European Law Enforcement Officials Upset Facebook Is Warning Users Their Devices May Have Been Hacked

from the screw-the-little-people,-we've-got-bad-guys-to-hack dept

Oh boy. Facebook has just added fuel to the anti-encryption fire. And by doing nothing more than something it should be doing: notifying users that their device may have been compromised by malware.

The Wall Street Journal article covering this standard notification is full of quotes from government officials who aren't happy a suspected terrorist was informed his phone had possibly been infected by targeted malware. [Non-paywalled version here.]

A team of European law-enforcement officials was hot on the trail of a potential terror plot in October, fearing an attack during Christmas season, when their keyhole into a suspect’s phone went dark.

WhatsApp, Facebook Inc. ’s popular messaging tool, had just notified about 1,400 users—among them the suspected terrorist—that their phones had been hacked by an “advanced cyber actor.” An elite surveillance team was using spyware from NSO Group, an Israeli company, to track the suspect, according to a law-enforcement official overseeing the investigation.

Facebook is no fan of NSO Group. In fact, very few people are fans of NSO Group, other than their customers, which have included UN-blacklisted countries and a number of governments that rank pretty high on the Most Human Rights Violated charts. Facebook sued NSO back in November, making very questionable allegations about CFAA violations. Facebook's servers were never targeted by NSO's malware. Only end users were, which makes it pretty difficult for Facebook to claim it has been personally (so to speak) injured by NSO's actions.

Back to the matter at hand, Facebook didn't just warn suspected terrorists about detected malware.

WhatsApp’s Oct. 29 message to users warned journalists, activists and government officials that their phones had been compromised, Facebook said. But it also had the unintended consequence of potentially jeopardizing multiple national-security investigations in Western Europe about which Facebook hadn’t been alerted—and about which government agencies can’t formally complain, given their secret nature.

Would these government officials rather have not been warned about threats? Were any of these government officials receiving warnings the same ones now complaining the warning allowed a terrorism suspect to vanish? Maybe so. The one quoted in the article seems very short-sighted.

On the day WhatsApp sent its alert, the official overseeing the terror investigation in Western Europe said, he was stuck in traffic on his way to work when a call came in from Israel. “Have you seen the news? We’ve got a problem,” he said he was told. WhatsApp was notifying suspects whom his team was tracking that their phones had been hacked. “No, that can’t be right. Why would they do that?” the official said he asked his contact, thinking it a joke.

"Why would they do that" indeed. Maybe to protect their users from cybercriminals and state-sponsored hackers. It's not about allowing suspected criminals to dodge law enforcement, even though it will undoubtedly have that effect. It's about keeping users and their communications protected -- users that include journalists, activists, and government officials.

This response indicates the investigators pursuing the suspected terrorist would rather hundreds of innocent people be harmed than someone suspected of terrorism go free. But it really doesn't matter what unnamed officials think about Facebook's "you may have been compromised" notifications or the harm these might do to ongoing investigations. Facebook's voluntary warnings will soon be mandatory in Europe. By the end of 2020, all service providers and telcos will be obligated to warn customers of security threats.

That fact -- and the apparent willingness to allow innocent people to be victimized by targeted attacks -- makes the article's closing statement all the more ridiculous.

Gilles de Kerchove, the European Union’s counterterrorism coordinator, says encryption shouldn’t allow criminals to be “less accountable online than in real life.”

I have no idea what that means. I know what the official thinks it's supposed to mean -- that "online" is bad because sometimes criminals get away -- but even that interpretation doesn't make sense. Criminals discover their phones have been tapped and stop using those lines. Criminals talk to each other in person to avoid creating records of conversations. Criminals get tips from other criminals they're under surveillance. This stuff just happens. Investigations don't always run smoothly.

A standard warning about possibly-compromised devices and services is just good business -- something that protects everyone who uses the service, not just the people governments think are OK to protect. These warnings are essential and they benefit everyone, not just the people governments want to lock up.

