Pavel Durov Arrested France

[GPT]

Nearly all cases have money laundering bolted on these days as it is the easiest avenue to steal s**t whilst also increasing the prison time to push the defendant for a plea

Money laundering has become such a broad brush and almost bad a word as conspiracist etc I e it’s meaning has been watered down

A couple of years ago I spoke with a lawyer about the why regarding some accusations.

Money laundering, member of a criminal organisation, terrorism are often mentioned early on. The explanation was that it allows the police and justice department more time to come up with the exact accusations. Especially in the initial limited time frame they prefer to have it as wide and encompassing as possible as to not miss anything. Its rather complicated to later on add something where its easy to drop something. Especially given the thought process of creating negotiation room from the prosecutors side.

I would negotiate a deal and that's what he did. Because he is trapped in Jail..
Anyone would do same. You can't blame him. He is billionaire. He can simply shutdown telegram and enjoy life with his billions. I still don't understand why he is still accepting the deal and obey. I would look at the judge in the face and say: Oh Mr judge you want access to people data ? Ok here I delete everything, I shutdown telegram and I quit and I'm going to enjoy my billions. End.

Some rumours state that his brother is the mastermind and Pavel only being the "face" of the company.

 

[marioIT]

That has always been the case.. Everywhere. In that sense the system is rigged as well.

I hate to be that conspiracy guy... but it's real on many fields. You just have to scratch deep enough to see it...
I've seen high rank people (justices, police etc) doing stupid things and risking all their career, ultimately to save some very specific people, not the random guy.
And I've known some of these high rank officers very well to never believe they could do such stupid rookie mistakes while doing their jobs.
Truth is they did those mistakes on purpose (that led to invalidating a trial, thus freeing the guy etc), cause the game is rigged...
The game is rigged and if you want to survive you must adhere to it. Either that or death or get cancelled.
If you play with governments... either join "the force", by joining them or by leaving the field*, or fight it. There is no middle ground, there are no jokes, it's either in or out, and I can assure you that with absolute certainty.
*Usually leaving the field is not an allowable option anymore once you reach that level...

 

[dany]

View attachment 7705

They had to improve so he can get our of prison. Normal isn't it ?

Especially in the initial limited time frame they prefer to have it as wide and encompassing as possible as to not miss anything. Its rather complicated to later on add something where its easy to drop something. Especially given the thought process of creating negotiation room from the prosecutors side.

very very true and apply foe all government offices.

 

[wellington]

Telegram isn't encrypted anyway, its a lot of hassle having a encrypted conversation, far better to use something else.

Not really seeing any difference except he's now been plied to Western interests which gives the West access to Russian coms on the battlefield (past and present) which gives them evidence for going deeper into the war or evidence for crimes.

Again if you want privacy you use something supplied by a enemy state, i.e WeChat (CN version) or Wikr etc

Obviously delete all mentions of Icloud, Siri (equivalent) of device, all FB, Whatsapp, Instagram etc.

 

[GPT]

I wasn’t aware of the WeChat (CN). Interesting enough to have a look at.

 

[wellington]

Another one is Line which uses encryption for parts of conversations

Unsure of any Europeans ones as I’m based in Asia and these by default are the used applications which surprised me they had encryption by default (line) whereas WeChat is open to the CCP but not open to the Western surveillance apparatus.

UK law means everything has to have a back door under snoopers charter

US law you just need to look for association of the company to INQTEL then it’s a given it’s under US surveillance.

For EU I think they are now watering down privacy laws but also unaware of encrypted messenger services there

 

[GPT]

Another one is Line which uses encryption for parts of conversations

Unsure of any Europeans ones as I’m based in Asia and these by default are the used applications which surprised me they had encryption by default (line) whereas WeChat is open to the CCP but not open to the Western surveillance apparatus.

UK law means everything has to have a back door under snoopers charter

US law you just need to look for association of the company to INQTEL then it’s a given it’s under US surveillance.

For EU I think they are now watering down privacy laws but also unaware of encrypted messenger services there

Threema seems to do reasonably well.
Element/ matrix isn’t that bad.

All the usual suspects are crap where for day to day with friends and family signal isn’t the worst.

 

[jafo]

Normal isn't it ?

Normal for who?

If you accept this, next time, the get-out-of-jail condition might be for the defendant to start taking hormones and transition into a "woman."

People, this isn't a divine being asking you to do something...these are WEAK, dastardly men in large numbers ganging up on us on their territory and demanding something NONE of them would have the balls or chutzpah to ask face-to-face on a remote island or jungle.

I'm so disappointed! BUT relieved.... we all know who will snitch now!

Also, Pavel got precisely what he deserved! He is EXACTLY like them! Birds of a feather flock together!

