clonedhuman@lemmy.world
on 21 Apr 19:50
nextcollapse
Investigators were alerted to his accounts after finding an unusually high number of log-ins and failed log-ins from an unfamiliar devices, locations, or networks. That information is tracked by Google, per the affidavit. Other unusual activity was traced through Payne’s VPN or network provider.
So, Google stopped him, and his VPN provider. I’d like to know who his VPN provider was.
Investigators were alerted to his accounts after finding an unusually high number of log-ins and failed log-ins from an unfamiliar devices, locations, or networks
I really don’t get that part. How did they make the connection?
Oh fair. I guess Google peeked into a suspicious account, saw messages, and alerted the police. Yeah dark.
partial_accumen@lemmy.world
on 21 Apr 21:52
collapse
I think the article is telling us in reverse order of discovery which makes it VERY confusing to parse:
As in:
Investigators from the Federal Bureau of Investigation’s Joint Terrorism Task Force retraced the roots of the digital messages Payne allegedly sent to the media outlets.
Okay, so where did the “digital messages” come from?
According to the affidavit, Payne used a Proton email address,
Okay, they knew the source of the message was Proton email. One subpoena of Proton later, they know the IP address(s) of the email client/app logging into Proton. So now they have a whole bunch of IP addresses of VPN exit nodes. So they reach out to the VPN provider:
Other unusual activity was traced through Payne’s VPN
So they ask the VPN provider to provide the origin address of the VPN logins, and come back to a cell phone (network) provider
or network provider.
So they ask the network provider to provide the info on the owner, except its a burner, so the provider doesn’t know. Hmm, okay so they know its coming from Burner Phone X, but not who owns Burner Phone X. Mr Google, Mr Microsoft, etc, do you have any activity from these Mobile phone company IP addresses at this time?
That information is tracked by Google
Ah! So Mr Google does. Anything stand out to you with the activity you’re seeing?
Investigators were alerted to his accounts after finding an unusually high number of log-ins and failed log-ins from an unfamiliar devices, locations, or networks. That information is tracked by Google, per the affidavit.
Okay, so its more than just than Burner Phone X accessing these Google accounts/sessions. Yes, the same web sessions/cookies were also used by devices belonging to another Google account, that of Payne.
Okay we’ve arrested Payne, could this just be an account/device hijacking and Payne be innocent? Well we also seized a rando cell phone with incriminating evidence on it. Could this have been planted?
Messages from his burner phone, too, matched the number Payne had listed in his personal contact info while applying for unemployment benefits in February.
So someone texted something at some point to text Burner Phone X. Who was that origin texter sending to Burner Phone X? Payne. So unlikely it was planted and more confirmation it was Payne sending the original threats.
ArchaicHuman@lemmy.world
on 23 Apr 03:25
nextcollapse
Thanks for the clarification. I read that paragraph several times and couldn’t make sense of it.
As someone who uses Proton, Signal and a VPN (always), it is concerning how easy it seemed to track this guy down. Granted I’m not doing stupid shit like this guy, but authoritarians have a broad definition of “stupid shit”.
Isn’t Proton based in Switzerland and could just tell them to shove the subpoena?
LastYearsIrritant@sopuli.xyz
on 23 Apr 12:52
collapse
So they ask the VPN provider to provide the origin address of the VPN logins, and come back to a cell phone (network) provider
A non-logging VPN provider should not be able to assist with this step.
partial_accumen@lemmy.world
on 23 Apr 13:21
collapse
Perhaps. I’ve always wondered if the VPN providers were playing games with semantics. It would be possible to not log, but still see events happening in real-time and report those. In the IT world “logging” is the capturing of events that occurred in the past. “Monitoring” is seeing events that are happening in real-time".
So a request could come in saying “when we see activity from IP X let person Y know what is happening”. The VPN provider would technically not be logging, but the activity of the user could still be tracked. Again, I’m not saying this is what happens at any of these VPN companies, I’m simply posing a series of events that could occur while the VPN companies statements would still be factual to their advertising claims yet result in the outcomes that customers specifically want to avoid. This is just a thought exercise. I have no evidence any of this happened.
