The Mastermind
March 29, 2016 9:15 PM   Subscribe

"My immediate reaction upon discovering this connection was a sudden and irrational fear: Le Roux was something new, a self-made cartel boss whose origins were not in family connections but in code. Not just any code, but encryption software that would play a role in world events a dozen years after he created it. I stared at the address on the screen, a post-office box in Manila, left now with a still larger mystery: What had turned the earnest, brilliant programmer into an international criminal, with a trail of bodies in his wake?"

Le Roux is now thought to have been a major contributor to TrueCrypt a mysterious and effective encryption tool. TrueCrypt shut down with a warning of an unknown security issue around the time Le Roux was picked up by the US government. (via Hacker News.)
posted by kaibutsu (69 comments total) 89 users marked this as a favorite
 
Wow. A wild ride, but be warned - the series isn't finished yet, and it cuts out on a cliffhanger.
posted by Joe in Australia at 10:25 PM on March 29, 2016 [5 favorites]


Wow. I only made it through 1 1\2 so far, and all I can say is... we need to invent life extension technologies just so this guy can live long enough to pay for what he's done, because one lifetime won't do it.
posted by Mitrovarr at 10:30 PM on March 29, 2016


For a second, I thought you were talking about La Roux. Fascinating, still.
posted by strangecargo at 10:32 PM on March 29, 2016 [4 favorites]


(no relation)
posted by roue at 10:45 PM on March 29, 2016 [11 favorites]


I cannot believe where this story has gone. At this point I'm on part 3 and it just went to crazy town. Read the articles and don't spoil it for everyone else yet. We live in a madhouse.
posted by artof.mulata at 10:53 PM on March 29, 2016


Man, this is an intense story. I really wish it was done and there was a spoiler place to talk about it because I'm dying to, but this really deserves to be read with fresh eyes.
posted by neonrev at 11:06 PM on March 29, 2016


What the hell? Are people really worried about "spoiling" a news article? This is not a movie, and it deserves to be discussed.
posted by dilaudid at 11:14 PM on March 29, 2016 [13 favorites]


I'm only partway through the first installment and wow.

Dilaudid, count me as one who'd rather find out the way the journalist intended. Like yeah it's a news story... That hasn't appeared anywhere else and isn't common knowledge.
posted by feckless fecal fear mongering at 11:44 PM on March 29, 2016 [1 favorite]


The layout frippery is killing me as I move from one device to another. I just want the fucking text, please, not a goddam extra edition cops epileptic fit.
posted by mwhybark at 11:56 PM on March 29, 2016 [6 favorites]


Well, there are going to be two groups of people reading this comment: ones that have read TFA and can't be spoiled, and ones who haven't read TFA but are reading a discussion about it. Of their own free will. So unless you want nobody to post anything more spoileriffic than "good post!" until everybody in the universe has read TFA ...
posted by Joe in Australia at 12:00 AM on March 30, 2016 [9 favorites]


It was posted a hair under three hours ago and is three quite long articles. Give us a chance to catch up.
posted by feckless fecal fear mongering at 12:05 AM on March 30, 2016


[Just so we don't get stuck on a "spoiler" derail loop: aside from deliberate trollery, we don't have any under-the-fold "don't spoil" standards for the blue, so I will say officially at this part of the discussion, MAY BE 'SPOILERS' BELOW. Folks who want to finish up reading before learning more can cut out here and return when safe! ]
posted by taz (staff) at 12:44 AM on March 30, 2016 [13 favorites]


The warning about it currently being up to a cliffhanger is absolutely correct. (I ended part one and part two wondering what could possibly be cliffhangerish about part 3, as the previous parts were rather self contained.)
posted by Cozybee at 1:33 AM on March 30, 2016


You know that expression "wherever you go, there you are?" It definitely applies to this guy. Seems like he was his own worst enemy, and a lot of his victims were hurt or killed because of his need to act like a hard crime boss in a movie.

But as programmers turned drug kingpins go, he's probably the most successful so far. I'd say it's John McAfee at the very bottom of the leaderboard, then Ross Ulbricht, then Le Roux.
posted by Kevin Street at 2:08 AM on March 30, 2016


The interface is kind of annoying, the article itself is... Totally crazy. To the writer's credit - what at first seems like a hot mess starts to coalesce into a hotter but more concentrated mess. I look forward to reading the rest, honestly I want all the grizzly details about exactly what nefarious nefariousness he got up to. It's alluded to a bunch of times but if that doesn't get filled in it'll be very frustrating.
posted by From Bklyn at 2:12 AM on March 30, 2016


But as programmers turned drug kingpins go, he's probably the most successful so far.

