Fascinating read on how the FBI ran Anom encrypted phone company. In particular:

“We wanted to shatter the trust in the encrypted phone industry that catered to criminals.”

The question remaining is: how can we as non-criminals still trust encrypted messengers?

· · Web · 2 · 2 · 4

The FBI had to disclose their operation at some point for legal reasons. Russian or Chinese APTs are not bound by such rules. How do we know that they haven’t compromised some encrypted messengers already and are reading all communications?

And with Signal making rather questionable crypto decisions lately, how do we know who is currently pulling the strings there?

Yes, it’s easy to get all paranoid here. The big question is whether the paranoia is justified, and I don’t expect the answer to turn up any time soon. All we get is a suspicion that there might be more things going on than busting drug cartels.

@WPalant FWIW, Mudge continuing to work there is a decent canary. It's not that he wouldn't work with feds, but he would absolutely walk before agreeing to knowingly weaken something to make anyone other than users' lives easier

Of course he could still be duped and make mistakes, but he has a solid history of giving the finger to anyone trying to pull his strings

@WPalant wow, you can be arrested for working in a honeypot company, now that sure is reassuring

@xerz That’s what I thought as well. Then again, they didn’t know that they were working for a honeypot company. They thought that they were doing real crime. 🤷‍♂️

I wonder however: how do the people who did know the scheme go free of charges? Investigation or not, they willingly facilitated crimes. How far could they go without being charged with anything?

@WPalant In regards to that, I just assumed they get absolved in advance since it was for the intent of revealing crime, but ethically it sounds pretty off

@xerz I remember that undercover agents need to commit crime without being charged with criminal offenses. Otherwise it would be trivial to blow their cover: anyone unwilling to commit a crime is an agent. So there must be some law covering this, and it probably applies here as well…

@WPalant @xerz i wonder how many crimes would've never happened if not for the undercover agents

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.