Filed Under: disclosure, europe, hacking, law enforcement, malware, terrorists
Companies: facebook, nso group, whatsapp


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Designerfx (profile), 8 Jan 2020 @ 3:52am

    unfortunately, I see this as a ramp up against the internet

    It seems a lot of countries and places are trying to build up sentiment of "internet = bad", on a global scale.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Jan 2020 @ 4:38am

      Re: unfortunately, I see this as a ramp up against the internet

      Well, it does let people talk about the government outside of the political system, i.e. in an uncontrolled fashion.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 8 Jan 2020 @ 7:34am

        Re: Re: unfortunately, I see this as a ramp up against the inter

        Stuffing the cat back in the bag can led to multiple scratches, lacerations and maybe cat scratch fever .... Ted Nugent warned us about that, why did he not say anything to his friends in the gop?

        reply to this | link to this | view in chronology ]

  • identicon
    spodula, 8 Jan 2020 @ 4:06am

    Well, if you work with scum.

    You get tarred with the mess when they get caught.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Jan 2020 @ 4:17am

    Of course, such malware can be defeated by resetting your phone. Spyware and malware on there will be GONE.

    Nothing can survive a factory reset

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Jan 2020 @ 4:35am

      Re:

      You have far too much trust in a reset. Multiple new hacking tools take over the chips themselves, preventing a reset from doing anything more than making you feel better. If you happen to be one of the largest nation-states, you have purchased backdoors built into the chips and micro-batteries themselves.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 9 Jan 2020 @ 7:43am

        Re: Re:

        Resets pr disk wipes are also good to do ehen.you first.buy a device because you dont know what is on it.

        Whenever I have bought a new PC, I have always did a secure wipe of the hard disk, in case the people who put it together did anything nefarious with it

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Jan 2020 @ 4:45am

      Re:

      The only response I can give is a hearty 'lol'

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Jan 2020 @ 7:36am

      Re:

      Hey ... interested in buying a bridge?
      How about an elevator pass?

      reply to this | link to this | view in chronology ]

    • icon
      R.H. (profile), 8 Jan 2020 @ 4:04pm

      Re:

      I can tell you for certain that this isn't true. For example, on an Android device, if you attack the system partition and add your malware there (preferably with the assistance of the OEM by way of a poisoned update to make sure that the checksums check out) then it'll still be there after a hard reset. This is how Android custom ROM's work, you replace everything with something new and that way, even if you hard reset the device, you're just resetting back to the initial setup of your custom ROM and not to the original OEM software. You wouldn't even need OEM assistance if the Android device is rooted since all the authority necessary to alter system files would exist on the device itself.

      I don't know enough about iOS to comment on it specifically (I've jailbroken a single iOS device for a friend years ago and that process, if you get physical access to the phone, would allow a similar attack) but, if you can get Apple to help you, I believe that it would be trivial to do something similar with a poisoned iOS update.

      reply to this | link to this | view in chronology ]

  • identicon
    JD, 8 Jan 2020 @ 4:49am

    Left hand/right hand

    EU: You MUST notify people when their devices are compromised!

    ALSO EU: Wait, no, not like that.

    reply to this | link to this | view in chronology ]

  • icon
    Code Monkey (profile), 8 Jan 2020 @ 5:13am

    What's the gubmint supposed to do...

    "Dear Mr. Zuckerberg:

    Hi, there. Secret EU intelligence agent here, how's things going? Hey, listen, we're tracking a possible terrorist, named blah blah.

    It would be suuuuper cool if you didn't warn him that we put malware on his phone so we could track him.

    Thanks, bro"

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Jan 2020 @ 5:42am

      Re: What's the gubmint supposed to do...

      TV: "Law enforcement agencies say Facebook warned some WhatsApp users that their phones had been hacked, and a terrorist suspect's phone 'went dark' "

      Man watching TV, to friend assembling bomb: "Hey, bro, looks like you dismantled your phone just in time, they were on to you..."

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Jan 2020 @ 6:48am

      Re: What's the gubmint supposed to do...

      I came here to say this ^. It's a really simple solution to the "problem" that would have prevented anyone's feels getting hurt. If they had notified Facebook that they were targeting some individual and Facebook warned that person anyway then they might have an argument. But until then, innocent until proven guilty.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 8 Jan 2020 @ 7:42am

        Re: Re: What's the gubmint supposed to do...

        What's next ... corporations will have to get government approval of any and all changes to their corporate internet presence, their corporate software practices and corporate customer support/service?

        And what after that?

        But you're ok with it.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 8 Jan 2020 @ 8:30am

          Re: Re: Re: What's the gubmint supposed to do...

          Way to go full-on hyperbolic strawman.

