WEBVTT 00:00:00.000 --> 00:00:05.120 JACK: So, I was looking through Wikileaks the other day as one does, right, and I came across 00:00:05.120 --> 00:00:10.480 something that I found rather fascinating. There’s a thing that the CIA developed called Weeping 00:00:10.480 --> 00:00:16.320 Angel. [MUSIC] So, if you have a Samsung smart TV, there’s a really odd feature in it; it’s called 00:00:16.320 --> 00:00:24.960 Fake Off. When the TV is on, you can push Mute, 182, then Power, and the TV appears to turn off, 00:00:24.960 --> 00:00:29.320 but it doesn’t. Now, these smart TVs often have a microphone built in so you can give them voice 00:00:29.320 --> 00:00:36.360 commands, and when the TV is off, the mic isn’t listening. But when the TV is in Fake Off, the mic 00:00:36.360 --> 00:00:42.840 is still active. So, what the CIA did was they developed some kind of spyware for the Samsung 00:00:42.840 --> 00:00:49.000 smart TV, where it would record the audio from the mic and store it on the TV. So, I imagine a 00:00:49.000 --> 00:00:54.440 scenario is that a CIA agent would want to plant a listening device in someone’s bedroom and goes in, 00:00:54.440 --> 00:01:00.000 but then sees — oh, they’ve got a Samsung smart TV, which is already a listening device. No need 00:01:00.000 --> 00:01:05.440 to leave behind a bug that might get discovered. Let’s just live off the land, as they say. So, 00:01:05.440 --> 00:01:13.480 the CIA agent uploads the spyware onto the TV and then puts the TV in Fake Off mode and leaves. The 00:01:13.480 --> 00:01:19.720 TV sits there, recording all the audio in the room, but appears to be off. Then the CIA agent 00:01:19.720 --> 00:01:23.960 can remotely connect back to the TV and get the audio files or come back into the room later and 00:01:23.960 --> 00:01:35.017 retrieve them off the TV. It’s wild what spy gear is developed by the federal authorities, isn’t it? 00:01:35.017 --> 00:01:37.320 (INTRO): [INTRO MUSIC] These are true stories from the dark side of 00:01:37.320 --> 00:02:00.980 the internet. I’m Jack Rhysider. This is Darknet Diaries. [INTRO MUSIC ENDS] 00:02:00.980 --> 00:02:04.700 JACK: Why don’t you start by telling us your name and what do you do? 00:02:04.700 --> 00:02:09.320 JOSEPH: My name is Joseph Cox. I’m the author of Dark Wire, 00:02:09.320 --> 00:02:14.320 and I’m also a co-founder and journalist at 404 Media. 00:02:14.320 --> 00:02:15.780 JACK: What’s 404 doing? 00:02:15.780 --> 00:02:23.760 JOSEPH: So, 404 is a group of four of us; myself, Jason Kebler, Emanuel Maiberg, and Samantha Cole, 00:02:23.760 --> 00:02:30.520 and we are all former staff members at Vice’s Motherboard, the technology site. Unfortunately, 00:02:30.520 --> 00:02:37.240 Vice made some very poor managerial decisions from the executives and that company is now bankrupt. 00:02:37.240 --> 00:02:43.600 But we left to make our own company where we want to continue doing tech investigations. We want to 00:02:43.600 --> 00:02:50.480 continue telling stories, and how about we do it in a way where we own the company so we can not 00:02:50.480 --> 00:02:55.760 only make journalistic decisions and editorial ones, but we can make business ones as well in 00:02:55.760 --> 00:03:00.920 the hope that we can just keep on doing what we love doing, which is unearthing stories, 00:03:00.920 --> 00:03:04.060 verifying information, and publishing stuff that’s in the public interest. 00:03:04.060 --> 00:03:08.040 JACK: Well, you’ve created quite a name for yourself over the years. I always see your 00:03:08.040 --> 00:03:14.320 name popping up in other books. Like, an article by Joseph Cox said this, or another story here 00:03:14.320 --> 00:03:19.320 is quoting you in different things. So, just really well done on your journalism. With this 00:03:19.320 --> 00:03:24.360 latest project you’re working on, Dark Wire — so, I started reading this Dark Wire and I 00:03:24.360 --> 00:03:31.060 was just like, oh my god, this is amazing, and I was hoping we could talk about it. 00:03:31.060 --> 00:03:38.400 JOSEPH: Yeah, of course. I mean, I have been working on this book for three, maybe four years 00:03:38.400 --> 00:03:45.880 at this point, speaking to essentially every sort of person involved