WingNews

gpm|1 year ago

They probably have/will, though we are unlikely to find out what they get unless they manage to arrest/charge/try him.

Jia Tan probably used a vpn though - we know that they did for accessing IRC (source: https://boehs.org/node/everything-i-know-about-the-xz-backdo...)

cft|1 year ago

Most (but not all ) VPN providers keep logs and payment info that are subpoenable. You could use something like Mulvad with Lightning Network payments, but I am not sure that even that is fully anonymous.

The Witopia VPN that he used for IRC [1] is US based: https://www.personalvpn.com/contact-us/ and they don't mention neither LN payments nor not keeping logs.

1. "~jiatan@185.128.24.163" https://boehs.org/node/everything-i-know-about-the-xz-backdo...

tobyp-|1 year ago

Considering what the account was up to I sincerely doubt it was being used without Tor or a VPN.

chgs|1 year ago

This article asserts some opsec failures - time zones switching when they shouldn’t etc.

It’s quite plausible that they didn’t manage perfect vpn usage every single time.

arp242|1 year ago

Probably; but ask Ross Ulbricht how easy it is to screw that up.

The thing is you only need to make a mistake once.

champtar|1 year ago

The ssh public key might also be interesting, given the opsec failures, they might have used it for other accounts / at other providers

pquki4|1 year ago

Not going to be useful if they consistently used a VPN to access GitHub. But people make mistakes sometimes.

earslap|1 year ago

history shows that it is generally very hard to not slip up here and there, especially if you are not expecting to be a huge target.

BlueFalconHD|1 year ago

If a US gov. agency is "Jia Tan" then this might not happen.

unknown|1 year ago

[deleted]

xuki|1 year ago

But Sir The Calls Are Coming from Inside the House!

BlueFalconHD|1 year ago

this [1] but with handcuffs

[1] https://i.redd.it/obvqaa0lhn841.jpg

unknown|1 year ago

[deleted]

(no title)

discuss