Darknet Diaries - Ep 16: Eijah
Episode Date: May 1, 2018In 2007, a hacker named Eijah got fed up with the way DRM prevented him from being able to play the content he paid for. He decided to fight back against the AACS and find a way to circumvent... the DRM. By the time Eijah was done, his life wasn't the same.
Transcript
Discussion (0)
Using a computer to gain unauthorized access to data, otherwise known as a hack.
Some people do it for greed. Some do it for knowledge.
Some do it because they're just plain bored, and they can.
And then there are those people who do it because they're pissed off.
Really pissed off, and they want things to change.
Sometimes it falls on us to just decide we're going to change the world,
or just decide that we're going to take a stand and just decide that we're fed up. And sometimes those
fed up people do something so daring it propels them into a whole new world. I was approached
by a secret group of hackers. And I know this sounds like Hollywood crazy. I know this sounds
like Mr. Robot, but it's true. But this isn't Hollywood. This is real life, where happy endings don't come easy, especially deep in the heart of
the web. My hacker name is Eja. Welcome to a true story from the dark side of the internet.
And my name is Jack Recider. This is Darknet Diaries.
This episode is sponsored by Delete Me.
I know a bit too much about how scam callers work.
They'll use anything they can find about you online to try to get at your money.
And our personal information is all over the place online.
Phone numbers, addresses, family members, where you work, what kind of car you drive.
It's endless.
And it's not a fair fight.
But I realize I don't need to be fighting this alone anymore.
Now I use the help of Delete.me. Delete.me is a subscription service that finds and removes personal information from
hundreds of data brokers' websites and continuously works to keep it off. Data brokers hate them
because Delete.me makes sure your personal profile is no longer theirs to sell. I tried it and they
immediately got busy scouring the internet for my name and gave me reports on what they found.
And then they got busy deleting things. It was great to have someone on my team when it comes
to my privacy. Take control of your data and keep your private life private by signing up for
Delete Me. Now at a special discount for Darknet Diaries listeners. Today, get 20% off your Delete
Me plan when you go to joindeleteme.com slash darknetdiaries and use promo code Darknet at checkout. The only way to get 20% off is to go to joindeleteme.com slash darknetdiaries and enter code darknet at checkout.
That's joindeleteme.com slash darknetdiaries.
Use code darknet.
Support for this show comes from Black Hills Information Security. Thank you. I'm sure they can help. But the founder of the company, John Strand, is a teacher,
and he's made it a mission to make Black Hills Information Security world-class in security training. You can learn things like penetration testing, securing the cloud, breaching the cloud,
digital forensics, and so much more. But get this, the whole thing is pay what you can.
Black Hills believes that great intro security classes do not need to be expensive,
and they are trying to break down barriers to get more people into the security field.
And if you decide to pay over $195, you get six months access to the MetaCTF Cyber Range,
which is great for practicing your skills and showing them off to potential employers.
Head on over to BlackHillsInfosec.com to learn more about what services they offer and find links to their webcasts to get some world-class training.
That's BlackHillsInfosec.com.
BlackHillsInfosec.com.
Eja is a smart guy. In fact, his whole family is smart.
My father's an electrical engineer. My entire family has at minimum master's degrees.
My mother, my sister and her husband have PhDs.
I have a master's.
So for some reason, my entire family loves universities.
I don't know why, but, you know, we all have multiple degrees.
So EJ got his master's degree and worked his way up.
He was on a good path.
By 2007, he was sitting pretty in a
sweet job at a Fortune 500 company. My job at that time, which was a pretty big job, I was in charge
of American Express's security portfolio. I did all the strategy and all the internal documentation
for application security, vulnerability analysis, prevention of hacks, stuff like that.
But even more importantly, building out their internet and intranet security system.
So we're talking identity management, access management and control, things like that.
For someone like Ija, this job wasn't that fulfilling.
Tasks were mundane, dry, and not very exciting.
So when I came home at night, you can imagine I hated my job because it was boring as hell.
Nothing against American Express.
You know, they treated me like any numbered employee.
Fine.
But it was boring.
It was really boring.
So I stayed up late and I was trying to find something to do.
So at night, EJ would tinker with various electronics and do different coding
projects. I had an Xbox 360, which by the way, was a great gaming console. Somebody told me about
this little known peripheral called the Xbox HD DVD drive. And so I got curious. I decided to buy one. I spent $300 and I plugged it in and I could watch my video through my Xbox 360.
