Secure Comms: Op VENETIC - EncroChat Secure Phones Subverted by Govts

Tue Sep 15 11:32:41 PDT 2020

grarpamp wrote:

> On 7/3/20, jim bell <jdb10987 at yahoo.com> wrote:
> > https://www.cnn.com/2020/07/02/uk/encrochat-crime-messaging-cracked-intl-gbr-scli/index.html
> 
> https://www.vice.com/en_us/article/k7qjkn/encrochat-hack-gps-messages-passwords-data
> https://www.lincs.police.uk/news-campaigns/news/2020/operation-venetic-multi-million-pound-conspiracy-uncovered/
> https://telecoms.com/505343/encrochat-hack-shows-theres-no-such-thing-as-secure-communications/
> https://www.dailymail.co.uk/news/article-8486915/Royals-politicians-celebrities-used-secret-EncroChat-phone-network.html
> https://www.vice.com/en_us/article/pa73dz/fbi-tried-to-plant-backdoor-in-encrypted-phone-phantom-secure
> 
> https://www.youtube.com/watch?v=X-Pv9CU1mjE Myntex Encro Phone is not secure
> https://www.youtube.com/watch?v=mUdugZjTPho EncroChat Phone Hacked
> 
> https://puri.sm/products/librem-5/
> https://www.pine64.org/pinephone/
> Both Linux and BSD are developing to run on these phones.
> Many other Unix phones coming in next few years.
> https://amosbbatto.wordpress.com/2020/08/25/comparing-linux-phones/
> https://forums.puri.sm/t/comparing-specs-of-upcoming-linux-phones/6827
> 
> 
> "
> The malware that French law enforcement deployed en masse onto
> Encrochat devices, a large encrypted phone network using Android
> phones, had the capability to harvest "all data stored within the
> device," and was expected to include chat messages, geolocation data,
> usernames, passwords, and more, according to a document obtained by
> Motherboard. From the report: The document adds more specifics around
> the law enforcement hack and subsequent takedown of Encrochat earlier
> this year. Organized crime groups across Europe and the rest of the
> world heavily used the network before its seizure, in many cases to
> facilitate large scale drug trafficking. The operation is one of, if
> not the, largest law enforcement mass hacking operation to date, with
> investigators obtaining more than a hundred million encrypted
> messages. "The NCA has been collaborating with the Gendarmerie on
> Encrochat for over 18 months, as the servers are hosted in France. The
> ultimate objective of this collaboration has been to identify and
> exploit any vulnerability in the service to obtain content," the
> document reads, referring to both the UK's National Crime Agency and
> one of the national police forces of France. As well as the
> geolocation, chat messages, and passwords, the law enforcement malware
> also told infected Encrochat devices to provide a list of WiFi access
> points near the device, the document reads.
> "

Privacy/Security/Anonymity costs money.

How about two phones, one compromised and the other one without a SIM-Card
and WiFi/GPS tracking disabled and (encrypted and anonymous usage) message
creation is done on the second offline phone and transfered with a serial
USB cable and Terminal Software, which shows the bytes amount transfered.

This way also very small encrypted Voice messages can be created on the
offline phone, then spoken via the compromised phone.

Regards
Stefan