Pavel Durov Arrested France

[clemens]

After seeing something like this, I’d say if you really want secure comms, just meet your business partner in a sauna. Of course, only if your threat model permits. ;-)

very good advise, it's really the only way for sensitive talks.

 

[dany]

Another one is Line which uses encryption for parts of conversations

this

LINE｜always at your side.

More than just a messenger app. LINE is new level of communication and the very infrastructure of your life.

line.me

it is Chines again? how can you relay on Chinese based tech?

 

[12345]

this

LINE｜always at your side.

More than just a messenger app. LINE is new level of communication and the very infrastructure of your life.

line.me

it is Chines again? how can you relay on Chinese based tech?

japan based. Line has nice design and user experience for me, similar to telegram

 

[Clank]

it is Chines again? how can you relay on Chinese based tech?

If you don't want to be spied by the US, EU or any western country it's the best solution to use China tech.

 

[Clank]

japan based. Line has nice design and user experience for me, similar to telegram

I wouldn't trust a Japanese company.

 

[wellington]

this

LINE｜always at your side.

More than just a messenger app. LINE is new level of communication and the very infrastructure of your life.

line.me

it is Chines again? how can you relay on Chinese based tech?

Japanese

I wouldn't trust a Japanese company.

Google Japanese privacy laws

If you don't want to be spied by the US, EU or any western country it's the best solution to use China tech.

Or Russian

1) client side encryption is a absolute must
Forgot to add

 

[0xDEADBEEF]

If I would need safety, I would never ever engage Cyber-security experts nor auditors Too much confidential information exposure to external persons without leverage and balance.

That's a valid point. The risks associated with engaging (most) external cybersecurity experts or auditors are huge, particularly when it comes to red team exercises. The probability of sensitive information leaking is considerable, and many organizations often fail to implement recommended security measures promptly.

Somebody was dis-loyal and others were over confident in complex phrases that were compensating their lack of comprehension and a fear of failure.

In this particular incident, the IT environment was compromised elsewhere, and the attackers employed a series of sophisticated techniques and exploits to reach their target. The method they used to infiltrate the R&D networks is quite amusing, as it involved an attack vector that hadn't been considered in their security planning.

There is a seriously good program from Israeli vendor regarding perky microphones for let's say, less hospitable and extreme environments

Indeed, the attack was attributed to a threat actor known for utilizing such advanced approaches. Given the value of the intellectual property at stake, their efforts were justified. This highlights why I emphasize the importance of threat modeling. Defending against these adversaries is an uphill battle, as they combine human intelligence, signals intelligence, and cyber tactics.

You're right about the sauna strategy losing effectiveness once it becomes common knowledge. However, it does complicate matters for any potential "partner" attempting to wear a wire.

At least you know that safety can be achieved across spectrum.

Absolutely! While they managed to access sensitive information, they couldn't exfiltrate the most critical data. Their detection was also relatively quick. As mentioned, the organization had a mature security posture, and I'm certain they've further enhanced their defenses since this incident. A common issue I've observed is that many organizations/individuals focus solely on technical solutions without addressing security holistically across all aspects of their operations.

 

[Clank]

Google Japanese privacy laws

It doesn't matter they will share information in a blink of an eye.

5 eyes alliance:

Several countries have been prospective members of the Five Eyes. Israel,[104] Singapore, South Korea,[105] and Japan have collaborated or continue to collaborate with the alliance, though none are formally members

 

[wellington]

It doesn't matter they will share information in a blink of an eye.

5 eyes alliance:

Several countries have been prospective members of the Five Eyes. Israel,[104] Singapore, South Korea,[105] and Japan have collaborated or continue to collaborate with the alliance, though none are formally members

See_ LINE Corporation's Compliance with Applicable Laws | LINE Corporation | Security & Privacy

Line app is encrypted client side FYI between all counterparties unique

All requests have to go through Japanese Justice Processes (LINE Transparency Report - LINE Corporation)

- See US, UK etc in:

Disclosure Requests​

Also
Responding to Law Enforcement Agencies | LINE Corporation | Security & Privacy

Guidelines for Responding to Law Enforcement | LINE Corporation | Security & Privacy

Guidelines for Responding to Law Enforcement

linecorp.com

What it shows is that privacy is baked into the app, but also the law, so for legal use cases where privacy is the main concern you are better using say Line than say Messenger

Likewise criminals unfortunately use due to that.

 

[Clank]

See_ LINE Corporation's Compliance with Applicable Laws | LINE Corporation | Security & Privacy

Line app is encrypted client side FYI between all counterparties unique

All requests have to go through Japanese Justice Processes (LINE Transparency Report - LINE Corporation)

- See US, UK etc

Disclosure Requests​

Line is closed source so it's impossible to tell if they have any backdoors or if it's safe.

 

[wellington]

LINE

・ Registered account data (profile image, display name, email address, phone number, LINE ID, date of registration, etc.)

・ Communication history of specified users (message delivery date, IP address of sender, port number of sender)*

*There is no disclosure through Investigation-Related Inquiry

・ Specified users' text chats**

**Only when end-to-end encryption has not been applied (if end-to-end encryption has been enabled, we cannot decrypt/extract the contents of text chats, so no disclosure of the contents of text chats is possible). End-to-end encryption is applied by default since July 1, 2016. For more details, please see Data Security.

**Even if unencrypted text chats are disclosed, as per our policy, only up to seven days of text chats will be disclosed.