I'd be more impressed with the less successful ones that know to take the money and run when they've racked up $100 million in cash from internet pharmaceutical sales, rather than using that as seed money for bigger and more criminal enterprises.
posted by sebastienbailard at 2:34 AM on March 30, 2016 [3 favorites]


Have not started the article but googled enough to see there are legit (NYT 2014) news articles on Le Roux but is this validated citizen journalism? Or just a good story? There was that thread discussing nonfiction vs fiction, is this an example of the grey area?
posted by sammyo at 3:48 AM on March 30, 2016 [1 favorite]


This story gave me the creeps. I once worked for a guy who, in some ways, was a very, very small time version of Le Roux (fortunately not violent). He had faux businesses scattered everywhere. There was a constant stream of bank statements from tiny Caribbean islands. He made business decisions by flipping a coin. He ignored laws and regulations almost pathologically. No lawsuit was ever successful against him because of his endless web of empty shell foreign businesses. He would disappear for 6 months or a year and then reappear without an explanation.

He once flew me out to Boca Raton to design a custom daily sales program for a restaurant. For some technical reason that eludes me I wound up sitting on the floor of one of his houses downloading some stuff from Texas. It was a slow process over a dial-up modem so I began to look around a bit. I noticed the floor was littered with paper. Checks actually. Tens or perhaps hundreds of thousands of dollars in undeposited checks scattered about like confetti. Admittedly not as impressive as $100 million in wicker baskets with pink bunnies stamped on them, but it gave me the creeps. Still does...
posted by jim in austin at 4:14 AM on March 30, 2016 [8 favorites]


For some technical reason that eludes me I wound up sitting on the floor of one of his houses downloading some stuff from Texas.

Well, Texas does raise a fair number of yaks, but you can't shave them by downloading anything.
posted by Jpfed at 5:35 AM on March 30, 2016


Well, Texas does raise a fair number of yaks, but you can't shave them by downloading anything.

Heh! This was back when portable computers were the size of a suitcase and cost as much as a new car. Needless to say, I didn't own one. I thought I had brought all the necessary stuff on floppies but was sadly mistaken. They had apparently left out a few details in describing the task. My boss had a brand new Compaq with a modem so I used it to grab what I needed in the comfort of his dockside home with the yacht parked outback. And that was just the first of many yaks I shaved and coifed that week...
posted by jim in austin at 6:29 AM on March 30, 2016 [2 favorites]


If you liked this article it's also worth reading The Blast Shack, Bruce Sterling's homage to the cypherpunks movement. The late 90s crypto movement attracted and nurtured a bunch of interesting characters. Julian Assange is probably the most well known, but also Jacob Appelbaum (Tor), Bram Cohen (BitTorrent), John Young (Cryptome), and a bunch of important hands-on crypto folks like Matt Blaze, Bruce Schneier, Steve Bellovin, etc. Probably also Satoshi Nakamura, although the jury is still out on that.

Cypherpunks also attracted a bunch of nutty libertarian types. For instance Jim Bell's assassination politics came from a dark place. La Roux fits right in with that part of the culture, although I don't know that he ever intersected with the cypherpunks mailing list per se.
posted by Nelson at 6:46 AM on March 30, 2016 [6 favorites]


I hope entering my email for the next segment doesn't get me on spam lists forever....
posted by leahwrenn at 8:16 AM on March 30, 2016 [1 favorite]


I wonder if he had just stuck with the pill mills, would he have come to the attention of the US government? Is this the equivalent of not only convicting Al Capone of tax fraud, but actually uncovering what was going on because of tax fraud?
posted by Hactar at 8:20 AM on March 30, 2016


Some of the details don't feel right -- selling porn in the internet in the 80s seems a stretch, addicted to wing commander feels off (though wiki says it was released in 90, WC2 in 91), or the birth-mom is married to a US Senator (surely that could be fact-checked ? )
posted by k5.user at 9:06 AM on March 30, 2016


Hmm. I knew people who were running internet porn sites by 91 or so, Digex made a lot of their early money that way. And there were a few commercial providers by 1988 or 1989, so it's technically possible, porn was always an early adopter. But most commercial net porn was via BBSes in the 80s; it's possible they are just using internet generically and really mean a BBS.
posted by tavella at 9:27 AM on March 30, 2016 [1 favorite]


Yeah, they probably mean BBS. A friend of mine says they did have porn on there in the late 80s/early 90s.
posted by Dr Dracator at 9:33 AM on March 30, 2016 [1 favorite]


Note the article specifies "selling pornography online", not "in the Internet". There were plenty of porn-oriented dialup BBSes in the 80s. Including, I think, in South Africa.

