When the police, etc use facebook and twitter to track and trace people they will stop using them, it's as simple as that.
This time has come.
After discovering that BBM and their Twittery playthings fed straight into the hands of the cops, smartphone-toting revolutionaries have taken up a new type of instant messaging – Vibe. Like Twitter in that it is open and lets you mass-message, Vibe is unlike Twitter in that all messages or "vibes" are anonymous. You can set …
Any message that goes via internet is susceptible to interception with or without an active warrant. E.g. mobile telephone "stored communications" are available for weeks after an event and can be discovered by a retroactive warrant.
Communication between mobile devices can be encrypted. Often the encryption key can be broken in transit, but in particular, the decoded message can be discovered on a device after decryption. At the same time the decryption keys can be recovered and all encrypted traffic that has been intercepted can then be decoded.
To put it simply, anonymous communications can be broken at the transmission device or at multiple receiving devices assuming some devices are seized by the authorities.
So any "Vibe" communications, encrypted or unencrypted, can be captured by monitoring the communications channels, or more easily by seizing receiving communications devices.
What's actually useful is a progressive irreversible key system that allows messages to be read once and then automaticaly deleted before a new key is generated. Ditto the sender has sent messages deleted and the send key progressed.
There's a good body of knowledge on how to do this. However. there is a market gap for software apps that allow secret communications that can't be later be decoded based on intercepted communications or seized devices.
... by the fact that the UK government allows all it's public comms to be freely intercepted by facilities like Menwith Hill which in turn uses the supercomputer based at FBI facility in Langley (US) to look for suspicious activity and profiling. This info will then get passed back to the UK authorities if requested (and as long as it it's in the US's interests, i.e. doesn't comprise thier goals and allows them to keep operating Menwith on UK soil).
Once it's digital it's traceable, end of.
Not sure who inhabits Langley, but your right I think FBI and NSA are a bit blurred.
I've been trying to remember the name of the computer in the basement, I think it begins with M.
You can bet that all the data will get filtered by the US on US soil before it comes anywhere near UK agencies.
All manufacturers of telecoms broadcast kit must provide details of Duh Spectrum and Keys.
In my experience design has been halted because US D.ect ect. IE Lanley found keys problematic and called a halt to most things. talk about spooks!!
However, code was modified and now all the( Fixed Wireless Access) system in the region which FWA was rolled out is acessible to anyone who has an interest, including spooks (Langley) moreover Moscow, who are not thick!
How can it be anonymous if it goes through the network?
The authorities just need to get the network to store all activity so it can be analysed kater. Each message will be linked to a particular phone or device, they will also be able to find out who read it so have information on who was present at the event.
however a SMSC (the srever through which all SMS are routed through) can easily copy all messages that flow through it and either store the copy or forward it to an alternate destination. This capability would give the PLODs the ability to monitor in real-time any SMS traffic.
For non-SMS traffic based using packet-data circuits (e.g. IP) standard sniffing tools can be deployed in (for example) the SGSN or GGSN or anywhere in the baseband network. None of this is rocket science.
In either case the apps could use encryption to secure the messages, but GCHQ has enough raw horsepower at its fingertips to make that a fairly htin layer of protection.
"In either case the apps could use encryption to secure the messages, but GCHQ has enough raw horsepower at its fingertips to make that a fairly htin layer of protection"
Do you have any proof of this? I mean, AES-256 would be pretty handy and, given plod has a law requiring you to reveal your password, I'd say they'd find it quite difficult to crack more basic encryption especially in any realistically useful timeframe. Let's face it, you're not going to redirect GCHQ processing power from hunt-the-terrorist operations to collar someone for stealing a f*cking TV from Currys.
PS I'm not into conspiracy theories that state things such as "they only have the law to mask the fact they can already crack encryption". The country's skint, I really doubt it.
Yeah, I'm sure it is.
Oh, hang on, a server somewhere must be storing the message and it's location in order to send it out to other vibe users. But how does it know who to send it to? Perhaps people sign up and constantly give the server their location? The server must store all those locations and a contact IP so a message when it arrives can be sent to the right people. Hmm, that's completely anonymous then.