I think it came with King Kong, which was a terrible movie, but nonetheless, it worked.
Well, then I was reading on Flashdot and some of the forums that the Toshiba drivers were available
for Windows.
So you could plug your HD DVD drive for your 360 into your computer because it had a USB
interface, and you could watch videos on your computer.
I thought this was great because who wouldn't want to watch high-def videos while you're
working at home on your computer, especially as a geek?
That just sounds really cool.
So I plugged it in, downloaded the free drivers from Toshiba, plugged in a disc, started an HD-DVD media player, and proceeded to play my legally purchased content, HD DVD movies, and guess what happened?
All of a sudden, the software decided that I was a bad person, and it punished me.
It down-res'd from 1080p down to 480p.
Because my monitor was too old to support the newest HDCP handshake between the computer and the monitor itself, it assumed I was a pirate and it down-resed me.
Even though I'd spent $300 on the drive and spent 20, 30 bucks per movie, it punished me and treated me as a criminal.
And at that moment, I looked and I said, this isn't fair.
Why? I've done everything right.
I've bought the drive.
I've bought the movies.
I have a licensed copy of Windows.
Everything is legit.
And yet I am being treated like a criminal.
And at that moment, here's what happens with me.
I started to rage a bit. The paranoia of groups like Toshiba and Microsoft and the AACS, LA, and these groups that try to enforce DRM upon the masses, they do all this out of fear.
They're so afraid they're going to lose money.
And what they don't realize is there's a greater fear that they should have.
And that is pissing off smart people. To piss off a small group of minority,
very intelligent hackers is the worst thing you can do as a company.
And so I decided in that moment that this was basically bullshit, That I was not going to down-res my 1080p video to 480p
and not going to sit there and take it.
I was going to do something about it.
You might think this sounds dramatic,
but pretty much all of us felt frustrated with the stuff we've bought before.
And we've all been wronged by a corporation and felt powerless.
EJA bought an HD DVD player,
but it would only play at normal DVD resolution.
There was nothing HD about it. The product wasn't doing what it promised it could do,
and all because of some anti-theft protection? Or consider this, sometimes when you buy a DVD
and try to watch it, you have to sit through five minutes of commercials. This infuriates
some people so badly that they just
pirate the movie instead. Because the pirated copy doesn't have ads. People want to be treated
with respect. And they want the stuff they bought to work. And when companies put protections in
place that get in our way and keeps us from being able to use the things we bought, it makes us mad.
And that's why I'm against digital rights management, because at the end of the day, it doesn't protect illegal use of the content by hackers or malicious or
nefarious individuals. All it does is upset law-abiding good consumers like me that just
want to watch it and just paid for the content to watch it.
The frustration Ija had sat heavy with him.
He felt wronged by these companies and felt powerless.
But in an instant, he realized he wasn't powerless.
He was a smart guy and thought maybe,
just maybe he could circumvent all the security checks and find a way to play the movie at full resolution anyways.
But there were a few challenges. He had to figure out how an HD DVD worked. The problem is DVD and
Blu-ray movies encrypt the movies that are on there. So if you were to copy the movies off the
disc onto your computer, you wouldn't be able to read it because the whole thing is encrypted.
This is put in place to keep people from making copies of the movies and pirating it. The company that created the
encryption is the Advanced Access Control System Licensing Administrator, which we'll just call
the AACSLA from now on. The AACSLA has figured out a way to encrypt the movie on the HD DVD
in a unique way. And any company that wants to make a player to play HD DVDs has to
purchase a license from the AACS LA so they can get the decryption key to play the movie.
So with this key, you could decrypt the Blu-ray, the entire Blu-ray, and you could watch the video
without any sort of digital rights management, which includes the code that would down-res the video.
So Ija started looking for ways to find this encryption key.
When I decided that I was going to break Blu-ray encryption, you know, to the extent that I could
at the moment, the first thing I did is I said, okay, I'm going to do it.
And then the second thing is I said, okay, how am I going to do it? I know nothing about this.
I have to somehow become a quote unquote expert, or at least a fake expert in this entire space where I have zero experience with it. How do I learn what I don't even know? And so you do
your research and you find out, okay, here's the site, here's the legal entity. And then you've got
to find out which one of these PDFs do I need to read? What's the technical specification
of the protocol? And so you find that PDF out and then you start going through it.
