Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Crime Facebook Government Privacy Security

'Police Tracked a Terror Suspect on WhatsApp -- Until His Phone Went Dark After a Warning From Facebook' (morningstar.com) 113

"A team of European law-enforcement officials was hot on the trail of a potential terror plot in October, fearing an attack during Christmas season, when their keyhole into a suspect's phone went dark," reports the Wall Street Journal: WhatsApp, Facebook Inc.'s popular messaging tool, had just notified about 1,400 users -- among them the suspected terrorist -- that their phones had been hacked by an "advanced cyber actor."

An elite surveillance team was using spyware from NSO Group, an Israeli company, to track the suspect, according to a law-enforcement official overseeing the investigation. A judge in the Western European country had authorized investigators to deploy all means available to get into the suspect's phone, for which the team used its government's existing contract with NSO. The country's use of NSO's spyware wasn't known to Facebook... WhatsApp's Oct. 29 message to users warned journalists, activists and government officials that their phones had been compromised, Facebook said. But it also had the unintended consequence of potentially jeopardizing multiple national-security investigations in Western Europe about which Facebook hadn't been alerted -- and about which government agencies can't formally complain, given their secret nature...

NSO has faced criticism for selling its products to government agencies in the Middle East, Mexico and India, which Facebook and human-rights research group Citizen Lab, among others, allege used them to spy on dissidents, religious leaders, journalists and political opponents. Among the 1,400 WhatsApp users notified in October, more than 100 fell into these categories, Citizen Lab said. The group, which is based at the University of Toronto's Munk School of Global Affairs and Public Policy, worked with Facebook on identifying these people... Citizen Lab has issued reports for several years linking NSO's spyware to governments with a history of human-rights abuses, and said that record should put NSO out of the running for government contracts from Western agencies, said Ronald Deibert, Citizen Lab's director. "What we have been trying to do with our research is to raise alarm bells...."

On the day WhatsApp sent its alert, the official overseeing the terror investigation in Western Europe said, he was stuck in traffic on his way to work when a call came in from Israel. "Have you seen the news? We've got a problem," he said he was told. WhatsApp was notifying suspects whom his team was tracking that their phones had been hacked. "No, that can't be right. Why would they do that?" the official said he asked his contact, thinking it a joke. The most immediate concern was a suspected terrorist investigators linked to Islamic State. They had received a tip he was part of a group plotting an attack around Christmas. Once they saw the suspect's phone receive WhatsApp's alert, the phone went dark, the official said. The sleuths soon lost access to the suspect's messages, the official said, indicating he had discarded or disabled the phone. "We only had that one phone," the official said.

Though that suspect was still under traditional surveillance, "He's not the only suspect we have to follow..." the official complained to the Wall Street Journal, adding that their counterparts in other Western European countries told him more than 10 other investigations "may have been" compromised by WhatsApp's alert.

The Journal also notes that tech companies "have come under growing pressure in the U.S. and Europe to give law enforcement a back door into encrypted messages. But they are also under fire for not doing enough to protect the privacy of their users and, in some jurisdictions, they have legal obligations to disclose security breaches."
This discussion has been archived. No new comments can be posted.

'Police Tracked a Terror Suspect on WhatsApp -- Until His Phone Went Dark After a Warning From Facebook'

Comments Filter:
  • Really? (Score:5, Insightful)

    by nospam007 ( 722110 ) * on Saturday January 04, 2020 @02:35PM (#59586622)

    Police officers tracking people illegally without a warrant and without notifying the company or the ISP can't be differentiated from a hacker doing the same thing because BOTH are criminals?

    Who would have thought?

    • Re:Really? (Score:5, Informative)

      by jarkus4 ( 1627895 ) on Saturday January 04, 2020 @02:43PM (#59586654)

      "A judge in the Western European country had authorized investigators to deploy all means available to get into the suspect's phone" - so it was with a warrant. FB was justy not notified about it and why should they if they have no means to help execute it? It would just increase a risk of leak.

      • Re: Really? (Score:5, Insightful)

        by reanjr ( 588767 ) on Saturday January 04, 2020 @02:55PM (#59586686) Homepage

        Well I think this article presents a pretty good reason why FB should be notified.

        • by Koby77 ( 992785 )
          Of course, if the judge in the "Western European country", whatever that means (is Western Europe now some kind of sovereign nation?), proves that this was NOT been approved by a U.S. judge. Who had jurisdiction? Where was the due process? The investigators only have themselves to blame for the outcome.
          • proves that this was NOT been approved by a U.S. judge. Who had jurisdiction?

