[Cryptography] Sky Global Indictment, March 12, 2021

Mon Mar 15 14:51:57 EDT 2021

On 13/03/2021 20:58, John Young wrote:
> Sky Global Indictment, March 12, 2021
> 
> https://cryptome.org/2021/03/sky-indictment.pdf (2MB)
> 
> Via Vice/Joseh Cox:
> 
> "Only second time DoJ has charged operators of an encrypted phone firm."

The first time was the 2017 arrest of Vince Ramos, CEO of Phantom 
Secure, who later refused to add a backdoor when asked by the FBI 
(sensible chap, one of his customers was the Sinola Cartel), was 
convicted under RICO of "leading a criminal enterprise that facilitated 
the transnational importation and distribution of narcotics through the 
sale and service of encrypted communications devices," and got 9 years. 
Afaik no users of the service were arrested as a result.

Law enforcement agencies led mostly by the Dutch Police made a sustained 
DOS attack on network-limited crypto messaging services from 2016 to 
2017. Services successfully attacked include Ennetcom, PGP Safe and 
Phantom Secure.

The methods used included seizure of servers and arrests of the server 
operators on charges like money laundering and facilitating the supply 
of drugs, though no charge of simply operating a crypto service was ever 
laid.

In the Ennetcom case they also at least partially broke the crypto, as 
Ennetcom had been generating the private PGP keys - ouch - and there 
were a number of arrests of service users.

All these services used Blackberries running PGP, which we can speculate 
are still secure when/if properly implemented.

Last year (2020) law enforcement agencies led by the French Police 
performed an advanced malware attack on Encrochat, then the leading 
network-limited crypto messaging service which used its own software, 
not PGP, on mostly Android phones, with a fake "software update" which 
sent the plaintext contents of the stored messages in the phones back to 
the Police. Over 1,000 users of the service were arrested and the system 
is no longer in operation, though the operators were not arrested.

This latest attack on SkyECC, the leading network-limited crypto 
messaging service which used its own software not PGP, is still a bit 
murky as to details; with law enforcement agencies and Sky Global making 
contradictory claims. There have been a goodly number of arrests of 
users though, which suggests at least some level of message security breach.

If I may quote Ross Anderson, Security Engineering ch25: The emerging 
pattern is that, thanks to network effects, one [network-limited] crypto 
phone system gets used ever more widely, until enough of its users are 
police targets and the authorities bust it.

And it seems that the authorities don't much care whether the operator 
is doing something illegal or not, they will stop it, as the users are 
doing illegal and bad things.

Peter Fairbrother