          Law enforcement notifying a service that it is actively investigating someone and will/has meddled with the person's device in order to prevent that service from notifying the person their device has been meddled with seems completely unreasonable to you? Perhaps you also feel Facebook shouldn't have notified anyone their devices had been compromised. That seems the better solution to you?

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 8 Jan 2020 @ 10:31am

            Re: Re: Re: Re: What's the gubmint supposed to do...

            "hyperbolic strawman"
            Are all predictions hyperbolic? What about questions relating to a hypothetical situation, are those hyperbolic? Has there been any proposed legislation that would regulate what is allowed online? Is it really a strawman?

            "... seems completely unreasonable to you?"
            To quote many a capitalist ... Who is going to pay for that?
            Also, would that constitute a confession to a felony on the part of law enforcement?

            "That seems the better solution to you?"
            I thought the better solution was self evident, oh well.

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 8 Jan 2020 @ 11:46am

              Re: Re: Re: Re: Re: What's the gubmint supposed to do...

              If they have the appropriate warrants there's nothing illegal about law enforcement deploying devices/software during an investigation. And what is there to pay for about a phone call and someone adding a name to a list?

              It's a really simple solution that would have prevented the problem for law enforcement, would have prevented tipping off a suspected terrorist that they were being spied on and would have avoided this whole shitshow. I fail to see how that is an inappropriate solution.

              What any of this has to do with your corporations-need-permission strawman is left totally unexplained. As a "prediction" that's pretty sad.

              reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Coward, 8 Jan 2020 @ 2:18pm

                Re: Re: Re: Re: Re: Re: What's the gubmint supposed to do...

                "If they have the appropriate warrants"

                • Did they?

                "what is there to pay for about a phone call and someone adding a name to a list?"

                • The database update will be performed by someone who is making more than minimum wage, or at least one would hope so. The overhead rate will be somewhere near 120% or more. The task in question would take a few minutes for a highly trained (and paid) professional but they will most likely use a noob and therefore testing will have to be extensive. One would hope they test things before promoting it to production but that is not always their priorities it it?

                Do you think the government will allow business to decide who and what gets censored?

                reply to this | link to this | view in chronology ]

                • identicon
                  Anonymous Coward, 8 Jan 2020 @ 6:03pm

                  Re: Re: Re: Re: Re: Re: Re: What's the gubmint supposed to do...

                  What the actual fuck have you been smoking?

                  reply to this | link to this | view in chronology ]

                  • identicon
                    Anonymous Coward, 8 Jan 2020 @ 6:11pm

                    Re: Re: Re: Re: Re: Re: Re: Re: What's the gubmint supposed to d

                    I like how complex issues are made to look simple so that the general public can have an opinion on the matter.

                    reply to this | link to this | view in chronology ]

              • icon
                Scary Devil Monastery (profile), 10 Jan 2020 @ 3:13am

                Re: Re: Re: Re: Re: Re: What's the gubmint supposed to do...

                "If they have the appropriate warrants there's nothing illegal about law enforcement deploying devices/software during an investigation."

                If they had warrants against the 1399 people who weren't suspects then there is a fcsking HUGE PROBLEM with the jurisprudens observed in said law enforcement. To the point where it's comparable to hauling people in completely at random for strip searches in order to find drug dealers.

                It wasn't illegal for southern police officers to haul black people off to jail for sitting in the wrong seat on the bus either, but that doesn't mean that it was good practice.

                Bad laws need to be changed, not defended.

                reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 8 Jan 2020 @ 8:53am

        Re: Re: What's the gubmint supposed to do...

        But until then, innocent until proven guilty.

        Interesting how you are innocent until proven guilty... right up until the government starts investigating you, at which point you are apparently no longer innocent enough to matter.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 8 Jan 2020 @ 11:49am

          Re: Re: Re: What's the gubmint supposed to do...

          That's a gray area, sure. But if there were no gray area between innocent and guilty there would be zero room for investigation of any kind. Investigation, by it's very nature, is invasive and violates privacy. Permission is required, back by reasonable suspicion, in order to violate that privacy of an otherwise innocent person in order to determine whether they're actually guilty.

          Once the evidence is gathered it is then up to government to use that to prove you are, in fact, guilty. Until that conviction is delivered you are still "innocent" but a suspect that may be detained. That's pretty much how law enforcement works.