It's location-based twitter with 'your name' crossed out and 'anonymous' written in in crayon.
The 15m radius is obviously via Bluetooth unicast, so quite easy for The Man to monitor or jam without having to interfere with general mobile access. Or more amusingly, they could feed in their own disinformation - "all go Brooklyn Bridge, walk in the road and not on the sidewalk". The global option must involve some form of internet access, which is traceable or blockable (and will be logged) at the point it joins the internet, so sounds just as "anonymous" as using a British-based proxy to hack Sony (now, what kind of twit would do that?).
Rather amused that the same Zami crowd pushing Vibe also brought you Poledancer vid app - what will Code Pink have to say about that?
I'd have thought the system stored [message, lifespan, location, range] and if you're running the app (no formal registration required if it's to be anonymous) the app on your phone polls [any messages for location X]. The system then matches up messages for which you are in the radius whilst all the time deleting expired messages. Not sure any more than that is required. Connection from app should use encryption then the main point of concern is old-mate's server setup and logging.
OK, concentrate now, try and think "How does that little bit of text on my phone get out to the rest of the sheeple?"
First, it gets converted into a wireless signal and sent to the local cell - point one at which the transaction is recorded (yes, the phone companies can see which cells you have passed through in the last 24 hours without even having to look at your call history, they can see which one your transmitting through, and they can even triangulate if required to get a more accurate positioning). Then it gets turned into an IP communication, going from the network operator's gateway (outgoing traffic, logged by the operator) to the entry point for the Vibe system (logged at the operator's gateway as the destination), via all number of logged internet switches, and via Vibe's ISP gateway (guess what - logged!) before it gets to Vibe. At this point, if the Man is monitoring traffic going to the Vibe network, then he already has enough data to say your phone sent a message from the location of the protest/riot at the time of interest, that you sent it to the Vibe service, and they can probably read the contents pretty easily. That's enough to put you at the scene of a crime and charge you for incitement if your message is along the lines of "let's do this criminal act". And remember, interfering with a police operation (such as preventing a kettling) could be a charegable offence in many countries.
From the Vibe network the signal then has to go outwards, and if it's not logged by the Vibe people themselves then it will be logged by their ISP, meaning if it is sent direct to individual iBones then the Man can grab all those phone identities right there. If it is sent to some webpage that Vibe users then read to get the "tweets" then all the Man has to do is monitor which devices are going to that website (your iBone is given an IP by the network provider, it can be traced right back to its IMEI number), correlate that with which iBones were in the area of the protest/riot at the time (from the cell logging), and then the network provider can be forced to give up the full owner details. Now the Man has the details of the sender plus all accomplices - if the instruction has been "commit a criminal act" and the act is commited, you are potentially an accomplice even if you didn't actually join in with the criminal act.
It looks like Wall Street protest noobs should get someone with a clue to advise them.
It's not the FBI, CIA, and NSA looking for #OccupyWallStreet tags. It's the NYPD. They go after the low-hanging fruit.
People in this thread are making it sound like Vibe is actually worse than Facebook and Twitter. Is *this* much FUD really warranted?
Hell, I'll send a Vibe saying "I'm going to set a shop on fire" and await the police sirens. Wish me luck, zomg!
Not really. In the Wall Street case, the messages are being sent all over the States, making the transmission of inciting messages Federal crimes, so the FBI is going to be involved even if not at the request of the NYPD. And who knows who might be interested in tracking those making "contributions" from abroad. You have to remember the Police effort on things like G20 was international, and involved a lot of secret squirrel organsiations. Those same people will be tracking the Wall Street "leaders-that-aren't-leaders", on Vibe and elsewhere.
Monitoring this would be pretty trivial for The Man - either by directly tapping the server(s) or by registering a Vibe "client" with a fake location to match that of the targets. Thereafter the life-span of the messages sent will be determined by how long it takes The Man to secure conviction.
"It's anonymous too, so not only are you able to send out relevant information to a small radius, but it also disappears, there's no record of it, so no one can come after the person who sent it."
Just as easy to abuse it with mis-information then. Whats to stop the rozzers anonymously vibing.