It's boring. It's boring. If you've ever read through an academic journal,
this is far worse because this was written by, it sounded like it was written by lawyers. That's
just how boring and dry it was. Each of these pieces of software and pieces of hardware have
these built-in virtual machines because AACS uses an internal virtual machine
to try to protect the memory and try to disguise the transaction of the decryption routine.
So you have to figure out how the virtual machine works. And then you have to actually figure out
the encryption exchange because there's a lot of hashing and encryption that goes on in order to
arrive at the key. And keep in mind, there are no
device keys released at this time. So there's no way to verify that my decryption code works right.
So at this whole time, you have no test data that's real. Everything is an assumption
based on a white paper. So all I had was this white paper. And it was funny because when I was
at work, you know, designing architectures for American Express, I was thinking about this. So
I'd be sitting there at lunch and I'd be thinking about different ways that I could exploit the
software, different ways that I could hook in. I was a Java programmer at that time, but I actually
ran out of memory with Java. The tools that I was
writing in Java, I needed to manipulate memory directly, which Java doesn't do very well. So
I actually switched to a C and C++ utility pipeline just to be able to have raw access
to the memory to pull this content from the Blu-ray player. And that was a lot of fun.
So these utilities I wrote,
they would stop and resume the process.
Another one would scan memory, look for patterns.
Another one would output the history.
Another one would merge different files.
Another one would try to inject content
and perform key derivation.
If you're curious what it's like to hack,
it's kind of like going into a dark building without any sort of light and assuming you're
walking in the right direction, but not even sure that you're in the right room,
let alone the right city block, let alone the right state. So you go down a path as a hacker and you
make a lot of assumptions. And most of the times those assumptions are wrong.
And all it takes is one wrong assumption to steer you in a totally different direction.
But you have to have faith in your analysis and you have to have faith in what you believe you're going to find, even if all the
evidence is against you. And even then, there's zero guarantee that you're ever going to find
what you think's there or you're ever going to be rewarded. So sometimes you go down a path and you
don't know where you need to stop. You don't know if it's an infinite path going in the wrong
direction, or you don't know if you're two steps away from finding the keys.
So Aegis spent long hours deep into the night trying to crack the encryption keys on the HD DVD.
The programs he wrote were furiously running through the data looking for the keys.
His computer screen was scrolling with tons of text as his programs tried to decipher the encryption.
And I'm sitting there, multiple console windows are up. I think it's early Friday or Saturday morning.
And all this data is kind of going through the screens. It looks like something out of
The Matrix or something out of like an episode of Mr. Robot. Way too many screens up. I'm drinking
coffee. I'm probably sitting there in my underwear because I didn't even have to take the time to go get dressed yet. And all these things happen and then bang, number scrolling
output, everything freezes. And there's this key on the screen. And I look at it and I'm like,
okay, I must have screwed up. Okay. Clearly I screwed up the code. It output a key. And so something's wrong with my code.
And this is after 10 days of, you know, planning and reading white papers and figuring out how I'm going to attack the programs.
And do I need to hook into the kernel and all these all this work to get up to this one point?
And I'm 100 percent confident that I screwed up something in the code.
So at that point, I'm like, well, crap.
Okay, well, let me restart the process.
So I restart the process, bang.
Same execution abort at the same line, outputting the same key.
And I'm thinking, well, I really screwed something up.
So maybe it was the code I added last night.
And then after the third time
that the same value was printed to the screen,
I finally thought, well, maybe,
maybe that's the key.
Could that actually be the key?
I thought, wait, did I just find it?
EJ stared at the key that was displayed on his screen.
This was the key that would allow someone to decrypt a Blu-ray movie and make a copy of it.
EJ didn't have a good way to test if this key was what he was looking for.
And this made it hard to know whether this was it or not. You know, there's no guarantee that the keys that I found were correct, except cryptographically, they said they were correct.
According to my algorithm, you know, I was able to derive a key from a series of routines. And mathematically, it was
unlikely that that derivation would have happened from random data. So you stick to the math,
you stick to the crypto. Mathematically, this was correct. The end result was correct. And then the panic set in.
And so for anybody who hasn't really been in that moment where you're angry,
you spend two weeks deciding you're going to literally fuck over Sony and fuck over ACS.
And you're just enraged. And you've got this mission.