          Strange thing to take issue with unless you favor chaos and lawlessness.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 8 Jan 2020 @ 12:31pm

            Re: Re: Re: Re: What's the gubmint supposed to do...

            There is a rather large difference between "a small portion of the government will treat you as less than innocent during an investigation" and "everyone should be legally required to treat you as less than innocent during an investigation."

            reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 8 Jan 2020 @ 2:21pm

            Re: Re: Re: Re: What's the gubmint supposed to do...

            Yes, that is what the gov is supposed to do.

            reply to this | link to this | view in chronology ]

          • icon
            Scary Devil Monastery (profile), 10 Jan 2020 @ 3:18am

            Re: Re: Re: Re: What's the gubmint supposed to do...

            "That's a gray area, sure. But if there were no gray area between innocent and guilty there would be zero room for investigation of any kind. Investigation, by it's very nature, is invasive and violates privacy. Permission is required, back by reasonable suspicion in order to violate that privacy of an otherwise innocent person..."

            Emphasis mine. So in other words, per your own arguments, it was wrong for law enforcement to install malware on 1400 phones more or less at random?

            If an officer has reasonable suspicion and goes to obtain a warrant the first thing he will be asked is "For whom, and at what address?". The officer then saying "Uh, anyone whose name begins with an "F" and lives in Massachussetts, judge" simply will not be good enough.

            I'm noting that by your own argument the OP describes law enforcement done horribly wrong, and by that we can concur that Facebook was being very responsible in preventing an associated client from propagating the malware.

            reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 8 Jan 2020 @ 8:42am

      Re: What's the gubmint supposed to do...

      Accept that when they use the tools of malicious threats they will occasionally be treated as malicious threats.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 10 Jan 2020 @ 12:17pm

      Re: What's the gubmint supposed to do...

      Does this mean they could go after Zuck for aiding a terrorist?

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Jan 2020 @ 7:23am

    How is Facebook supposed to know which of NSO Groups clients are 'good' (and shouldn't be interfered with), and which are 'bad' (and the company is obliged to warn users about)?
    Why does a legitimate EU intelligence agency even need to rely on the services and tools of such an unquestionably evil company? They couldn't just buy something legit from the Brits or the NSA? Have some standards to at least match the holier-than-thou attitudes of your MEPs.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Jan 2020 @ 6:13pm

      Re:

      LEOs do this thing all the time even among themselves. (See TV version: "You compromised our x year / x month investigation!") It's so secret we are going to leave it to chance that somehow our op won't get trashed by Really Super Obvious Outside Forces (doing the right thing, even doing their job), when a notice in a few choice places could forgo the problem almost entirely. Because where the hell is the fun in that.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Jan 2020 @ 7:34am

    > Gilles de Kerchove, the European Union’s counterterrorism coordinator, says encryption shouldn’t allow criminals to be “less accountable online than in real life.”

    I have no idea what that means.

    It's gibberish. Online is real life these days. I met my wife online; that's about as real as it gets!

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 8 Jan 2020 @ 8:06am

      Re:

      It's actually worse than gibberish, it's dishonest gibberish, as what they effectively want is more 'accountability' online than off.

      While you can always speak in person or close the curtains to keep your words/actions private offline they are pushing the idea that there should be no private communication possible online, that all communications should be accessible should they desire to listen in.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 10 Jan 2020 @ 7:53am

        Re: Re:

        "While you can always speak in person or close the curtains to keep your words/actions private offline "

        That is not always a given either.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 10 Jan 2020 @ 12:31pm

          Re: Re: Re:

          Yes, they don't have to break a sweat to bug a computer. They don't even have to get out of their $1200.00 office chair. They have to fight traffic and be much more sneaky to bug an office or home!

          reply to this | link to this | view in chronology ]

  • icon
    That One Guy (profile), 8 Jan 2020 @ 8:01am

    By all means keep complaining, the hole won't dig itself

    'We're trying to protect people!'

    'You objected when Facebook tried to protect their users by informing them their accounts might be compromised, just because your target was in the group.'