DemBoSain@midwest.social
on 21 Apr 21:32
nextcollapse
Are you saying we all need to install a continually rotating VPN when we’re surfing the internet? As chaff?
I was under the impression most Tor exit nodes are suspected of being run by government entities.
Also, does Tor protect anonymity when browsing the Clear Web, or only while fetching .onions?
Sixtyforce@sh.itjust.works
on 22 Apr 01:17
collapse
I don’t know enough to know how severe a problem that is. Mainly I just see it as another added layer of obfuscation, nothing is perfect if it connects to the internet.
DemBoSain@midwest.social
on 22 Apr 11:58
nextcollapse
I don’t know…seems like an impossible task.
peaceful_world_view@lemmy.world
on 23 Apr 02:58
collapse
But some people could do with a good murdering though tbh.
partial_accumen@lemmy.world
on 21 Apr 21:39
collapse
My guess is that he was using his phone for tethering to a laptop, and he had a google account associated with his browser. So even though he was going through a VPN, it would show THIS SET OF CREDENTIALS logging in from all the different exit nodes of his VPN provider.
Alternatively, he could have logged into his Google account from the burner phone (not a good idea), or even just created a new Google account, which again, would show logins from a bunch of different exit nodes of his VPN provider.
anonApril2025@lemmy.zip
on 22 Apr 02:42
nextcollapse
partial_accumen@lemmy.world
on 21 Apr 20:03
nextcollapse
Messages from his burner phone, too, matched the number Payne had listed in his personal contact info while applying for unemployment benefits in February.
If you put your real name on it or associate that phone number with your name, then doesn’t that stop meeting the definition of a burner phone?
EDIT: I re-read the wording of the article, and I don’t think he used the burner phones number associated with his name as I posted before. The article says this:
"Messages from his burner phone, too, matched the number Payne had listed in his personal contact info while applying for unemployment benefits in February. "
It sounds like he used is REAL phone/number to apply for unemployment, but then at a later time he used is REAL phone to text a message to his burner phone. So the article is saying the “messages found on his burner phone” contained his REAL phone number. This would mean authorities would have had to have the burner phone in hand. So this wasn’t the way he was found, simply a way that it was confirmed it was him.
Sure he’s dumb but his failure gives an interesting insight into how wide the US dragnet on its citizens is. A mail address used to apply for unemployment has been indexed somewhere « just in case ». Nice.
Storage and indexing is cheap. From a usability perspective indexing makes sense: call centre staff can tell someone why their unemployment application has been denied/delayed etc.
From a security perspective, Google, Proton, and friends want to track failed login IPs so they can assign (internal) reputation scores to incoming requests.
It’s the sharing & cross enrichment that would bother me. That your unemployment office keeps a CRM with the info makes sense. That LEA has it all and more together with the gods know what else is what I would object to.
Same for how service providers store that info; there’s a fine line between storing enough and too much. Or too long. And not everything needs to be tied forever to the customer ; sometimes a hash or whatever does wonder for the legitimate purpose. Storing more is often « just in case I can market the data later » which I’m personally not agreeing with.
JohnnyCanuck@lemmy.ca
on 21 Apr 20:18
nextcollapse
There’s not enough info in here to know how Google was involved if he sent the emails from Proton. Proton absolutely does not cotton to illegal shit, and actionable threats would be up there with LEO compliance.
My guess is he was on a VPN and had logins from a Proton account, validated with a burner phone he kept, and was also logging on to a personal Gmail or using some Google service that identifies him while in the same VPN location. Proton and the VPN give up an IP address that corroborates to what Big G tracks to him.
Edit: even a no-log VPN would likely be compelled to confirm a user at an IP address at a certain time. That’s not a a “log” per se…
Idiot should have known to change his VPN location between instances and/or use TOR like a big boy, but mental health issues seem to be there driving force, not rationality.
