So I presume no legally mandated "backdoors" we're mandated for this to happen?
No thought not.
Just good Police work.
French and Dutch police have boasted of infiltrating and killing off encrypted chat service EncroChat, alleging it was used by organised crime gangs to plot murders, sell drugs, launder criminal profits and more. The encrypted chat platform is alleged by British, French and Dutch law enforcement agencies to have been used by …
No legaly mandated backdoors, no. Just the ones EncrChat made available to their own employees. All the cops had to do was get someone employed by EncroChat, and Bob's their Auntie.
I wouldn't call it good police work, I'd call it bad security practices at EncroChat.
How's that Zoom and/or Skype (etc. etc.) workin' for all y'all? Are your corporate lawyers happy with Microsoft storing all the stuff your employees use Office363 for?
Also, I now hate. you for making me admit that the French police might actually have done something good.
Having talked with some law forces agents working on cybersecurity during Lille' FIC2020, I can assure you they do some very interesting things, even if they lack of means and people. They are really very good compared to the poor resources allocated to them
You are right (and many of the comments are wrong). According to a more detailed description in Vice - https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked - the French hacked Encrochat's servers and had them install malware on the users' phones. The malware accessed the users' text inputs before they could be encrypted by the alternate OS and sent them to a police (or intelligence) server.
Encrochat didn't put encryption chips in the photos although they did physically disable the GPS, camera, and microphone. Encrochat didn't have their own backdoor to the phones. The police didn't have to crack any encryption. It was just a sophisticated malware attack.
No need for backdoors when you have brains.
"encryption chips in the photos"
Pics, or it didn't happen.
Sounds like a crap / pricey messaging app anyway. Are all these lawyers and journalists just there to communicate with the criminals, or just because of the integrity of the platform?
I'm considering crossing this off my ways to pass information to WikiLeaks under the circumstances - sorry Jules. Back to writing messages on the back of a fag packet.
I took an informal course by Prof Fred Piper of Royal Holloway, as part of my employment years ago at a security company. He was pretty sure that the most common ways of breaking cryptography were sex, drugs and money, with a little blackmail thrown in for good measure.
As for it being set up by state actors rather than career criminals, some countries have few scruples when it comes to villainy in other countries. If some country had set it up they would definitely not want the servers to be on their territory.
He was pretty sure that the most common ways of breaking cryptography were sex, drugs and money, with a little blackmail thrown in for good measure.
Coercion is often called rubber-hose cryptanalysis, and is much cheaper and easier than the mathematical kind. It is even enshrined into UK law in the Regulation of Investigatory Powers Act.
Looks like a honey pot to me, so yeh 100% backdoor:
I try to verify it, but it doesn't quite make sense. Why for example did villains trust it, yet normal people not? So many users claimed, yet such a tiny surface area of data to verify on the web and those are reports from the MET. Where did its marketing budget come from? It's development budget? How was tech support done?
Do a google search on Encrochat and look at the photos and the sources, you'd think a tech site would buy one and test it, and photo it. Since it would be useful for tech companies protecting their trade secrets, yet the photos are all tabloid or police reports.
How as the ongoing flow of payment handled?
It has the web surface of a psych-op, not of a technical product. The nuts and bolts are all missing for the transaction, the websites are shallow shells that get minor updates only.
I'm not the only person to think so, this from 2016:
"Evidence suggests Encrochat is working with the NSA and other authorities..."
Yeh, it looks like they pulled the plug on a failed honeypot, with a press release of stuff that doesn't verify. e.g. mob killings from 2015 when the device would only just have been released.
Round numbers, 60000, 10000... you're telling me that a company with 180 million a year revenue somehow goes under the radar???? Despite having 60000*2 per year money flows into it?
I does look a lot like a honeypot that has been busted and a mad dash to arrest and cease stuff to put a front out the world.
If your interested, the internet archive has copies of what their web site used to look like:
Which went all quiet around Dec 2018
There seems to be a big Canadian connection, and here is the archived web site for one of their 'resellers':
What I find interesting is that a service like this or, say tor, are like putting your name on a list when you sign up for them.
