FBI and Australian Police Ran an Encrypted Chat Platform To Catch Criminal Gangs (therecord.media) 86
The FBI and Australian Federal Police ran an encrypted chat platform and intercepted secret messages between criminal gang members from all over the world for more than three years. From a report: Named Operation Ironside (AFP) / Trojan Shield (FBI, Interpol) on Monday, law enforcement agencies from Australia, Europe, and the US conducted house searches and arrested thousands of suspects across a wide spectrum of criminal groups, from biker gangs in Australia to drug cartels across Asia and South America, and weapons and human traffickers in Europe.
In a press conference on Monday, Australian police said the sting operation got underway in 2018 after the FBI successfully seized encrypted chat platform Phantom Secure. Knowing that the criminal underworld would move to a new platform, US and Australian officials decided to run their own service on top of Anom (also stylized as AN0M), an encrypted chat platform that the FBI had secretly gained access to through an insider. Just like Phantom Secure, the new service consisted of secure smartphones that were configured to run only the An0m app and nothing else.
In a press conference on Monday, Australian police said the sting operation got underway in 2018 after the FBI successfully seized encrypted chat platform Phantom Secure. Knowing that the criminal underworld would move to a new platform, US and Australian officials decided to run their own service on top of Anom (also stylized as AN0M), an encrypted chat platform that the FBI had secretly gained access to through an insider. Just like Phantom Secure, the new service consisted of secure smartphones that were configured to run only the An0m app and nothing else.
STFU! (Score:2)
Why do they tell how they did it? Now it won't work in the future.
Re: (Score:2)
Maybe the criminals already figured it out?
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
it would have been better if the evidence was presented as being from a compromised device or encryption without going into the details of how it was compromised, and at least leave some doubt that the whole device and messaging app was a trojan from the very beginning.
Having it publicly known that the software and phones themselves were all FBI trojans means that any future attempt at an operation like this will be much harder, if not impossible.
The public doesn't need to know that this was how the operat
Re: (Score:1)
Yes, but many criminals are dumb or careless. That's why they don't have a real job.
Re:STFU! (Score:5, Insightful)
It's also an endless cat-and-mouse game that's about as old as history. It'll happen again. And again. Also, by creating doubt about things that criminals care about, law enforcement are making things harder for them in general.
As an aside:
Dear FBI,
You keep telling us that strong encryption will make catching criminals impossible, and yet here you have an unprecedented haul of caught criminals done via strong encryption. Please explain this discrepancy.
Love,
The general public.
Re:STFU! (Score:4, Informative)
Maybe the criminals already figured it out?
According to a commenter at SANS "Part of the decision to stop monitoring and making arrests was a blog posting (since deleted) detailing the behavior of the ANoM app, this March, which didn’t correctly attribute the backdoor to the FBI."
https://www.sans.org/newslette... [sans.org]
So maybe the criminals were indeed starting to figure it out, albeit slowly.
Re:STFU! (Score:4, Interesting)
That’s bad enough, but the bit that caught my eye was the observation from the person testing the handset that it continued to chat to *Google* servers in the 5-eyes countries.
I’ve no evidence to support this, but when I read that, I looked again between the lines and thought, ”Meh, the authorities have persuaded Google to host data collection services for compromised Android handsets using Google IP addresses. So if the criminals do investigate the phones, it’s going to look like telemetry or similar You know, a bit like all the “telemetry” that Windows 10 sends home”
So difficult to know these days, given the lengths people are willing to go to.
Re: (Score:3)
They'll do it for you too, for free (Score:2)
> Iâ(TM)ve no evidence to support this, but when I read that, I looked again between the lines and thought, âMeh, the authorities have persuaded Google to host data collection services
You can convince them to host your web service too.
For free. It's called the F1 micro on Google cloud.
https://www.opsdash.com/blog/g... [opsdash.com]
Re: (Score:2)
It will always be relatively simple to catch stoopid criminals. By definition, they do stoopid things.
If it isn't using "encryption" without actually understanding encryption, it will likely be something else.
Re:STFU! (Score:5, Insightful)
Well, now the criminals can't trust any encryption. That means that it can slow them down quite a bit for a while.
Meanwhile most of the ransom for the pipeline ransomware is also recovered, which likely means that it's possible to track Bitcoin.
Governments may be slow, but they can be relentless in pursuing their targets if they really want.
Re: (Score:2)
Well, now the criminals can't trust any encryption. That means that it can slow them down quite a bit for a while.
Perhaps. Perhaps not.
Meanwhile most of the ransom for the pipeline ransomware is also recovered, which likely means that it's possible to track Bitcoin.
Meanwhile...the FBI, had the private key.
