Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Wednesday February 15, @09:09PM   Printer-friendly

There Is No 'Going Dark:' Dutch Law Enforcement Spent Months Intercepting, Reading Encrypted Messages:

To hear consecutive FBI directors tell it, unless legislators are willing to mandate encryption backdoors, the criminals (including terrorists!) will win. That's the only option — at least according to Jim Comey and Chris Wray — given that the FBI, with its billions in funding and wealth of brainpower, is apparently unable to decrypt files and devices simply by waving a warrant at them.

All evidence points to the contrary. What FBI directors refer to as "going dark" is actually just the temporary blindness that results from staring directly at the Golden Age of Surveillance sun. While FBI directors waste their time making everyone stupider, law enforcement agencies around the world (including the one represented by these particular misguided loudmouths) are putting plans into action.

Twice in 2021 alone, investigators around the world announced the end results of long investigations that involved taking over message servers or otherwise compromising encrypted communication services that were allegedly marketed almost exclusively to criminals. The FBI, in conjunction with Australian law enforcement, subverted and ran an encrypted messaging server for three years, intercepting millions of messages — something that led to hundreds of arrests around the world. A second investigation targeted a Canadian encrypted service provider, resulting in a number of charges being brought against its CEO.

It has happened again, as Joseph Cox reports for Motherboard. And once again, we can attempt to put FBI director Chris Wray's pouty, anti-encryption bullshit to bed.

Dutch police have cracked another encrypted phone company, this time reading messages from, and then shutting down, "Exclu," according to announcements from the police and Dutch prosecution service.

The news demonstrates law enforcement agencies' continued targeting of the encrypted phone industry, part of which has served organized criminal syndicates for years. The Dutch police specifically have been behind many of these hacks and shutdowns, working on other investigations into companies such as Ennetcom and Sky.

Whether or not these arrests will result in convictions or any perceptible decrease in crime is unknown. But what is certain is that the mere existence of encryption is not a dead end for investigators. The FBI knows this. Its upper management, however, continues to pretend otherwise. Until the FBI can be honest about the challenges posed by encryption, its opinion on the matter can't be trusted.


Original Submission

This discussion was created by janrinok (52) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 5, Insightful) by SomeRandomGeek on Wednesday February 15, @09:41PM (9 children)

    by SomeRandomGeek (856) on Wednesday February 15, @09:41PM (#1291943)

    The FBI wants a investigative tools that fit the way they like to investigate. One of their favorite existing tools is the law that makes it a felony to lie to an FBI agent. Everybody lies, constantly, about everything. So, all they have to do is squeeze the subject. They conduct a few interrogations, catch their subject in a lie, then use the crime they have manufactured to blackmail the subject into cooperating with the investigation. A cyber investigative tool that worked like this would be some mechanism that guaranteed that they could either get the subject's computer records, or slap the subject with a hiding/destroying/falsifying records charge.
    The example investigations from TFA involved breaking into those computers that they could and then waiting for years for them to be used for something incriminating. That is a completely different style of investigation.
    Either way, we're fucked, because the supreme court has decided that our right to be free of unwarranted searches applies only to those kinds of searches that existed when the constitution was written, and as new kinds of searches are invented they are permissible until specifically outlawed.

    • (Score: 4, Interesting) by JoeMerchant on Wednesday February 15, @09:57PM (6 children)

      by JoeMerchant (3937) on Wednesday February 15, @09:57PM (#1291944)

      >The FBI wants a investigative tools that fit the way they like to investigate.

      And, why wouldn't they petition Congress for ways to do their job easier, cheaper and faster?

      What we need, but seem not to have, is equal representation in Congress for the rest of us who suffer material damages from backdoors in commercial encryption products.

      Because, only a moron would believe that real criminals won't roll their own undetectable steganography layered with unbreakable cryptography. Ergo, the entire debate is about lightweight criminals (which is pretty much all that the FBI has ever been able to interdict, anyway.)

      Oh, and the effort involved in becoming a heavyweight "so dark the Feebs don't even know you are operating" crypto-user? Something akin to a 2 year AA degree in computer science, and a few weeks effort in making the applications which probably can run on hardware you can cobble together off of Amazon for less than $100 per endpoint.

      Wild tangent: it took a F-ing 200' tall Chinese surveillance balloon with three schoolbuses full of equipment hanging under it for NORAD to recalibrate their radar apertures and "discover" not one, but three, so far, privately operating high altitude balloons in US-Canadian airspace that "might be a threat to civilian aviation".... again, your average middle-class high school nerd with a little bit of interest currently has the resources and ability to launch and maybe even operate one of these things... I am bi-partisanly disappointed in our leadership's apparent blindness to this reality for the past several decades... I mean, if Russia wanted to, they could have delivered a 50MT nuke pretty much anywhere in the mainland USA, up until a couple of weeks ago, and with altitude controlled steerage they probably could have managed a synchronized delivery and detonation on Los Angeles, NYC, Washington DC, Atlanta, Miami, Chicago, Dallas, Houston, Denver, San Francisco and St. Louis before we ever knew what was happening.