As for the US senator connection it's "His real mom’s mom" and the author is very careful to indicate in the very same paragraph that he tried to fact-check this and couldn't: "I tried all sorts of strategies to figure out if this was true, but for now I’ve had to leave it unconfirmed, another legend following Le Roux."

It's disappointing that random casual readers would look at an article like this and decide some bits of it "don't feel right". This article represents months of careful work from the journalist . I think the benefit of the doubt is appropriate here.
posted by Nelson at 9:36 AM on March 30, 2016 [11 favorites]


I'd be more impressed with the less successful ones that know to take the money and run when they've racked up $100 million in cash from internet pharmaceutical sales, rather than using that as seed money for bigger and more criminal enterprises.

Sure, but it sounds like no amount of money would have satisfied Le Roux. He was in it for the satisfaction of becoming a real life Blofeld, manipulating his criminal empire from the shadows. If he'd had another ten years who knows what he could have become.
posted by Kevin Street at 10:07 AM on March 30, 2016 [1 favorite]


I looked at TrueCrypt in the past, partly because of Greenwald's and Snowden's initial suggestions, but held off due to it's seemingly sketchy origin, then it was clearly compromised

What about the other options? Clearly not any of Apple's tools. Wonder what Snowden uses now?
posted by sudogeek at 10:58 AM on March 30, 2016


It's disappointing that random casual readers would look at an article like this and decide some bits of it "don't feel right"

When countless nifty/neat/"viral" things on the internet turn out to be ad campaigns or otherwise bogus stuff, it's hard to defend any reaction but cynicism towards an article making some pretty big claims. The BS-o-meter's sensitivity is set pretty low when the claims made are pretty high.
posted by k5.user at 11:03 AM on March 30, 2016 [3 favorites]


I noticed the floor was littered with paper. Checks actually. Tens or perhaps hundreds of thousands of dollars in undeposited checks scattered about like confetti. Admittedly not as impressive as $100 million in wicker baskets with pink bunnies stamped on them, but it gave me the creeps. Still does...

Reminds me of the huge pile of money in Breaking Bad. Neatly stacked, but too big to count.
posted by Halloween Jack at 11:11 AM on March 30, 2016


Uh, isn't this more or less the premise of The Blacklist?
posted by echocollate at 11:28 AM on March 30, 2016


OK, just skimmed over the first part and already it's getting weird: one of the guys accused of the murders in the Phillipines, Carl David Stillwell, is mentioned in connection with marketing the Bosom Buddy, a combo bra/gun holster; he's mentioned in this WaPo article about a gun show from early 2015.
posted by Halloween Jack at 11:49 AM on March 30, 2016


so is this guy arby's long lost brother or wot?
posted by lalochezia at 12:31 PM on March 30, 2016


I looked at TrueCrypt in the past, partly because of Greenwald's and Snowden's initial suggestions, but held off due to it's seemingly sketchy origin, then it was clearly compromised

What about the other options? Clearly not any of Apple's tools. Wonder what Snowden uses now?


well, truecrypt wasn't "clearly compromised", it had its development stopped. for what its worth truecrypt 7.1 has been successfully audited, and binaries can still be found from reliable sources. however, in the wake of truecrypt's developers abandoning it, several forks have sprung up, notably veracrypt and ciphershed
posted by p3on at 12:42 PM on March 30, 2016 [7 favorites]


I knew going in as someone who pays (some) attention to cryptography, that this was connected and that some big players were atleast on the fringes because the crypto community is is own wierd tight knit group because of the sheer intelligence it takes.

I didn't quite expect a snowball, but it makes complete since and now I know why TrueCrypt was discontinued.