I wasn’t aware of the WeChat (CN). Interesting enough to have a look at.

Go down this rabbit hole! It will pay off with at least a low 9-digits!

 

[mraleph]

There is a moderator here at OCT stating that security is not a binary.

People are seeking unicorns. Safety and comfort are inversely related.

Why are you proposing Wickr

Again if you want privacy you use something supplied by a enemy state, i.e WeChat (CN version) or Wikr etc

and then elaborate it's under US control

US law you just need to look for association of the company to INQTEL then it’s a given it’s under US surveillance.

as its owner is CIA investment company. WeChat is transparent to hostile parties.

Threema seems to do reasonably well.

Threema is less then not secure as the communication content exchanged between its end users was used in a criminal trial related to murder of Slovakian journalist Jan Kuciak. Beside that, their platform exist on a two docker containers on a single physical machine in the same data center in Switzerland - they claim HA set-up in two DCs in Zurich area, but...

Element/ matrix isn’t that bad.

The Matrix is now officialy and widely used by French government, even though its development is done by UK entitiy.

We all prefer Mentor Group Gold, no? Like at OCT, never eat free lunch and use anything publicly available.

At bottom line, you may use any application that's published at Google, Apple, Samsung, Huawei and other app stores - they are all transparent when it comes to surveilance - for exchanging information up to but excluding confidential.

 

[GPT]

Threema is less then not secure as the communication content exchanged between its end users was used in a criminal trial related to murder of Slovakian journalist Jan Kuciak. Beside that, their platform exist on a two docker containers on a single physical machine in the same data center in Switzerland - they claim HA set-up in two DCs in Zurich area, but...

Learning something new here. I wasnt aware of that. Will read up on it.

The Matrix is now officialy and widely used by French government, even though its development is done by UK entitiy.

We all prefer Mentor Group Gold, no? Like at OCT, never eat free lunch and use anything publicly available..

If you run it with a server you control yourself, the story is not one of "for free".

 

[Houdini]

There is a moderator here at OCT stating that security is not a binary.

People are seeking unicorns. Safety and comfort are inversely related.

Why are you proposing Wickr



and then elaborate it's under US control



as its owner is CIA investment company. WeChat is transparent to hostile parties.



Threema is less then not secure as the communication content exchanged between its end users was used in a criminal trial related to murder of Slovakian journalist Jan Kuciak. Beside that, their platform exist on a two docker containers on a single physical machine in the same data center in Switzerland - they claim HA set-up in two DCs in Zurich area, but...



The Matrix is now officialy and widely used by French government, even though its development is done by UK entitiy.

We all prefer Mentor Group Gold, no? Like at OCT, never eat free lunch and use anything publicly available.

At bottom line, you may use any application that's published at Google, Apple, Samsung, Huawei and other app stores - they are all transparent when it comes to surveilance - for exchanging information up to but excluding confidential.

Man you really know about security, I'm impressed of most of your posts

 

[mraleph]

If you run it with a server you control yourself, the story is not one of "for free".

In principle, I agree with you as any solution developed, deployed, controlled and used by you is inherently more secure then public and private ones. With a cavet - you need to have an extensive knowledge and anticipatory strategy - where I assume that you're capable.

Considering that a privacy moment is a crucial in VPN design, we wanted to offer on a quid-pro-quo basis, a 1-10G VPN - with a blendend network (LINX, DE-CIX and AMS-IX with regional IX access as well with private peering to Arelion, GTT, L3, HE and couple of 2nd tier ones) to OCT MGG members where they would have to set-it up in our web panel (virtualy all known protocols as well as our internaly developed) and control by themselves and test it for our side (not free, not paid, mutual benefit, sort-of-a beta testing). Hence, as an instance set-up is performed via panel or CLI there wouldn't be logging apart from the end-users themselves But, due to certain reasons - religious wars at OCT , we decided not to offer.

This is a public part of a forum, so I'll be discrete.

Five years ago, we started experimenting with different server backend solutions - such as Matrix and Wire - for our platform but concluded a year ago that they aren't secure by design. So, we are using our internaly developed backend solutions for communication platform.

Telegram ecosystem is not limited to private chats but have public discussions that are regulated by notorious DSA. Mr Durov, as a Telegram CEO, could have organized a DSA compliance and content moderation department and avoid colision course. A simple application UX change could have mitigated the risks. He will be punished which will have other legal implications, despite current Telegram DSA compliance.

Contrary to Telegram case, DSA does not regulate other messengers if they don't have public content. Temporary derogation from the ePrivacy directive - Chat control - may have had regulated the private chats content scanning - failed due to public pressure.

What is an unknown is why Mr Durov was not compliant whilst there was an easy and available mitigation atrategy.