    If you use the tools of hackers or other malicious people, you don't get to expect to be taken seriously when you complain that you are then treated as a hacker/malicious person.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Jan 2020 @ 8:22am

    Putting citizens at risk results in larger agency budgets to combat that risk. Do you really believe any law enforcement or intelligence agency is going to give up their primary fund raising capabilities?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Jan 2020 @ 8:51am

    Killing targeted malware doesn't mean a suspect gets away. It means you get out from behind your fucking desk and act like the theoretical real cops people have dreamed of for ages. There are some out there you can learn from, if you stop your programs of easy-way-out, treating the public like enemy combatants, abuse, and corruption. (Maybe watch this super-dangerous individual. Get a directional microphone. Bloody hell.)

    reply to this | link to this | view in chronology ]

  • icon
    fairuse (profile), 8 Jan 2020 @ 9:02am

    Manpower Shortage?

    From Deep In The Article:

    “WhatsApp killed the operation,” the official said. The terror suspect is still under traditional surveillance. But human resources are spread thin, the official said, especially around the winter holidays, which in Europe extend into early January and are a time when terrorists have staged attacks on the continent. “He’s not the only suspect we have to follow.”

    The bad guys know everyone is on holiday so what do you think will happen?

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Jan 2020 @ 6:06pm

      Re: Manpower Shortage?

      The Tet Offensive?

      reply to this | link to this | view in chronology ]

    • icon
      Scary Devil Monastery (profile), 9 Jan 2020 @ 7:18am

      Re: Manpower Shortage?

      "The terror suspect is still under traditional surveillance. But human resources are spread thin, the official said, especially around the winter holidays..."

      So let me get this straight. The bloated, overfunded bureaucratic monster which is the EU can retain, full-time, 40,000+ administrator doing nothing but coming up with thick bibles of trade regulations (like the 26,000-word regulations around import/export of duck eggs) but they don't have enough budget to employ a few dozen professional investigators over the holidays?

      And then blame a social platform for being responsible enough to keep active malware from user phones?

      WHEN did "being a cop" become a job exclusively for the dishonest and inept?

      reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    identicon
    R/O/G/SGolem, 8 Jan 2020 @ 9:35am

    I stopped reading here, where we see Martin Bubers “Ich, Du, ” weaponized:

    • suspected terrorist was informed his phone had possibly been infected *

    TD covered the racist gang stalking of (Jewish )Jeffrey Kantor, based upon these same programs, here:

    https://www.techdirt.com/articles/20131210/07555625519/lawsuit-claims-accidental-google-search-led- to-years-government-investigation-harrassment.shtml

    Cyberstalking and harassing a person mercillesly for lashon hara is a crime in all 50 states. So why do you /we not discuss #ADLification and #Israelification of the narratives of culture?

    These tribal-religious narratives negate open discourse by design.

    Allowing Jewish /Israeli/fanatical zionist control of narrative only ensures that tribal -religious bias will control our countries politics and national narrative.

    Not just weaponized, but actually cyberstalking a person mercillesly for lashon hara .

    But not just cyberstalking a person mercillesly for lashon hara , but now, that person being aware of rights, and having a class action worthy consensus that Israeli cyberstalkers can be prosecuted, because they have breached laws of both ethics, and civil conduct.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Jan 2020 @ 3:51pm

      Re:

      R/O/G/SGolem

      I stopped reading here...

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Jan 2020 @ 6:16pm

      Re:

      Òó

      reply to this | link to this | view in chronology ]

    • identicon
      Golems Dilemma, 8 Jan 2020 @ 9:46pm

      Re:

      Golem: Wut does dem wordz mean? I cant read 😭

      The Guy in Black: Shut yer trap! You say and do wut I tell you, got it?

      Golem: POOF

      reply to this | link to this | view in chronology ]

    • icon
      bhull242 (profile), 9 Jan 2020 @ 9:07pm

      Re:

      Once again, that doesn’t actually have to do with this article. For one thing, no one was stalked or harassed for the notification, and there is no evidence to infer any racism/religion-based bias involved in any aspect of this story.

      And again, the ADL and Israel have nothing to do with anything here. To answer this question…

      So why do you /we not discuss #ADLification and #Israelification of the narratives of culture?

      …I am unaware of how that is a crime, or even what the hell that even means.

      I also have no idea what lashon hara means, and it doesn’t sound like the name for a legal principle or concept in the West, so I’m not sure how it relates to US laws. And there is no such thing as a “class action worthy consensus”.

