Encrochat busted by NCA
Discussion
Stussy said:
This is a very interesting video generally about transatlantic cables and data, but also touches on how when an ISP’s data passes through the U.K. it allows direct access to that data by GCHQ.
It does make you wonder just how much of everyday data is analysed and looked at
https://youtu.be/K_nnUbX7uuQ
Probably less than I might initially think. It would be hard work decrypting all those VPN user traffic with HTTPS on top of that. Probably even harder if they use the Tor browser.It does make you wonder just how much of everyday data is analysed and looked at
https://youtu.be/K_nnUbX7uuQ
Stussy said:
This is a very interesting video generally about transatlantic cables and data, but also touches on how when an ISP’s data passes through the U.K. it allows direct access to that data by GCHQ.
It does make you wonder just how much of everyday data is analysed and looked at
https://youtu.be/K_nnUbX7uuQ
Indeed. In much the same manner as the Prism program, referred to in the Snowden leaks. The GCHQ capability is part of that.It does make you wonder just how much of everyday data is analysed and looked at
https://youtu.be/K_nnUbX7uuQ
Bulk interception is very much a thing. If you want to dive further down that particular rabbit hole, reading about programs such as XKeyscore gives an indication of the capabilities of the intelligence agencies. Excellent article by the Intercept on it here:
https://theintercept.com/2015/07/01/nsas-google-wo...
A bit beyond the scope of the kind of operation the topic is referring to though.
s2art said:
. Probably even harder if they use the Tor browser.
Tor is an interesting browser. Back when it was developed the US Navy (who built it/ordered it) realised that if the only people using it were the US military or US agents, then anyone could work out that their site had been accessed by someone working for the US government. To ensure that couldn't happen they had to make it available to everyone, and in doing so offer the same level of anonymity as the US agents had when using the browser. Given the level of access government agencies have to internet traffic, what can the average Joe do to be more privacy conscious, without resorting to the extremes of encrypted phones or Tor browsers?
Condi said:
Tor is an interesting browser. Back when it was developed the US Navy (who built it/ordered it) realised that if the only people using it were the US military or US agents, then anyone could work out that their site had been accessed by someone working for the US government. To ensure that couldn't happen they had to make it available to everyone, and in doing so offer the same level of anonymity as the US agents had when using the browser.
Given the level of access government agencies have to internet traffic, what can the average Joe do to be more privacy conscious, without resorting to the extremes of encrypted phones or Tor browsers?
It is quite amusing that one half of the US Govt developed, funded, and continues to provide some funding for TOR, while another section of the US Govt does its best to hack it.... Given the level of access government agencies have to internet traffic, what can the average Joe do to be more privacy conscious, without resorting to the extremes of encrypted phones or Tor browsers?
In answer to your question, very little, if your threat model is the NSA/ GCHQ. If you just want to stop commercial entities tracking you quite so much, then looking at the privacy settings in your browser and selecting the most privacy conscious ones, using blockers like NoScript, Ghostery, Ublock etc. Firefox is probably the browser most tinker-able with to achieve this kind of thing (Tor Browser, incidentally, is based on Firefox). Though it's always a trade off - the more things you block and restrict, the less convenient things will be. Depends how concerned you are about it really!
I have always assumed the government can and do have access to all my data regardless of what the law says. But I also assume they don't care that much either and so ignore most people most of the time. Plus unless you are actively breaking the law the Cambridge analytica documentary showed you data can nudge and target but most people are not affected greatly but such things is a small but important minority.
So unless the UK government comes over all China social control it does not matter
So unless the UK government comes over all China social control it does not matter
Condi said:
s2art said:
. Probably even harder if they use the Tor browser.
Tor is an interesting browser. Back when it was developed the US Navy (who built it/ordered it) realised that if the only people using it were the US military or US agents, then anyone could work out that their site had been accessed by someone working for the US government. To ensure that couldn't happen they had to make it available to everyone, and in doing so offer the same level of anonymity as the US agents had when using the browser. Given the level of access government agencies have to internet traffic, what can the average Joe do to be more privacy conscious, without resorting to the extremes of encrypted phones or Tor browsers?
JPJPJP said:
Having been reading a few bits and pieces about it, I am already being remarketed to by one of the would be successors! Omerta Digital which says it is based in Dundee... and makes "fully encrypted, anti surveillance, security hardened smartphones for privacy concerned individuals & businesses"
Or try Saul Goodman, white van, construction site, Albuqerques2art said:
For starters use a good VPN. Also check out the Brave browser (it offers a tor tab). Use duckduck go.