      --
      Україна досі не є частиною Росії Слава Україні🌻 https://news.stanford.edu/2023/02/17/will-russia-ukraine-war-end
      • (Score: 4, Interesting) by SomeRandomGeek on Wednesday February 15, @11:32PM (2 children)

        by SomeRandomGeek (856) on Wednesday February 15, @11:32PM (#1291951)

        Ergo, the entire debate is about lightweight criminals (which is pretty much all that the FBI has ever been able to interdict, anyway.)

        Not at all. The FBI doesn't want to outlaw strong encryption so that they can get into the computers of people who will be forced to use weak encryption. No, they know that their target criminals will use strong encryption anyway, and they want to be able to arrest them for that. It's like busting Al Capone on tax evasion. The only problem is that they think everyone who cheats on their taxes is Al Capone. And, of course, being able to spy on innocent people is just gravy.

        • (Score: 1, Interesting) by Anonymous Coward on Thursday February 16, @01:17AM

          by Anonymous Coward on Thursday February 16, @01:17AM (#1291964)

          Don't forget the FBI might abuse the backdoors in order to plant/forge evidence, can you really trust the FBI not to?
          https://soylentnews.org/comments.pl?noupdate=1&sid=53750&page=1&cid=1291963#commentwrap [soylentnews.org]

        • (Score: 2) by ChrisMaple on Thursday February 16, @03:45PM

          by ChrisMaple (6964) on Thursday February 16, @03:45PM (#1292020)

          Unbreakable strong encryption can be made indistinguishable from noise. Until decrypted, it cannot be proved that the file is not noise. This leads to all sorts of problems: if the investigative agency is honest, it can't prove that encryption is being used, so it shouldn't be able to get a warrant. If the agency is dishonest, it can get a warrant by claiming that a file of noise is evidence of encryption.

      • (Score: 2) by MIRV888 on Thursday February 16, @01:47AM (1 child)

        by MIRV888 (11376) on Thursday February 16, @01:47AM (#1291966)

        Just put it in a cargo container bound for Boom Port USA. Doing it via a North Korean front company would be icing on the cake.
        I'm offering pure conjecture, but I strongly suspect they've been aware of these balloons for some time.

        • (Score: 2) by JoeMerchant on Thursday February 16, @11:00AM

          by JoeMerchant (3937) on Thursday February 16, @11:00AM (#1292003)

          I'd like to think they have been aware of the balloons, but if they had there should have been recon missions to check for radiation, etc. and no reason to keep those missions (which I have never heard about) secret.

          The only reason the boom box hasn't happened yet is because the shielding required to make a critical mass of plutonium undetectable is heavier than a standard container carries...

          --
          Україна досі не є частиною Росії Слава Україні🌻 https://news.stanford.edu/2023/02/17/will-russia-ukraine-war-end
      • (Score: 1) by crotherm on Thursday February 16, @04:19PM

        by crotherm (5427) on Thursday February 16, @04:19PM (#1292023)

        I mean, if Russia wanted to, they could have delivered a 50MT nuke pretty much anywhere in the mainland USA

        Japan did just that in WWII with the Fu-Gu balloon bomb. https://en.wikipedia.org/wiki/Fu-Go_balloon_bomb [wikipedia.org]

    • (Score: 1, Interesting) by Anonymous Coward on Thursday February 16, @01:14AM

      by Anonymous Coward on Thursday February 16, @01:14AM (#1291963)

      then use the crime they have manufactured

      See also: https://theintercept.com/2015/03/16/howthefbicreatedaterrorist/ [theintercept.com]

      Osmakac was the target of an elaborately orchestrated FBI sting that involved a paid informant, as well as FBI agents and support staff working on the setup for more than three months. The FBI provided all of the weapons seen in Osmakac’s martyrdom video. The bureau also gave Osmakac the car bomb he allegedly planned to detonate, and even money for a taxi so he could get to where the FBI needed him to go. Osmakac was a deeply disturbed young man, according to several of the psychiatrists and psychologists who examined him before trial. He became a “terrorist” only after the FBI provided the means, opportunity and final prodding necessary to make him one.

      https://www.theguardian.com/world/2011/nov/16/fbi-entrapment-fake-terror-plots [theguardian.com]
      https://www.ted.com/talks/trevor_aaronson_how_this_fbi_strategy_is_actually_creating_us_based_terrorists?language=ha [ted.com]

      There's an organization responsible for more terrorism plots in the United States than al-Qaeda, al-Shabaab and ISIS combined: The FBI. How? Why? In an eye-opening talk, investigative journalist Trevor Aaronson reveals a disturbing FBI practice that breeds terrorist plots by exploiting Muslim-Americans with mental health problems.