Of course many users are simply concerned about their own privacy,or sensitive business information but anyone who is known to he trying to hide stuff will attract attention from the phuzz and other agencies.
Plain sight platforms plus your own encryption and you are more likely to be lost in the noise.
> What I find interesting is that a service like this or, say tor, are like putting your name on a list when you sign up for them.
You don't sign up to use Tor, you just use it (and if you're worried about ISPs noticing you're using Tor, can use things like meek and snowflake to obfuscate).
It doesn't overly detract from your point, just if you have stumbled across some "sign up to Tor" site, it's all but certainly a scam site.
> Plain sight platforms plus your own encryption and you are more likely to be lost in the noise.
The problem with that, for many users, is the feasibility of doing so and (more importantly) the difficulty involved in securely exchanging keys. Even something (relatively) simple like installing OTR is too much for some, and a significant proportion of those that do probably don't verify keys properly.
Encrypted platforms abstract and automate that away from the user.
Even now, I'm sure the attention still mainly comes the other way round - you become "of interest" and they try and look at your comms, rather than you use an encrypted service and become of interest. There'll be exceptions of course
The problem with that, for many users, is the feasibility of doing so and (more importantly) the difficulty involved in securely exchanging keys.
Indeed, although replaced in this case with the difficulty of knowing whether the service you are using is actually under the control of law enforcement (and, of course, the difficulty the LE people have in using any information they can gather without blowing that they are reading the secret comms).
One assumes that if you are a serious criminal you mostly use services where many of the people at the provider can be physically accessed (i.e. killed or seriously injured) if it turns out they are giving away your secrets! The problem is presumably that in today's international crime scene you need tools that will be trusted by two criminal enterprises in different parts of the world.
If I were a criminal mastermind, I think I would prefer to use something that is open source and widely used and work on the key distribution and update problem instead -- that is much more likely to be amenable to traditional human-based solutions that these people have much experience of.
But maybe that is why I am not!
Using your own bespoke encryption is all very well for communicating with people you already know, but no use for advertising or finding illicit services and communicating with someone you have never met (such as a hitman). For that you need an encryption technique that anyone can obtain and use.
Same with codes. You have to have a predefined set of actions corresponding with the set of message codes exchanged with each party you are dealing with (e.g.. "Jean has a big moustache" means "Bring me the head of Diego Garcia"), but if something not covered by that set comes up you are stuck and you have to fall back on other, encrypted, methods
DO. NOT. TRY. TO. ROLL. YOUR. OWN. CRYPTO.
Why is it that someone has to post this to EVERY article the the subject?
Do a little (just a bit) of research on modern crypto algorithms. Every last one of them was developed by a team. And then peer reviewed by other teams.
Teams of people with PhDs in mathematics (usually algebra). Teams of people each with over a decade of experience in the field.
You really, really aren't at that level. Neither am I. Neither are 99.9999% of people in the world. Honestly, there is probably another 9 to add.
I took his comment to mean setting up the crypto yourself rather than *designing* the crypto.
If I decided to be an evil criminal, I'd not trust *ANY* "secure" app without running some other end to end crypto over the top of it. I wouldn't attempt to design my own crypto in the process.
Whilst I see your point of how insecure fail encryption is the fact remains that known crypto is already half way clear text given that published methods are definitely going to be attempted during decryption.
For years crypto merchants have been claiming their published system are uncrackable based upon known tech, only for these claims to be proven false again and again.
Thus published crypto might be uncrackable by "normal individuals" using "known" methods in reasonable time limits however there are other individuals who can, especially if they already know the crypto in use or can bypass it completely.
An unknown crypto of equal validity to published crypto is going to be a better bet since those that are attempting to decrypt it do not already know it exists and have to actually do some extra work before they can apply their greater than normal tech methods.
So if known crypto is fundamentally easier to crack than equal unknown and there is evidence that greater than normal tech agents exist then forcing these agencies to do more work rather than just believing the hype is going to make decryption more expensive and time consuming that at present.
Lucky for the non-normal actors the majority of people working in this field do not actually understand crypto better than those that design the greater than normal tech however that does not stop the former padding/using multiple methods on their transmissions to make decryption more expensive in time and money.
