The AN0M fake secure chat app may have been too clever for its own good

Re: One Time Pads.

Anyway, my secret messages are encoded in every 14th and 29th letter in my FB posts, in ROT13 and the sequence determined by the alphabetical order of the 49th letter (as sorted alphabetically by their names in German). Every third word in Nynorsk; the rest equally divided between Swahili and English.

There also may or may not also be some quite intentional compression artifacts in my influencer style Instagram posts. These could, for example and if they existed, be decoded into numbers that refer to pages and word counts in one particular edition of <redacted>. Of course, only the posts that include a word from the known list and show <redacted> is to be used.

If you are willing to accept low bandwidth steganography can be quite hard to detect and decrypt. Heck, I can send morse code by alternating with foot I first step out of my front door with (using our agreed upon version the old Q-codes to speed things up a bit).

As long as no one has the decrypts written down in a notebook in their back pocket...

Re: One Time Pads.

Or just use public key cryptography. It's well known and widely available.

The problem with one time pads is that the key is as long as the message and you have to have a secure means of distributing the OTPs. If you can solve the OTP problem then they're great, but their use is limited by the inherent difficulty of this in most cases.

They key exchange problem and the defeating traffic analysis problems are the big issues with any sort of Internet chat.

Even public key cryptography has a pair of problem. One is doing the initial public key exchange. If someone can man in the middle all the conversations, he can substitute his own sets of keys during the initial exchange and man in the middle all the subsequent conversations. To really be sure, you would need to exchange keys in person with someone you can trust present who can vouch for the identity of each party.

The other problem is the traffic analysis one. It is sometimes more useful to know who is talking to whom than it is to know what they are talking about. Find out who is talking to whom and you can find out what the organizational structure is, which can give you clues as to where to infiltrate it. When the secret police excuse their tapping everyone's conversations on the grounds that "we're only collecting metadata", then they're being disingenuous because the connections between people are what they really want to know anyway, rather than just someone saying "I'll have the thing we talked about to you a day later than the time we agreed".

The whole idea of a special secure chat network dedicated to criminal activity is a bit dubious, and I don't mean from a moral or legal standpoint. I mean as in it is such a massive target for the police to infiltrate, and it is an evidence and criminal intelligence collection machine par excellence, that I can't see how anyone could think they could trust it. I certainly wouldn't.

Re: One Time Pads.

first distribute your key material...

Re: One Time Pads.

Going back to the WW2 analogues, Churchill and Roosevelt conversed over a system called SIGSALY. It compressed their speech, combined it with random noise stored on a special record, and sent it to the other end and where a duplicate record would remove the noise and play out the voice.

The distribution of the OTPs and the equipment needed to operate calls must have been a huge pain in the arse, justified only by being the most secret of conversations. The rest of the time they would have used more conventional crypto

The issue with distribution is the same today - crims would need to meet face to face in order to exchange OTPs, or they'd have to have a secure means to transfer it, e.g. a courier who can be trusted. Maybe it would work for the kingpins but I doubt it would lower down the hierarchy.

Re: One Time Pads.

Isn't perfect forward secrecy the equivalunt of OTP? I'm not a crypto guy, so just asking.

Re: One Time Pads.

As touched on by other replies, OTP is not a solution to any problem which exists today.

OTP is a solution to the crackability design faults of earlier codes (such as Enigma). But today's codes are (in practice) already uncrackable without the key as long as the key is long enough. Of course, there can always be a software bug, or a deliberate backdoor, in the app doing the coding (as in AN0M) - but that is just as true for a OTP coding app.

Steganography is slightly more useful because your enemy not even knowing there is a code there will help reduce things like traffic analysis. The only way that really works is a "numbers station" type of approach where you send out random data all the time, and only some of it decodes successfully but you don't know what unless you have the key, But, in real practice, even steganography will be conducted by an app and that app is just as much a weak point as AN0M was.

Re: One Time Pads.

I think I'll start using OTP's to encrypt everything too - perhaps a copy of "War and Peace" to give them something to read afterwards!

The original Война и миръ, the more modern Война и мир or a translation? If the latter, what language? And in all cases, which edition? Curious minds need to know.

Re: One Time Pads.

One time pads can have an amusing failure mode.

https://www.theregister.com/2018/07/19/russia_one_time_pads_error_british/

Re: One Time Pads.

The only thing an OTP gets you is the ability to time-shift the problem of getting a lot of unencrypted information to the person you want to communicate with: if I want to communicate to my agents in the field I have to send the entire communication in plain. I can just arrange to send it last week, when I was in the same room as the agents.