"Quick everyone - we're moving the protest into the back of the big police van".
The key point here is; "no one can come after the person who sent it."
When they say no-one, they mean no-one. Seriously, who is going to take any notice of anything when it comes from someone totally unidentified, and who can then deny to have ever have said it?
So anyone can say/claim anything they like and those who read it have no way of knowing they can trust a word of it, and no way of responding if it turns out to be lies.
It's a troll's dream app!
>>"When they say no-one, they mean no-one. Seriously, who is going to take any notice of anything when it comes from someone totally unidentified, and who can then deny to have ever have said it?"
Indeed, especially if some people might consider it desirable to make the system untrusted by feeding in bogus messages.
>>"It's a troll's dream app!"
And great for an agent provocteur who wants to be untraceable while simultaneously reducing people's trust in the system.
If 'they' want to turn a demonstration into a riot, they send a message alleging someone was just beaten up or killed by police in a nearby sidestreet.
If 'they' want to get some looters in one place, they send a message claiming there are great spoils at a particular store that's just been broken into, but where there are police and/or good CCTV waiting to catch people.
And if I actually *was* paranoid about Big Brother, why should I believe that anyone claiming to make a great anonymising app isn't actually working for Big Brother?
Not sure if Bluetooth hardware and spec could be programmed to do this, perhaps in relay mode. Could propagate to a maximum number of hops set by originator and agreed by receiver and relays, reducing the hop count used with each relay ? It wouldn't prevent an agent provocateur working for the fuzz to keep/use a version of said software, perhaps with logging, in which case, how much infomation about the phone sending or relaying a unicast does a Bluetooth unicast disclose if all packets received are logged ?
So what's to stop all the officers in charge at a protest having a copy of this app running on their phones?
The system could be easily gamed in many ways to disperse protests/rioters or heard them into one place. It's entirely possible that rival protesters (I'm thinking of EDL/Anti Nazi League protests) could stir up violence and/or panic in their rivals.
All in all this seems like a fairly irresponsible system to develop and I'm surprised that it's on the app store.
"So what's to stop all the officers in charge at a protest having a copy of this app running on their phones?" - AC has a point.
Just imagine the disinformation the police could then send - "South Street is Kettle free, head in that direction"
It's the perfect entrapment tool as who can then prove who sent the message?
So why has the wall street mayhem not reached the mainstream media? I think we all know the answer to that and I for one am glad that alternatives are being used so that these types of demonstrations can rightfully continue. Times are a changing and we should not stop the momentum because the controlled media says so.
"So why has the wall street mayhem not reached the mainstream media? I think we all know the answer to that and I for one am glad that alternatives are being used so that these types of demonstrations can rightfully continue. Times are a changing and we should not stop the momentum because the controlled media says so."
I was unaware that CNN was not part of the mainstream media. They've been following this story for quite some time. See, for example, <http://www.cnn.com/2011/10/02/business/wall-street-protests/index.html>. Notice title: "As Wall Street protest enters 3rd week, movement gains steam nationwide". Notice also that there are (as of time of writing) 9780 comments on that story. Nine Thousand Seven Hundred and Eighty. Not only has CNN been paying attention, they haven't exactly hidden the story either.
And they are by no means the only 'mainstream media' outlet which has been paying attention. I take it that you haven't looked at CNN for at least three weeks...
Next time, do try to actually do some research before you run your fool yap...
So let me get this right ... in order to receive the Top Secret messages from your fellow anarchists .. all you need to do is subscribe your mobile (which is linked to you by the account you signed in from) to this server ... and send the server your location information on a regular basis ... then by subscribing to the channel "#burnWallstreet" you can escape from The Man by getting Top Secret warnings ...
Errr ... so you identify yourself to the server, allow it to map your position, and then indicate your intentions by channel subscription ...
Sounds great! ... I am sure the authorities will love this, saves all that photgraphing and CCTV etc, this is much better! the sheeple simply sign in and carry a GPS tracker! .. should make rounding htem up for mass extermination later soooo simples!! Simply capturing the network traffic into/out of that box should be easy .. job done!
Biting the hand that feeds IT © 1998–2019