What you should really take away from all this is that publish cryptography is only really useful against "normal people" thus everyone should ignore any claims about how hard decryption actually is given that these assumption are based upon only normal people with normal resources attempting it.
You would imagine that this should be obvious to anyone who has even a basic understanding of cryptography and yet the vast majority of people reading this are more sheep than superstar or they too would be working for the greater than normal tech agencies.
>"Evidence suggests Encrochat is working with the NSA and other authorities..."
Given the timeline, there might be something in the Snowden 2013 disclosures - I wonder who has access to the full repository and hence whether this action now was partially to be ahead of possible publication by some journalist of their researches...
Quote: "..UK state is notably hostile to the idea of encrypted comms that its agents can't read whenever they feel like it.*
Well...........the quote actually means "can't read the plain text".....because of course "the agents" can read the cipher text. But I wonder how often people use private ciphers BEFORE THE MESSAGE ENTERS A (SUSPECT) ENCRYPTED CHANNEL.
@Basis and all...
I am old enough to have actually used a code book to send domain specific information over a Telex link (shipping, 1980s).
Coat: Journal of Commerce in the pocket.
This is what annoys me.
With any half-decent modern encryption, you can publish the cipher text full-page in the Daily Mail for all you care. Nobody should be able to read it. And nobody should be able to "encrypt" anything and claim to be the other side without access to the private key (and, if you have a brain, passphrase too).
Using tech like this would just make me flag you up instantly as someone to watch, if I was doing their job. But you could just send a bog-standard email with a PGP encrypted section on the bottom and exchange public keys with people and it would be basically impossible to crack. Any "compromised" user... just doesn't give up their passphrase.
And with things like perfect-forward secrecy, you can even get schemes where complete compromise of the key does not reveal historically encrypted messages.
The metadata is always present anyway. But without the message it's nothing more than coincidence, and proving that in court is hard to do.
Somewhere there are bunches of mafiosa just encrypting their stuff offline with a basic AES tool, merging the data into an image, and then attaching them to an email or hiding them in DNS lookups or whatever (hey, DNS lookup of an unpublished sub-domain, using DNSSEC/DNS-o-HTTP... that seems pretty secure to me to hold a message inside - and if you didn't know the sub-domain to query, I don't think nameservers will give them up... and if it's encrypted you couldn't snoop them), and are completely off the radar.
"The metadata is always present anyway. But without the message it's nothing more than coincidence"
Maybe, but if the metadata demonstrates that you've been calling a criminal scumbag twenty times in the past month, then the police don't need the content to tell the judge that you know the guy. From that point, it should be easy to gather proof that you're dealing with him financially, or working for him materially, and then you go down for the count.
And they can get that metadata by just watching you and him for an afternoon and see if you're both on the phone at the same time.
You can't stop the metadata, but you can't convict on its basis alone.
I have a friend who's close to all the local villains in his area. Does phoning him mean I'm planning something? No, I'm phoning the guy who used to live next to my parents when I was a kid and we were good friends with.
If the metadata is convictable, they don't care about the encryption at all. If it's not, then they need the encrypted data. Either way, you've lost/won just the same.
And, sorry, but no court in the land will convict you *solely* on the basis of being in communication with even the head of the local mafia. The guy could have murdered someone, and then phoned me for a chat, it doesn't mean anything and isn't convictable without a body of evidence that I was actually involved and not just used as an unwitting alibi.
"The metadata is always present anyway. But without the message it's nothing more than coincidence"
What metadata? The example at the top of this thread is published IN EL REG. Who wrote the message? Who deciphered the message?
And that's before we consider internet cafes, hijacked WiFi, VPNs, burner phones, peer-to-peer messaging......and so on.
Only someone wanting to be caught will be using a traceable account!
If the police are relying on metadata, then the obvious thing to do is to deny them the metadata.
This is what numbers stations do. If only the recipient can decrypt a message, then it doesn't matter who else can eavesdrop on that message, hence you might as well transmit the message as widely as possible to obfuscate who you are sending the messages to. Numbers stations use radio; an Internet version might be to use Usenet to propagate the messages.
The final point is that encrypted messaging is only worthwhile if the users are smart enough to use it properly, and if the police really want to catch them. Low-level drugs dealers are generally pretty stupid and are easier to catch by simpler means.
