It is set up like an obvious honey pot just like Anom was set up like an obvious honey pot and should be avoided purely for those reasons alone, just like Anom should have been avoided purely for those reasons alone
There is no way to know whether either of those services were compromised simply due to their express purpose of forwarding everything to government agent’s computers
They’re just simply not capable of providing users any of the assurances they claim in a way the user can ever have the assurance of
No way to evaluate whether your messages are readable by law enforcement at any given point in time, with a greater red flag being the advertising claims of Wickr misleading users to the contrary. Wickr, a US based company.
There may be some level of encryption, it acts like a company set up by the government or made to be tapped into.
This wasnt conspiracy theory fiction even before Anom, as there are other examples of governments especially the US government doing this already. Just let Anom be another more clear cut reminder that it doesn't matter who you trust that uses a software, if it doesn't pass some key criteria then don’t use it. There is no “I’m sure this large group of people thought of that” just assume they are stupid, negligent, thought the same as you did and nobody attempted any scrutiny, or are all informants themselves.
Apparently there’s criminals that only trust other criminals (also apparently, those same criminals are highly likely to betray each other) and those trusted criminals are saying “use this phone, it’s secure”.
Plus, managing DIY security is more complicated than just running Signal on an encrypted phone. Same concerns regarding supply chain interdiction, remote code execution, and other security vulnerabilities on the operating system running Signal.
> Plus, managing DIY security is more complicated than just running Signal on an encrypted phone. Same concerns regarding supply chain interdiction, remote code execution, and other security vulnerabilities on the operating system running Signal.
Yes, but specifically to supply chain security, as this attack shows, the most affordable option to secure your supply chain is to ensure your devices and downloads cannot be uniquely targeted.
Buying a stock iPhone in cash and downloading Signal from the App Store is a far better approach than buying a "drug dealer phone."
I do think this attack, as you imply, simply highlights how hard it is for even motivated consumers in the market to make actually secure choices, which in turn is why the market underemphasizes real security improvements.
Well put, and I agree that right now the most effective thing would probably be to buy a stock iPhone, from a random source, in cash, etc.
That said, one huge caveat: any stock, internet-connected phone is always one law away from being rendered completely transparent to law enforcement with legal jurisdiction over the place of sale.
In the US, for example, Congress could write a law that forces a back door.
The back door doesn’t even have to be to the encryption keys or algorithm, but could be a simple screen capture interface that can be remotely triggered with a warrant.
This exact law exists in Australia, the "Assistance & Access Act". That these laws exist in Australia is also a reason why there is a lot of co-operation between US and Australian law enforcement. I am not sure how but it gives the US an ability to do things they can't do on their own shore. The US often works on other countries, like Bucharest in the An0m case to work around their own laws.
> The Assistance and Access Act contains an express prohibition against building or implementing any weakness or vulnerability in software or physical devices that would jeopardise the security of innocent users. This is found in section 317ZG of the Act which also makes clear that any assistance that makes a system's encryption or authentication less effective for general users is strictly prohibited. This same section prohibits the construction of new decryption capabilities and rules out any requirements that would prevent a company from patching existing security flaws in their systems.
That legislation also has Technical Assistance Requests (TAR) where company isn't compelled but can choose to comply. As not trying to compel they have few safeguards in being issued and less limitations on what can be requested.
Exactly my thought. Surely, if you're a criminal and you're actually successful, then you want to use open source privacy. Heck, if only to hide your usage with everyone else's right? It's not unusual to have Signal on your phone. It's pretty weird to have Anom or whatever else exists
This 'analysis' seems to be more PR speak by another similar network? I wouldn't put much trust in people using terms such as 'ENTERPRISE MILITARY GRADE', of course in all caps to emphasize the effect. Has snake oil written all over it.
I thought this article would be a genuine analysis by a security researcher as a tie-in to the news today:)
I think you don't understand what is going on here. ANOM was just admitted by the Australian Police and FBI to have been specifically built to infiltrate organized crime. The whole app was a plot to get access to the messages of these purported criminals.