Governments may be slow, but they can be relentless in pursuing their targets if they really want.
Yes. Exactly. So perhaps don't be so quick to dismiss BTC integrity just yet. I'm certain the FBI can get a hell of a lot out of someone with a $5 pipe wrench too. You know, like a private key that was used to (not) crack BTC...
Re: (Score:1)
Re:STFU! (Score:4, Insightful)
Anyone can track Bitcoin transactions from wallet to wallet. The paydirt is that the LEOs know which wallets to watch and can follow the trail. Tainted Bitcoins are a big thing, and even tumbled coins just mean more tainted coins that currency exchanges will not accept. You might be able to find an individual to trade, and maybe an escrow service so you can do a multisig transaction so the other party doesn't rob you blind when trading to something like XMR to the ill-gotten gains. However, all it takes is one bit of info to tie the wallet to a person, and the blockchain will do the conviction for the prosecutor from there.
Re: (Score:2)
which likely means that it's possible to track Bitcoin.
Of course it's possible to track bitcoin. Bitcoin is predicated on the fact that currency can be tracked. If you're talking about recovering bitcoin however you should note that the FBI got access to the ransome gang's bitcoin wallet's private key. This likely through either a hack on their computers or by paying someone off.
Re: (Score:2)
If it's encrypted but not open source, the FBI has compromised it.
Re: (Score:2)
You're right, in the short term. But criminals have a very short memory. I'll wager they quickly latch on to some new encryption system that purports to "fix" the problems they had with Anom.
Criminals by definition have trouble with logic. They think that they are somehow so superior to other criminals, that they will escape getting caught. Even the lucky ones that do "beat the system" still have damaged and dysfunctional relationships that are a natural consequence of living a lie. In one form or another,
Re:STFU! (Score:5, Insightful)
One of the pesky problems with U.S. law is that you have to authenticate your evidence (demonstrate that it is what it purports to be, including how you obtained it) and there's a constitutional right to confront and question your accuser, meaning the people who obtained the evidence against you in the first place.
You could make these disclosures piecemeal per defendant, but it's not a good look, word gets out anyway, and it's a lot of extra effort. Also, the disruption that comes with "your next top secret criminal communications provider could be a front" is bonus that you might as well exploit.
Re: (Score:2)
To Tablizer's point, if this had been spying, then they would not have revealed the methods. At least, not on purpose.
Re: (Score:2)
Re: (Score:2)
Current end of the FP branch. Not too impressive as discussions go, but I'm always hoping for more depth.
Regarding your [DaveV1.0's] specific reply, you're looking at it sideways. The planting of insecure communicates apps has to take place in the past and the results will be harvested in the future. Except for the results that have already been harvested, per the story. That's why the FP itself misses the point so badly. The FBI has to make the arrests at some point, and when they make the arrests they hav
Re: STFU! (Score:1)
Re: (Score:3)
Color me skeptical, but you reminded me of "Reflections on Trusting Trust". https://www.win.tue.nl/~aeb/li... [win.tue.nl] Where did the decades go?
Re: (Score:1)
Most likely word was getting out. I mean, how long can you keep running such infrastructure without getting called out.
Case in point:
https://webcache.googleusercon... [googleusercontent.com]
(webcache because original was taken down)
Re: (Score:2)
They arrested and charged people. In civilized nations, the government has to show all evidence it uses and where they got it in a court case.
They had to reveal it or they could not get convictions.
Re: (Score:1)
The only surprise is that anyone trusted it to begin with.
Re: (Score:2)
Why do they tell how they did it? Now it won't work in the future.
They have to in order to use it for evidence. So once they start going to court with it it will all come out.
Apparently (if I got it right through the popularization filter of another article on it I read a couple hours ago):
- Some legal time limits on how long some of the participating law enforcement operations were allowed to tap communications were about to expire, and
- They needed to do a bust now to head off some big cr
Re: (Score:1)
Re: (Score:2)
90 countries worth of arrests.
Most of them with juristictions that allow discovery from defence. It wasn't going to be secret for very long.
Regardless, the FBI needed to disclose due to its prosecution briefings since the US is *absolutely* one of those countries where your entitled to know what the evidence before you is.
Re: (Score:3)
https://www.zdnet.com/article/... [zdnet.com]
The FBI's fuckup in keeping the evidence clean and legal resulted in very lenient sentences for having, hosting, and distributing CP involving bestiality and sadism, which is considered the "worst" form of it. If they didn't, then all these criminals would walk free.