            This isn't RT where you can spread your fud. The U.S. has zero jurisdiction in this case. The Western European judge does and, based on the story, granted approval for the warrant. Unlike in your country where there is no due process when Putin has people shot in front of the Kremlin and the evidence literally washed away [euro2day.gr].

            • The Western European judge does and, based on the story, granted approval for the warrant.

              Fine. But where did the warning come from? If it came from the U.S., then the jurisdiction of the European court is a major issue.

            • Haha - you said "due process". You mean how in America we put on a brief, insincere juridical theatre show - before coercing the accused to confess, then tossing him into the world's largest gulag?

        • by rtb61 ( 674572 )

          This article is a crock a propagandist plant for more surveillance because all you filthy nobodies can not be trusted.

          I have seen the way criminals use mobile phones. The use the cheapest phones money can buy and regularly swap sims and phones, different phones with different sims, all the time. They buy and use anonymous prepaid, they use they like they are being listened too and minimise communication on the devices, to mostly establishing meets and turn off their phones then.

          This story is not about sur

          • by dryeo ( 100693 )

            Can you anonymously easily buy a phone in Europe? And not all criminals are smart.
            You do have a point about the expanding surveillance, even the summary mentions using the Israeli software to spy on people for political purposes

            • Yes, plenty of small shops ran by certain types of people will sell you anonymous phones and SIM cards. And the true criminals are smart and use encrypted methods to communicate (eg WhatsApp), recently a drug gang (I believe Netherlands) was rolled up that had an entire PGP infrastructure for calls and messages.

              • by dryeo ( 100693 )

                OK, thanks, wasn't really sure as numerous countries are making it hard to be anonymous. And yes, if I was doing anything that seriously required privacy, I'd be looking at pgp.

            • Yep, you can get pay-as-you-go SIM cards from most supermarkets, buy a SIM for equivalent of 10 USD, you can also buy a budget mobile phone from a supermarket for around 20-25 USD with no questions asked. Use them for a couple of days and throw them away.

          • by AHuxley ( 892839 )
            Re 'regularly swap sims and phones".. does not stop nation level voice print collection...
            Keep on buying new again and the mil level collection resumes with the first use :)
          • by Cederic ( 9623 )

            Yet despite this capturing and analysing phone metadata is how senior figures in violent extremist organisations are discovered and tracked.

            A calls B, C and D. C calls E, F and then calls a new number which it turns out is B's new number. From that number B calls A on another new number, D and F.

            F's a fucking idiot and isn't keeping his operational security in mind so keeps his phone on when meeting A, B and the hellfire missile that just left a nearby drone.

            Sure, you _can_ keep switching phones and account

        • by AHuxley ( 892839 )
          Re "should be notified"... nations dont like doing that.
          The US police and FBI used to try and give phone numbers to log to the US telco networks.br> Suspects escaped the USA.
          Slowly the FBI and US police worked out the way court and police support requests worked in global telco systems.
          The FBI and US police are now much more aware of who they tell about who is under investigation.
          The UK mil, Royal Ulster Constabulary and GCHQ did not see mission data lost as they never talked to random police/telco/c
        • > Well I think this article presents a pretty good reason why FB should be notified.

          That "pretty good reason" is only "pretty good" from law enforcement's point of view.

      • Did the judge really authorize the tracking of 1400 phones? I doubt that the constitution of a "western country" would allow something like this.
        • by Sique ( 173459 )
          No. Facebook notified 1400 people, because they were hit with NSO's software. Those people were surveilled for very different reasons, in complete different countries, and the warrants (if there were any) were signed by many different judges. Just the case of the terror suspect who also was notified, and whose phone went dark after the warning was signed off by this one judge. He was not involved in any of the other cases, as far as the article says.
          • Re:Really? (Score:4, Insightful)

            by peppepz ( 1311345 ) on Saturday January 04, 2020 @04:04PM (#59586870)
            Yes, I meant it as a rhetorical question. I wanted to stress that it's not like Facebook jeopardized a police operation for the fun of it. For what they knew back then, they had discovered a massive spyware network using state-sponsored hacking methods, operating to the detriment of their customers. For what we know now, one of the spied citizen was a suspect terrorist legitimately being investigated under the mandate of a judge; but of the 1399 other ones, we still know nothing: they might as well have been target by a rogue state a la Kashoggi. So in my opinion Facebook did well to alert their users, and it's not credible for NSO's customers to act as if they were suprised by what happened ("No, that can't be right. Why would they do that?").
      • by chill ( 34294 )

        There's precedent for handling this type of situation. If that were a traditional telephone line, then they'd coordinate with a special office inside the carrier (CALEA, in the U.S.) so this sort of thing wouldn't happen.