whether that’s law enforcement, 00:03:45.880 --> 00:03:51.640 that’s also a lot of very dangerous people, but I don’t think I’ve ever been more obsessed 00:03:51.640 --> 00:03:55.540 with a story. I mean, I’m sure of — I’ve never been more obsessed with a story than this one. 00:03:55.540 --> 00:03:59.880 JACK: Okay, so, this is an incredibly nuanced story which is going to fill your 00:03:59.880 --> 00:04:04.000 head with a lot of questions. I know it did that to me. But let’s first start with some 00:04:04.000 --> 00:04:10.520 context. I am not a criminal, but I make a lot of effort to be private and secure, 00:04:10.520 --> 00:04:15.280 and the first time I made an effort to have a privacy phone was after I read an article by 00:04:15.280 --> 00:04:20.640 Joseph. He was using an iPod Touch and did all his phone calls over Wifi. The main advantage 00:04:20.640 --> 00:04:25.200 here is that there’s no SIM card in an iPod Touch. It basically has all the features of an iPhone, 00:04:25.200 --> 00:04:31.160 just no SIM card. So, that means nobody can SIM-swap you. But also, SIM cards are notorious 00:04:31.160 --> 00:04:36.200 for beaconing out to cell towers and giving fairly accurate location data to cell phone providers, 00:04:36.200 --> 00:04:40.680 and that’s even if your phone is always using a VPN, because SIM cards communicate with cell 00:04:40.680 --> 00:04:45.240 towers using baseband technology, which operates completely outside of VPNs. So, 00:04:45.240 --> 00:04:50.200 this iPod Touch was the main phone that Joseph was using to keep private. 00:04:50.200 --> 00:04:54.100 JOSEPH: That’s been my life for years at this point. 00:04:54.100 --> 00:04:57.540 JACK: Yeah. You use that as a secure phone, right? 00:04:57.540 --> 00:05:01.960 JOSEPH: Yes. For years I used an iPod Touch. It’s a secure device. Now I’ve moved onto an 00:05:01.960 --> 00:05:05.880 iPad Mini because the iPod’s no longer supported, unfortunately. 00:05:05.880 --> 00:05:11.320 JACK: When Apple stopped supporting the iPod Touch, I switched over to GrapheneOS, 00:05:11.320 --> 00:05:16.040 which is a fork of Android. It’s an open-source project but with a lot more privacy features 00:05:16.040 --> 00:05:21.440 added in. Unlike Android, they don’t send everything I do back to Google. 00:05:21.440 --> 00:05:25.440 My messaging app of choice is Signal, which I can also make phone calls with because Signal 00:05:25.440 --> 00:05:29.920 is end-to-end encrypted, which means the people at Signal can’t see my messages; 00:05:29.920 --> 00:05:34.600 only the receiver of who I’m chatting with can. I do so much more to remain private 00:05:34.600 --> 00:05:40.840 online. So you can see Joseph and I, we take our mobile privacy very seriously, and we want the 00:05:40.840 --> 00:05:49.784 best there is. Then one day, Joseph heard about this new privacy phone called Anom. 00:05:49.784 --> 00:05:55.600 JOSEPH: [MUSIC] So, I call it an ecrypted phone, which is simultaneously a helpful term 00:05:55.600 --> 00:06:00.760 but then also not very helpful at all. We don’t really have the terminology for it. But yes, 00:06:00.760 --> 00:06:06.760 it’s a combination of things. It had a secure communications app that allows you to send 00:06:06.760 --> 00:06:12.840 end-to-end encrypted messages to one another with photos and voice memos and all of that, 00:06:12.840 --> 00:06:17.920 very much like a Signal or a modern WhatsApp or a Threema or whatever, 00:06:17.920 --> 00:06:27.493 right? It also was a custom phone operating system. It is based on — Android, somewhat, 00:06:27.493 --> 00:06:32.440 is actually a fork of GrapheneOS, the privacy-focused operating system. Apparently 00:06:32.440 --> 00:06:38.560 Anom had also removed all GPS functionality so that there would be no way for law enforcement 00:06:38.560 --> 00:06:43.900 or Google or sort of third-party apps to track the location of those devices. 