      Really, I have no idea what you’re talking about or how it’s relevant here.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 10 Jan 2020 @ 12:39pm

        Re: Re:

        Why don't you TD students try to understand what he or she is talking about rather than immediately flag comment like your heads are just going to explode? lol

        reply to this | link to this | view in chronology ]

        • icon
          bhull242 (profile), 10 Jan 2020 @ 3:34pm

          Re: Re: Re:

          There were only two parts I didn’t fully understand. The rest I understood perfectly, and it had nothing to do with the article or the thread and was nonsensical. Additionally, this is a known troll, which makes me lean in favor of flagging, but that was just a tiny factor.

          Finally, we aren’t students. This isn’t a school. That mention makes me suspect that you’re just ROGS under a different alias and IP address (which is common for them).

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 10 Jan 2020 @ 8:10pm

            Re: Re: Re: Re:

            Wow, I'm ROGS? Under a diff alias and IP address? No, just making a point about how absolutely pussified flaggers are and how quickly TDers just gang up on certain commentors like a clic in junior high school.

            reply to this | link to this | view in chronology ]

            • icon
              bhull242 (profile), 11 Jan 2020 @ 1:41pm

              Re: Re: Re: Re: Re:

              ROGS has frequently used different IP addresses and aliases, so that is far from conclusive. He’s even admitted that he has. That said, I’m only vaguely suspicious at this point. I’m not quite accusing you yet.

              reply to this | link to this | view in chronology ]

            • icon
              Scary Devil Monastery (profile), 13 Jan 2020 @ 4:18am

              Re: Re: Re: Re: Re:

              "...just making a point about how absolutely pussified flaggers are and how quickly TDers just gang up on certain commentors like a clic in junior high school."

              Someone drops a comment in a thread trying to derail it into one of his usual vast sprawling conspiracy theories and when criticized you spring up instantly in his defense.

              You need to find an audience which isn't quite so used to having a copyright cultist spamming the threads under half a dozen nicks before you can escape being considered a sock puppet given the circumstances.

              It's really very easy. Either use a verified nick to post your commentary and have people adjudge your offer given your actual comment history...
              ...or don't use a nick and let people use your standalone argument to determine the worth of your post.

              In the latter case any two-line entirely subjective put-down with implied ad hom means you are either the original troll or another. In either case you become irrelevant to the thread.

              And of course we who like to frequent these forums gang up on anyone who is clearly trolling. That doesn't make us pissy. It merely makes you worthless.

              reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Coward, 13 Jan 2020 @ 3:03pm

                Re: Re: Re: Re: Re: Re:

                You are one of the pissiest commenters at techdirt. You take three paragraphs to make what could be a one or two line comment. You think your use of the english language is a weapon or a gift, but clearly have too much time on your hand to waste ours. Absolutely, you are one of those in techdirt's clic who think you are so well educated you can't possibly accept some off the cuff comment go without foaming at the mouth and coughing up blood.

                reply to this | link to this | view in chronology ]

                • icon
                  Scary Devil Monastery (profile), 14 Jan 2020 @ 2:23am

                  Re: Re: Re: Re: Re: Re: Re:

                  "You take three paragraphs to make what could be a one or two line comment."

                  This from someone who in the same post where he made that complaint took five densely packed lines of unadulterated ad homs to say what amounts to "I have no arguments other than ad homs".

                  reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Coward, 13 Jan 2020 @ 3:30pm

                Re: Re: Re: Re: Re: Re:

                Fresh out of junior high, I give you scary devil monastery!

                reply to this | link to this | view in chronology ]

                • icon
                  Scary Devil Monastery (profile), 14 Jan 2020 @ 2:29am

                  Re: Re: Re: Re: Re: Re: Re:

                  "Fresh out of junior high, I give you scary devil monastery!"

                  ...says the troll who brings nothing to the table except an antisemitic conspiracy theory based on white supremacy ideology. And who ends up without any other argument than trying to marginalize the ones heckling his "pearls" of wisdom.

                  This isn't Stormfront, bub. This is the place where you just prove, again and again, that the only thing you're here for is to repetitively imply that the jews are behind every evil in past and modern times.