        That is, they *would* notify the carrier and while Facebook isn't a traditional telcom, the popularity of their messaging platforms suggests it would be best treated like one to avoid situations like this.

        • Facebook has them. Not just automated feeds for the big government groups, but direct contact phone numbers for smaller police organizations around the globe. Two seconds on Google will find the contact phone numbers, both for the urgent immediate access phone numbers for things like missing children or life-critical events, and for less urgent government/police records requests.

          It isn't a difficult thing, and police nearly always get gag orders as part of pen/trap orders or wiretap orders. In this case the

          • by Anonymous Coward

            Facebook has them. Not just automated feeds for the big government groups, but direct contact phone numbers for smaller police organizations around the globe. Two seconds on Google will find the contact phone numbers, both for the urgent immediate access phone numbers for things like missing children or life-critical events, and for less urgent government/police records requests.

            It isn't a difficult thing, and police nearly always get gag orders as part of pen/trap orders or wiretap orders. In this case the cops screwed up by not notifying Facebook. It was a trivial matter for them to get the gag order with the warrant, and to serve it against FB so they wouldn't have told that account about it.

            If that's true this sounds more like incompetent law enforcemnet trying to shift the blame to Facebook for their (the po-po's) fuck up.

            • by jrumney ( 197329 )

              That's exactly what this is.

            • Facebook has them. Not just automated feeds for the big government groups, but direct contact phone numbers for smaller police organizations around the globe. Two seconds on Google will find the contact phone numbers, both for the urgent immediate access phone numbers for things like missing children or life-critical events, and for less urgent government/police records requests.

              It isn't a difficult thing, and police nearly always get gag orders as part of pen/trap orders or wiretap orders. In this case the cops screwed up by not notifying Facebook. It was a trivial matter for them to get the gag order with the warrant, and to serve it against FB so they wouldn't have told that account about it.

              If that's true this sounds more like incompetent law enforcemnet trying to shift the blame to Facebook for their (the po-po's) fuck up.

              Sounds to me more like they found their poster child for a push for increased surveillance powers.

          • by AHuxley ( 892839 )
            Re "It isn't a difficult thing"... it is when the staff have to accept nation level police actions...
            Faith and politics, cults... one nations police cannot be sure who they are requesting support from in any random global company anymore.
            Re "gag orders" dont work when a person under investigation is of the same faith/cult/a different nation to the police making the request.
            Re "screwed up by not notifying" why would any advanced nation allow it police/courts to call a global company/telco/random "securit
          • "gag orders"

            An action so upright, virtuous, and obviously just that it can only be done secretly in the dark of night...

        • by AHuxley ( 892839 )
          Re "traditional telephone line, then they'd coordinate with a special office inside"
          Few nations like that anymore as court/police/telco staff like to talk/sell data to criminals...
          Nation level police slowly found their request to "coordinate" with any telco got sold direct to the criminals under investigation.
          Few police/mil risk that giving of log request data to random court/police/telco staff anymore.

          Why risk telling a computer/OS/social media company with random global 24/7 staff who is under inve
      • Which "the Western Europen country" was this? Might have been the Netherlands, we authorize more wiretaps than most countries, including the USA. No, not per capita, but in absolute numbers. 2009 USA: around 2500. 2009 The Netherlands: around 22000. (This is for criminal investigations only and does not include "secret" taps by national security agencies)

        Then again I don't think it was a Dutch judge. Here, a judge does not need to sign off on a wiretap... Too much hassle.
      • Because it would increase the risk of the attack being mistaken as a hacker attack and the supsect receiving a warning?

      • A warrant does nothing but protect the officer from damages when he conducts an otherwise criminal act.
        Anybody can warn the suspect if they don't know about the warrant.

      • it was with a warrant. FB was justy not notified about it and why should they if they have no means to help execute it?

        Actually the reverse of that. FB absolutely should have been notified. They should be told exactly because of the reasons specified in the article. It's also standard procedure for most investigations requiring them.