00:06:43.900 --> 00:06:49.880 JACK: I think the features of Anom are amazing. I mean, it took GrapheneOS, 00:06:49.880 --> 00:06:55.520 the phone operating system I already use which is considered great already for privacy, and it made 00:06:55.520 --> 00:07:01.520 it even more locked down? What? The features just kept going. For instance, Anom had its own little 00:07:01.520 --> 00:07:06.600 end-to-end encryption chat app built in, but it was in a secret spot. The thing is there were all 00:07:06.600 --> 00:07:11.120 these dummy apps on the phone. Like, if you look at the phone, it has Tinder on there and Candy 00:07:11.120 --> 00:07:16.320 Crush. They look like normal apps, but they’re just decoys. They didn’t really work. Another app 00:07:16.320 --> 00:07:20.520 you’d see on the home screen was a calculator app which worked just fine like a regular calculator, 00:07:20.520 --> 00:07:26.080 except if you were to open the calculator app and punch in a certain code, [MUSIC] that’s when it 00:07:26.080 --> 00:07:32.220 would open up the secret Anom chat messaging app. It was hidden beneath a few layers of obfuscation. 00:07:32.220 --> 00:07:37.000 JOSEPH: Which, hey, that’s pretty good if you’re having a private conversation and, 00:07:37.000 --> 00:07:41.560 I don’t know, an abusive partner snatches your phone, trying to rummage through your messages, 00:07:41.560 --> 00:07:46.240 or if you’re a criminal a police officer does it or a border official or something like that. So, 00:07:46.240 --> 00:07:52.200 there’s that. There’s also voice-scrambling. So, you know how on Signal you can send a 00:07:52.200 --> 00:07:55.920 voice note for one another and that’s very popular on other messaging apps; 00:07:55.920 --> 00:08:01.400 on Anom, you could do — one way would add either a high-pitched distortion or a low, 00:08:01.400 --> 00:08:06.740 deep distortion to it as well, and that would mask what your real voice sounded like. 00:08:06.740 --> 00:08:10.800 JACK: Who is the brain child behind Anom? Who created this thing? 00:08:10.800 --> 00:08:16.640 JOSEPH: So, Anom was created by someone called Afgoo. I have to be a little bit careful about 00:08:16.640 --> 00:08:22.360 what I say about them for reasons that we’ll get into, but they are, from what I’ve learned, 00:08:22.360 --> 00:08:30.080 a pretty sort of nerdy tech expert for the criminal underground. They were connected to 00:08:30.080 --> 00:08:39.040 a very well-known criminal called Hakan Ayik, who at one point was Australia’s most-wanted man. This 00:08:39.040 --> 00:08:47.280 Afgoo character sells or did sell phones in this space before eventually deciding, well, 00:08:47.280 --> 00:08:53.120 I’m gonna go make my own. Like, rather than working underneath other sellers and other 00:08:53.120 --> 00:08:58.600 encrypted phone companies, I’m gonna create my own tech startup for the criminal underground. 00:08:58.600 --> 00:09:04.760 JACK: For the criminal underground? Wait a minute. What? All the features of this phone, 00:09:04.760 --> 00:09:10.920 they’re all fine. None of them are illegal. But if you’re specifically making a phone for criminals, 00:09:10.920 --> 00:09:15.560 knowingly and purposely helping criminals conduct their crimes, 00:09:15.560 --> 00:09:19.160 now suddenly what Afgoo was doing was illegal. 00:09:19.160 --> 00:09:24.360 JOSEPH: Yes, legally it’s very, very messy because it’s not illegal, generally speaking, to sell or 00:09:24.360 --> 00:09:29.000 use an encrypted messaging app, which is a good thing, to be clear. That should not be illegal. 00:09:29.000 --> 00:09:36.160 But a lot of these companies in the, I would say, shadier part of the encryption industry, 00:09:36.160 --> 00:09:41.560 the thing that differentiates them is that they deliberately facilitate crime, as in it’s not 00:09:41.560 --> 00:09:46.480 like Signal whose users will of course include criminals, or even Apple iMessage or something, 00:09:46.480 --> 00:09:53.160 just because they’re very popular. One of the taglines was — I think it was ‘designed for 00:09:53.160 --> 00:10:00.120 criminals by criminals’, which is just asking for trouble, really. But Anom had all of those 00:10:00.120 --> 00:10:04.920 sorts of bells and whistles you would expect; wiping the phone, all of that sort of thing, 00:10:04.920 --> 00:10:10.840 and it really positioned itself as sort of the Rolls-Royce of the encrypted phone 00:10:10.840 --> 00:10:17.800 industry. If you wanted a super-secure device from a company that didn’t care if you were a 00:10:17.800 --> 00:10:21.720 criminal — if anything, it likes the fact that you’re a criminal — you could turn to Anom. 00:10:21.720 --> 00:10:26.920 JACK: So, I learned from the book that this is quite a lucrative underground criminal 00:10:26.920 --> 00:10:31.720 industry. Anom was not the only one here, and you gotta read the book about what happened to 00:10:31.720 --> 00:10:36.800 all the other encrypted phone companies. Each of the competitors have just as wild and crazy 00:10:36.800 --> 00:10:40.720 a story of what was going on with Anom, and Joseph does a great job of giving you 00:10:40.720 --> 00:10:46.520 a tour of this whole criminal encrypted phone industry. But it bugs me because like I said, 00:10:46.520 --> 00:10:51.360 I’m not a criminal, but I love having a highly-secure phone with the best privacy 00:10:51.360 --> 00:10:57.960 you can get. So, it’s a weird line for me that this is even a criminal industry. 00:10:57.960 --> 00:11:01.600 It’s kind of like if someone started a hammer company selling hammers, 00:11:01.600 --> 00:11:05.800 but it was just selling hammers to criminals to kill people with, 00:11:05.800 --> 00:11:10.720 and it had features on it like ‘non-slip handle for when blood gets on it’ or ‘blunt 00:11:10.720 --> 00:11:15.320 side for smashing skulls and a fork side for stabbing through stomaches’. Really, 00:11:15.320 --> 00:11:19.760 it’s just a hammer that’s no different than any other hammer, but it has the sole intention of 00:11:19.760 --> 00:11:26.320 being for criminals to cause pain and injury, and the company works exclusively with criminals to 00:11:26.320 --> 00:11:32.680 find ways to improve it. Why? Why not just make a great hammer that the whole world can use? Why 00:11:32.680 --> 00:11:38.720 make these secure phones for criminals? Privacy and security is important to the whole world, 00:11:38.720 --> 00:11:45.440 not just criminals. Anyway, so, Anom was this really sleek, super-private phone that 00:11:45.440 --> 00:11:51.080 you could buy and have ultra-secure chats with others, and it was purpose-made for criminals. 00:11:51.080 --> 00:11:57.200 JOSEPH: That is basically what Anom was pitching itself as to its customers and 00:11:57.200 --> 00:12:03.760 even to its sellers. It was saying your messages will be end-to-end encrypted. We can’t see what’s 00:12:03.760 --> 00:12:08.720 going on. We won’t turn over data to law enforcement. Our servers are outside the 00:12:08.720 --> 00:12:16.520 reach of the Five Eyes, all of the normal sort of marketing and privacy benefits you would expect, 00:12:16.520 --> 00:12:22.880 except, of course, that wasn’t true. Anom was doing something else in the background. 00:12:22.880 --> 00:12:25.464 JACK: So, what were they doing? 00:12:25.464 --> 00:12:31.760 JOSEPH: [MUSIC] So, it’s very, very interesting on the technical level, and what it is is that 00:12:31.760 --> 00:12:39.160 Anom basically created a ghost contact that was added to every conversation, 00:12:39.160 --> 00:12:46.560 and it received a blind carbon copy, a BCC, of every message sent across the platform. So, 00:12:46.560 --> 00:12:54.000 when Criminal A was talking to Criminal B about a cocaine shipment, that was secretly being sent 00:12:54.000 --> 00:13:02.720 off to Anom, and the users were none the wiser. It was like having a spy in everybody’s pocket, 00:13:02.720 --> 00:13:05.860 in their back pocket, looking over their shoulder. They could just see into everything. 00:13:05.860 --> 00:13:09.760 JACK: So, while it’s true it was end-to-end encrypted, 00:13:09.760 --> 00:13:13.340 it was also end-to-end encrypted directly to Anom servers. 00:13:13.340 --> 00:13:20.180 JOSEPH: Yes. It’s almost — is end-to-end-to-end encrypted. There’s another ‘end’ in there. 