"an Internet version might be to use Usenet to propagate the messages."
That has been done by at least three different groups as proof of concept. The first was in the alt.binaries hierarchy in the late '80s, shortly after The Great Renaming. The second was in the massively abused Jobs groups in the late '90s, followed shortly by the third in the so-called "Dutch dump groups". All used what seemed to be "broken binaries", with a special line in the header, making them easy to filter out of the noise.
All were successful, in that nobody commented on them in situ ... Anybody who knows anything about Usenet knows that if they had been detected, the conspiracy nuts would have been going out of their tiny little minds. Obviously, nobody knows if any government agency detected it.
Some say the Hipcrime entity was attempting something like this, but the consensus among most newsadmins is that that particular bit of sillyness was just simple flooding/cancellation/reposting in a misguided (and ultimately failed) attempt at disruption.
 There were probably many more, given the reality of Usenet and its users, but I am only aware of these three.
As I stated in a previous message, that's all very well for messages sent between people who already know each other, but is no good for people who wish to advertise their criminal services, or their desire to hire a criminal service.
No need for expensive hardware to simply securely communicate with a known person. Just send PGP encrypted emails to each other. Use a hidden email (or similar) service if the metadata would be a problem rather than only the message contents.
Yes, it's still "a thing".
On my last perusal, most of the TV and movie groups are full of posts using randomised senders, subject lines made up of randomised letters/numbers, may or may not be complete, sometimes are clearly posted in "sets" but often across multiple groups. If you aren't "in the know", then they are just noise. Most likely it's pirate groups passing their wares to their mates/members, but for all I know, even if you manage to get a full set of posts, they may well be encrypted as well, if not just passworded RAR or ZIPs, but getting a full set looks like you need to scan many different groups in the hope of finding related posts. I assume they have some other channel or method of informing the recipients how and where to find the relevant posts.
On the other hand, there are still live and lively discussion groups going. There's even binary groups that are used as intended.
So having 'broken' an encrypted message service and shown it be a hive of scum and villainy, presumably they can point to all end-to-end encrypted messaging systems and say "Well, that one was full of wrong 'uns, so those probably are too - if only we had a way of intercepting the messages there, see what great work we can do in cleaning it up'.
This is the classic trick for landing someone you don't like in the smelly. Take a list of, say, people banking with a tax haven that you have managed to lift from somewhere and add a few extra names and details to it. Hey presto, guilt by association, and the reason that American courts use a principle that evidence obtained illegally is inadmissible in court.
I may be wrong but my understanding is of encryption when using this device depending upon a dedicated chip. If so, the question arises whether relying upon a pre-configured chip is inherently less secure than when using software running on a generic processor. Among possibilities for insecurity are inclusion of a planned back-door or exploitation of an accidental vulnerability. Either way, an entire batch of devices becomes suspect. Vulnerabilities in solely open source, solely software, implementation of a reliable encryption algorithm can be identified and fixed without need of changing a physical component.
It would appear that both honest and criminal users of this device placed too much faith in the high cost of the service guaranteeing fitness for purpose.
The criminal element might have done better by using throwaway phones for each transaction. By not using potentially dodgy encryption they wouldn't draw attention to themselves. Moreover, open communication using, when feasible, agreed code words/phrases (perhaps decided in advance under encrypted email communication) can be made very secure for many purposes.
Perhaps, law enforcement agencies should offer expensive master-classes for criminals? There again, perhaps not.
It's actually simpler than that.
The cops infiltrated EncroChat (the company itself) and snooped on supposedly encrypted data directly off the EncroChat servers. This is a very good example of why using code that has to go through a central server not under the control of the users should never be considered secure.
If you want security, peer to peer is the way to go. And sometimes not even then, at least in the hands of typical members of the GreatUnwashed.
We now return you to the usual unfounded bickering and speculation.
"When three sit down to talk revolution, two are fools and the third is a police spy."