        Simply, the police screwed up. It was a trivial thing to mention it to the judge, then inform Facebook: "We have a warrant to monitor this account. We are also serving you with a gag order to not inform them of the monitoring."

        It's a simple task, and that type of order happens all the time. F

      • by jaa101 ( 627731 )

        FB was justy not notified about it and why should they if they have no means to help execute it?

        So FB wouldn't notify the suspect of the hacking? And not notifying the suspect would seem to count as helping to execute too. How can FB keep the secrets of government hackers if those hackers don't tell FB who they are? Or don't you think FB should notify people who are being hacked, irrespective of who's doing the hacking?

      • by jrumney ( 197329 )

        Or, in this case, increase the risk that they could distinguish it from a criminal hacking attack on one of their users, and choose not to alert them.

      • "A judge in the Western European country had authorized investigators to deploy all means available to get into the suspect's phone" - so it was with a warrant. FB was justy not notified about it and why should they if they have no means to help execute it? It would just increase a risk of leak.

        Even if it was legal they installed malware on a bunch of phones and now they are pissed because it got detected by a 3rd party who did not know about the surveillance or that this particular malware was legal. All they knew is that they found malware and notified their customers. From TFA:

        A judge in the Western European country had authorized investigators to deploy all means available to get into the suspect's phone, for which the team used its government's existing contract with NSO. The country's use of NSO's spyware wasn't known to Facebook. NSO licenses its spyware to government clients, who use it to hack targets.

        On Oct. 29, Facebook filed suit against NSO -- which has been enmeshed in controversy after governments used its technology to spy on dissidents -- in federal court in California, seeking unspecified financial penalties over NSO's alleged hacking of WhatsApp software. It also sought an injunction prohibiting NSO from accessing Facebook and WhatsApp's computer systems.

        NSO said it is vigorously defending itself against the lawsuit, without elaborating.

        ...

        NSO has faced criticism for selling its products to government agencies in the Middle East, Mexico and India, which Facebook and human-rights research group Citizen Lab, among others, allege used them to spy on dissidents, religious leaders, journalists and political opponents. Among the 1,400 WhatsApp users notified in October, more than 100 fell into these categories, Citizen Lab said.

        If they want their legal malware to escape detection they should get their shady Israeli friends to write better malware, or, better yet, why not just contact Facebook/WhatsApp directly and present them with a search warr

        • I imagine jurisdictional issues. Police in an unnamed European country serving a warrant to Facebook which, at best, would have to be processed by a facebook division elsewhere in the EU, at worst by Facebook in the US. Probably have to go through Europol - and if the data does happen to be in the US, Facebook will have to at least make a token effort to challenge the warrant. Yes, the legal approach would work - but how long would it take to go through the full procedure of a cross-border warrant? Probably

      • FB was justy not notified about it and why should they if they have no means to help execute it?

        Except that they do have means to help execute it, as the original article clearly demonstrates. Without their help, the surveillance failed.

    • by hey! ( 33014 )

      Police officers tracking people illegally...?

      According to the *summary*, the police had authorization from a judge. But they were using a dodgy company that uses black hat methods and sells its services to repressive regimes.

      Information security is a good thing, but like other good things, bad guys can use it for bad purposes. So what do we do? Leave everybody open to bad guys to police can catch a few more bad guys?

      No, this where the old way of doing things is actually better. You get a court order that enforces the cooperation of the carrier, rat

      • by pavon ( 30274 )

        The "old way" is exactly what law enforcement has been requesting from tech companies, but they have been refusing. And rightly so, because the only way to enable that is to design the system so the company can intercept and/or decrypt all communications, which weakens the system for everyone, as this taping mechanism can be abused by insiders or hackers for illegitimate purposes, not just warranted wiretaps.

    • From the fucking first paragraph:

      A judge in the Western European country had authorized investigators to deploy all means available to get into the suspect's phone, for which the team used its government's existing contract with NSO.

      Is reading too difficult?

    • Police officers tracking people illegally without a warrant

      Couldn't make it into the second paragraph of the quoted text now could you.

    • Police officers tracking people illegally without a warrant and without notifying the company or the ISP can't be differentiated from a hacker doing the same thing because BOTH are criminals?

      Who would have thought?

      From the article:
      "A judge in the Western European country had authorized investigators to deploy all means available to get into the suspect's phone, for which the team used its government's existing contract with NSO. "

      So you're half-right. Facebook should have been notified.

