this post was submitted on 03 Dec 2024
49 points (98.0% liked)

Privacy

1321 readers
24 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 2 years ago
MODERATORS
Ategon
danielintempesta
49
Why do criminals use their own encrypted messaging platforms, instead of using any of the recommended apps? (www.europol.europa.eu)
submitted 2 weeks ago* (last edited 2 weeks ago) by [email protected] to c/privacy
26 comments fedilink hide all child comments
 

Does that mean that other apps like signal for example have back doors?

Do criminals have a knowledge of exploits in the recommended messaging apps?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 45 points 2 weeks ago* (last edited 2 weeks ago) (10 children)

You're missing the #1 reason organized criminals prefer their own service. To have trusted staff who control everything — the servers, code development & deployment — whom can't be ordered by a court to shut off access to individuals at any time, or provide metadata, eavesdrop, etc.

The weakest link with legal services like Signal is that they can be compelled by law enforcement, the judicial system, and government... That's an enormous risk for any organized crime operation. Even a minimal amount of metadata collection can do a lot of damage, especially if it's analyzed over months/years, and especially when performed by an advanced persistent threat actor like a nation state.

[–] [email protected] 15 points 2 weeks ago (3 children)

I disagree, stupid self developed systems leak so much more, I think the number 1 reason is, surprise surprise, stupid people.

Also plenty of criminals and organized crime also use standard tools like telegram (which is way worse then signal)

[–] RonSijm 4 points 2 weeks ago (1 children)

It probably depends on the level of the criminals and organized crime groups. I saw this Youtube video a couple weeks ago that talks about the history of how organized crime groups were using encrypted communication https://www.youtube.com/watch?v=gigIOc_0PKo (And how they were honey-potted by the FBI to use an FBI-hosted service, lol)

Organized crime groups that make 100s of millions should be capable enough to hire skilled developers and sysops to host self-managed services. At some point if they make enough money, investing in self-managed communication becomes preferable over using telegram or signal.

[–] [email protected] 1 points 2 weeks ago* (last edited 2 weeks ago)

There are multi million companies that get hacked left and right, money does not mean intelligent security measures.

Also, best option is the big ones, anyone who wants real security and privacy should use something that already exists. Sure, maybe not signal (even though for anything less then a state actor it is plenty) but there are plenty of self-hosted or decentralized communication apps out there.

Anyone who builds their own app is very likely making a bad decision.

Just a reminder that one of the most wanted man in the world by the most capable state in the world (Snowden) is using signal

load more comments (1 replies)
load more comments (7 replies)