[Cryptography] Paris attackers used OTP's: One Time Phones

Phillip Hallam-Baker phill at hallambaker.com
Mon Mar 21 11:36:45 EDT 2016


On Sun, Mar 20, 2016 at 6:03 PM, Henry Baker <hbaker1 at pipeline.com> wrote:
> FYI --
>
> http://www.nytimes.com/2016/03/20/world/europe/a-view-of-isiss-evolution-in-new-details-of-paris-attacks.html
>
> "Everywhere they went, the attackers left behind their throwaway phones..."
>
> "Security camera footage showed Bilal Hadfi, the youngest of the assailants, as he paced outside the stadium, talking on a cellphone.  The phone was activated less than an hour before he detonated his vest.:
>
> "Most striking is what was not found on the phones: Not a single email or online chat from the attackers has surfaced so far.
>
> "Even though one of the disposable phones was found to have had a Gmail account with the username 'yjeanyves1,' the police discovered it was empty, with no messages in the sent or draft folders.  It had been created on the afternoon of the attacks..."
>
> "Inside the ruins, the police found several dozen boxes of unused cellphones still in their wrappers.  The phones were found throughout the rubble, including in the rooms and stairwell.  Others had been ejected during the blast and fell onto the street below."
>
> ----
> Clearly, terrorists have been binge-watching "Homeland", where Carrie & friends also go through phones like kleenex.
>
> Yet DoJ/FBI still wants to destroy the privacy & security of the owners 1 billion Apple devices.
>
> Apple has done everything it its power to deter One Time iPhone use, including having one of the highest prices in this market.
>
> I also don't recall hearing about terrorists buying iPhones a dozen at a time.

Each year, the family goes to the Arisia convention. A couple of years
ago I bought a couple of Pay as you go phones for the kids.

This year, I couldn't find one of them so I bought a pair of pay as
you go Android phones - $20 each.


I noticed that these attackers were activating the phones only just
before they used them. Presumably they were bought for cash. They
would have to have some way of knowing the number they had to call
after activation so they could talk to other co-conspirators but that
would be pretty easy to mask.

About the only likely point of commonality then would be where the
phones were bought, the model, etc. I suspect you could probably trace
them all back to a couple of shops and that they would all be the same
model.


More information about the cryptography mailing list