SatanClaus@lemmy.dbzer0.com
on 21 Apr 20:56
collapse
Any good guides out there for actual privacy to avoid the pitfalls of ahem being an idiot (re: am idiot)
This is the laziest excuse possible for ceeding responsibility to everyone else.
Know the law in the jurisdiction in which you are physically located. Know the reasonable expectations of internet privacy.
If the law and you end up crosswise, and lawyering up isn’t a viable option because it won’t matter, that means you were fool enough to tempt fate in a place with no rule of law, no civil rights protections, and likely no reasonable expectation of privacy in the first place.
Zero trust means the only person responsible for you is you and anyone else you trust with your life. Whining about it doesn’t change anything.
djsoren19@lemmy.blahaj.zone
on 21 Apr 20:18
nextcollapse
Seems like this might be one of the first ones that actually was a bit of a leftist, considering the use of the term “Swasticar,” which is a little interesting. Funny how the crazies on the far right seem to consistently get to the point where they’re able to obtain a firearm.
partial_accumen@lemmy.world
on 21 Apr 21:56
collapse
Whats missing from the article is any kind of seized evidence that would show he had the means to actually carry out any of this threats. As in, could this just be a “talking tough” keyboard warrior? I’d expect they’d need to find lots of guns, poison, explosives, etc. There isn’t any mention of that kind of thing in the article.
Yeah, it says they’re charging him with something that has a max sentence of five years, seems like it would be a lot heavier if they could show he was planning to take action.
frustrated_phagocytosis@fedia.io
on 21 Apr 20:22
nextcollapse
Feels a bit disingenuous after pardoning January 6 convictions for people who not only made the threats, but showed up to do the job. Is threatening politicians not cool anymore? Does he need to make a choir sing patriotic songs or what?
INHALE_VEGETABLES@aussie.zone
on 22 Apr 00:14
nextcollapse
It would be pretty funny if the next president pardons the Tesla arsonists.
The consumers and non-voters are responsible for Trump though. They’re just as guilty as their fat orange cult leader.
kryptonianCodeMonkey@lemmy.world
on 22 Apr 00:21
nextcollapse
That’s an unhinged stance. People that bought a car without knowing what Elon was or would become are not morally responsible for enabling him. Intent matters. Most of them, im sure, just wanted an electric vehicle… the end. They do not deserve to be punished for Musk and Trump’s evils.
Killing people for how they vote is killing democracy. Those MAGA lunatics aren’t your enemy, they’re your fellow citizens who fell victim to radical propaganda. When the Trump regime finishes their coup, they’re going to be suffering just like the rest of us.
The way to solve the problem is to win them over, and show that a dictatorship is not good for America. Attacking Tesla and Musk is how you prevent other billionaires from supporting the MAGA hate cult, but it’s not how you win over MAGA voters. Taking it to the logical extreme by killing people isn’t going to make it work either.
I don’t know how to win all the MAGA people back, but I know violence won’t do it. If anything, it’ll cement their existing views.
“Those MAGA lunatics aren’t your enemy, they’re your fellow citizens who fell victim to radical propaganda.”
I live in Canada, they’re not “my” citizens. And as for not knowing how to win all the MAGA people back without violence, you simply can’t.
Not a single person who split from the MAGA cult did so by being convinced by their fellow citizens. Not one. It is their decision and theirs alone. They would have to be personally impacted by the consequences of Trump’s policies in order to see the error of their ways. But even then those are very rare cases.
Let’s look at the numbers. 62 million Americans voted for Trump in 2016, followed by 74 million in 2020 and 77 million last year. It only goes to show that the cult is growing in popularity. Again, you can’t win over these people with words. They can and most certainly will resort to murder and violence when backed into a corner. Fascism and violence are inseparable. And violent resistance to fascist violence doesn’t make you as bad as the fascist. Ask Bomber Harris.
RymrgandsDaughter@lemmy.world
on 22 Apr 01:34
nextcollapse
Bruh a declaration? 😒 I s2g social media has made people idiots
threaded - newest
They better be giving him a medal before releasing him to complete his mission…
Well, don't announce it in advance, ffs.
