Re: DEA says drug smugglers used crypto Net but cops got around
On Fri, 29 Oct 1999, Bjørn Remseth wrote: it Reply-To: In-Reply-To: [EMAIL PROTECTED]; from John Gilmore on Fri, Oct 29, 199 Organization: Yes Interactive AS Years of work in standards committees and years of technical work can all go for naught, when those responsible for operating the service are untrustworthy. End-to-end encryption is your friend; it needs to get designed into some cellphones. The Norwegian defense forces has designed a GSM phone with end-to-end encryption. It uses the proprietary NSK chip and the secret NSK algorithm, and will not be available for the general public, only for the generals and their friends :) The design looks sound enough though, and the phone also looks nice (the producer is the Swedish company "Sectra": http://www.sectra.se/). Are you realy sure that it was designed by the Norwegian defense forces? The Swedish military has aswell bought the phone (before the Norwegians) and to the best of my knowledge Sectra has been doing the construction much of their own (with alot of discussions etc with the military.) /Per --- Per Kangru, physics student at Uppsala University, part time worker at Idonex AB. All opinons are mine and does not necessarily have any influence over the opinons of Idonex AB or Uppsala University. --- private email: [EMAIL PROTECTED] Phone, home: +46-(0)18-509363 work email: [EMAIL PROTECTED]Phone, mobile +46-(0)707-545556 school email: [EMAIL PROTECTED] Phone, work +46-(0)8-6198505 Private web page at http://kangru.org -Support free speech online ---
Re: DEA says drug smugglers used crypto Net but cops got around
On Sat, Oct 30, 1999 at 10:12:21AM +0200, Per Kangru wrote: Are you realy sure that it was designed by the Norwegian defense forces? The Swedish military has aswell bought the phone (before the Norwegians) and to the best of my knowledge Sectra has been doing the construction much of their own (with alot of discussions etc with the military.) The crypto core is based on the NSK chip, which is a Norwegian design. You are probably right in your assessment that most of the phone itself is Sectra's own design. (Rmz)
Re: DEA says drug smugglers used crypto Net but cops got around
it Reply-To: In-Reply-To: [EMAIL PROTECTED]; from John Gilmore on Fri, Oct 29, 199 Organization: Yes Interactive AS Years of work in standards committees and years of technical work can all go for naught, when those responsible for operating the service are untrustworthy. End-to-end encryption is your friend; it needs to get designed into some cellphones. The Norwegian defense forces has designed a GSM phone with end-to-end encryption. It uses the proprietary NSK chip and the secret NSK algorithm, and will not be available for the general public, only for the generals and their friends :) The design looks sound enough though, and the phone also looks nice (the producer is the Swedish company "Sectra": http://www.sectra.se/). (Rmz)
Re: DEA says drug smugglers used crypto Net but cops got around it
At 08:21 AM 10/25/1999 -0400, Marcus J. Ranum wrote: including use of the Internet, encrypted telephones, and cloned cellular telephones They don't say what "encrypted telephones" mean, either. Remember, these are the same guys who try to tell people that spread spectrum is "encryption" or at least "secure." Remember that GSM phones and US digital cellphones support encryption. All broken, of course, but it _is_ encryption. In some countries the PTT turns off GSM encryption or forces use of A5/2. In the US, the different cellphone standards support different crypto, and some cell companies or cell sites don't use it. I'll bet $100 to a $1 that if there was a way to find out, we'd find out that the "encrypted telephones" in use in the case in question were not "encryption" as most of the members of this list understand it. Is there enough information in Mr. Marshall's description to be able to associate the FUD with a case and then find out what kind of evidence they present? Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Re: DEA says drug smugglers used crypto Net but cops got around it
including use of the Internet, encrypted telephones, and cloned cellular telephones They don't say what "encrypted telephones" mean, either. Remember, these are the same guys who try to tell people that spread spectrum is "encryption" or at least "secure." I'll bet $100 to a $1 that if there was a way to find out, we'd find out that the "encrypted telephones" in use in the case in question were not "encryption" as most of the members of this list understand it. Is there enough information in Mr. Marshall's description to be able to associate the FUD with a case and then find out what kind of evidence they present? mjr. -- Marcus J. Ranum, CEO, Network Flight Recorder, Inc. work - http://www.nfr.net home - http://www.clark.net/pub/mjr