This analysis came out a couple months ago, and was exactly correct. Also, you are blaming the style of the writing but ignoring the substance, which is that the app is most definitely making encrypted connections where it has no need to do so.
I didn't know that when I wrote that, no. I thought it was the same story as EncroChat at the time (where an existing network was taken over by the police). I saw it in more detailed news reports since.
The points might have been valid but the language is not instilling any kind of confidence: "This is an ENTERPRISE MILITARY GRADE Encrypted setup." doesn't exactly make it seem like a security researcher who knows what they're talking about. And add many other words capitalised for maximum shock effect: "imagine you were meeting up with someone like an EX-LOVER your partner may not approve of"
It all sounds very much FUD and biased. If you do a good analysis, this is not how you present it.
The main points he really makes are poor endpoint security (not uncommon in this market, as many such networks have been breached) and noticed some suspicious traffic which is indeed a telltale that something more is going on.
But it sounds way too much like someone with 'skin in the game' was trying to spin it and turned out to be right.
Not to speak for them but I experienced the same feeling of interest in who the author was. For me it sounded like someone associated with CIPHR or another messaging application that did this analysis (still factual analysis) on a rival application. There was some marketing-type language in there that made me think that.
"STAY AWAY FROM ANOM IF YOU VALUE YOUR PRIVACY & SAFEY, THEY ARE COMPROMISED, LIARS AND YOUR DATA IS RUNNING VIA USA – Passed onto LAW ENFORCEMENT and other Entities"
> STAY AWAY FROM ANOM IF YOU VALUE YOUR PRIVACY & SAFEY, THEY ARE COMPROMISED, LIARS AND YOUR DATA IS RUNNING VIA USA – Passed onto LAW ENFORCEMENT and other Entities
Maybe it is not normal, but when I read about these gangsterphones I think, hmm I want to make my own (legit) secure phone :-)
It seems they use off-the-shelf phones and put a custom ROM on them. Can anybody recommend a state of the art phone that has good custom ROM support (close to mainline Linux if possible; custom images have full hardware support)?
I imagine to use it for "citizen journalism", i.e. safely taking pictures and posting them anonymously to social media. For that reason the PinePhone would be out - it doesn't have a very good camera and doesn't run social media apps.
Usually Google Pixel phones have the best OS support and the most hardware security features. Most security focused Android distros are only available for them:
Practically speaking, an iPhone is your best bet in terms of least likely to be backdoored and best security practices. Everything spooky like location services, tracking, phoning home, etc. is well explained in the settings and can be turned off. If you just want a secure hardware platform there is no reason to attempt to reinvent the wheel and increase your surface area.
VPNs work fine on them. You can set up your own tor nodes to VPN in behind from another VPN, etc. A tinfoil hat can have many layers.
It just won't be a cheap secondary burner toy phone because they're so expensive.
These gangsterphones are far from cheap. I remember the earlier network of them that was taken down in the Netherlands. I forget the name but the phones apparently cost around €2000 which is more than the most expensive iPhone you can buy.
I guess gangsters only trust other shady types to sell them stuff. In this case the trust was misplaced because they stored all the keys centrally and the cops were listening in for months before they shut it down.
Sounds like they're suckers. Higher prices should be setting off "con" alerts in their head. I wouldn't trust someone who can't do proper risk assessment to sell me drugs.
It didn't work well. It stored encryption keys centrally and because of that the police was listening in for months without anyone knowing before they shut it down.
For an encrypted phone network that's pretty much the opposite of working well. Even with the servers compromised the network should remain secure. Like it is with Signal and even WhatsApp.
I always wonder why such networks make mistakes like storing key material centrally. I suppose telling a crime lord that he can't have his messages back because he forgot his PIN code is not fun. But neither is having their network cracked by the police I guess.
>conning international criminal carries a level of risk to one's health
True, but so does cooperating with authorities to be a honeypot. Branding yourself as a legitimate business for criminals is a Bad Idea for the very reason encrochat learned. The criminals should be thinking the same way.