So, Google stopped him, and his VPN provider. I’d like to know who his VPN provider was.
I really don’t get that part. How did they make the connection?
You try to login to your google account with the right credentials from several different locations? Yeah that’s suspicious.
1-3 regular locations per account is a bit more normal
Suspicious to Google sure, but I don’t see how the authorities would get involved.
Oh fair. I guess Google peeked into a suspicious account, saw messages, and alerted the police. Yeah dark.
I think the article is telling us in reverse order of discovery which makes it VERY confusing to parse:
As in:
Okay, so where did the “digital messages” come from?
Okay, they knew the source of the message was Proton email. One subpoena of Proton later, they know the IP address(s) of the email client/app logging into Proton. So now they have a whole bunch of IP addresses of VPN exit nodes. So they reach out to the VPN provider:
So they ask the VPN provider to provide the origin address of the VPN logins, and come back to a cell phone (network) provider
So they ask the network provider to provide the info on the owner, except its a burner, so the provider doesn’t know. Hmm, okay so they know its coming from Burner Phone X, but not who owns Burner Phone X. Mr Google, Mr Microsoft, etc, do you have any activity from these Mobile phone company IP addresses at this time?
Ah! So Mr Google does. Anything stand out to you with the activity you’re seeing?
Okay, so its more than just than Burner Phone X accessing these Google accounts/sessions. Yes, the same web sessions/cookies were also used by devices belonging to another Google account, that of Payne.
Okay we’ve arrested Payne, could this just be an account/device hijacking and Payne be innocent? Well we also seized a rando cell phone with incriminating evidence on it. Could this have been planted?
So someone texted something at some point to text Burner Phone X. Who was that origin texter sending to Burner Phone X? Payne. So unlikely it was planted and more confirmation it was Payne sending the original threats.
Nice summary. Thank you for taking the time to create it.
That makes much more sense, I appreciate the explanation.
Thanks for the clarification. I read that paragraph several times and couldn’t make sense of it.
As someone who uses Proton, Signal and a VPN (always), it is concerning how easy it seemed to track this guy down. Granted I’m not doing stupid shit like this guy, but authoritarians have a broad definition of “stupid shit”.
Isn’t Proton based in Switzerland and could just tell them to shove the subpoena?
A non-logging VPN provider should not be able to assist with this step.
Perhaps. I’ve always wondered if the VPN providers were playing games with semantics. It would be possible to not log, but still see events happening in real-time and report those. In the IT world “logging” is the capturing of events that occurred in the past. “Monitoring” is seeing events that are happening in real-time".
So a request could come in saying “when we see activity from IP X let person Y know what is happening”. The VPN provider would technically not be logging, but the activity of the user could still be tracked. Again, I’m not saying this is what happens at any of these VPN companies, I’m simply posing a series of events that could occur while the VPN companies statements would still be factual to their advertising claims yet result in the outcomes that customers specifically want to avoid. This is just a thought exercise. I have no evidence any of this happened.
Are you saying we all need to install a continually rotating VPN when we’re surfing the internet? As chaff?
If you use a VPN for official or login services, access those services from the same VPN endpoint.
If you use it for anonymous stuff, go nuts.
Yeah but I think Tor and…not using big corporate USA internet services to begin with would help.
Would mullvad VPN have given up that information? Which VPN matters too.
I was under the impression most Tor exit nodes are suspected of being run by government entities.
Also, does Tor protect anonymity when browsing the Clear Web, or only while fetching .onions?
I don’t know enough to know how severe a problem that is. Mainly I just see it as another added layer of obfuscation, nothing is perfect if it connects to the internet.
Or you could just not threaten to murder people
I don’t know…seems like an impossible task.
But some people could do with a good murdering though tbh.
My guess is that he was using his phone for tethering to a laptop, and he had a google account associated with his browser. So even though he was going through a VPN, it would show THIS SET OF CREDENTIALS logging in from all the different exit nodes of his VPN provider.