Lovely read!
posted by AlexiaSky at 6:53 PM on March 30, 2016


^Spoiler alert lol. The ending of this is going to be dope.
posted by Potomac Avenue at 7:25 PM on March 30, 2016


Well, after reading this article, it's creepy reading the metafilter post about when truecrypt was closed, linked below in related...
posted by Cozybee at 9:29 PM on March 30, 2016 [1 favorite]


I got excited when they showed that his surname on his diplomatic passport from the Democratic Republic of the Congo was "Solotshi" - tantalizingly close to "Satoshi"
posted by creade at 10:46 PM on March 30, 2016 [1 favorite]


On a website for the party, Cincinnatus posted an “after-action report.” “I’m making a note here,” he summarized, “huge success.”

So, it was a triumph?

Seriously, how was the reference missed?
posted by special agent conrad uno at 11:59 PM on March 30, 2016 [11 favorites]


There's no sense crying over every mistake.
posted by Joe in Australia at 12:04 AM on March 31, 2016 [1 favorite]


Yeah, the satoshi question I think becomes a lot more interesting against this backdrop. Someone made the point in the hacker news thread that satoshi had never actually used any of their bit coins; whoever it is, they clearly don't have to worry about cash. Could it be Le roux? Maybe...
posted by kaibutsu at 12:12 AM on March 31, 2016 [1 favorite]


Riveting article - this would have been amazing for Serial...
posted by progosk at 12:50 AM on March 31, 2016 [3 favorites]


“after-action report.” “I’m making a note here,” he summarized, “huge success.”...

At moments you do have to wonder (like Lulu's claim that LeRoux's birth mother is married to a US Senator) if there isn't a little bit of trolling going on.
posted by From Bklyn at 3:21 AM on March 31, 2016


A website post summarizing a gathering of cryptogeeks included a tired Portal joke. Missed reference? No, just not laboriously spelled out. Trolling? Only in as much as everyone was already tired of it back then, when it was timely. Probably the most comfortingly normal part of this whole, bizarre story!
posted by gilrain at 5:07 AM on March 31, 2016 [1 favorite]



Haven't read these comments but after reading part 1 and half of part 2, this sounds right out of fiction; the precise ; the enigmatic La Roux, we're slowly fed more information about him as we learn more about the other participants... excellent storytelling.
posted by fizzix at 6:27 AM on March 31, 2016




At moments you do have to wonder (like Lulu's claim that LeRoux's birth mother is married to a US Senator) if there isn't a little bit of trolling going on.

as pointed out upthread, his birth-mother's mother was claimed to have been married to a senator, and the snowden portal ref is easily verified. snowden was a 28 year old nerd writing that in 2012, i don't know why it seems so outlandish
posted by p3on at 9:07 AM on March 31, 2016 [1 favorite]


I think there are a lot of meta-trolling layers at play in specifically not pointing out that it was a Cakelien, since the author could have easily surmised that it would lead to exactly this sort of discussion. Fascinating.
posted by creade at 12:08 PM on March 31, 2016 [1 favorite]


New Yorker: The Strange Origins of TrueCrypt, ISIS’s Favored Encryption Tool. A short summary article by Evan Ratliff, the author of the long-form Atavist article posted here.
posted by Nelson at 1:49 PM on March 31, 2016 [1 favorite]


Much weirdness overall, but I wander whether we're going to see this story used as an attack on privacy and cryto tools in general - it's not a very good argument for your side when it's actual criminals masterminds advocating and providing the tools for less state access to private information. Read the New Yorker link, it makes some interesting points on this.
posted by Dr Dracator at 2:31 PM on March 31, 2016


But Truecrypt and its forks can protect dissidents and whistleblowers just as easily as they protect terrorists and criminals. Encryption itself is just a tool like a hammer, neither good nor bad.

If we have to choose between two worlds: one where everyone can use (reasonable but not perfect) encryption, or a world where great powers can monitor everything we do while their own activities remain secret, I'd choose the former.
posted by Kevin Street at 2:45 PM on March 31, 2016 [1 favorite]


Dissidents, whistleblowers, terrorists, and criminals. Your local three-letter-agency is a fan of exactly none of these things.
posted by kaibutsu at 3:10 PM on March 31, 2016


A small gem from the fourth part:

McGowan had evidence that Le Roux had broken into his email account using his mother’s maiden name—which Le Roux had once asked him for.