Agreed. As a criminal*, I would be highly suspicious of any such system. And paying four figures for a special phone? Have none of them heard of Signal et al.? Even WhatsApp is end-to-end encrypted these days. I don't geddit. ..... Hubert Cumberdale
Regarding criminals and why they don't geddit, HC, one might like to realise Albert Einstein sussed it out a long time again with this observation ....... "Two things are infinite: the universe and human stupidity; and I'm not sure about the universe."
There is very little chat on any media stream about the NCA's recent operation snaring any criminal masterminds,
becausealthough one would surely logically expect any mastermind to realise crime is reserved and preserved for the intellectually challenged and fooled and hence their non-appearance.
Is criminal mastermind oxymoronic like military intelligence?
for as long as 'authorities' have the power to read encrypted or otherwise data transmissions, launch secret satellites for interception reason, issue nsa letters compelling service providers to obey and reveal etc... thats if they obey the law. truth is, if they want badly enough, one worker can be expendable.. just re-employed elsewhere//
ask yourself, why does any company require so much information when registering for a service? Surely that would put customers off?
The answer is to consider that you're actually registering onto a spy program.
If youtube can store and serve so, so very much video hi res content, easily. how much storage space and speed capaility do you think text based data would require?
"I may be wrong but my understanding is of encryption when using this device depending upon a dedicated chip."
The Motherboard article says they didn't, they just added a little something in software to intercept the plain text from the keyboard. Which raises the question of how did that get smuggled out to their own servers without anyone noticing?
I don't suppose many of the purchasers bothered to do network traffic inspection testing of the device in use: the captured data could be sent in an unencrypted http message to a police server without anyone likely to notice!
The crims who would notice (who are likely to be government-backed if they are really that sophisticated) will not be using commercially-available WhatsappForCrims services.
> Which raises the question of how did that get smuggled out to their own servers without anyone noticing?
Through the normal out-of-band MMS service available to operators, normal background auto Android app updates...
Reading about the phones, I suggest that fundamentally the phone was running a jailbreak Android image, however, I expect that whilst much effort was put into the secure messaging app, the phones network interface was totally normal ie. untouched.
The laugh would be if the phone used Google Play Store/services for the app updates..
>I may be wrong but my understanding is of encryption when using this device depending upon a dedicated chip.
I wonder whether any of these devices get into the hands of white hat researchers...
I suspect from what little has been published, both about what the police are letting on about EncroChat and what was published on the EncroChat website (see link elsewhere in comments to the WayBack Machine), the encryption actually used was a bulk standard off-the-shelf package and possibly one natively supported by Android. What does make sense, is the attention paid to key management so that the service could guarantee anonymity. I suspect many will now be looking at how you might implement a secure end-to-end secure messaging service that avoids the flaws in PGP, AES et al, namely:
For example, with PGP a user has only one key. If the private key of a user is exposed, a perpetrator is able to decrypt all previous messages sent. Another serious drawback is non-reputability. Every message is signed with your private key which verifies and exposes the sender's digital identity, proving authorship of the message.
>The criminal element might have done better by using throwaway phones for each transaction. By not using potentially dodgy encryption they wouldn't draw attention to themselves.
The use of throwaway phones would of mitigated the worst effects of the "malware" install. I think the 'dodgy' encryption had zero to do with it - with the amount of encrypted traffic flowing these days I doubt the traffic itself drew any attention.
There was no encryption chip, nor, for that matter, was there any plaintext on the Encrochat servers. The phones were an ordinary phone from a normal Spanish cell phone company.
There was encryption software which communicated through the Encrochat servers.
The Encrochat servers got compromised, sent malware out to the users' phones, and then the malware read plaintext on the phones and sent it to the cops.
Yes. I'm sure lots of Journalists and Defense Lawyers were spending 3 grand a year on a contract for a phone.
Spying on defense lawyers is illegal, and even it is done then no details gained via it could be revealed to the prosecution (they'd be obliged to tell the court or end up never, ever being able to practice law again anywhere in the western hemisphere) so that's pointless and won't happen. Working in legal IT I can say that it's not something we are concerned about given that discussions with clients happen in person, not over the phone because that sort of paranoia is cheaper, and evidently more effective.
