There’s some serious dishonesty going on here, trying to portray end to end crypto as some kind of horrible thing only criminals use. Yet I’d imagine the combined userbases of WhatsApp, Signal and Apple iMessage make up the majority of all message traffic worldwide, excluding countries that restrict internet traffic significantly. For example, you can’t subpoena to get the messages in any of these... this is the same for all E2E chats.
It is not a bug that police and governments can not access and hear all of your “offline” communications. It is likewise not a bug that police and governments can not access and see all of your online communications.
This could be an interesting story if half of it wasn’t just unabashed fearmongering.
I look forward to going to prison some day for dual booting my computer because some criminals did it on phones once!
I think you are projecting on to the story. The other way to read this is that with privacy such a rare feature of mobile phones, it's almost inevitable that criminals would end up becoming purveyors of privacy conscious phones.
I think you could argue that the great charge against privacy is causing this problem.
It's ironic because many journalists usually rely on end-to-end encryption heavily to protect their own security in places hostile to them. VICE is a disgrace.
Er, this very article talks about how sources contacted the journalist over E2E messaging to protect their anonymity. The journalist lists his Signal contact info on Twitter. It's not like he's unaware of what E2E messaging is or who uses it....
Nothing dishonest here. A criminal enterprise purposely creating a phone with hidden OS to cater to the criminal market. No privacy conscious person buys a black box $1200 phone that costs $700 every six months. This doesn't mean all encryption is for criminals, rather the story is about for product being for criminals.
Telegram is not encrypted for for group or direct chats unless the user creates a secret chat. So although telegram is probably above signal in usage, I would guess encrypted chats are not
I wonder how many of these "secure phone" companies - if not being run by drug cartels themselves like this in this instance - are actually being run as honeypots by the FBI/DEA? Would be a great idea if they are so popular in the crime world. A bit like how Tor sites are run as honeypots too.
They may be running, no doubt on that. But if they don't "scatter" their operations and try to get monopoly or oligopoly of the market they'll in trouble because nobody will trust this "companies".
On a similar note, I wonder, what kind of ERP software do modern organized crime use? Do they use SAAS? Regular commercial software or FOSS installed on private cloud?
In other words, does the dark web have a SAAS Salesforce equivalent for the bad guys?
* The lawsuit was dismissed recently under the premise that SaaS providers can't be held liable for what they're used for.. not that Salesforce wasn't used for it.
I know a guy who was deep in the online steroids world like 10 years ago. He would find clients on body building forums. There was eventually a bust and he didn’t get nabbed although many other associates of his did. He couldn’t believe at the time that a bust could have happened given how minor that was compared to narcotics.
The most interesting part of the story was that during the time he was under investigation he was completely overcome with fear and worry, so bad he was vomiting blood. Once he got through it without any charges he completely got out of drug dealing and became a software engineer.
I don’t think people who dabble in crime truly understand how nerve wracking it is until something really bad happens. Effective criminals are sociopaths who don’t experience fear the same way as most people. It’s so much better to work in legal industries.
Isn't it pretty common to get ulcers from merely stress / "psychological causes" and also pretty standard for ulcers to cause you to vomit up blood? I don't think this is strange....
I don't want to talk about my own experience in detail, but I just got to say paranoia is a disease that eats your mind from the inside. If you've never experienced it I envy you.
>Effective criminals are sociopaths who don’t experience fear the same way as most people.
Strong disagree. The effective ones still feel it, they're just confident they can win in the end. The paranoia makes you put way more thought and effort into it. The ones that don't feel the fear are the ones that will be lazy about op-sec and get caught.
Also being reckless and just barely escaping is itself an addicting feeling. Like going to Vegas but the stakes are for real and the club is more exclusive.
Same. I have sat next to kilo-level cocaine dealers and seen them pray in the car while waiting to re-up. I never met any drug dealer or even killers that even pretended to be unafraid about what they're doing.
I thought it was a lot of fuss over nothing, eg baseball players juicing, until I read The Waxman Report by former Sen Henry Waxman. I learned that steroids were a serious problem for teenagers and other aspirants, leading to health problems, and occasionally suicide. Sen Waxman's own intro to the issue was from constituents who's own son was using and then killed himself.
Can someone tell me why a special custom phone would be necessary? What could it possibly give you that Signal and a fingerprint lock doesn’t? Is it just a case of criminals not understanding the technology? I’d actually be more suspicious of a phone that has been hacked apart by a shady company.
Spies would never use obviously custom phones for this reason. The goal is to blend in, not stand out. Especially when the adversary has total network access.
As the CIA learned in Lebanon when their network got rolled because Hezbollah noticed certain phones left off most of the time except the occasional use before being turned off the network again - very unusual behaviour which exposed their trade raft.
The majority of drug dealers don't face this level of threat, depending on the country, where any level of encryption and careful phone protocols would go a long way. But the very big ones will as the bigger agencies have much broader reach and the NSA shares with DEA all the time.
WhatsApp was probably the best thing to happen to drug dealers in a long time. But most of them are too dumb to know that and people will always be the greatest weakness regardless of all the fancy tech.
The way I understand is they used existing phones like google pixel, and loaded them with custom android distribution, with their end to end encryption set as default.
This article is atrocious yellow journalism stoking fear about encryption. Yes, people that used to traffick drugs started selling phones, possibly using their old network for sales. And yes, these bad dudes sent some thugs to threaten and assault a business competitor.
But what were the capabilities of these scary, criminal kingpin, super secret, drug-trafficking phones? "[They] run software for sending encrypted emails or messages, and use their own server infrastructure for routing communications. Sometimes the devices have the microphone, camera, and GPS functionality removed. Some also have a dual-boot mode, where powering on the device as normal will show an innocuous menu screen with no sensitive information. But if certain buttons are held down when turning the phone on, it will reveal a secret file system containing the user’s encrypted text messages and other communications. With these tweaks, the ordinary methods for law enforcement to intercept messages are cut-off—police can’t simply get an ordinary phone tap or subpoena messages from a company; the texts are typically only available in a readable form on the users’ devices."
These should be the capabilities of every phone on planet earth! They used off the shelf phones, CopperheadOS, extra security configuration, data only SIMs, and a layer of anonymization since the customer didn't have their name on the SIM, and probably a custom app for the deniability mode. That's it.
The lede of the article is about a reporter's murder that could have had something to do with any of the reporter's many organized crime subjects, not just the phone company. He just happened to be hanging out with the MPC guy that night. It's not illegal to sell encryption. I don't know why the author here is trying so hard sensationalize encrypted phones as having to do with murder, fear, strip clubs, drugs, etc. -- I hope it's just clicks.
Presumably the SIMs were anonymously bought/registered. There's no link to the user. If you knew the drug kingpin was using a particular sim/phone (IMSI/IEMI), you can track it, but that's like looking for a needle in a haystack (no intercepted texts/calls to go by).
If you know two locations that the kingpin in question frequents regularly (for most of us that is home & work), you can easily narrow down your haystack down to very few needles real fast. How many people live within 50m of your home and work within 50m of your office?
It is not a bug that police and governments can not access and hear all of your “offline” communications. It is likewise not a bug that police and governments can not access and see all of your online communications.
This could be an interesting story if half of it wasn’t just unabashed fearmongering.
I look forward to going to prison some day for dual booting my computer because some criminals did it on phones once!