 

[jesuschrist]

https://www.cyph.com/

 

[Clank]

If the device you run the app is not safe it doesn’t matter how good the encryption is.

 

[TRGali]

Graphene OS is most likely the most secure phone OS available to the general public. I would be curious to have mraleph's opinion (or the other experts) about it if he wishes to share it. Telegram though, needs to use google's push notifications (nothing to do with graphene OS) if you wish to have notifications, but the content of the notifications can be masked to google by Telegram.

It's missing a decoy boot like vera crypt, I hope they will develop this at some point.

 

[jafo]

It's much worse than this! They do NOT need ANY physical evidence! They need a witness. That's ALL!

PS. I promised I'd do a Mentor Gold post about this. Too busy now as this requires my utmost focus.

 

[cusano]

Telegram though, needs to use google's push notifications

It's missing a decoy boot like vera crypt, I hope they will develop this at some point.

Telegram FOSS doesn't need google's push notifications. Registration with the FOSS client doesn't work. Do the registration with another device or emulator. After migrate your account to the device with the FOSS client.

 

[mraleph]

Thread is about Telegram's future and cirmustances about Mr Durov's arrest. Telegram is under Western auspicies and Mr Durov will pay the price for lack of anticipation, planning and impulse control and abundance of wishful thinking and Idée de grandeur.

Another religious matter Which application is more secure, Telegram, Cyph, Line, WeChat, Wickr - Cloud notifications - FOSS vs GooglePlay - VPN logging...

I'll quote certain person again - because here at OCT I read it from that person's posts - as it's universal fact - security is not a binary... As @Clank posted above

If the device you run the app is not safe it doesn’t matter how good the encryption is.

Yes, end user shouldn't use any cloud connectivity for push notifications.

This forum is a regulated one under DSA, like a Telegram is. Also, beside that and a lack of willingness to participate in religious wars, both me and my companies can't and won't publicly comment any assumed competitor as that may have legal implications - anybody should perform its own due diligence related to secure communication to the best of their abilities or mandate it to third party.

Remember that serious development is not FOSS, never was and never will be.

As @jafo would say, there are no mutes in prison. This is the conclusion that Mr Durov and his surroudings should have anticipated

It's much worse than this! They do NOT need ANY physical evidence! They need a witness. That's ALL!

PS. I promised I'd do a Mentor Gold post about this. Too busy now as this requires my utmost focus.

 

[0xDEADBEEF]

Hypothetically, there’s a massive company (maybe one in your stock portfolio). R&D is their core focus, giving them a huge competitive edge. They bought a well-known, battle-tested communication platform specifically for their R&D teams. Communication is only possible through their corporate network, and the R&D team can only use job-specific equipment on-site.

This is a company with a top-tier security department and a mature approach to security controls and principles. The software they use is 'air-gapped', and their security and network teams monitor those network segments 24/7. Yet, they still got breached, and the attacker managed to grab some sensitive data.

After seeing something like this, I’d say if you really want secure comms, just meet your business partner in a sauna. Of course, only if your threat model permits. ;-)

 

[mraleph]

Hypothetically, there’s a massive company (maybe one in your stock portfolio). R&D is their core focus, giving them a huge competitive edge. They bought a well-known, battle-tested communication platform specifically for their R&D teams. Communication is only possible through their corporate network, and the R&D team can only use job-specific equipment on-site.

This is a company with a top-tier security department and a mature approach to security controls and principles. The software they use is 'air-gapped', and their security and network teams monitor those network segments 24/7. Yet, they still got breached, and the attacker managed to grab some sensitive data.

C'mon, it was obviously industrial espionage and sabotage At least you know that safety can be achieved across spectrum. And appropriate ACL across and between layers. Somebody was dis-loyal and others were over confident in complex phrases that were compensating their lack of comprehension and a fear of failure.

If I would need safety, I would never ever engage Cyber-security experts nor auditors Too much confidential information exposure to external persons without leverage and balance.

We advise - the client decides whether to correct the behavior or to be lazy. It's certainly not our responsibility if a client has bad OPSEC.

After seeing something like this, I’d say if you really want secure comms, just meet your business partner in a sauna. Of course, only if your threat model permits. ;-)

Remember a person - a naturalized Swiss citizen from Germany that was educated in a private school in former - that said it performs confidential discussions in a Bürgenstock sauna or in a beach in Cyprus or Sicily I cleary told that person in one of our last conversationa that such behavior will have consequences That person is now indicted because of those sauna and beach talks - with a threat of about significant number of years in prison and a heafty fines. Quite an expert in AML finished without that A in indictment and a series of predicament crimes beside organized syndicate membership That idiot reminds me of Mr Durov actually

There is a seriously good program from Israeli vendor regarding perky microphones for let's say, less hospitable and extreme environments