Don't you just love security questions?
posted by Dr Dracator at 10:30 PM on March 31, 2016


So, what, now we gotta wait half a month for the next installment? Bummer, dude. Isn't this Ratliff guy aware of the netflix-binge paradigm? I Want My Le RouxTV!
posted by valkane at 6:31 AM on April 1, 2016


Fascinating series! I'm addicted to the Longform podcast at the moment that Evan Ratliff cohosts.
posted by ellieBOA at 8:03 AM on April 5, 2016


My eyebrows shot up when I got to the bit about him sponsoring a militia in Somalia. What an absolutely crazy story.
posted by Happy Dave at 5:49 AM on April 13, 2016


Part 5: He Got Greedy.
posted by misteraitch at 6:29 AM on April 14, 2016 [4 favorites]


This is such a fantastic story, and this comment in the Hacker News thread for the most recent part just made it even crazier.
Guys I can tell you how he got caught. At around 2011 I hacked RXLimited backend through a security flaw on christmas eve. [...]
I want to believe.
posted by books for weapons at 1:41 PM on April 14, 2016


The comment has been deleted ... I know that if I had done something like that, I wouldn't be boasting about it.
posted by Joe in Australia at 4:26 PM on April 14, 2016


Part 6: ‘Eyes Everywhere’ is up now too.

Perhaps it’s still to come in Part 7, but, thus far, there’s been very little about the consequences for Mr Le Roux himself from all this murder & mayhem, except that he’s been obliged to desist from doing business, to give evidence, appear as a witness &c. Have any of his assets been confiscated? Has he been slapped on the wrist & told not to do it again?
posted by misteraitch at 7:09 AM on April 21, 2016 [1 favorite]


The film rights have been optioned by the Russo brothers (Captain America: The Winter Soldier, Captain America: Civil War, Arrested Development).
posted by bluecore at 11:51 AM on April 25, 2016


I don't get how this type of stuff isn't entrapment. The police set up the whole deal. They didn't prove these guys did anything except what the cops asked them to do.
posted by Galaxor Nebulon at 1:56 PM on April 25, 2016


Depending on the jurisdiction, "entrapment" can be a lot more limited than people think. I think in my jurisdiction the defendant needs to prove that they wouldn't have normally been willing to do the crime - the fact that police gave them the opportunity and idea it is neither here nor there.
posted by Joe in Australia at 4:30 AM on April 26, 2016


Wow. So even if they can't prove you've done anything, they can still send you to jail forever for, like, being the kinda guy who WOULD do that sort of thing!
posted by Galaxor Nebulon at 7:51 AM on April 26, 2016


Wow. So even if they can't prove you've done anything, they can still send you to jail forever for, like, being the kinda guy who WOULD do that sort of thing!

There doesn't appear to be any doubt that they shot that real estate agent in the head and dumped her body. There are witnesses, a digital trail, and they talked about it on the wire.
posted by bluecore at 8:56 AM on April 26, 2016


Yeah, so arrest them for that! Not for made-up crimes.
posted by Galaxor Nebulon at 9:24 AM on April 26, 2016


Yeah, so arrest them for that! Not for made-up crimes.

I reject your thesis. Although it's not finished, at this point in the investigative series these people are knowingly and willingly part of a criminal conspiracy to murder opposition and transport illegal drugs. They bragged on tape about hand grenading people's houses, throwing them in the ocean and shooting at them, and about making them disappear, all before the Feds got involved. They submitted weapons requirements to kill a DEA agent and a supposed snitch. In my book, there's a difference between an undercover cop entrapping a dumb high school kid with, "Hey man, wanna buy some pot?" and guys willingly submitting requests for silenced pistols so they can murder someone.

It remains to be seen how the Feds rolled up the network and how exactly they're charged, but my guess is it hinges on a criminal conspiracy charge, which can be charged before the actual crime has been committed and just needs to show an agreement and willingness to commit the crime.
posted by bluecore at 11:32 AM on April 26, 2016 [1 favorite]


The final installment, Episode 7: The Next Big Deal, was posted today.
posted by RichardP at 3:39 PM on April 28, 2016 [2 favorites]


« Older Extinct Siberian unicorn: not quite as magical as...   |   The Citizen Kane Of Of Wasted Teenage Metalness Newer »


This thread has been archived and is closed to new comments