Shall we ask if El Reg buys all of their journalists 3k per year phones? I doubt it, somehow since they'd only be good communicating with another person using the same comms channel and a £3k a year bill per user is going to put off pretty much everybody. Even if they did do that, it'd be pointless given that if I wanted to phone them instead of just emailing the tips address then it'd be no more secure than phoning another mobile.
Spying on defense lawyers is illegal, and even it is done then no details gained via it could be revealed to the prosecution (they'd be obliged to tell the court or end up never, ever being able to practice law again anywhere in the western hemisphere) so that's pointless and won't happen. ...... Peter2
As obvious persons of interest, given the vast hundreds of billion of pounds slush funds of fiat money they are responsible for laundering and disbursing to recipients, .... and aint that the sweetest of honey pot temptations to abuse and misuse ...... does GCHQ provide Parliament with all of their security needs and mentor and monitor all of their feeds. ...... you know, not so much spy on them as ensure there is Sterling Blanket Oversight? Surely Cheltenham, and its satellite operations, doesn't keep itself in the dark about any of the actions and thoughts of Parliamentarians?
That would surely be a gross dereliction of public duty and all too easily give rise to all of manner and matter of abuses and misuse? You know the system has corrupt form as evidenced by many past trials and tribulations.
What a disappointing take on this good news. And it is good news. Hundreds of people responsible for great harm to the most vulnerable in our society, potentially under lock and key now. Criminal operations disrupted. Yet this article feels like it wants to suggest it was bad because of some highfalutin ideals of privacy overriding that fact that these people were directly responsible for the deaths of countless victims of the drug trade and organised crime.
I suppose you think you have nothing to hide. If so go back and look at the T&Cs of the online services you use. Start with banking. Then come back and tell us all the login credentials you're contractually allowed to share with us.
Legitimate online commerce depends on being able to maintain security. Anything that compromises that for the sake of attacking criminal operations also attacks legitimate commerce is problematic.
While one part of me thinks this was a great operation the other side worries. To do this legitimately, with due protection to the innocent, it should have been conducted under appropriate* warrants. Was it?
*I also have concerns that the framework under which interception is carried out in the UK really is appropriate. There is a history of the Acts which provide this framework being struck down in court and replaced by a new one to provide the same shaky cover. I suspect that somewhere in a Home Office filing cabinet there's a draft of the next Act ready to put before Parliament as soon as the existing one gets successfully challenged.
I'm sure that if you aggregated the blood on hands and damage done to the "most vulnerable" it's not those that want to get high or those that enable them too that have the most to answer for... altough depending on how much kool aid you drank, sniffed or smoked your perception may vary...
There were probably stoics at the time that felt that the stazi and the nazis had merit...and how about those who dared to proclaim that the earth was a sphere and orbited the sun... highfalutin indeed
It's a human folly to believe that you can charge other humans to protect humans and that if you did that they actually would
you can't trust an encryption system you didn't build yourself
I can't trust an encryption system I DID build myself. I mean, why would I? It's not like every bit of code I've ever written has been bug free.....
Beer, because its Friday and whispering in pubs is relatively low risk for most comms.
Which is why the answer is Open Source. While not perfect, it is likely a much better system than one you code yourself and you don't have to trust a small number of people.
The biggest downside is if there is a bug or a weakness, it is easier for your adversary to find. But there is also a large chance someone else will find it and it will be fixed.
Use OpenPGP or other good encryption program on a standalone computer (no network access) for the encryption and decryption. Transfer the encrypted messages by USB stick (or even floppy disk!!!) to and from a computer with network access.
For immediate communications use codes (not ciphers) on throwaway phones. (Codes are agreed words/phrases that mean something different to their normal meaning - examples "Alas Babylon" (from the book of the same name - means a nuclear attack is in progress) "Jean has a long mustache" (WW2 message to the French resistance - D-Day tomorrow)).
> Transfer the encrypted messages by USB stick
That sort of defeats the point of an encrypted text chat app. If you're going to exchange information in person ( ie: talk face to face ) then there's no point in this service.
And any system which requires users to remember codes is inherently weak.
"Hello Mr Legitimate Businessman, please send me some more 'rugs' as my customers have snorted them all"
Oh, rather than typing them in, I see, that does make sense.