And everything you're doing, it's obsessive at that point. And then you suddenly think,
oh, wait, I've done it. I've actually done it. I have something in front of me that nobody else in the world has. What do you do with it? And that is when the panic
hits and the heart starts beating and you start assuming that at any moment the feds are going to
bust in the door because for some reason the feds care about like Blu-ray encryption. I don't know
why, but in that moment, it all sounds logical and you start to sweat. You start to panic. And you're like, holy shit, what have I done?
And you're like, oh, my God, I'm in trouble.
They're going to sue me.
You know, they're going to sue me.
They're going to come after me.
Oh, what?
And then after about an hour of pacing frantically throughout the house, thinking about what you're going to do, you then calm down enough and you realize there's really only two things you can do. You can either do
nothing or you can release it to the world. Thank you. Businesses use Vanta to establish trust by automating compliance needs across over 35 frameworks like SOC 2 and ISO 27001, centralized security workflows, complete questionnaires up to five times faster, and proactively manage vendor risk.
Vanta helps you start or scale your security program by connecting you with auditors and experts to conduct your audit and set up your security program quickly.
Plus, with automation and AI throughout the platform, Vanta gives you time back
so you can focus on building your company.
Join over 9,000 global companies
like Atlassian, Quora, and Factory
who use Vanta to manage risk and prove security in real time.
For a limited time, listeners get $1,000 off Vanta
at vanta.com slash darknet.
That's spelled V-A-N-T-A, vanta.com slash darknet. That's spelled V-A-N-T-A,
vanta.com slash darknet,
for $1,000 off.
Ejo was faced with a difficult decision.
He knew that if he posted the keys online,
it would likely damage movie distributors like Sony,
which is what he wanted.
But he knew this also meant they might come after
him and try to arrest him. But his fear was overcome with anger. He was still angry at that
anti-theft DRM that kept him from being able to watch his movie at full resolution. So he decided
to post the encryption key he found on a popular hacker forum called Doom 9. But then there's this
other moment of panic that sets in,
that all the hackers have, and that is, what if I'm wrong?
Because when you release it online, you've got to be absolutely certain.
There's no room for error.
When you release it, it's got to be right, it's got to be solid,
because you're going to be having hundreds of people looking at this.
So you've got to be certain, because if you release something and it's not right, your credibility is screwed.
That's the way it works in our world. And so you craft a message, a paragraph or two,
you explain what you found, you create a new form post and you you release it. And you see what happens.
Post right after mine is, can somebody else confirm it, please?
Once it was released, a variety of people tested almost instantly.
The community tested EGIS Key and confirmed it worked.
This would be the very first decryption key ever made public for the HD DVD and Blu-ray discs.
Other keys had been posted for regular DVDs
but not the decryption keys for the
HD DVDs. So this was a bit
of groundbreaking information for the hacker
community to take and use.
Right around this time,
I don't know if this was coincidence or not,
but literally, I think it was
two days after I released the key, I got a knock on my door one morning.
And I don't answer knocks on doors just for so many reasons.
I'm not a paranoid person, but if somebody wants to get in touch with me and they're legitimate, they know ways to do it.
Knocking on my front door is not one.
And so there's a knock on my door.
I didn't answer it.
After the person left, you know, some time went by and then I was going out to go grocery shopping or whatever.
And I looked, there was a sticky note left on my front door.
It was from the police.
And it was the weirdest note. It said,
please call us. We think your identity was stolen.
I kid you not. And this was within 48, 72 hours of me releasing the keys. At that time, I was living in Arizona.
So this would have been probably somebody from Peoria Police Department, which is a suburb of Phoenix.
At this time, I was in a hyper state of paranoia because of the hack and the release of the information.
Why would an officer put that specific message on a little note on your front door?
Now, I didn't get a call on my phone.
I didn't get a piece of mail delivered from the police.
Instead, the officer made an in-person visit within 72 hours of my hack, specifying he thinks my identity was stolen.
Please call him.
This whole thing had kind of got me on edge
to the point where I was looking over my shoulder a little bit more.
Here's where it gets exciting.
The moment I released this key, I was approached by a secret, I don't know what I
want to call it, a secret group of hackers, a secret group of DRM code breakers, and invited
into this secret society. And I know this sounds like Hollywood crazy.
I know this sounds like Mr. Robot, but it's true.
I was approached by breaking this encryption
and by releasing this key.
I was somehow entitled to an invitation.
I had won my invitation into this dark secret hackers group.
