"whoosh" <waves hand over head>...

aka "No idea what this is referring to - some form of context??"

jamesrt:

 

"whoosh" <waves hand over head>...

 

aka "No idea what this is referring to - some form of context??"

 

NZ's small part in the story here:

https://www.stuff.co.nz/national/crime/300327041/police-execute-search-warrants-throughout-the-north-island-and-part-of-transnational-operation-targeting-organised-crime

Millions of encrypted messages sent using the an0m app intercepted by police globally.

I think the figure given was that 1650 members of organised crime syndicates in Aus have been tricked into outing their deepest secrets - and it's not about cheating on their wives.

Rumours abounding that this is going to drag in business and government officials in Aus who "facilitated" money laundering and drug importing by crime syndicates.

Seems that some of the bosses aren't domiciled in Aus.  This news article came out before the "Operation Ironside" raids:

https://www.smh.com.au/national/the-cartel-of-australian-mr-bigs-responsible-for-1-5b-drug-imports-20210603-p57xp0.html

The revelations – which extend to confidential law enforcement assessments that Australia’s premier airline Qantas has been infiltrated by criminals – thrust the issue of organised crime back into the spotlight.

You think with the money involved the gangs would learn some basic Opsec. Or at least hire someone to teach them how.

Using a site the promises to keep your secrets, how thick can you be really. They proberly suscribed to a VPN too 😊

Fred99:

 

who "facilitated" money laundering

 

Slightly off topic but what amazes me is that the AML (anti money laundering) legislation/checks dont seem to be effective.

It took me several months to open a business bank account for a legitimate registered company (so many hoops) but these organisatiosn just seem to get away with it. My own bank (who Ive been with for 20+ years) were very unhelpful.

Surely the better way to implement AML is through better detection of suspicious transactions rather than from the outset of opening an account.

cruxis:

 

You think with the money involved the gangs would learn some basic Opsec. Or at least hire someone to teach them how.

 

Using a site the promises to keep your secrets, how thick can you be really. They proberly suscribed to a VPN too 😊

 

Perhaps the best part is that's probably what they effectively did.  Get supplied burner phones with a securely encrypted app loaded.  What could possibly go wrong?

Fred99:

 

Perhaps the best part is that's probably what they effectively did.  Get supplied burner phones with a securely encrypted app loaded.  What could possibly go wrong?

 

But I was told that secure encryption would cause the collapse of law and order, dogs & cats living together, suburban igloos in hell etc. Surely you can't be serious?

SaltyNZ:

 

Fred99:

 

Perhaps the best part is that's probably what they effectively did.  Get supplied burner phones with a securely encrypted app loaded.  What could possibly go wrong?

 

 

 

 

But I was told that secure encryption would cause the collapse of law and order, dogs & cats living together, suburban igloos in hell etc. Surely you can't be serious?

 

I'm not sure if you're being serious.  They didn't know that the encrypted app was back-doored.

Apparently the "trojan" burner phones were supplied in Aus to the syndicates by Hakan Ayik.  Google image search of him suggests to me that if he says the phones are good - you'd probably best agree.

Good opsec when facing nation state's in your threat model doesn't translate to easy to access communications. Not surprised that even at their level they got busted if mobiles were being used as secure comm's lines

Fred99:

 

I'm not sure if you're being serious.  They didn't know that the encrypted app was back-doored.

 

Apparently the "trojan" burner phones were supplied in Aus to the syndicates by Hakan Ayik.  Google image search of him suggests to me that if he says the phones are good - you'd probably best agree.

 

I am being completely serious, if sarcastic. All around the world - including NZ, as of the GCSB and TICSA acts of 2013 - law enforcement have been crying about how true end-to-end strong encryption would make criminals "go dark" and it would be impossible to track and prosecute organised crime. They even literally trotted out "won't somebody please think of the children?" by invoking CP.

This, if anything, is proof yet again that all of those arguments are at best lazy if not outright lies. There is always, always a way to get that information without compromising the rights of innocent people en masse.

Waiting for the live now...

SaltyNZ:

 

Fred99:

 

I'm not sure if you're being serious.  They didn't know that the encrypted app was back-doored.

 

Apparently the "trojan" burner phones were supplied in Aus to the syndicates by Hakan Ayik.  Google image search of him suggests to me that if he says the phones are good - you'd probably best agree.

 

 

I am being completely serious, if sarcastic. All around the world - including NZ, as of the GCSB and TICSA acts of 2013 - law enforcement have been crying about how true end-to-end strong encryption would make criminals "go dark" and it would be impossible to track and prosecute organised crime. They even literally trotted out "won't somebody please think of the children?" by invoking CP.

 

This, if anything, is proof yet again that all of those arguments are at best lazy if not outright lies. There is always, always a way to get that information without compromising the rights of innocent people en masse.

 

Yes.  But the encryption wasn't "cracked" - the app had a back door put in it and apparently was delivered pre-loaded on devices.  Presumably that mistake won't happen again.

Edit:

PM Scott Morrison fronting the start of the press conference.

Much talk about encrypted apps.

I suspect this is prelude to a global assault on use of encryption / increasing surveillance.

The rest is just continuation of the failed war on drugs.  AFP seizing $45 million (so far) from these raids is peanuts.   

[Mod edit (MF): no funny names]

Fred99:

 

Yes.  But the encryption wasn't "cracked" - the app had a back door put in it and apparently was delivered pre-loaded on devices. 

 

Exactly my point. Broken encryption is not required in order for law enforcement to get the data if they need it.

 

Presumably that mistake won't happen again.

 

I wouldn't bet on it. People always slip up somewhere.

Fred99:

 

Yes.  But the encryption wasn't "cracked" - the app had a back door put in it and apparently was delivered pre-loaded on devices.  Presumably that mistake won't happen again.

 

As is pretty much always the case...

You rarely break into the vault through the great big steel front door, you look round the back for a vent pipe or other access and go in there...

When the FBI took down Silk road, they did it by taking over nodes and watched the traffic being passed around the network..with enough coverage they were able to chart the entry and exit points...