To elaborate on that for this particular use case, I wonder if this would work:
Two devices - a non-networked IO device for entering and reading messages and a communications device for transmission only.
Enter your "more drugs plz" message into your input device and select the PGP key and address of the recipient to encrypt it with. Input device creates a QR code with the full message, recipient address, etc. Comms device scans the QR code and sends the message.
Incoming messages handled in reverse - QR shown on the comms device and scanned, decrypted and displayed by the other [IO] device.
It has the convenience that non-technical users could follow, limited attack surface of only a QR code scanner, the network attached device doesn't have any private data at all and both devices are prescribed ( ie: you can't use an insecure PC to create the message )
Both devices would have to have cameras although they could have physical covers. Properly insulated software should make it pretty much impossible for a network attack.
What do you think? Can you make any improvements?
Two devices - a non-networked IO device for entering and reading messages and a communications device for transmission only.
Basically, this is the way encryption devices such as the Enigma, Fialka and Typex work, where you encrypt or decrypt the message airgapped from the comms method.
Although that means that you still have to fully trust the crypto device, as you don't want to leak a plaintext segment of the outgoing message, and its QR reader needs to be fully isolated from the OS otherwise a malicious incoming message could still compromise the device. But that's not just with QR codes; any data transfer method between the crypto and comms devices opens an attack surface. With an Enigma you can't really compromise the machine itself so any attack should target the reader of the received message, but software-based systems will quite likely have _some_ weakness allowing them to be compromised.
We have encryption with perfect forward secrecy (so even the encrypted text and the stolen-afterwards private key does not reveal what the message contained).
Any criminal who's just paying a French company for a "secure phone", the same as his mate's "secure phone" is the low-hanging fruit of those who are communicating secretly and don't wish the police to know about it.
Using a non-networked computer does not protect you from having your messages recorded by a hardware keylogger. If you become a "person of interest," a small keylogger can be installed inside most computer keyboards in 5 minutes. Maybe by someone posing as a gas safety inspector to gain access to your home while you are out. Such keyloggers act as a hidden wifi hotspot while powered, which can then transfer your last few thousand keystrokes to anyone within wi-fi range over the following few days/weeks/months.
Which can be thwarted by keeping that offline machine inside a Faraday cage, running off a car battery that you disconnect from its charger when in use. And of course you religiously sweep the room.
Still not perfect, but a few more hurdles between you and your adversaries.
> British, French and Dutch law enforcement agencies to have been used by around 60,000 people
> British police claims that all 10,000 of EncroChat's UK users were criminals
but only ...
> 746 arrests. I.e. about 1 in 15 UK users.
We know that all reports of "cyber crime" are bigged-up. Both in extent and sophistication. Is that the case here, too?
60,000 users each paying £1500 per 6 months, comes out at £180 million a year to the owners of this network.
If that is the true value of a covert mobile phone network, I cannot imagine that it will be down for long (esp. given what the operators will have learned from this). Nor that such networks do not operate elsewhere. In other parts of the world.
Should we expect further reports of other "busts" in other countries - the USA being an obvious one. Or are those networks just better run and can avoid detection.
"> British police claims that all 10,000 of EncroChat's UK users were criminals
but only ...
> 746 arrests. I.e. about 1 in 15 UK users.
We know that all reports of "cyber crime" are bigged-up. Both in extent and sophistication. Is that the case here, too?"
Hmm, a few things;
1) It looks like the crims were awash with cash, so maybe it was not that uncommon for a 'user' to have more than one phone even at £3k a pop?
2) The Met police chief said operations are ongoing, so they probably expect to arrest more people.
3) In some cases, even having decrypted the messages, there may still not be sufficient evidence to make an arrest.
4) We know that criminal gangs are often Global these days. So the wealth of intel recovered from the millions of encrypted messages should give the cops info about other possible networks in use. Expect more busts in the future and not just in Europe.
And finally, let's be happy that a bunch of nasty individuals are hopefully going to be taken out of circulation for quite a while and that should mean there are fewer victims as a result :)
Well done to our police forces!
1) It looks like the crims were awash with cash, so maybe it was not that uncommon for a 'user' to have more than one phone even at £3k a pop?
