Encrochat busted by NCA
Discussion
jimothyc said:
Well that's a properly major operation. Looks like the police can do more than send the odd tweet and fly the odd drone.
Does anyone have anymore information on the hacking of the system. Was that Police led, NCA, GCHQ or a random white hat?
Sounds like they managed to get malware onto pushed updates, very interesting. Kudos to PlodDoes anyone have anymore information on the hacking of the system. Was that Police led, NCA, GCHQ or a random white hat?
jimothyc said:
Well that's a properly major operation. Looks like the police can do more than send the odd tweet and fly the odd drone.
Does anyone have anymore information on the hacking of the system. Was that Police led, NCA, GCHQ or a random white hat?
French feds are believed to have compromised the devices over the past few months, and from what I have read pretty much have full transcripts saved from all affected devivces.Does anyone have anymore information on the hacking of the system. Was that Police led, NCA, GCHQ or a random white hat?
Murph7355 said:
I often wonder at the wisdom of publishing stuff like that.
Just keep it on the QT and publish stats that show more crime being solved. If you must say anything, keep it generic - "new methods achieving huge success rates" etc.
Yeah it's a bit like when they cracked enigma. You had to be careful what information you respond to, or you end up killing the golden goose.Just keep it on the QT and publish stats that show more crime being solved. If you must say anything, keep it generic - "new methods achieving huge success rates" etc.
Murph7355 said:
I often wonder at the wisdom of publishing stuff like that.
Just keep it on the QT and publish stats that show more crime being solved. If you must say anything, keep it generic - "new methods achieving huge success rates" etc.
It will have got to the point where the bad guys realised it had been compromised & so the game was probably done....Just keep it on the QT and publish stats that show more crime being solved. If you must say anything, keep it generic - "new methods achieving huge success rates" etc.
Wombat3 said:
It will have got to the point where the bad guys realised it had been compromised & so the game was probably done....
On the lunchtime news they said this was the case, they'd been 'watching' the conversations for a while but people had sussed what was up so they did the raids.Wombat3 said:
Murph7355 said:
I often wonder at the wisdom of publishing stuff like that.
Just keep it on the QT and publish stats that show more crime being solved. If you must say anything, keep it generic - "new methods achieving huge success rates" etc.
It will have got to the point where the bad guys realised it had been compromised & so the game was probably done....Just keep it on the QT and publish stats that show more crime being solved. If you must say anything, keep it generic - "new methods achieving huge success rates" etc.
With the levels of encryption available off the shelf these days, compromised ids will be the key mechanism over anything more clever. Just like the crims use.
I’m firmly in the camp of not telling the enemy everything
Some things are better left unsaid
There are mechanisms to protect the methods and the source available in the legal system
I wonder whether it’s another case if politics getting in the way of effective policing
Politicians wanting a “big” success to crow about
Some things are better left unsaid
There are mechanisms to protect the methods and the source available in the legal system
I wonder whether it’s another case if politics getting in the way of effective policing
Politicians wanting a “big” success to crow about
Earthdweller said:
I’m firmly in the camp of not telling the enemy everything
Some things are better left unsaid
There are mechanisms to protect the methods and the source available in the legal system
I wonder whether it’s another case if politics getting in the way of effective policing
Politicians wanting a “big” success to crow about
Unless there was no hack, they just got to someone on the inside and they need to cover that....Some things are better left unsaid
There are mechanisms to protect the methods and the source available in the legal system
I wonder whether it’s another case if politics getting in the way of effective policing
Politicians wanting a “big” success to crow about
Looks like a combination of French and Dutch agencies did the infiltration
From the NCA release
"Since 2016, the National Crime Agency has been working with international law enforcement agencies to target EncroChat and other encrypted criminal communication platforms by sharing technical expertise and intelligence.
Two months ago this collaboration resulted in partners in France and the Netherlands infiltrating the platform. The data harvested was shared via Europol."
From the NCA release
"Since 2016, the National Crime Agency has been working with international law enforcement agencies to target EncroChat and other encrypted criminal communication platforms by sharing technical expertise and intelligence.
Two months ago this collaboration resulted in partners in France and the Netherlands infiltrating the platform. The data harvested was shared via Europol."
Vice has a couple of stories about it
https://www.vice.com/en_uk/article/3aza95/how-poli...
https://www.vice.com/en_uk/article/3aza95/how-poli...
Edited by anonymous-user on Thursday 2nd July 13:42
Criminals will always have trouble sustaining a large encrypted network. By definition, you're giving endpoints to criminal scumbags, so one will eventually end up in the wrong hands. Once you've lost control of endpoints, and don't have a tight process for disabling them, then your software will be broken eventually. If this has been running since 2016, they had a good run at it.
Problem is, just as in music piracy, every attack makes you stronger. The next system won't have "servers" to attack, will be far more distributed, and much easier to refute your involvement with.
Problem is, just as in music piracy, every attack makes you stronger. The next system won't have "servers" to attack, will be far more distributed, and much easier to refute your involvement with.
La Liga said:
I don't want to set them off, but a security priority for Brexit is retaining (if possible) the same relationship with and access to Europol (along with the relevant databases).
Set who off?I voted Leave and think this would be eminently sensible too.
Isn't our intelligence and security service capability well regarded globally too?
Gassing Station | News, Politics & Economics | Top of Page | What's New | My Stuff