdly worded in that it suggests that the police shut the accounts when really it's Mega, Proton, Tuta who are closing the accounts. Presumably the police tell those companies which accounts are being used for illegal purposes and then those companies then close the accounts. I was a bit alarmed at first because it sounded like the authorities were closing the accounts when that's not really the case.

[–] LucidBoi@lemmy.world 23 points 8 months ago* (last edited 8 months ago) (1 children)

So the police provide the companies with addresses associated with illegal activities and the companies disable those accounts?

EDIT: This was a genuine question :p

[–] ResoluteCatnap@lemmy.ml 15 points 8 months ago (1 children)

Essentially. Police or anyone could report an account for illegal activity which is against ToS for all three of the services. From there the service would need to be able to substantiate the claim and then shut down the account. I've seen a few cases of proton accounts getting shut down. Proton can't read emails but they can read headers and if you've posted illegal activity in public using your proton email address or if law enforcement/ someone reports you for using proton for illegal activity then proton will be able to review headers to determine if you're violating ToS. Like a few years ago i think someone was using proton for ransomware, and proton was able to match the headers with emails that had been posted in public, and acct got shut down.

Unfortunately can't find that specific case but that was one example I've seen

[–] LucidBoi@lemmy.world 7 points 8 months ago

That sounds reasonable. Thanks for the explanation.

[–] ryannathans@aussie.zone 13 points 8 months ago

Tldr you aren't recovering your data

[–] bartolomeo@suppo.fi 7 points 8 months ago (2 children)

states the LockBit .onion site, now controlled by British officials.

How does one hijack a .onion site?

[–] catalog3115@lemmy.world 13 points 8 months ago (1 children)

You don't hijack a .onion site. You pwn the server which hosts .onion site. Give you full access to site. You hijack .onion because its very secure

[–] bartolomeo@suppo.fi 3 points 8 months ago (3 children)

I see. How do you trace a .onion site back to it's server?

[–] catnip@lemmy.zip 7 points 8 months ago

By pwning it. You dont have to find it to pwn it. You just have to be able to send data to it, which everyone can do because whats the point of having a server if noone can interact with it. The attacker just interacts with it in a way that manipulates it to execution attacker controlled code. So for a .onion website for example you find a vulnerability in the websites code and exploit it to make the server the website is running on do what you want.

[–] pineapplelover@lemm.ee 5 points 8 months ago (1 children)
[–] bartolomeo@suppo.fi 2 points 8 months ago (1 children)

Can you elaborate? Is the server address stored in some open source?

[–] pineapplelover@lemm.ee 4 points 8 months ago (1 children)

Nah nothing like that. I mean that they're sharing info to friends willy nilly and some cops got wind of it. That's kinda what happens to some of the dark web guys who get caught. It's very rarely something very technical it's just their own idiocy for reusing emails, transferring funds incorrectly making it traceable, Delivering sus packages all at once to usps

[–] bartolomeo@suppo.fi 1 points 8 months ago

Oooh, right.

[–] catalog3115@lemmy.world 4 points 8 months ago

In simple terms you can't trace back the server useless the webadmin did some stupidity or vulnerability

[–] BaumGeist@lemmy.ml 2 points 8 months ago

Outside of controlling and rewriting the protocol: steal the keys used to generate the route or take over control of the server that hosts it

[–] Tangent5280@lemmy.world 1 points 8 months ago (1 children)

Is threcord.media down? Showing host issues on cloud fare for me.