They've just proven they don't need backdoors to e (Score:1)
Re: (Score:3)
Which this isn't, nor is it in piracy cases. In short, entrapment is when authorities induce someone to do something illegal they wouldn't normally do. (there's more to it, but that's the preview version)
In this case, the criminals were already committing crimes (thus calling them criminals). The only thing the authorities did was give the criminals a device which allowed the authorities to eavesdrop on the illegal activities. The
Re: (Score:2)
It's not entrapment, as you say. It does appear to be fraud though. For the suspects in the US at least, they also might have an argument for various 4th amendment violations.
Re: (Score:2)
I have a feeling the FBI had little difficulty in getting a warrant to monitor the traffic over their honeypot service.
Re: (Score:3)
A honeypot is generally a system that is set up for people to break into illegally. The idea could extend to some sort of illegal marketplace. However, encrypted communications are legal. The users are not breaching the system and they are not going to a marketplace specifically for contraband, etc. They are just communicating over an encrypted network. One that, it's worth noting, was seized by law enforcement, not created. This appears to quite clearly be warrantless wiretapping.
Re: (Score:2)
This appears to quite clearly be warrantless wiretapping.
Except that, per TFA, they had a warrant.
Re:They've just proven they don't need backdoors t (Score:4, Insightful)
A warrant that does not sound like it meets the requirements of the constitution. They would not have had to launder the wiretapping through a foreign country if the operation was on the up and up.
Re: (Score:2)
My reading of the article is that they seized a service, set up a new service that acted like the original (but was not identified as being the original) using a common backbone, and then seized other services to "herd" their targets to their monitored service.
Re: (Score:2)
A service that no-one paid for and had any agreements to use, but carried on using anyway? Seems a bit unlikely. Basically, if the the government can just secretly seize and replace communications services and monitor everything, it basically means that there is no 4th amendment.
Re:They've just proven they don't need backdoors t (Score:4, Interesting)
Nope, not fraud either. Fraud is when you induce someone by false means to give up possession of property. Since these people were arrested for the acts they committed or were about to commit, there was nothing for them to give up. Also, I'm not sure the criminals want to admit the tons of drugs seized were their property.
A much longer definition and explanation [thefreedictionary.com] for fraud.
Re: (Score:3)
It's right there at the start of the article you linked:
A false representation of a matter of fact—whether by words or by conduct, by false or misleading allegations, or by concealment of what should have been disclosed—that deceives and is intended to deceive another so that the individual will act upon it to her or his legal injury.
This was a seized service that they continued operating for years. The service made certain guarantees to its customers and had certain contractual obligations. It would have also continued collecting fees during that time. For those years of operation, were the operators providing the agreed upon services under the agreed upon conditions? If not, then yes it's obviously fraud.
Re: (Score:2)
Re: (Score:2)
Legitimate warrants have specifically defined scope. This appears to be ridiculously broad.
Re: (Score:2)
Re: (Score:3)
Fraud? It is fraud in the same way an undercover operation is 'fraud'. In other words, not at all.
As for 'various 4th amendment violations': from TFA - 'Per court documents, investigators shut down the sting operation after their interception warrant expired on June 7'. They had a warrant.
Re: (Score:3)
It's fraud in the sense that they were operating a commercial service with contracts and service level promises etc. while collecting fees while completely ignoring their responsibilities under those contracts.
As far as a warrant goes, a multi-year blanket warrant on thousands of people seems to be a bit of a mockery of the system. The fact that they had to launder this through multiple countries to get around "jurisdiction" issues shows how legally dodgy this all was. I would not be very surprised if a lot
Re: (Score:2)
It's only entrapment if law enforcement deliberately encourages you to commit the crime, like if a cop comes up to you and asks if you want to buy some crack, and cuffing you when you say yes.
Re: (Score:2)
This wouldn't really work with a good E2E system.
It works if the 'encryption' is just TLS to the chat server, meaning that it's only encrypted on the wire, and thus whoever owns the servers has the data.
It can work on E2E only if the platform in question 'helps' the users distribute keys and substitutes their own key to be man in the middle, and the platform skips any sort of key validation. For example, an E2E crypto client will generally show both parties some derived set of emojis or whatever, and a key
Re: (Score:2)
This wouldn't really work with a good E2E system.
They said that the end-to-end encryption was perfectly fine and secure. Except that besides sending the end-to-end encrypted message, the app sent a second message straight to the FBI, encrypted with the FBI's private keys. So other than the intended recipient and the FBI, absolutely nobody could read the messages.
Re: (Score:2)
The title of the previous post said they've proven they don't need backdoors.
However, here they explicitly had a backdoor. The application was made to backdoor your message to the FBI.
The Wire (Score:2)
Everything works once.