Re: One Time Pads.

One-time pads suffer from the same costs and failure modes as they always have. Key distribution is a problem: you need a secure channel to distribute the pad in the first place. Synchronization is a problem. Key storage and disaster recovery are problems. Ensuring they're truly random is a problem.

People don't use OTPs for most use cases because they're infeasible for most use cases.

And even where they are feasible, most data isn't valuable enough to justify the cost of OTPs.

Re: One Time Pads.

The main problem of one time pad is on agreeing on the initial secret key. That is its weakness. If you solve that issue every transmitted packet could use unique one time pad secret and also let know the other party of the next packet one time pad secret. Obviously for that to work the packet communication must be arriving in order as guaranteed by TCP. And if any packet fail the whole communication do fail. It has considerable overhead but it is damn secure except it has the weakness on how the initial packet one time pad secret is shared.

Re: Criminality

You have to remember that you only read about the ones that get caught. Despite all the massive drugs busts you read about, it doesn't really seem to impact the supply lines at all, people can still get them.

Re: Criminality

Every time you build a better mousetrap, the mice get smarter & learn to avoid it. Sure you catch a few, but all that does is provide warnings to the smart ones to avoid said traps.

"The moment you make something idiot proof, Mother Nature builds a better idiot to prove you wrong."

Re: Criminality

To a cop, everybody is a potential criminal, it'just that they haven't found what your crime is yet.

That is why they are so fond of having backdoors into any secure communications.

Add to that the fact that govermments generally trust the people that voted them in far less than the voters trust them.

That's why the likes of NSA and GCHQ has history of mass evesdropping on their own populations.

If the fuzz have 'come out' on AN0M, it is because they think the crims have sussed them and the cops think they now have something better.

Whether you are a crim or a normal member of the public don't assume that selecting 'do not track' means you won't be tracked.

Re: A constant battle between greed, arrogance, stupidity and violence. My monies with the Plods.

I dunno, some of the criminals are also greedy, arrogant, stupid and violent.

Re: Sounds like a PsyOp

I like the way you encypted AN0M to AN0N throughout your entire post - made it very hard to decrypt and read!

Re: So, a backdoored encrypted chat, eh ?

> criminals do not have warrants at their disposal.

Well, unless…

(judicial oversight doesn't scale either, btw)

Re: So, a backdoored encrypted chat, eh ?

The problem with that is that in the US, at least, and presumably in most other jurisdictions, essentially everyone is already a de jure criminal, or at least in violation of some laws and regulations. The body of law is sufficiently broad and vague to capture all sorts of ordinary daily activities.

See for example Chase, How to Become a Federal Criminal.

In the AN0M case, I'm not bothered, because it was effectively opt-in – assuming the reports are accurate, the devices were only available through "underground" channels and so were only acquired by people already involved in the criminal network – and because it has a benefit to citizen privacy in demonstrating calls for backdoors in commodity encryption are unfounded.

But in general, if criminals adopt commodity encryption for communications, that's too fucking bad for the LEOs. They'll have to go back to HUMINT rather than relying on SIGINT. Them's the breaks. I am in no way going to accept the proposition that "encryption, wherever it is used by criminals", is fair game. That way lies ubiquitous surveillance.

Re: Crims now know what not to trust, and how to stymie future infiltrations

Historically, most policing techniques continue to work even after criminals become familiar with them. The economics weigh strongly against the kind of vigilance criminals would need to observe to obstruct those techniques. I don't see any reason why the AN0M exploit wouldn't work again with trivial changes.

The historical evidence shows that the criminal population is no better than the general population at learning from their mistakes. I'm not sure why so many people posting here think otherwise.

IT folks haven't, generally speaking, learned from our mistakes, have we? How many SQL injections and BoFs have we seen this year? (A whole bunch, that's how many.) Why do y'all think criminals are more disciplined?

Re: How long ?

I first thought you referred to Switzerland.

I would in principle agree with you, but this isn't the first time that crims have put too much faith in a supposedly secure communications system.

The reality is that all those wires and data centres are under someone's legal jurisdiction and are potentially under the control of law enforcement whether post hoc or ante hoc.

Always a risky strategy trusting your liberty to "honour amongst thieves"...

I think it's reasonable to assume they already have. The announcements serve several purposes: let the public know how good police tech is; force the low-hanging fruit to look for another solution and make them worry that it's been compromised.

A-list gangs probably already use a-list encryption tools…

Re: AN0N, lots of fuzz about ?....