Yes, by simple means of IP filtering *apple.com from a network you VPN to if you don't trust the device to honor the settings. The device will still work.
You'll be hardpressed to find a more secure hardware platform on android.
You’ll also want something that can also catch CNAME’s (such as Pihole) because Apple uses content delivery servers such as Akamai for a lot of their data transfers.
True. If it were me who really cared about phoning home, I would buy a fresh iPhone, put it on its own WLAN from first boot, then record all packets from it for a month (plus some prodding of opening apps and changing settings). That should build a relatively comprehensive list of addresses to consider filtering.
Short of living in a shack in the woods, we will all have to trust someone at some point. I'm content to trust Apple to not lie on their documents, so the more important security and privacy checkboxes are ticked.
> when I read about these gangsterphones I think, hmm I want to make my own (legit) secure phone
Why? They are used by gangsters. These are not nice people. They are not people with innocent secrets they need to keep from those who would oppress them. They are people who murder, who ruin lives, and who undermine peaceful society.
You would objectively be making the world a worse place by helping them. Why would you want to do that?
More than that, consider what percentage of the worlds population can be imprisoned or executed for things we in the West would consider mundane activity.
The greatest moral failure of Silicon Valley and American tech was enabling human rights abuses on a massive scale by selling hardware and software to oppressive and ultimately illegitimate governments during the early days of the internet. The ship has sailed on that one now, perhaps, with the early assistance in building the Great Firewall of China for example.
There remains a moral obligation for American companies to build secure communication platforms for the internet. Instead they drift further, yielding to demands from governments to host data (which often never should have been stored) locally.
The most disturbing trend I have seen over the last decade on hacker news is the shift from support of an open and free internet to an internet of control and censorship. I can only conclude that all is lost if the core engineers and hackers who build and design these systems can no longer explain why this is important but rather argue why the internet shouldn’t be secure.
There are many unintended implications to this, one being American intelligence agents can no longer operate safely abroad. Others include the withering of development in the protocols and standards from which the internet was born, a redirection of talent and resources to private companies and private networks which are constructed in a way to build monopolies and then extract rent from its users. Facebook could be built on the web, but nothing lasting could be built on Facebook.
Wow, is this really all true?
How could he find out the hosting was on AWS?
How did none of the criminals get to see this blog?
Did the police intervene and had him remove the blog?
> How did none of the criminals get to see this blog? Did the police intervene and had him remove the blog?
I mean, it's pretty clear to me that (a) criminals are highly unlikely to see this blog and (b) if they did, so what, they wouldn't have understood it/believed it anyway. Half the comments on HN don't give it any credence because it's written by someone whose first language is obviously not English and who likes hyperbolic ALL CAPS, despite the fact that the underlying analysis is valid.
Is there any reason to believe that CIPHR is not just yet another police honeypot? This could just be two police agencies shitting on each other's honeypots.
Yes, but also no. Right in that AN0M wasn’t secure. Wrong in that it wasn’t insecure because it didn’t disable Google services, or use secure updates or whatever - it was insecure because it just deliberately sent everything to the Feds.
No matter how powerful the infrastructure or skilled the local personnel, some countries are doomed to be put always in the same bucket by certain people from certain other countries.
> a third world country that may state they take privacy seriously but as the old saying goes “shit walks, money talks”
You didn't even have to read that much into the article to spot the ignorance. Whether by gun, "law", or money, there's no place where your data untouchable. But you could have stopped right here:
> This is an ENTERPRISE MILITARY GRADE Encrypted setup.
Because I lost all my saving there and was dealing with
1. The Police
2. The Financial Supervision of Estonia and Madis Reimand (Head of Estonian Financial Intelligence Unit)
Having worked for military and police enforcement in the US before, I can say with confidence: I you want to do a financial scam, do it in Estonia. Nobody will care. Seriously. (and dont worry, Madis knows who I am)
https://web.archive.org/web/20210608102417/https://webcache....
(Since, as we all know, Google’s webcache won’t last)