The drug cartels at least aren't really short of money indeed, given that they treat second-hand Learjets and such as consumables, and have "submarines" built. So a couple thousand quid per phone appears to be just loose change.
 to be consumed by fire that is, after the cargo has been unloaded.
 not actually capable of diving, but they resemble one; a fully submerged cylindrical hull with a small canopy protruding above the water surface.
> We know that all reports of "cyber crime" are bigged-up. Both in extent and sophistication.
I'm reminded of the reports of the way the Police report the "street value" of seized drugs. They assume that the entire weight will be sold in the smallest possible denominations (smaller measures usually costing more per gram than larger ones).
> Should we expect further reports of other "busts" in other countries - the USA being an obvious one. Or are those networks just better run and can avoid detection.
Already happened to some limited extent - https://www.extremetech.com/mobile/265465-phantom-secure-ceo-busted-selling-super-secure-smartphones-drug-cartels
At 1000,eu for the device, followed by 3,000 eu per year subscription, you have to have a fairly big budget for privacy.
The product was hardly being marketed as a 'mainstream' solution.
Chances are that all (or almost) all the phones were for criminal purposes. Whether or not every single one had messages linking connecting an owner to a chargeable crime is another matter. Perhaps its easier to go for the low hanging fruit?
The British police generally consider everyone not a policeman to be a criminal.
Though they are not above massaging the law on occasion.
An acquaintance, some years ago,was on jury service, one case was a yoof who had been caught for a series of car thefts, the charges included ( can't remember the exact number) something like 280 similar offences (commited over a relatively short period) to be taken into consideration.
The beak looked up at the defendant and the arresting cop and remarked that the defendant had been a very busy boy and that the police were lucky to have cleared their unsolved car thefts with by catching such a prodigious car thief.
Joker: "Do you have your criminal chat app?"
Riddle: "It's on my criminal mobile phone."
Batman: "Not so fast!"
Both: "BATMAN!" (cue shocked Pikachu gif faces)
Batman "Yes, and the Bat-Computer has been decoding everything you've been saying"
Joker: "But how did you break our top-level criminal encryption?"
Batman: "Well, to be honest... it was a bit rubbish."
So according to the (possibly misleading) available info, this was a bust led by the French, but the UK NCA claim to have "developed the tools" for this.
Why are the NCA doing this? We already have spy agencies, funded in the billions pa. WTF are they doing then? I thought that the reason we throw money at them was so they could catch crims/peados/
If I were the NCA I'd be holding my hand out for the other TLA's funding.
It would be a very interesting committee meeting if the TLAs were asked to present a return on investment case.
>Why are the NCA doing this?
Well given we know that the NCA and GCHQ along with other agencies work together on things, I suspect having the NCA say "they did it" helps to coverup and divert awkward questions being asked of the European agencies and their investigations of European nationals given European laws.
So I expect the French got an anonymous tip off - from the NSA - that enabled them to look in the right place to find the EncroChat services located in France.
Aside: If you are interested in such matters, I recommend watching Deep Web - The Hunt for Dread Pirate Roberts.
From a dutch news channel ( https://www.nu.nl/binnenland/6061836/justitie-kon-live-meekijken-met-communicatie-criminelen-na-kraken-encrochat.html ): <translated>"The Dutch justice system has also been able to read more than twenty million messages live before they were encrypted by the users and EncroChat. The company is one of the largest providers of encrypted digital communication internationally.
According to the judiciary, there are ten thousand users in the Netherlands whose reports concerned "unprecedentedly large numbers of serious crimes". As a result, the police say they have prevented liquidations, kidnapping plans have been thwarted, as have intended torture of individuals.
It is painful to note that officials seem to have been bribed at important - logistics - locations."
At least "our" Mocro-mafia can be diminished for a while. And moreover some of the corrupt officials can be dealt with.
If as alleged by British, French and Dutch law enforcement agencies EncroChat has been used by around 60,000 people, then 746 arrests makes 0.012 of users to be criminals. If as the British police claim, there are 10,000 EncroChat's UK users, then 746 arrests makes 0.074 of the users to be criminals.
I wonder what percentage of Gmail are criminals? I wonder if freedom itself will be criminalized. Then 100% of users will be criminals.