Silk Road forums

Discussion => Security => Topic started by: AussieMitch on April 24, 2013, 04:01 pm

Title: Bikies beat police phone taps with encrypted cell phones
Post by: AussieMitch on April 24, 2013, 04:01 pm
http://www.smh.com.au/digital-life/mobiles/bikies-blackberrys-beat-law-20110205-1ahmo.html

Quote
"Bikie gangs and organised crime groups are believed to have foiled police attempts to tap their phones by importing untraceable, encrypted BlackBerrys from Mexico.
The telecommunications black hole exploited by the Comanchero gang and drug cartels has come to light after countries around the world - worried about terrorism and national security - threatened to ban BlackBerrys unless they were given the codes to break the encryption on emails and messages.
This website understands that the Comanchero have linked up with a Mexican drug cartel importing cocaine into Australia and are sharing technology.

''There is nothing strange in organised crime having better access to technology than the authorities,'' said Michael Kennedy, a former NSW detective and an academic at the University of Western Sydney. ''The bikies are becoming more entrepreneurial and, after all, organised crime is a business enterprise. Crime groups will share technology if it helps them.''
The Comanchero are thought to use the Mexican phones with global roam activated. It costs a great deal of money to constantly use the roaming facility but for criminals, communications that cannot be monitored are priceless.
What makes the BlackBerrys so hard to tap is that Mexico has no reliable register of handsets, mobile numbers or users. Vendors are unregistered and sell the phones and SIM cards for cash, no questions asked. The UN Office on Drugs and Crime reports Mexico has 83 million mobile phones and government attempts to set up an official registry are failing.
As well, the encrypted BlackBerry messaging service is routed through a server Australian authorities haven't been able to access.
It is not known how many of the phones are in Australia and in the hands of organised crime groups. But experts agree the criminals will keep the technology among themselves as long as they can.
''The Australian Crime Commission is aware that organised crime networks will continually take opportunities, some real and some imagined, to use new technologies to try to escape the law,'' said its chief executive John Lawler.
The Australian Federal Police would not say whether they had seized Mexican phones. But a spokesman said they were working with national and international authorities and industry groups to ensure it was up to speed ''on the challenges posed by criminal networks''.
Last year, this website revealed that the feared Mexican Sinaloa drug cartel was regularly importing cocaine into Australia. It was also revealed that several men with ties to Mexico, the US and Guatemala had set up a drug distribution network in NSW, which is now understood to have included links to the Comanchero.
Former NSW Police assistant commissioner Clive Small said the Mexicans were trying to expand their drug markets in Australia, so would be seeking out new contacts like the bikie gangs to buy their shipments.
Just over a year ago, Clayton Roueche, head of a Canadian drug smuggling ring with Australian connections, was jailed for 30 years. The boss of the drug gang known as the ''United Nations'' had been running his empire using a coded BlackBerry telephone. He was eventually caught - not by telephone surveillance but by border security officials in Mexico."

What's your opinion on this article? Are encrypted Blackberries the best way to communicate?
Title: Re: Bikies beat police phone taps with encrypted cell phones
Post by: SelfSovereignty on April 24, 2013, 04:08 pm
This absolutely reeks of propaganda... reeks of it.  I'm not familiar with BlackBerry phones, but if anyone other than the phone owner -- ANYONE, even the manufacturer -- is able to decrypt the data on (or that comes from / goes to) those phones, you can bet that law enforcement will be able to as well.
Title: Re: Bikies beat police phone taps with encrypted cell phones
Post by: AussieMitch on April 24, 2013, 04:15 pm
Does anyone have any recommendations on the best phones to buy that can handle full encryption of the operating system and data, public key or similar text message encryption and encrypted calls?

This is not for anything drug-related, I'm very careful to keep that shit off my phone, I just like the idea of the police not being able to tap my phone or monitor my communications.
Title: Re: Bikies beat police phone taps with encrypted cell phones
Post by: SelfSovereignty on April 24, 2013, 05:00 pm
Does anyone have any recommendations on the best phones to buy that can handle full encryption of the operating system and data, public key or similar text message encryption and encrypted calls?

This is not for anything drug-related, I'm very careful to keep that shit off my phone, I just like the idea of the police not being able to tap my phone or monitor my communications.

Stay away from iOS (iPhones / iPads / iPods).  Apple's prohibitive terms allow them to blacklist any app too much like theirs, and they have their own apps for that.  Which they can break themselves at will, I believe, which means the gov't can do it at will too.