**Only when receiving an effective warrant issued by the court.

**Video / picture / files / location information / phone call audio and other such data will not be disclosed.

LINE Transparency Report - LINE Corporation

LINE employs various encryption technologies to protect user information.

linecorp.com

Line is closed source so it's impossible to tell if they have any backdoors or if it's safe.

True

 

[AlexPCS]

I think that with this whole arrest case one could see a parallel with crypto. Pseudo-decentralized ones have a pronounced leader (like V. Buterin in ethereum) whereas truly decentralized ones like bitcoin do not - Satoshi cannot be arrested because nobody can find him

A real anonymous messenger shouldn't have a publicly known director/leader (call it as you like), it should be distributed, open-source and governed by the community.

There are things like tox out there, but not many people are using it because indeed it is less convenient than telegram. So there is always a tradeoff when you try to balance true anonymity and day-to-day convenience.

 

[dany]

That's a really good discussion you have going here, but how are Line, Tox, Messenger connected with Telegram? I can't quite understand the connection. Are they all owned by the same person, namely Pavel Durov?

 

[wellington]

Another one gone (never heard of before): Europol arrests 51 people and dismantles platform used for cybercrime

 

[jafo]

Another one gone (never heard of before): Europol arrests 51 people and dismantles platform used for cybercrime

It was a "honeypot" since the beginning.

 

[mraleph]

Another one gone (never heard of before): Europol arrests 51 people and dismantles platform used for cybercrime

This is related to Telegram and Mr Durov

Global Coalition Takes Down New Criminal Communication Platform | Europol

Global Coalition Takes Down New Criminal Communication Platform

www.europol.europa.eu

as it erodes the fundamental liberties and rights.

The crucial narative that is created is

Europol and its partners continue to prioritise the fight against encrypted communication technologies used by criminals, while also advocating for a balanced approach that respects privacy rights and upholds legal standards.

Private companies that wish to ensure their services are used in compliance with the law also have an important role to play. They must ensure that their platforms are not safe havens for criminals and should provide mechanisms for lawful data access under judicial oversight and in full respect of fundamental rights.

Law enforcement needs access to communications among suspects to combat serious crimes. This can coexist with privacy protection, while cybersecurity is guaranteed and strong legal safeguards and oversight are in place

There is no mechanism that protects the security and privacy of communication and allows government access for surveilance. Cyber-security isn't guaranteed and legal norms are as strong as people ethics are.

 

[wellington]

one of the reasons I started to feel uncomfortable having a secure email service available to the public (as a company) was the terror attacks in Europe (I believe Paris) - I am a firm believer in privacy but I will admit it kept me up at night in cold sweats - most if not all of the user base based on the social media content we could glean was Latin America at the time

In 2018 I created a new method for secure private data storage which I realized in doing so was the perfect string broadcaster / or messenger solution basically everywhere but nowhere, Wally amongst the crowds, non discernible as detectable.

At the time we used it in system for the AIs to communicate but closed the front end where anyone could use as it was a novel solution and not widespread or read

I then did a paper and submitted it as a hypothetical to MI5, FBI and the US Senate via a moniker - real concern at the ease and the power of the solution should a terrorist come to the same idea/solution

Fortunately they continue to instead use services or devices

And my brothers keep sending them Shalom mother fucker messages in return

 

[brianK]

If you don't want to be spied by the US, EU or any western country it's the best solution to use China tech.

I think it’s better to avoid carrying any electronics at all. The fact is, you can’t really trust any manufacturer of electronic devices used for communication on this planet.

 

[jafo]

I think it’s better to avoid carrying any electronics at all. The fact is, you can’t really trust any manufacturer of electronic devices used for communication on this planet.

The enemy of my enemy (i.e., my oppressor by outnumbering me) is my lifelong friend and trusted partner! This shared mentality/strategy has worked for me and others personally for over 40 years!
It also worked for the OGs, mostly WASPs and Jewish (RIP), who passed down this wisdom to me and others (who were also deprogrammed NOT to be offended and hurt by it through cognitive dissonance) for over 90 years (that I know of - I inherited the diaries of all the OGs). That's +130 years of "insider's knowledge."

The ABSOLUTE SHOCKING truth on this forum for me has been that there are a few guys here who are aware of this:

If you don't want to be spied by the US, EU or any western country it's the best solution to use China tech.

Or Russian

@wellington ALREADY mentioned Chinese tech (several times) as an antidote! It was NOT lost on me!

A few other members know this but are a bit more reticent about it.

I mentioned it here: Does Stripe have the right to hold your funds forever ?

and also here: Pavel Durov Arrested France

This is BATTLE-FIELD TESTED! I put this on the battlefield against the US DOJ in a grand jury and jury trial! They got d1ck! They admitted they got d1ck! They were hoping their buddy, my defense attorney, their former colleague at the DOJ would throw me under the bus, but I fired him as soon as the trial started, so they had NO WAY to recoup!
In a more gruesome example of Machiavellianism, we skydived out of the plane, and I made sure my defense attorney's parachute was not working!

It's called "trial by AMBUSH!"

PS. The fact that people BELIEVE their oppressors that the oppressors' enemies are evil...is just mind-boggling to me!
Does anyone know a study about this? @JohnnyDoe , do you know how this happens? How can people fall for such BS?

 

[jesuschrist]

Chinese tech

Do you think a HK sim with WeChat is good enough? Or are there advantages using a Mainland Chinese number?