                  I guess that message is why you don't have the stones or ability to make and retain even a throwaway account to post from.

                  reply to this | link to this | view in chronology ]

                  • identicon
                    Anonymous Coward, 14 Jan 2020 @ 1:53pm

                    Re: Re: Re: Re: Re: Re: Re: Re:

                    You are an antisemite and for all I know, you are also a jew coming out of a scary devil monestary! That's ironic? You are actually talking to the wrong troll!

                    reply to this | link to this | view in chronology ]

        • icon
          bhull242 (profile), 10 Jan 2020 @ 3:35pm

          Re: Re: Re:

          Actually, I just checked, and it turns out I didn’t even flag it in the first place. It was already hidden. Whoops! My point still stands, though. I would be justified in flagging that comment even if I didn’t actually do so.

          reply to this | link to this | view in chronology ]

      • icon
        urza9814 (profile), 13 Jan 2020 @ 11:29am

        Re: Re:

        "I also have no idea what lashon hara means, and it doesn’t sound like the name for a legal principle or concept in the West, so I’m not sure how it relates to US laws. And there is no such thing as a “class action worthy consensus”."

        OP's point is that these people are being targeted for mere speech, and truthful speech even, which is not traditionally considered a crime or even evidence of a crime in the west. And therefore stalking/harassing them (by "law enforcement", not by the notification) because of that truthful speech is ALSO a criminal action. If the investigatory actions are kept secret, the targets can't really fight back. But if suddenly a bunch of people are alerted to this kind of unlawful, covert surveillance, they would perhaps have a case for some kind of class action lawsuit.

        I don't know if it's true, but the assertions being made seemed quite clear to me. Try harder next time.

        (I'm assuming the "ADLification"/"Israelification" of culture stuff is about how people are frequently called anti-semetic merely for criticizing the foreign policy of a distant nation's government, and may be an allegation about the intelligence services targeting such people solely due to their speech. I'd like some evidence, but based on my own experience it seems vaguely plausible in a way -- not as some giant conspiracy, but as a natural continuation of general societal trends in terms of whom it is considered acceptable to criticize.)

        reply to this | link to this | view in chronology ]

        • icon
          bhull242 (profile), 13 Jan 2020 @ 7:44pm

          Re: Re: Re:

          Thank you! At least someone is willing to try to explain it. I still don’t understand how the different points are interrelated, and it’d be nice if ROGS could explain it rather than having us guess, but I’ll take what I can get.

          reply to this | link to this | view in chronology ]

  • icon
    fairuse (profile), 8 Jan 2020 @ 10:02am

    The watcher has watchers that have watchers

    Six and a half minute scifi video explains total surveillance.

    https://youtu.be/h_ra8ahZlQg

    funny

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Jan 2020 @ 10:03am

    No one is wondering why a communication app is running a malware sweep?

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Jan 2020 @ 6:20pm

      Re:

      An app? No. But networking companies sometimes care about suspicious and malicious traffic on their networks. Apparently they may even inform users.

      The Whatsapp app didn't and can't do a "malware sweep", so no, i am guessing moat people aren't wondering "why it did".

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 8 Jan 2020 @ 8:50pm

        Re: Re:

        Thank you for awakening my curiosity in this. I had assumed that users of WhatsApp used their cell phone providers' networks to communicate with facebook servers. I wouldn't call facebook a networking company like, say, Verizon or Akamai. Am I mistaken? So, whatever program facebook used to detect malware, it was either on the phones or on their servers. And, isn't WhatsApp encrypted? If so, how is facebook even able to inspect anything on their servers? I'm confused!

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 10 Jan 2020 @ 12:43pm

          Re: Re: Re:

          It may have been the terrorist suspect that warned whatsapp who then warned fb who then warned Zuck who pulled the plug before thinking it through..

          reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 8 Jan 2020 @ 10:15am

    Perhaps they left hand should have a conversation with the right hand.
    They are screaming 'privacy privacy privacy' threatening billions in fines for the slightest slipup, meanwhile the other hand is hacking devices of untold numbers of people destroying their privacy.

    Well you can tell who is a terrorist b/c their avatars all have black hats on them so this should be easy. (They are this stupid)

    Something scary they are trying to ignore, journalists, activists, government officials were also being spied on. Perhaps there needs to be a legal framework to look at who is being spied upon and why. We've seen thousands of examples of 'the good guys' abusing these tools to go after people who made them mad & then complain when their targets are warned.