    • This is not the first time something like this has happened, where NSO was picked up by say AV products. Police and law enforcement need to work with several of these companies - or face a very small risk of failure. Every decent barrister should in discovery ask what phone taps or computer intercepts were in place for their client. Including NSO software as a listed point and the top 10 major apps. So far only the UK can gag your defense council and perjure discovery matters. The plaintiff needs to ask if
    • Police officers tracking people illegally without a warrant

      What makes you think it was illegal and without a warrant?

  • by stikves ( 127823 ) on Saturday January 04, 2020 @02:51PM (#59586674) Homepage

    If police really want to "track" a person, they can still be present physically, and do the actual tracking. They can even use "fancy" tools like "laser microphones" to listen on them, which is very easy to get:
    https://lifehacker.com/build-a... [lifehacker.com]

    However once you start tracking the population "en masse", you are starting to infringe on basic liberties. It does not matter you have a "warrant" from a rubber-stamp court. If you start tracking all people, that means you are part of the problem.

    Remember: "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety".

    • by OzPeter ( 195038 )

      If police really want to "track" a person, they can still be present physically, and do the actual tracking.

      As per TFS

      Though that suspect was still under traditional surveillance

    • by gweihir ( 88907 ) on Saturday January 04, 2020 @03:07PM (#59586718)

      Indeed. The police wants to do this as cheap as possible, so they can do it to as many people as possible. That leads straight into a police-state. Police work has to take significant effort, or it becomes just a tool for oppression, nothing else.

      • And it's also why it's imperative that both the police and military have civilian oversight and civilian bosses.

        It is a conflict of interest to ask (or allow) either group to make decisions regarding the rightness or wrongness of their procedures. And, really, it would be unfair to task them with it. They should be tasked with doing their own work within the law, not in deciding what those laws should be. If either group feels the law should be changed, they need to make their case to the people overseeing

        • by gweihir ( 88907 )

          Indeed. The main problem is that tunnel-vision. It is not really an accusation either, the work they do, they necessarily get a badly skewed picture of society and that makes them dangerous. Hence (since we cannot do without either at this time), they need to be carefully watched and controlled and when they screw up, they need to be held accountable, just the same as anybody else.

    • "Remember: "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety"."

      That is a quote, not a rule or law.

      • by fenrif ( 991024 )

        No one implied it was a rule or a law. Would you like to list any other things it also is not? Let me get you started: it's not a vehicle, a type of fruitfly, or a mathmatical formula either.

        As fun as it can be pointing out what things aren't, it's not very useful in an intellectual discussion. Good job though. We're all very proud of you.

    • by AHuxley ( 892839 )
      So many people to track as so many random people are wondering around the EU. Do the math per person. 3 person team,... shift work per 24 hours.. support staff for the team...
      Holidays for staff after weeks and months of work...thats more teams ready...
      Security clearances for all staff. .. 9 expert police to watch 1 criminal per day in person..a few extra support staff for the team..
      Add in the complexity of EU wide travel, No-go areas in parts of EU cities..
      9 random police with expert skills trying to
  • The phones themselves, without removable batteries and with GPS chips and microphones and inside, are as ubiquitous as shoes in most of the western world. Who knows what secrets lie in the operating systems of these devices? The tinfoil hat is only itchy when it's hot out.
    • by gweihir ( 88907 )

      A phone without removable battery is defective by design. Why would anybody sane buy such a piece of trash?

  • Sadly ... (Score:5, Insightful)

    by CoolDiscoRex ( 5227177 ) on Saturday January 04, 2020 @03:02PM (#59586704) Homepage

    A “warrant” doesn’t protect you from abuse as many judges have 95%+ approval rates with zero penalty should the warrant turn up nothing. They’ll get criticized the 1 time they don’t authorize and something happens, though. Which side do you think they’ll err on?

    Because of this, warrants have lost their original purpose, and mean nothing to the average citizen.

    • A “warrant” doesn’t protect you from abuse as many judges have 95%+ approval rates with zero penalty should the warrant turn up nothing.

      Why would it surprise you that judges have 95% approval rates for warrant requests? It's not like police just throw every random person at a judge and see what happens to be target du jour today based on which unlucky random member of the public's piece of paper gets approved.