Alternatively, he could have logged into his Google account from the burner phone (not a good idea), or even just created a new Google account, which again, would show logins from a bunch of different exit nodes of his VPN provider.
en.m.wikipedia.org/wiki/Parallel_construction
They found it with shady shit and invented how they could have done it afterwards
This is a VERY good question.
So that brings the total up to four good Americans?
No. Stop being a dick
If you put your real name on it or associate that phone number with your name, then doesn’t that stop meeting the definition of a burner phone?
EDIT: I re-read the wording of the article, and I don’t think he used the burner phones number associated with his name as I posted before. The article says this:
"Messages from his burner phone, too, matched the number Payne had listed in his personal contact info while applying for unemployment benefits in February. "
It sounds like he used is REAL phone/number to apply for unemployment, but then at a later time he used is REAL phone to text a message to his burner phone. So the article is saying the “messages found on his burner phone” contained his REAL phone number. This would mean authorities would have had to have the burner phone in hand. So this wasn’t the way he was found, simply a way that it was confirmed it was him.
“No b-because he was a bad guy so we can accuse him of other bad guy stuff too!”
Inb4 police find “a mysterious white power” and never mention it again
I guess you mean white powder
White power is clearly very openly rampant in police institutions worldwide - although, I guess, the white powder isn’t far away either…
Sure he’s dumb but his failure gives an interesting insight into how wide the US dragnet on its citizens is. A mail address used to apply for unemployment has been indexed somewhere « just in case ». Nice.
Storage and indexing is cheap. From a usability perspective indexing makes sense: call centre staff can tell someone why their unemployment application has been denied/delayed etc.
From a security perspective, Google, Proton, and friends want to track failed login IPs so they can assign (internal) reputation scores to incoming requests.
It’s the sharing & cross enrichment that would bother me. That your unemployment office keeps a CRM with the info makes sense. That LEA has it all and more together with the gods know what else is what I would object to. Same for how service providers store that info; there’s a fine line between storing enough and too much. Or too long. And not everything needs to be tied forever to the customer ; sometimes a hash or whatever does wonder for the legitimate purpose. Storing more is often « just in case I can market the data later » which I’m personally not agreeing with.
Not if it’s a Pixel 6 Pro!
Yeah they try to paint the guy as some tech genius but frankly he was sloppy af
Yeah, not really a burner phone if you don't burn it. Then it's just a second phone.
His desire to execute Tesla owners, while understandable considering how they drive, is a bit extreme. His other goals though. 👌
There’s not enough info in here to know how Google was involved if he sent the emails from Proton. Proton absolutely does not cotton to illegal shit, and actionable threats would be up there with LEO compliance.
My guess is he was on a VPN and had logins from a Proton account, validated with a burner phone he kept, and was also logging on to a personal Gmail or using some Google service that identifies him while in the same VPN location. Proton and the VPN give up an IP address that corroborates to what Big G tracks to him.
Edit: even a no-log VPN would likely be compelled to confirm a user at an IP address at a certain time. That’s not a a “log” per se…
Idiot should have known to change his VPN location between instances and/or use TOR like a big boy, but mental health issues seem to be there driving force, not rationality.
Any good guides out there for actual privacy to avoid the pitfalls of ahem being an idiot (re: am idiot)
Leave your digital devices at home and don’t do illegal stuff on them.
Don’t do illegal stuff that makes people paid to find you come looking for you.
Nothing done online is anonymous enough that you should do or type anything you wouldn’t want to read out loud in a court.
Privacy subreddit and privacyguides.org both are good starting places.
The thing is, the definition of “illegal” will continuously shift until it includes things that you consider innocuous.
“First they came for,” and all that.
This is the laziest excuse possible for ceeding responsibility to everyone else.
Know the law in the jurisdiction in which you are physically located. Know the reasonable expectations of internet privacy.