Re: DEA says drug smugglers used crypto Net but cops got around it
At 10:49 AM -0400 10/22/99, Declan McCullagh wrote: ... ... PRESS CONFERENCE WITH U.S. ATTORNEY GENERAL JANET RENO COLOMBIAN AMBASSADOR ALBERTO MORENO SUBJECT: ARREST OF COLOMBIAN DRUG TRAFFICKERS IN OPERATION MILLENNIUM THE DEPARTMENT OF JUSTICE WASHINGTON, D.C. OCTOBER 13, 1999, WEDNESDAY Acting Administrator Donnie Marshall of the Drug Enforcement Administration ... In this case, the defendants used very sophisticated communications equipment, including use of the Internet, encrypted telephones, and cloned cellular telephones, in what was a vain attempt to avoid detection. But in the end, it was these very devices which led to the devastating evidence against them. Through the use of judicial wiretaps and intercepts in both Colombia and in the United States, their communications were intercepted and recorded, thus producing evidence which comes straight from the defendants' own mouths. I have long doubted the very premise that encrypted communications are a asset to criminals and a threat to law enforcement. The standard way LE penetrates criminal organizations is to work from the bottom. Someone at the retail level is caught and pressured to cooperate. He implicates a superior, and so on. Remember that encrypted messages from the superior to the cooperating underling are sent using the underling's private key. Providing that key to LE is in many ways less risky to the underling than other forms of cooperation. The key need only be provided once and then the is no need for further meeting with agents. Only a few people in LE need to know where the key comes, reducing the risk of leaks and making them easier to trace.. Once they have that key, LE gets both an ongoing clear stream of communications and evidence that is much more damming in court than the traditional hard to hear and obscurely worded wire tap recording. And if encryption get criminals to communicate more, it could be a boon to law enforcement. Arnold Reinhold
Re: DEA says drug smugglers used crypto Net but cops got around it
At 3:33 AM -0700 1999-10-24, Arnold G. Reinhold wrote: I have long doubted the very premise that encrypted communications are a asset to criminals and a threat to law enforcement. The standard way LE penetrates criminal organizations is to work from the bottom. Someone at the retail level is caught and pressured to cooperate. He implicates a superior, and so on. Remember that encrypted messages from the superior to the cooperating underling are sent using the underling's private key. Providing that key to LE is in many ways less risky to the underling than other forms of cooperation. The key need only be provided once and then the is no need for further meeting with agents. Only a few people in LE need to know where the key comes, reducing the risk of leaks and making them easier to trace.. Once they have that key, LE gets both an ongoing clear stream of communications and evidence that is much more damming in court than the traditional hard to hear and obscurely worded wire tap recording. And if encryption get criminals to communicate more, it could be a boon to law enforcement. Damning in court? How can provenance (origin, history) of the damning message be proved? If Alice and Bob communicate with PK and remailers, as will be expected, how can anything be proved? Sure, if "Pablo Escobar" publishes his public key and signs his messages to "Joe Underling," this may be damning in a court trial. But this scenario is unlikely in the extreme. Were I a felon, as I am, I'd surely take crypto and remailers over the alternative of no crypto and no remailers. --Tim May Y2K: It's not the odds, it's the stakes. -:-:-:-:-:-:-: Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, "Cyphernomicon" | black markets, collapse of governments.
Re: DEA says drug smugglers used crypto Net but cops got around it
I used to work for a guy who was an ex NSA man. He had his own company that built crypto phones and sold them world wide. The Saudis bought them as well as a few smaller countries. One time he had guy with " a South American accent" call him to order some phones. He contacted the agency to see if they had any problems They said no problem, send them on. I later asked him why this was ok, since he believed he knew where they were headed. He smiled and told me that he had given they keys to the protocol that he had written (that the phones used) to the Agency some time before. He has been out of the business for some time now. He sold these in the early to mid 80s. So this is old news but it kind of opened my eyes.