      My boss is a pushover clearly. He's approved 100% of my project proposals. I mean let's ignore the fact that I don't bring him proposals which don't make sense, haven't been vetted or fail cost benefit analysis. Clearly he's just a pus

  • by JabrTheHut ( 640719 ) on Saturday January 04, 2020 @03:02PM (#59586706)
    So what happened was:
    1. A cop in Europe was legally pursuing a terrorist suspect.
    2. He received notification that the terrorist suspect has been informed that his phone was hacked. (It wasn't, his WhatsApp account was monitored.)
    3. Terrorist then goes dark.
    4. Cop then goes straight to press and tells them all about it, ensuring that the terrorist suspect, one of 1,400 informed of his being monitored, was in fact the target of a criminal investigation.

    So, why did the cop go straight to the press to tell them all about it? Is this just more complete rubbish designed to reassure us that the police, government and private bodies spying on us is just for our own protection and something we should accept?

    -
    • Re: (Score:1, Insightful)

      Cops aren't that bright. If they possessed higher intelligence, they'd be working in higher paying and more prestigious jobs.
    • by Frobnicator ( 565869 ) on Saturday January 04, 2020 @04:09PM (#59586882) Journal

      There are a few more steps, but basically, yeah, cops screwed up a few times.

      1A should have been that the cops notified Facebook that they needed to monitor an account.
      1B should have been that the cops worked with Facebook instead of an outside hacking tool
      2A could have been that (because of 1A) Facebook wouldn't have notified the account, because they would have known about the court order.

      Those proper steps DO happen all the time. Cops screwed up once by using a 3rd party hacking tool, screwed up again by not telling FB. When they work with each other, the companies are great about keeping the spying target in the dark.

      There are proper channels. Cops didn't use them for whatever reason, and were burned because of it.

    • by Hizonner ( 38491 ) on Saturday January 04, 2020 @05:33PM (#59587142)

      The cops went to the press because the cops, in a bunch of countries, are running a coordinated PR campaign to put pressure on Facebook and others to destroy their security (and/or to get laws to force them to destroy their security). So every time the cops don't get access to something encrypted, they make a point of whining as loudly as possible. This time they're trying to ramp up the pressure by spinning it as Facebook being irresponsible and blowing their investigation.

      Note, by the way, that although they claim this kept them from investigating a "potential attack", there was not, in fact, any attack. The cops will say "potential" about something that might conceivably have happened if the stars aligned... but they know that the journalists and readers will take the meaning as closer to "was definitely going to happen". They really hope that nobody will quite notice that there was not, in fact, any attack, even though they lost this supposedly critical capability. ... and WhatsApp can't be monitored centrally (or if it can, it's a bug Facebook doesn't know about and would fix if it did know). They were watching his WhatsApp messages by hacking his phone, using malware provided to them by the crooks at the NSO Group.

    • 2. He received notification that the terrorist suspect has been informed that his phone was hacked. (It wasn't, his WhatsApp account was monitored.)

      Can we be sure that his phone didn't have to be hacked in order to enable the monitoring? This might not just be passive surveillance.

  • by gweihir ( 88907 ) on Saturday January 04, 2020 @03:05PM (#59586712)

    The guy switched off his phone. That is not "went dark". That is just a propaganda lie.

    Also, state-sponsored attackers with a court order (and any other attackers) are still attackers to the owner of the system, until and unless that court order is presented to him. Hence they have to be kept out and need to be treated just the same as any common and not so common criminals trying to get in because there is no way to distinguish between them. And, incidentally, there are state-sponsored attackers that doing something perfectly legal in their country, but highly criminal in the country of the target.

    • "Went dark" is a standard idiom when phrasing it from the perspective of the data collection effort.

      Learn you some English, Ivan.

    • by fenrif ( 991024 )

      When your investigation consists entirely of sitting in an office and hacking someones phone, then when they turn that phone off they have essentially "gone dark." Which most would consider to be an argument for real police work. However the police consider this an argument for less privacy. Weird, huh?

    • The guy switched off his phone. That is not "went dark".

      Err the definition of "going dark" is literally a sudden termination of communication. Turning your phone off is a damn sure fire way of "going dark".

  • wah wah wah wah (Score:5, Insightful)

    by nicolaiplum ( 169077 ) on Saturday January 04, 2020 @03:09PM (#59586726)

    Wah wah wah wah wah. Poor little policemen.

    How many Iranian lives have been saved by encrypted telecommunications that their state could not break? How many Chinese? How many Eritrean? How many Saudi? How many Egyptian? How many others living in oppressive regimes with arbitrary detention and killing?

    Facebook did the right thing. Encryption and data security saves lives.