TextSecure for Android uses the OTR protocol, which to my knowledge is secure.  It's like using OTR for an IM conversation, except it takes place over text messages.  You get about 60 characters per text message, FYI (the rest is used up by the encryption stuff).

RedPhone is supposed to give you totally encrypted voice conversations... but I don't know if it works.  I'm also unsure about whether or not it could be changed in the future to be less than secure, even without notifying users when it happens.  A lot of stuff goes through or to their servers, which is usually bad.  I haven't looked at the details of it though: it may be perfectly harmless, I can't tell you either way.

Those are the best two options, I believe.  There's also Gibberbot that supports OTR for Jabber and XMPP (google talk, etc.) services.  And one or two others that I don't know off hand.  In a nutshell, iOS leaves you in a bad position.  Google's not exactly your friend, but Android at least has the luxury of a few options to choose from -- instead of basically none... also, if your phone isn't rooted with a custom ROM, assume all keystrokes and gestures are logged (because they could be and actually very well may be).

Like I said, I'm not familiar with Blackberry phones, so I can't say about those.  Don't know about modern Windows phones either.  They didn't used to have anything like that, but a lot changes in 5+ years these days and all my info on them is from 5+ years ago.
Title: Re: Bikies beat police phone taps with encrypted cell phones
Post by: cheechw on April 24, 2013, 05:03 pm
Phil Zimmermann of PGP fame has a new website: https://silentcircle.com that says it will do just that and apparently considerably more. The swiss army knife of encryption individual/corporate (encrypted mail, encrypted mobile calls, encrypted VOIP teleconferencing, and encrypted instant messaging):)  Currently in private beta with a public beta supposedly available July 15.
Title: Re: Bikies beat police phone taps with encrypted cell phones
Post by: 1mIcedout on April 24, 2013, 05:53 pm
Interested in this too..
Title: Re: Bikies beat police phone taps with encrypted cell phones
Post by: AussieMitch on April 25, 2013, 07:08 am
Thank you for the helpful reply SelfSovereignty :)
Title: Re: Bikies beat police phone taps with encrypted cell phones
Post by: sourman on April 25, 2013, 01:09 pm
This absolutely reeks of propaganda... reeks of it.  I'm not familiar with BlackBerry phones, but if anyone other than the phone owner -- ANYONE, even the manufacturer -- is able to decrypt the data on (or that comes from / goes to) those phones, you can bet that law enforcement will be able to as well.

They use unregistered handsets purchased with cash so LE doesn't know who to tap. It's basically a burner blackberry. I'm not sure if it matters that they're registered in Mexico; if the servers used by those phones are located there, that makes it even more difficult for them.

US authorities can tap blackberries if they have a search warrant to get the encryption keys from RIM's domestic servers. The Saudis were pissed because they had no jurisdiction to broadly tap devices using secure connections abroad.

Anyone who needs this level of communication really should have a better adviser than the SR forums, but for everyone else, regular burner phones or something like that TextSecure app you mentioned are the way to go. I agree that iOS, jailbroken or not, is not secure from LE unless you're a mac geek and know what you're doing. They have forensic tools that will reap it locally and if they have a search warrant, anything you sent/received with it is ripe for the picking unless it's encrypted end-to-end with 3rd party apps. Not sure about Windows Phone, but the older Windows Mobile devices were quite secure and supported reasonably strong storage card encryption.
Title: Re: Bikies beat police phone taps with encrypted cell phones
Post by: MRSIN on April 25, 2013, 01:25 pm
These are doing the rounds in AUS at the moment. Im no techwizard but from what ive heard they are bbm only phones that use a overseas private server. Im told you can only commuicate with others that have the same phone. How safe these are? i have no idea, but i know they are selling them for a small fortune.
Title: Re: Bikies beat police phone taps with encrypted cell phones
Post by: pine on April 25, 2013, 09:11 pm
Encrypted PGP messages are the best way to communicate when doing business. Quell surprise! PGP porridge and no ice-cream until after folks.

The reason is this: any flaw, exploit or disruption of service is predictable. We are likely to see it coming a mile down the road, just like the attacks on MD5 in academia showed it was flawed long before it was viable for most people to be taking advantage of it.