Re: (Score:3, Interesting)
Reminds of a high school basketball team who filled their team with track stars. As soon as they got the ball they'd race to the other end of the court before the other team could catch up. They were not very good at defense but great on offense because they outran the opponent. They kept winning high in the playoffs until other teams did better conditioning in order to keep up with them specifically.
Re: (Score:2)
That sounds like one of those 1950s black and white Disney sports movies.
Re: (Score:1)
The flicks like that I remember is where either an invisible player tipped the ball back in, or they had super-rubber shoes that allowed them to jump high.
Re: (Score:1)
Re: (Score:3)
That's why you got to watch out for those old people. They've seen all this before so it's not nearly as surprising to see it come around again. Heck, by 40 you can spot repeating trends that have occurred during your own life.
This is why politics can be so infuriating. We have had some "problems" for decades. Why the heck can't we "fix" these terrible "problems"? You eventually realize no one actually wants to change anything because in some way it benefits them. It's sickening after a point. The corruptio
Re: (Score:1)
Stalemate (Score:2)
The biggest criminals run the governments' cloud services.
Well Done FBI. (Score:2)
Would Signal have been secure. (Score:2)
Maybe they could have hacked the servers that download Signal to send out a backdoored version. Of course, this would leave all sorts of innocent bystanders vulnerable. What is the legal status of this?
Re: (Score:1)
Re: (Score:3)
Signal has reproducible builds:
https://signal.org/blog/reprod... [signal.org]
This means you could verify the binaries against the source code cryptographically.
A criminal using something like Signal could of course do that for every binary he/she installs.
Unlikely they will do that. But they could.
Re: Unconstitutional (Score:3)
Wrong. There's nothing in the constitution about government but competing with private enterprise. Where did you get that dumb idea from? If you wish to continue to claim otherwise, please start with the article/amendment, paragraph, and clause of the place in the constitution that prohibits such conduct. Without that, any argument is devoid of meaning and will be ignored.
Re: (Score:2)
Ah yes, the redneck constitution, a magical document that bans the things I don't like and allows the things everyone who isn't me doesn't like.
Closed source proprietary encryption system ... (Score:5, Insightful)
It was a closed-source black-box proprietary encryption system.
As we've pointed out time and again: You can't trust it if you can't check it. Your security is totally at the mercy of the system's authors and operators.
But crooks are apparently no smarter than Pointy Haired Bosses. (Thank goodness.)
Re: (Score:2)
Re: (Score:2)
I'm not sure open source code would have thwarted the FBI's sting. Unless you build the binaries from source yourself, how can you be sure that the thing you just installed on your phone, matches the source code you examined? Of the thousands of these devices that were used, how many would have had the expertise to examine the source code for flaws or back doors?
Remember Heartbleed? https://en.wikipedia.org/wiki/... [wikipedia.org] That was open source software, yet it was used for years before people knew of its fatal sec
Warrant? (Score:2)
Did they get individual warrants for each of the accused and then only intercepted their comms?
In theory they could map the social graph and then seek additional warrants from there?
That many of us would assume they skipped the warrant process altogether is probably a bigger problem in the long term than whatever these people are convicted of.
If so and the Courts give them a pass then they've achieved more than any convictions, even if all the charges are dismissed.
Re:Warrant? (Score:4, Interesting)
It seems like there's a good chance the defense will make that argument. It might be a bit like Stingray [wikipedia.org], only more aggressive since it's actually collecting data. OTOH, they knew they were using the service--just not that it was a government service. It doesn't look like entrapment, since people weren't actually induced to carry out illegal activities--unless it was pitched as such and the agents actively encouraged people to carry out crimes using the service; then it'd be entrapment too, right?
I couldn't find any SCOTUS rulings on Stingray, and that's been out for a long time already.
Mark the post and remind me in... 10 years.
Re: (Score:2)
Re: (Score:2)
What was there to intercept? What they did was equivalent to organizing drug deals in a PD's interrogation room.
Great work (Score:2)
This is an example of how a targeted operation against a group of miscreants should work. Criminals are in general not the smartest souls and this operation takes advantage of the fact that they want to use technologies they don't understand and can't make themselves, if you look at the pictures of the raids most are just muscled up thugs and gym junkies not savants.
By the same token, when policing agencies ask for the right to decrypt all communications, what they're really saying is that "I don't understa
This will never happen on a domestic 5G network (Score:2)
Out with the Chinese, in with the Ciscos.
What is the betting... (Score:2)
I'd lay good money that they already have V2.0 already in place, remember there is no mitigation for stupid and lazy. Cream off the the most lazy, most stupid and get good headlines every couple of years. The less lazy, less stupid will be wise to this approach.
could lead to corruption problems (Score:2)