VPN good shout, though given you're funnelling your data through them, you need to be able to trust them too - generally speaking, free VPNs will snoop on it, paid for ones less so. You pay, either with your data, or your money.Brave browsers Tor tab - rightly or wrongly, I'd be a bit wary of implementations of Tor that aren't officially endorsed by The Tor Project. Not sure if Brave is or not?
TOR / VPNs etc are only as secure as the exit points - there have been quite a few cases where state level actors have intercepted TOR traffic by having their own exit points, or even bad actors looking to steal data:
https://nakedsecurity.sophos.com/2015/06/25/can-yo...
Same applies to VPNs - and depending on how you have your VPN setup you can actually *reduce* your security because you are exposing your machine direct to the internet - you lose the protection that your home router / firewall gives in return for hiding your IP address.
In terms of privacy - if someone with the means wants to track you, they will, as an average user there's little you could do about it - but unless you are a crime kingpin I wouldn't worry about it. They could track your car everywhere you drive via ANPR / CCTV but you probably don't worry about that, it's much the same. If you are worried about facebook etc tracking you - use a decent browser with security plugins (noscript / adblockers / ublock etc), don't use the major search engines, don't do 'sign in with facebook / google / etc' or use any of their services, browse in incognito mode all of the time, don't shop at amazon, watch netflix etc. Or just burn your PC as that level of paranoia is going to make your internet experience pretty miserable
https://nakedsecurity.sophos.com/2015/06/25/can-yo...
Same applies to VPNs - and depending on how you have your VPN setup you can actually *reduce* your security because you are exposing your machine direct to the internet - you lose the protection that your home router / firewall gives in return for hiding your IP address.
In terms of privacy - if someone with the means wants to track you, they will, as an average user there's little you could do about it - but unless you are a crime kingpin I wouldn't worry about it. They could track your car everywhere you drive via ANPR / CCTV but you probably don't worry about that, it's much the same. If you are worried about facebook etc tracking you - use a decent browser with security plugins (noscript / adblockers / ublock etc), don't use the major search engines, don't do 'sign in with facebook / google / etc' or use any of their services, browse in incognito mode all of the time, don't shop at amazon, watch netflix etc. Or just burn your PC as that level of paranoia is going to make your internet experience pretty miserable
pip t said:
s2art said:
For starters use a good VPN. Also check out the Brave browser (it offers a tor tab). Use duckduck go.
VPN good shout, though given you're funnelling your data through them, you need to be able to trust them too - generally speaking, free VPNs will snoop on it, paid for ones less so. You pay, either with your data, or your money.Brave browsers Tor tab - rightly or wrongly, I'd be a bit wary of implementations of Tor that aren't officially endorsed by The Tor Project. Not sure if Brave is or not?
Mannginger said:
The article literally says they knew they'd been compromised:
I'm sure the arrests were made before the 13th of June.Article said:
On 13 June EncroChat realised the platform had been penetrated and sent a message to its users urging them to throw away their handsets.
Greendubber said:
Mannginger said:
The article literally says they knew they'd been compromised:
I'm sure the arrests were made before the 13th of June.Article said:
On 13 June EncroChat realised the platform had been penetrated and sent a message to its users urging them to throw away their handsets.
Genius.
98elise said:
I suspect any intelligence methods that won't be exposed the trail, will remain "unsaid". The intelligence services are not stupid. You may even find they are using the press to misdirect the public (and the "enemy") about their methods.
Parallel sourcing of information and PII (https://en.wikipedia.org/wiki/Public-interest_immunity) may be used to protect sensitive tactics.Big Rig said:
Fascinating subject hacking, can anyone explain how they actually did it?
No, it's very unlikely that we'll ever find out the details as it will be a closely-guarded secret. There are plenty of similar services out there, and no one wants to give them any assistance to elude future attention from law enforcement.random_username said:
TOR / VPNs etc are only as secure as the exit points - there have been quite a few cases where state level actors have intercepted TOR traffic by having their own exit points, or even bad actors looking to steal data:
https://nakedsecurity.sophos.com/2015/06/25/can-yo...
Same applies to VPNs - and depending on how you have your VPN setup you can actually *reduce* your security because you are exposing your machine direct to the internet - you lose the protection that your home router / firewall gives in return for hiding your IP address.