If the law and you end up crosswise, and lawyering up isn’t a viable option because it won’t matter, that means you were fool enough to tempt fate in a place with no rule of law, no civil rights protections, and likely no reasonable expectation of privacy in the first place.
Zero trust means the only person responsible for you is you and anyone else you trust with your life. Whining about it doesn’t change anything.
Seems like this might be one of the first ones that actually was a bit of a leftist, considering the use of the term “Swasticar,” which is a little interesting. Funny how the crazies on the far right seem to consistently get to the point where they’re able to obtain a firearm.
Whats missing from the article is any kind of seized evidence that would show he had the means to actually carry out any of this threats. As in, could this just be a “talking tough” keyboard warrior? I’d expect they’d need to find lots of guns, poison, explosives, etc. There isn’t any mention of that kind of thing in the article.
Yeah, it says they’re charging him with something that has a max sentence of five years, seems like it would be a lot heavier if they could show he was planning to take action.
Feels a bit disingenuous after pardoning January 6 convictions for people who not only made the threats, but showed up to do the job. Is threatening politicians not cool anymore? Does he need to make a choir sing patriotic songs or what?
It would be pretty funny if the next president pardons the Tesla arsonists.
Are you honestly expecting anything but hypocrisy from regressives?
“First amendment” my ass. You can’t say anything without these snowflakes jumping in
God damn that’s unfortunate…
So if you got one before he went crazy, you’re dead. I don’t think we should be killing the consumer. Teasing relentlessly, sure.
The consumers and non-voters are responsible for Trump though. They’re just as guilty as their fat orange cult leader.
That’s an unhinged stance. People that bought a car without knowing what Elon was or would become are not morally responsible for enabling him. Intent matters. Most of them, im sure, just wanted an electric vehicle… the end. They do not deserve to be punished for Musk and Trump’s evils.
Yes, the fuck we did.
Yes the fuck we do.
This is the mentality that leads to war crimes.
We ABSOLUTELY fucking do distinguish
Proof: The Nuremberg Trials
I have a bumper sticker that says, “Have the day you voted for,” so I’m like half in your court. But the real enemy are the MAGAs.
Want!
Etsy has a bunch of them
This is the one I got
www.etsy.com/listing/1880954911/
Killing people for how they vote is killing democracy. Those MAGA lunatics aren’t your enemy, they’re your fellow citizens who fell victim to radical propaganda. When the Trump regime finishes their coup, they’re going to be suffering just like the rest of us.
The way to solve the problem is to win them over, and show that a dictatorship is not good for America. Attacking Tesla and Musk is how you prevent other billionaires from supporting the MAGA hate cult, but it’s not how you win over MAGA voters. Taking it to the logical extreme by killing people isn’t going to make it work either.
I don’t know how to win all the MAGA people back, but I know violence won’t do it. If anything, it’ll cement their existing views.
“Those MAGA lunatics aren’t your enemy, they’re your fellow citizens who fell victim to radical propaganda.” I live in Canada, they’re not “my” citizens. And as for not knowing how to win all the MAGA people back without violence, you simply can’t.
Not a single person who split from the MAGA cult did so by being convinced by their fellow citizens. Not one. It is their decision and theirs alone. They would have to be personally impacted by the consequences of Trump’s policies in order to see the error of their ways. But even then those are very rare cases.
Let’s look at the numbers. 62 million Americans voted for Trump in 2016, followed by 74 million in 2020 and 77 million last year. It only goes to show that the cult is growing in popularity. Again, you can’t win over these people with words. They can and most certainly will resort to murder and violence when backed into a corner. Fascism and violence are inseparable. And violent resistance to fascist violence doesn’t make you as bad as the fascist. Ask Bomber Harris.
Bruh a declaration? 😒 I s2g social media has made people idiots
Remember to declare your terrorist attacks to the FBI beforehand for a tax break on supplies
And
This guy is innocent of all charges, but whoever wrote that has a way with words.
God forbid men have hobbies smh
Let him cook! All of the thousands of lives Musk and his meme boys have ruined should follow them forever.
He should run for president