Whereas the motorcycle gangs are using strong, but brittle encryption. It works for as long as RIM wants it to. Because RIM can update everybody's firmware on the Blackberries to include a backdoor if they don't have one, but of course they do. RIM are probably either looking for a pay-off, or else this is a conspiracy between RIM and LE. Extortion or conspiracy, take your pick. Unless you think RIM are going to defend Hells Angels tooth and nail? Nah. Better to sell very expensive services, and then get the drop on them and pull the plug all at once, two payoffs!

I cannot understand why people go to such lengths when free alternatives exist that are demonstratively non-fragile.

It would be dramatically cheaper and more effective for them to use simple cheap notebook computers with PGP installed, and to use anonymizers to access the internet with some 3G or 4G mobile internet link. The only trouble would be updating everybody on the network with how to use PGP, but that is a one time investment. I suspect the desire to use phones at all costs really has more to do with enforcing hierarchy, keeping the pecking order, than anything else.

Finally the fact you can use signed PGP messages means you can authenticate any people on your network.

If you want to conduct transnational organized crime, you have to give up some conveniences. Like chatting like a bunch of fucking teenage girls. The only reason why they're using Blackberry phones is that there are so many other flaws in their operational security that this particular one seems largely theoretical to them.
Title: Re: Bikies beat police phone taps with encrypted cell phones
Post by: pine on April 25, 2013, 10:17 pm
Welcome to 2009 or so.

Yes, encrypted communications via Blackberry is possible and I used to use them in such a manner. Two friends and myself linked three Blackberries through a comp running a Blackberry server at a fourth person's house. Blackberry Messenger is the be e's knees when it comes to drug dealing and the coordination of such.

Upgrade to PGP Club!

Or Die! Devildog! Die! Die!

"This is Pine the Platypus and I approve of this message." :))

Title: Re: Bikies beat police phone taps with encrypted cell phones
Post by: pine on April 25, 2013, 10:36 pm
Welcome to 2009 or so.

Yes, encrypted communications via Blackberry is possible and I used to use them in such a manner. Two friends and myself linked three Blackberries through a comp running a Blackberry server at a fourth person's house. Blackberry Messenger is the be e's knees when it comes to drug dealing and the coordination of such.

Upgrade to PGP Club!

Or Die! Devildog! Die! Die!

"This is Pine the Platypus and I approve of this message." :))

Why would you assume that I do not use PGP? Not only have I been using software such as OTR over Pidgin since 2010, but I also have an S+ certification, among other training.

I am teasing you :))

Dying is unnecessary Angelcat! Completely unnecessary!

Title: Re: Bikies beat police phone taps with encrypted cell phones
Post by: ItalianMafiaBrussels on May 26, 2013, 10:51 pm
Why all the hassle with the offshore phone server, and why trust RIM ?

Just get a (preferably open source) encrypted VOIP app that you can install on your Android phone, that works over 3G.

Easy, cheap, and no need for trusting any 3rd party company.

Title: Re: Bikies beat police phone taps with encrypted cell phones
Post by: SuperTrips on May 26, 2013, 11:34 pm
It's not RIM providing the service. It's not default on every blackberry.

Every major trader in the Netherlands, and even dealers use them as well. They are "custom" built blackberries, they usually are about 3000USD per 6 months here, then you have to go get a new one because the entire OS kills itself. You can only send emails with them, and those are PGP encrypted.

You can only communicate with people who have the exact same model from the custom builder. And everybody has one because the people you do business with has one too.

I tried converting people to free opensource android phones where there are a lot of apps with OTR, PGP, you name it, but nobody trusts it since it's all free (and easy) and you don't have to switch phones every now and then. Those PGP blackberries are incredibly cumbersome, slow, but somehow everybody trusts them because everybody buys them.
Title: Re: Bikies beat police phone taps with encrypted cell phones
Post by: astor on May 26, 2013, 11:59 pm
Quote
The telecommunications black hole exploited by the Comanchero gang and drug cartels has come to light after countries around the world - worried about terrorism and national security - threatened to ban BlackBerrys unless they were given the codes to break the encryption on emails and messages.

This is great. If the government / LE have a backdoor, then so does everyone else.

https://en.wikipedia.org/wiki/Greek_wiretapping_case_2004%E2%80%932005

https://en.wikipedia.org/wiki/SISMI-Telecom_scandal

Title: Re: Bikies beat police phone taps with encrypted cell phones
Post by: jase00 on May 27, 2013, 01:44 am
anyone use a PGP app that doesn't integrate with the standard mailbox on android ?

I use PGP-lite and after the msg is decrypted it sits in the normal inbox.. which is kinda handy on the one hand.. not so handy on the other.