Europol announced today another app hacked

Sandking4141

So europol just announced today that they were able to get into another encrypted app such as ghost chat. 51 arrests were made

Added by moderator to provide context:
https://www.politico.eu/article/police-ghost-encryption-app-drug-lords-mafia-europol/

gravity-reprint

Sandking4141

Not sure how this is related to GrapheneOS, but okay?

matchboxbananasynergy

gravity-reprint They did use the off-topic tag, to be fair.

I've edited an article talking about this to the OP so people have some context as to what is being discussed.

zzz

Another article with more historical context and a direct reference to GOS:

Law enforcement agencies around the world have targeted encrypted phone platforms for years [...]

This drumbeat of activity started with the Dutch shutdown of a company called Ennetcom in 2016. [...]

Dutch police also arrested owners of other smaller companies, like PGPSure.

[...] this was part of the inspiration for prosecutors and FBI officials in San Diego to try to get a backdoor into Phantom Secure, another provider. That ultimately failed, but the FBI did shut down the company and arrest its CEO [...]

In the wake of that shutdown, a confidential human source provided the FBI with an opportunity to run their own encrypted phone company and intercept messages that way. That was the start of Anom, which grew to a comparable size to Phantom Secure. Anom led to the largest sting operation ever, with around nine thousand law enforcement officials acting in a coordinated series of raids.

After the FBI came clean about running Anom, another company popular with criminals called Ciphr decided to close itself down.

In 2020, European authorities hacked into Encrochat, another major encrypted phone company, and obtained user messages.

Then in 2021, European authorities announced they had broken into Sky, the four-hundred pound gorilla of the encrypted phone industry. [...]

Then in February 2023, Dutch authorities announced they had obtained user messages from another platform called Exclu.

Today, the only major provider left is likely No. 1 BC, which I previously reported in a collaborative investigation is used by the Italian mafia.

Multiple phone resellers have told me that some of their clients have since moved onto using Signal on a security-focused operating system like the open source and free to download GrapheneOS

https://www.404media.co/police-hack-into-ghost-an-encrypted-platform-for-criminals/

ShinRamen247

In Australia, devices such as Ghost, Anom etc are regarded as DECCD.

Does that mean GrapheneOS is a dedicated Encrypted Device? I guess anyone can be a criminal by setting up a duress PIN.

https://www.criminaldefencelawyers.com.au/blog/possessing-dedicated-encrypted-criminal-communication-devices-laws-and-penalties-in-nsw/
"What is a Dedicated Encrypted Criminal Communication Device?
A dedicated encrypted criminal communication device (‘DECCD’) is defined as a mobile electronic device that:

is specifically designed or equipped for use to facilitate communication between persons reasonably suspected of being involved in serious criminal activity, to defeat law enforcement detection, and
uses hardware modifications or software deployed on the device which modifies its factory operating system, whether temporarily or permanently, to block or replace key features.
This includes blocking or replacing voice call, web browsers, geolocation services or enabling encryption of communication between users, for the purposes of impeding law enforcement access to information on the device.

Other examples include a device modified with a duress password or PIN that can wipe data on the device, the use of a mobile service that is not able to be traced to an individual, or without an ‘International Mobile Station Equipment Identity’ number."

ryrona

ShinRamen247 In Australia, devices such as Ghost, Anom etc are regarded as DECCD.

Does that mean GrapheneOS is a [Dedicated Encrypted Criminal Communication Device]? I guess anyone can be a criminal by setting up a duress PIN.

Intention matters a lot when it comes to the lawfulness of various acts.

As far as I know, GrapheneOS has not implemented the duress password functionality to help criminals or hinder law enforcement, but to allow GrapheneOS users to protect themselves from individuals that are unlawfully trying to get access to sensitive data on the device, i.e to protect activists and journalists working in repressive regimes. As such, the functionality in GrapheneOS should be entirely lawful, since it is not "for the purposes of impeding law enforcement access to information on the device".

These DECCD devices talked about are different, since they are specifically made for and sold to criminals.

Now, whatever technology you use, you are not allowed to commit crimes, nor to destroy evidence after you have been notified of being under suspicion of crime. So telling the duress password to a police officer who has arrested you and taken your phone may be illegal, since it would be destruction of evidence. But using the duress functionality for legitimate purposes should be entirely fine.

(I am not a lawyer, just an activist and security expert interested in law. This is not legal advise.)

Onlyfun

ryrona Intention matters a lot when it comes to the lawfulness of various acts.

Theoretically only. I actually..typed a beefy comment in response to you. But page hit some bumps when I posted it and it gone. So to the point you. Might. Want to familiarize yourself with their DECCD Order.I'll point out a couple things that IMO are good enough to return one back to reality, not to be burned by dreaming some is allusions about this world.

Order provides police power to detain search an obkect of such oredr enter and search thay objects permisses without any warrant, and/or courtroom involved.

Note how terms "powers"and "responsibilities&limitations" are kind of presented at par throughout the text. But, "powers" are listed and detailed, vs "responsibilitie&limitations" are referenced to some separate acts outside of this text., without much.