So they reached out to me in a very secret way
a few days after I released the key and invited me into their private group.
And we spent the next few weeks furthering our hacks and working together, which was
flattering because I never set out to be a
DRM hacker.
I was just pissed at Sony.
That's all.
I didn't really care initially about the movement, or I didn't really care initially about DRM.
But the deeper I got into this, the more I realized that DRM is crap.
It's draconian. It's a form of enslavement, it's not fair, and it's not
consumer-friendly. And so the deeper I got into this, the more I realized that I was on the right
path, and that even though my motivations to start this journey was selfish and was based out of anger and rage, I transitioned to a much more mature and a better
state and motivation in that this was bad for consumerism, and this was bad for privacy,
and this was bad for everybody in the world who didn't have the skills to do something about it.
And Sony and the AACS and Toshiba and all those companies that treat us like
numbers and value us only to the extent that our dollars are handed over to them need to pay
and will pay. So I was invited to this secret kind of hacker group, which was really cool.
And so we shared all of our insights and all of our strategies with one another. And I helped other hackers get better at breaking DRM.
And they did the same for me. So an interesting thing about the hacking scene is
if we think we're first to do something, we might only be first to release it. We might not have been first to find it.
And there's value in not releasing information.
Because if companies like Sony and Toshiba and others think that the current version of the protocol hasn't been broken yet,
they're under no obligation to change anything.
When Ige posted his key on the forum, it triggered a chain of events.
The key is first picked up by software developers
who create the software that can easily rip or copy a Blu-ray disc.
Then the rippers get a hold of that software
and begin making copies of their Blu-ray movies.
Then they post and distribute the movies to torrent sites like the Pirate Bay.
And then pirates can download movies
and watch them without having to buy them.
Aegis Key caused a serious ripple effect
that rang through the pirating community.
The AACS is the organization
that created the encryption on the Blu-ray.
And they had a plan in the event
that a key like this got leaked.
As soon as they became aware the key was being used by pirates and hackers,
they would change the algorithm. Yes, the key that EJ found would continue to work to copy
Blu-ray movies up until then, but the AACS made it so that key wouldn't work on any new Blu-ray
movies that were made after that. So the hackers would have to find a new key and break the encryption again. So it's this cat and mouse game that goes on infinitely as long as they know the
latest version has been compromised. So there's a lot of power in breaking a system, but keeping
that break quiet. But the AACS did more than just change the algorithm. They tried hitting back at
websites that posted their keys publicly. When the processing key was released, something funny
happened. The AACS LA thought that they could impose upon the internet their will of takedowns.
So they had their lawyers send all these takedown notices to all these
different sites who posted the key in articles like Dig, Flashdot, and others. And we look at
it and laugh, just completely discarding this idea as utter crazy. But that's the world the
lawyers live in. Somehow they think this makes sense. They think they are entitled to this because it is right.
But to them, it still makes sense. And what was happening was keys are hexadecimal values.
So they're literally strings of A through F and one through nine is all they are.
And it's text data. It's something that you can hide in so many different ways.
So a lot of people started disguising the numbers of the processing key in colors and images and
reversing it and disguising it a way that would make search
algorithms impossible to find it. And that was where hackers and technologists and the community
abroad just started taking advantage of the stupidity and just the lack of social and internet awareness
by these executives, by the AACSLA.
You see, you can't declare war
on an infinite army of smart people
who are motivated by a greater cause.
And our cause is social justice.
And our cause is bigger than any sort of legal army they're going to be able
to mount. And that's why it doesn't really matter at the end of the day how many lawyers they send
after us. And I find it humorous to think that lawyers still think they have any sort of strength
and any sort of influence compared to an army of hackers and an army of
passionate and motivated internet users. I remember a scene at American Express.
And keep in mind, I was a director level as the security portfolio architect, and I reported
directly to a VP. And there was this one day while this was
going on, this was probably three, four days after I released the information. I had a one-on-one
with my VP, my boss, a very, very, very, very nice lady. I have such a great respect for her.
She called me in for our one-on-one and she knew, she knew something was up.
I'm sure I was physically showing signs of stress and tension and nervousness.
But I remember she was very perceptive and she said, what's wrong?
Something going on?
You don't seem like yourself.
And I remember that conversation because of course I denied it. You
know, I was like, no, no, you know, maybe I just didn't sleep well, insert any excuse here to try
to jump to the next topic. But I remember, I remember thinking about that for years to come.