I think you may be out by a couple of orders of magnitude according to the higher assessments.

I suspect the Mexican cartels are responsible for more sniffy noses than the virus du jour.

Re: AN0N, lots of fuzz about ?....

Your million should start with a B...

Re: AN0N, lots of fuzz about ?....

Mexico is in North America, not South America. Depending on your take on Central America, North America either ends at the southern Mexican border or the isthmus of Panama. North America also may/may not include assorted islands out to Greenland in the north and Trinidad in the south.

The Mexican cartels are just the latest in a long list of others, not least being the Jamaican yardies, assorted Columbians, Peruvians, Brazilians, and others. Previous versions also included various mobsters from the US and Russia.

Re: 'Too much information'

They could enlist the help of Google Ads...

You're looking for a hit man in your locality. Read the reviews to find the best!

Re: 'Too much information'

> too much

2.67 million messages in the last 2 weeks.

2 other major crim crypto phone networks were shut down and the userbases migrated en masse. Dunno about the FBI but the Aussie AFP resources (responsible for all the core monitoring) were 3 men.

Yeah, but how many coders are going to want to risk working for organised crime involved in illegal activities when there are so many legal organisations involved in criminal activity?!

Re: Or maybe ...

I like the way you think.

Re: Or maybe ...

I was thinking it's been a clever psych ops mission. AN0M was distributed through a chain of trust, and according to other articles they initially pitched it to one kingpin (who interestingly enough, has not been arrested), and let him spread it to everyone else. After this, someone may well create a truly secure communication platform, but anyone who's been paying attention to the news will be paranoid that it's actually another backdoored system made by the cops. Even someone pushing to use an existing service like Signal would be viewed suspiciously; how can you prove that service is actually secure?

Re: This claim makes limited sense.

See my post above re massive surge vs tiny resources.

Re: Kidnapping

That's already happened, repeatedly documented in Mexico which has a large number of communications engineers who can be kidnapped easily. I'm sure it happens elsewhere too. The problem they run into is twofold. First, an individual programmer may not be able to ensure security. Many are not cryptographers or security experts and may design a flawed system. The second is that they have no incentive to do it right and several to do it wrong--if they ever get out, they can use it to get police protection (E.G. El Chapo's communications administrator in the U.S.). So now they need to kidnap programmers to code review each other. At some point it becomes easier just to hire them and pay them enough that they're willing to break the law.

Re: Just go from closed to open source

I am no expert but I suspect that crime bosses (like military people) are obsessed with secrecy and cannot get their heads around an open source app being safe because it has a secret key. However, I am sure it won't be long before the smartest crime bosses realise that and eventually that knowledge will trickle down.

The problem (for the crims) is that the open source apps normally run on general purpose (and NOT AT ALL secure) devices. They need secure devices, with secure OS's - that is much harder to achieve than the app. But I am sure there are a few criminal orgs employing someone to look into making a secure platform based on a few CrowdSupply open hardware components and a minimal OS (not even a Linux kernel). I can imagine it wouldn't take long to create a small wifi-only tablet-like device running just a secure open-source messaging app - after all it is only a few steps up from the fairly common hobbyist "display your email on an IoT box on your bathroom wall while reprogramming your central heating at the same time on an ESP8266" type of projects.

"For those that have played with the old rotor type fax once used by the news services you know about the random noise that is scattered across the copy"

Or for those paying attention in the 1990s, the random noise in Cindy Crawford pictures distributed in alt.binaries.pictures usenet froups

Re: The whole point of this was to convict criminals

"The illicit drug trade is far better funded than any law enforcement agency, as far as I know"

Exactly this. That's why the only sucessful campaigns to deal with the issue have treated it as a health program and handed addicts free drugs whilst working on improvong their lives

A medically pure knockout dose of heroin or cocaine is significantly less than $1 but the same amount of material sells on the streets for a lot more than that, diluted with godknowswhat and a lot fo petty crime is junkies feeing their habits

Portugual found that not only did the narcogangs effectively give up there, their crime stats dropped significantly (and a lot of addicts managed to hold down jobs because they weren't constantly chasing money for the next fix)

That's also the reason why the cartels don't really care about a few tonnes of product being destroyed. It's replaceable in days. What they care about is money from the sales not being lost

Re: signal to noise

But that only works if everyone else also encrypts everything, including their laundry lists, too. IOW, you need a whole bunch more noise. Otherwise, your use of encryption (regardless of content) will stick out like a sore thumb, and they'll just start hound-dogging you until you make a mistake.