    • Are we allowed to dislike both the police and Facebook? Facebook is rather awful. It's pretty rare for them to protect anyone's privacy.

  • by tannhaus ( 152710 ) on Saturday January 04, 2020 @03:18PM (#59586764) Homepage Journal

    It makes me wonder why you're calling either of them good

    • by Kjella ( 173770 )

      You mean like when terrorists shoot people bad, but when cops shoot terrorists good. A burglar breaking and entering bad, a SWAT team "breaking and entering" with a warrant good. About 1400 people worldwide is not some massive dragnet operation, I'm going to assume that at least this one case had a warrant issued for valid reasons. But when you use undercover police officers you can't really complain when a suspect gets notified by third parties who think they're seeing a crime in progress.

      If I saw somebody

  • You are not safe on Christmas, without completely accepting that we need to have total access to private conversations. Everytime you enforce privacy, a terrorist has a Christmas gift waiting for you.-- While the common person views "Whatsapp" as a pyramid of privacy, what good terrorist would believe the same? So What kind of terrorist are we talking about here? One that trusts Facebook and Whatsapp? If this is the case, there are likely tons of bread crumbs for tracking this fool.-- Love me some good ol
  • Maybe the police should not count on vulnerabilities to do their work if they do not want to risk losing access. Cry me a river.
  • by overnight_failure ( 1032886 ) on Saturday January 04, 2020 @04:38PM (#59586960)
    Guess this was an article released directly from one of the agencies involved then. They're just laying the foundations of the argument as to why they should have back door access to everyone's end to end encrypted communications.

    I'm just waiting for the "why won't someone think of the children" to be rolled out.
  • Law Enforcement wants a backdoor.
    If ANYONE has a backdoor, then EVERYONE has a backdoor!
    Backdoors are the antithesis of security.
  • The suspects that were being tracked got lazy (as many slacktavists do) and used a common messaging app for their activities. That's an invitation to get tracked and traced by authorities, and anyone with half an education about tech already knows better. They'll just go back to using burner phones for a while (perhaps not knowing that those phones themselves may have had spyware installed by the shady dealers who are cooperating with police?), but the reality is that once these suspects are identified, r
  • >"The Journal also notes that tech companies "have come under growing pressure in the U.S. and Europe to give law enforcement a back door into encrypted messages."

    Well too bad. It isn't "encrypted communication" if there are back doors (or it is not end-to-end). Period. Yes, that makes it more difficult for law enforcement, but, like I said, TOO BAD. They have plenty of other tools. Mass spying on the public is not compatible with privacy and freedom. Neither is broken encryption. Freedom-loving c

  • Maybe the guy was innocent. Kim Jong Un didn't even do anything for Christmas except eat too many cookies.

  • "Though that suspect was still under traditional surveillance,"

    Time for the "law enforcement officials" (wait, "officials" not "officers"???) to start doing their jobs instead of sitting around waiting for telco data dumps and hacked phones to tell them things. Real criminals who do really bad things like Islamic terrorists aren't having text message chats about it.

    LEOs - do your job. You found terrorists long before cellphones. You'll do it again.
    That "traditional surveillance" seems to me to indicate t

  • So, over 100 people are suspected of criminal activity out of the 1400 of whom reporters and government officials contribute the bulk. This seems to be a warning that dances around publication restrictions. With mockery thrown in about how the intelligence worker complained to the media... who are great at internally disseminating information, and would have already heard about their colleagues reviving the same warnings from whatsapp.
  • ...to break the encrypted communications.

  • The main point here should be that Facebook protected, apparently, 1399 good people from evil hackers and 1 guy that is suspected to not be such a great person.

    If preventing a terror attack by alerting the suspect that he is being monitored is the collateral damage we have to pay to protect "journalists, activists and government officials", I think that's a pretty good deal. Law enforcement can do their job and keep an eye on the guy later.

  • by Kernel Kurtz ( 182424 ) on Saturday January 04, 2020 @10:35PM (#59587848)

    Even if it is real spies using it. That is no more Facebook's problem than anti-malware vendors, security auditors, or anyone else interested in keeping systems secure.

  • What I understand from this story is that NSO broke into Whatsapp & tripped the alarm. Not very good at their job, are they?
  • I'm sure facebook would cooperate with law enforcement, if they are aware!
    This would have been easy to prevent from happening.

Never test for an error condition you don't know how to handle. -- Steinbach

Working...