In terms of privacy - if someone with the means wants to track you, they will, as an average user there's little you could do about it - but unless you are a crime kingpin I wouldn't worry about it. They could track your car everywhere you drive via ANPR / CCTV but you probably don't worry about that, it's much the same. If you are worried about facebook etc tracking you - use a decent browser with security plugins (noscript / adblockers / ublock etc), don't use the major search engines, don't do 'sign in with facebook / google / etc' or use any of their services, browse in incognito mode all of the time, don't shop at amazon, watch netflix etc. Or just burn your PC as that level of paranoia is going to make your internet experience pretty miserable
Just occurred to me. If you made some money from selling the marching powder all in cash. Can you set up a corporate structure of some sort, have it buy some land, you then live on this isolated land (i am thinking foresst area in the US Canada etc) and build a cabin and live totally off the grid.https://nakedsecurity.sophos.com/2015/06/25/can-yo...
Same applies to VPNs - and depending on how you have your VPN setup you can actually *reduce* your security because you are exposing your machine direct to the internet - you lose the protection that your home router / firewall gives in return for hiding your IP address.
In terms of privacy - if someone with the means wants to track you, they will, as an average user there's little you could do about it - but unless you are a crime kingpin I wouldn't worry about it. They could track your car everywhere you drive via ANPR / CCTV but you probably don't worry about that, it's much the same. If you are worried about facebook etc tracking you - use a decent browser with security plugins (noscript / adblockers / ublock etc), don't use the major search engines, don't do 'sign in with facebook / google / etc' or use any of their services, browse in incognito mode all of the time, don't shop at amazon, watch netflix etc. Or just burn your PC as that level of paranoia is going to make your internet experience pretty miserable
I mean you would not be gangstas paradise but that might be only way to leave no trace.
Might just be easier to not be a criminal.
Some really knowledgeable people on here and some really interesting stuff, although I have to admit that 95% of it goes over my head.
I'm just a retired heavy plant man but all this talk of encryption and secret browsers is absolutely fascinating, thank you chaps for all your input.
I'm off to find my lump hammer and modify my Nokia 3330 for secrecy reasons.
I'm just a retired heavy plant man but all this talk of encryption and secret browsers is absolutely fascinating, thank you chaps for all your input.
I'm off to find my lump hammer and modify my Nokia 3330 for secrecy reasons.
s2art said:
pip t said:
s2art said:
For starters use a good VPN. Also check out the Brave browser (it offers a tor tab). Use duckduck go.
VPN good shout, though given you're funnelling your data through them, you need to be able to trust them too - generally speaking, free VPNs will snoop on it, paid for ones less so. You pay, either with your data, or your money.Brave browsers Tor tab - rightly or wrongly, I'd be a bit wary of implementations of Tor that aren't officially endorsed by The Tor Project. Not sure if Brave is or not?
Brave Website said:
What if I want absolute anonymity while browsing?
With Tor, Brave works hard to ensure that you’re extremely difficult to track online while providing a delightful browsing experience. But if your personal safety depends on remaining anonymous you may wish to use the Tor Browser instead.
You probably won't have problems using Tor through Brave, and if you're simply doing it for 'normal' privacy reasons it's fine. If you have a truly compelling reason for using Tor to remain as anonymous as possible though (And let's remember there are legitimate reasons people need this, as well as the widely publicised illegitimate reasons), best to use the actual Tor browser.With Tor, Brave works hard to ensure that you’re extremely difficult to track online while providing a delightful browsing experience. But if your personal safety depends on remaining anonymous you may wish to use the Tor Browser instead.
Tom Logan said:
Some really knowledgeable people on here and some really interesting stuff, although I have to admit that 95% of it goes over my head.
I'm just a retired heavy plant man but all this talk of encryption and secret browsers is absolutely fascinating, thank you chaps for all your input.
I'm off to find my lump hammer and modify my Nokia 3330 for secrecy reasons.
Meh, you'll need more than a lump hammer to kill that I'm just a retired heavy plant man but all this talk of encryption and secret browsers is absolutely fascinating, thank you chaps for all your input.
I'm off to find my lump hammer and modify my Nokia 3330 for secrecy reasons.
It is fascinating - and I'm far from an expert, I'd say I'm at the level of enthusiastic amateur
Edited by pip t on Friday 3rd July 21:26
Edited by pip t on Friday 3rd July 21:27
Gassing Station | News, Politics & Economics | Top of Page | What's New | My Stuff