    Gee if you had a court order (that pesky oversight they dislike so much) you could have kept them from notifying your legit targets. The downside being is many of these investigations are based more on the religion or ethnicity than any actual criminal intent. We have to keep it secret or they bad guys will win!!!

    Perhaps its time to ask why behaving like the 'bad guys' based on nothing more than hunches is acceptable. These tools can/will/are being abused against innocent people as well as bad guys, how can this be acceptable in "free" countries where they hold up all of these rights they have, and sue others for not living up to the law, but their own people can do whatever without oversight or control?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Jan 2020 @ 10:57am

    Wait...so 1400 phones were infected with malware by an "advanced cyber actor" to investigate one suspected terrorist? Why did they infect the other 1399 people?

    This just screams the malware was randomly installed on whatever device they could infect, and managed to stumble across a possible terror plot afterwards.

    Cue the Inspector Clouseau music.

    reply to this | link to this | view in chronology ]

    • icon
      Scary Devil Monastery (profile), 9 Jan 2020 @ 7:23am

      Re:

      "Cue the Inspector Clouseau music."

      Clouseau needed to be in the actual vicinity of the people he inadvertently harmed through his hamfisted shenanigans. He's got nothing on the inept spongiform manning the EU's excuse for law enforcement.

      In a sane world there would be 1399 court cases against the police coming from the non-suspects who got casually trawled into this monumental phishing expedition.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 10 Jan 2020 @ 8:19pm

      Re:

      Isn't Malware illegal?

      reply to this | link to this | view in chronology ]

      • icon
        bhull242 (profile), 11 Jan 2020 @ 1:45pm

        Re: Re:

        Generally, as far as I know, yes it is, with some caveats. For example, infecting your own machine with malware without distributing it I believe is legal.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 12 Jan 2020 @ 7:14am

          Re: Re: Re:

          But, is it not a fact that you only own the hardware, not the software? So infecting the OS would violate EULA?

          reply to this | link to this | view in chronology ]

          • icon
            Scary Devil Monastery (profile), 13 Jan 2020 @ 4:21am

            Re: Re: Re: Re:

            "But, is it not a fact that you only own the hardware, not the software? So infecting the OS would violate EULA?"

            I think a case can be made for fair use. But that depends on jurisdiction.

            There's a reason Linux gets security-checked by thousands of independents but windows rarely gets the once-over by anyone but microsoft (and the NSA trying to come up with new exploits).

            reply to this | link to this | view in chronology ]

  • icon
    ECA (profile), 8 Jan 2020 @ 12:03pm

    Love our country.

    As many dont get the idea of Laws, dont Stretch over there..
    Which generally means that, If they cant do it here, we get another group over there(where it is legal, Not illegal to do to another nation)
    Corps do it.
    Our gov. does it also.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Jan 2020 @ 1:46pm

    ... encryption shouldn’t allow criminals to be “less accountable online than in real life.”

    Of course not! Everyone who's convicted of a crime in real life ought to have their Minecraft avatar locked in a dungeon for the same period of time.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Jan 2020 @ 11:27am

    Europe’s finest

    “elite surveillance team”

    BWAHAHAHAHA

    It’s nice to see Those laid off AT&T tech support Employees found work.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Jan 2020 @ 2:30pm

    "Gilles de Kerchove, the European Union’s counterterrorism coordinator, says encryption shouldn’t allow criminals to be “less accountable online than in real life.”"

    Holy shit, is the EU now seriously saying every conversation we ever have can be recorded so as to be accessible by cops if they ever want to look into us?

    Or is this idiotic bluster?

    reply to this | link to this | view in chronology ]

  • identicon
    Federico, 18 Jan 2020 @ 1:31pm

    Not the EU proper

    There's nothing unusual in the apparent contradiction here: privacy is pushed by the EU parliament and (when it succeeds) the EU institutions including the European Commission.

    Governments (of the member states) and their police do not like privacy, for obvious reasons, therefore all efforts towards privacy are resisted by all the governmental and intergovernmental structures. This "counter-terrorism coordinator" is just one of many intergovernmental creations, as can be seen by the fact that it's under the European Council and was created just by proclamation of the European Council, not by some legal act of the Council of the EU, probably to avoid having to respect the EU treaties.
    https://www.consilium.europa.eu/en/policies/fight-against-terrorism/counter-terrorism-coor dinator/

    Simple isn't it?

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.