DEA says drug smugglers used crypto Net but cops got around it
Note this sounds a lot like what the DEA and Reno have been saying for years: inserting backdoors into crypto products to preserve the balance between privacy and snoopability. So what's changed after the announcement last month? DEA: "We hope that we don't lose the ability to intercept encrypted communications." (He doesn't seem to know what he's talking about, but probably means decrypting and not intercepting.) Reno: "It is going to be more and more difficult for law enforcement... make sure that we balance the privacy concerns that are so important with law enforcement's legitimate concerns." -Declan ** PRESS CONFERENCE WITH U.S. ATTORNEY GENERAL JANET RENO COLOMBIAN AMBASSADOR ALBERTO MORENO SUBJECT: ARREST OF COLOMBIAN DRUG TRAFFICKERS IN OPERATION MILLENNIUM THE DEPARTMENT OF JUSTICE WASHINGTON, D.C. OCTOBER 13, 1999, WEDNESDAY Acting Administrator Donnie Marshall of the Drug Enforcement Administration ... MR. MARSHALL: Thank you, Attorney General. And congratulations to Ambassador Moreno for a job well done by the law enforcement authorities in his country. The operation that we're announcing today is, in my opinion, one of the most significant operations in the history of drug enforcement, Operation Millennium. It began when, about a year ago, at the request of the United States government, two of the most powerful drug traffickers in the world today were investigated by the Colombian government, the Colombian national police, and today those two traffickers, along with a number of others, were arrested. ... In this case, the defendants used very sophisticated communications equipment, including use of the Internet, encrypted telephones, and cloned cellular telephones, in what was a vain attempt to avoid detection. But in the end, it was these very devices which led to the devastating evidence against them. Through the use of judicial wiretaps and intercepts in both Colombia and in the United States, their communications were intercepted and recorded, thus producing evidence which comes straight from the defendants' own mouths. In addition, Drug Enforcement agents executed a covert search warrant for evidence contained in a computer located in South Florida at the residence of one of the defendants, which acted as the center of their operation in South Florida, thus uncovering the method of communication through the Internet. Our prosecutors, agents and investigators in South Florida await the opportunity to bring these defendants before a court to face the charges. Thank you. ... Q You were talking about the sophisticated kinds of communication devices, and you mentioned the Internet. Did that include net phones? (U.S Attorney Tom Scott from Miami) MR. SCOTT: They had various -- and the DEA people can speak to this, but they had encrypted phones; they used all types of different phones. They'd get phones and throw them away. And they even used the Internet. So it was pretty sophisticated electronic methods of trying to avoid detection, but the intercepts, both in Colombia and the United States picked up. Q And did you have trouble in any way with the state of law enforcement's abilities to intercept these kinds of devices? Were there any problems? MR. SCOTT: No, I think this case demonstrates that through -- we made a request on the Colombian government, through the Vienna Convention, through letters rogatory, and they proceeded immediately to conduct the investigation and to get the judicial intercepts to their prosecutors, and I think that was very effective. Q There were no technical problems, though, in gaining access to these conversations? MR. SCOTT: We were very satisfied with the investigation the way it was conducted. Q Mr. Marshall, on her point, please. The head of the DEA and the FBI have repeatedly -- and Ms. Reno have repeatedly warned of the dangers of not being able to break the codes of criminals. And of course encryption legislation is being debated at length. Is this an indication that maybe that's not so great a problem after all? MR. MARSHALL: Well, that was not a significant impediment in this particular investigation. We've encountered that in many, many other investigations. We're encountering it ever more frequently. And we hope that we don't lose the ability to intercept encrypted communications. Q Mr. Ambassador -- ATTY. GEN. RENO: I would point out -- I would point out in that regard that in this instance, it was not an obstacle. But as more and more drug traffickers and others engaged in organized crime and other activities, including terrorism, encrypt their communication, it is going to be more and more difficult for law enforcement. And that is the reason it is so important law enforcement work with the private sector and with others to ensure the protection of our national security interests and to make sure that we balance the privacy concerns that are so important with law enforcement's legitimate concerns. ...