    • (Score: 2) by janrinok on Thursday February 16, @07:02AM

      by janrinok (52) Subscriber Badge on Thursday February 16, @07:02AM (#1291990) Journal

      in conjunction with Australian law enforcement

      The Dutch police specifically have been behind many of these hacks and shutdowns

      The Supreme Court might shoulder some of the blame - but 2 of the 3 cracked systems involved other governments and were not necessarily US led. Those other governments will be keen to ensure that what they do meets their legal obligations to provide some protection if/when the investigation becomes public - but equally that any dirty work will, if possible, be attributed to the FBI.

  • (Score: 1, Insightful) by Anonymous Coward on Wednesday February 15, @11:30PM (4 children)

    by Anonymous Coward on Wednesday February 15, @11:30PM (#1291950)

    You can go dark, but you have to be willing to go old school. We make fun of the Russians now because they're bogged down in Ukraine, but a number of years ago they allegedly went back to typewriters for some things in their intelligence community. Plans to meddle in US elections are most likely not accessible at any server, at any IP. Hacking a rusty file cabinet in the Kremlin is not impossible of course, just difficult and I have a feeling we don't have too many of those kinds of agents left... or so I'm told.

    If encrypted communications really matter, if the message is critical, if the bandwidth requirements aren't too high, then use a physical random number generator that dumps out a bunch of one-time pads, make sure people know how to use them, and distribute using trusted agents.

    People are lazy though, even with real high risk stuff. People get complacent. I think that's how we got Bin Laden. They were doing all kinds of controlled contact and message drops, but somebody got careless or dropped a dime on him. Intelligence isn't just methodology, it's trust.

    • (Score: 0) by Anonymous Coward on Wednesday February 15, @11:53PM (2 children)

      by Anonymous Coward on Wednesday February 15, @11:53PM (#1291952)

      I have a feeling we don't have too many of those kinds of agents left

      Is not a problem, my fine Yankee Doodle. I am the kind of agent that you refer to. You tell me which documents you want, and I'll manufacture - errr - liberate them. You want love letters between Vlad and his gay boyfriends? I get!

      • (Score: 0) by Anonymous Coward on Thursday February 16, @01:57AM

        by Anonymous Coward on Thursday February 16, @01:57AM (#1291969)

        Yes, double-agents are a problem when you go old school too. Feed disinformation to both sides. Collect two paychecks. I bet those guys were some sick adrenaline junky psychopaths who didn't care about either side.

      • (Score: 2) by Freeman on Thursday February 16, @05:42PM

        by Freeman (732) Subscriber Badge on Thursday February 16, @05:42PM (#1292036) Journal

        Made much easier in the age of ChatGPT.

        --
        Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
    • (Score: 2) by bart on Friday February 17, @07:32PM

      by bart (2844) on Friday February 17, @07:32PM (#1292254)
      The typewriters were actually used by the German government after it was found out that the NSA was spying on all the government communication of their allies.
      Thanks Edward Snowden for making all this so completely clear.
  • (Score: 2, Insightful) by Anonymous Coward on Thursday February 16, @12:16AM (1 child)

    by Anonymous Coward on Thursday February 16, @12:16AM (#1291956)

    If a criminal is using encryption effectively, and not picking the wrong services that happen to be compromised, then they will be able to Go Dark.

    With more mainstream services implementing end-to-end encryption with no backdoors, even some of the dumber criminals will be protected, if only by accident.

    This is a typical biased rant from TechDirt. The FBI has good reasons to be whining about encryption, as it impedes their jobs. At the same time, citizens are also correct to tell the FBI and other three letter agencies to shove it. You have no obligation to give up your privacy to make it easier for the government to catch criminals. If a murderer goes free because damning chat logs and searches aren't available, oh well, better luck next time.

    • (Score: 4, Interesting) by sgleysti on Thursday February 16, @03:55AM

      by sgleysti (56) on Thursday February 16, @03:55AM (#1291979)

      Even if messaging services properly implement end-to-end encryption, I have the sneaking suspicion that modern smartphone and desktop operating systems are essentially swiss cheese from a security standpoint.

  • (Score: 3, Insightful) by MIRV888 on Thursday February 16, @01:39AM

    by MIRV888 (11376) on Thursday February 16, @01:39AM (#1291965)

    Handing out 'super encrypted' phones via a bs corporate entity to various criminal / intelligence targets was absolutely brilliant.

(1)