And I said, you know what? I'm not like my old self. I'm different. This has been a, in a lot of ways, this has been almost an opportunity to be reborn.
And so it was that moment forward that I decided I'm going to quit American Express because I just wasn't enjoying the work.
The excitement, the adrenaline bump that I got from this whole hacker thing was very exciting. And I mean, I don't think
I'd want that sort of adrenaline bump every week in my life, because I'd probably fall over dead.
But it was so exciting. And it was so invigorating and empowering to know that I just,
on a whim, I made a decision to do something totally new. And it worked.
You know, it's kind of like that quote from Tron.
I kept dreaming of a world I thought I'd never see.
And then one day...
You got in.
That's right, man. I got in.
And it's that moment of euphoria, that moment where nothing is the same.
You're not the same person.
You can't ever go back.
You've been reborn in a lot of ways.
And I ended up quitting American Express not long thereafter.
I think it was about 10 months after.
And I went into game programming, which ended up being a seven-year
journey for me, where I made games such as Guitar Hero and Max Payne 3 and Grand Theft Auto 5. I was
one of the lead programmers for Grand Theft Auto 5 for five years with Rockstar. Some of my code
is still in Red Dead Redemption 2, which is coming out this fall. Even though I resigned from Rockstar. Some of my code is still in Red Dead Redemption 2, which is coming out this fall.
Even though I resigned from Rockstar two and a half years ago, very amicably, and I missed that
studio and I missed the people I work with, it was part of my evolution. And I resigned so that
I could become an entrepreneur and that I could do things like Demon Saw and most recently my current company, Promether.
As much as I would love to give a really exciting summary and conclusion,
the saddest part of the story is that
there really hasn't been anything that came as a result of this.
It's almost like there's been no retribution.
There's been no follow-up. There's been no running down the street. I want to see a scene from like Bourne Identity where Matt Damon's running from a bunch of KGB agents. There hasn't
been anything exciting like that, which is probably a good thing, right? I mean, we don't need those things in our lives.
But the AACS never came after me.
Sony never came after me.
And it makes sense why they didn't.
They wanted this thing to go away.
They wanted the fact that their protocol and their specification was insecure and was a terribly written protocol.
They wanted people to forget that. They just wanted to make money. They wanted Toshiba and
Sony and Philips and Emerson and all these other companies to just keep paying their licensing fee
for the specification, the AACS spec. And they just didn't want the publicity. So I guess it makes sense,
if you think about it, why they didn't follow up, why they aren't making a stink about this
or making this very political or very out in the open, because they just want it to go away.
They just want to make money. And that kind of sums up the entire reason for this specification. It's not about protecting
us. It's not about even protecting the content. It's just about making money.
I sure as hell hope that there was a board meeting or at least a bunch of executives,
and some sort of dumbass executive said,
why the fuck can't we stop these hackers?
And it's a rhetorical question.
You wouldn't have us if you treated us fairly.
Most of us are honest people.
Most of us will pay a fair price for content.
Nobody wants to steal and cheat and we don't want to be pirates.
The moment companies give us good content at a fair price in a convenient way,
piracy is going to be destroyed.
Just treat us with respect and dignity and we will pay for your content.
You, whoever you are out there,
you are listening to this right now. You are not powerless. You who are listening to this
are far more powerful than I am. And it's just a matter of whether tomorrow when you wake up,
you know, you're going to do something about the injustice in the world i heard an interesting
quote i don't remember who the the athlete was but somebody was interviewing uh this uh olympic
athlete and they asked her they said how do you do it how do you achieve these great feats
and she said it's really easy every morning when the alarm clock goes off, I choose not to hit snooze.
Sometimes the secrets to life
is just not pressing the snooze button.
Ija is currently working on two projects he created himself,
DemonSaw and Promether.
DemonSaw is a secure and anonymous file sharing app. Think of it like a decentralized Dropbox that you can run on
your own server. And Promether is a way to transfer files and communicate securely, even if you're
operating in an insecure network. Both projects are free for anyone to use, and Demon Saw is available now to use.
You've been listening to Darknet Diaries. To learn more about EJ, check out darknetdiaries.com.
This show is created by me, Jack Recider, with editing help from Stephanie Jens.
Theme music is created by Breakmaster Cylinder. If you like this show and want to help it out, it would mean a lot to me if you would tell others about it.
Spread the word any way you can. Thanks a lot.