00:13:20.180 --> 00:13:26.400 JACK: So, this story just took a ninety-degree turn. The phone was not actually as private 00:13:26.400 --> 00:13:32.680 as it was advertising itself to be. But hold on tight, because we’re taking another ninety-degree 00:13:32.680 --> 00:13:39.160 turn right now. You gotta ask yourself, why was Anom wanting copies of every message? No, 00:13:39.160 --> 00:13:45.720 I don’t think Anom or Afgoo cared about looking at people’s chats. However, Afgoo knew the value of 00:13:45.720 --> 00:13:54.160 these messages and decided to make a very odd deal to let someone see those chats. I’m not sure how 00:13:54.160 --> 00:14:00.160 all the logic went down here. We really don’t know how this deal was made, but my best guess is since 00:14:00.160 --> 00:14:05.760 Afgoo wasn’t a stranger to being a criminal himself and he may have thought this whole 00:14:05.760 --> 00:14:11.240 encrypted phone business was actually illegal and could go very wrong for him at some point and he 00:14:11.240 --> 00:14:17.520 needed a plan — I really don’t know. I want to think he was a brilliant businessperson that just 00:14:17.520 --> 00:14:25.320 played everyone perfectly, but Afgoo’s lawyer advised him to make a deal with the FBI and let 00:14:25.320 --> 00:14:32.880 them see the encrypted chats. This way, the FBI would appreciate Afgoo and not try to arrest him. 00:14:32.880 --> 00:14:38.520 JOSEPH: So, why not — Afgoo’s lawyer tells the authorities — would you want to use Anom 00:14:38.520 --> 00:14:47.640 in your investigations in exchange for leniency if Afgoo ever faces charges, 00:14:47.640 --> 00:14:53.840 right? It became the ultimate bargaining chip, essentially. 00:14:53.840 --> 00:15:04.160 JACK: Okay, so, that’s quite a leap. It takes me a beat to just kind of be like, 00:15:04.160 --> 00:15:09.180 okay, that’s how the new thing’s going, right? It’s a jump. 00:15:09.180 --> 00:15:13.600 JOSEPH: Yeah, and this is very quickly done in the book, 00:15:13.600 --> 00:15:18.040 and that’s not because I’m sort of glazing over it. It’s because it just happened really, 00:15:18.040 --> 00:15:22.400 really quickly, and that’s just the series of events that happened. Now, 00:15:22.400 --> 00:15:27.240 I don’t know whether that was always the plan or something like that, or was it maybe always in 00:15:27.240 --> 00:15:33.400 the back of Afgoo’s mind? I don’t know that. But very, very quickly, Anom was put on the 00:15:33.400 --> 00:15:41.000 table to the FBI back in around 2018, I think is when these conversations were happening. 00:15:41.000 --> 00:15:44.340 JACK: The FBI and the Australian Federal Police. 00:15:44.340 --> 00:15:47.960 JOSEPH: Yes, and the Australian Federal Police, for — who for years, 00:15:47.960 --> 00:15:55.400 they’ve been really stymied by encrypted phones, probably even more than the FBI. In Australia, 00:15:55.400 --> 00:16:00.960 these sorts of phones are incredibly common among organized crime groups. You’ll have 00:16:00.960 --> 00:16:06.320 the Italian mafia over there in Australia, them using it, you’ll also have the biker gangs like 00:16:06.320 --> 00:16:14.080 the Comancheros and the Hell’s Angels. They all use these sorts of phones, and for years, 00:16:14.080 --> 00:16:21.320 if not more than a decade at this point, the AFP in particular has been running into these phones 00:16:21.320 --> 00:16:29.920 again and again and again. So, the idea of a backdoor in an encrypted phone is incredibly 00:16:29.920 --> 00:16:35.440 attractive to them. I mean, what I’ve been told is that when the AFP agents were told about 00:16:35.440 --> 00:16:41.066 this possibility and the plan to go ahead, they looked like they were kids on Christmas morning. 00:16:41.066 --> 00:16:47.720 JACK: [MUSIC] So, a deal was made. The FBI and AFP, Australian Federal Police, got access to 00:16:47.720 --> 00:16:56.240 all the encrypted messages going across Anom. This is where I start to have a million questions. Who 00:16:56.240 --> 00:17:02.920 the hell is this Afgoo person? An undercover cop acting like a fellow criminal but really working 00:17:02.920 --> 00:17:08.760 with the feds? What kind of criminal makes deals with the feds like this? If this gets discovered, 00:17:08.760 --> 00:17:15.160 his whole business is ruined. Or is Afgoo a brilliant businessperson cashing in on both 00:17:15.160 --> 00:17:21.120 sides of the fence, making money off criminals and federal police at the same time? Maybe he’s 00:17:21.120 --> 00:17:28.120 playing some 4D chess, trying to be a few moves ahead of everyone. There’s a lot of unanswered 00:17:28.120 --> 00:17:32.360 questions here, but the AFP were the first to get access to this, and they were looking through the 00:17:32.360 --> 00:17:39.480 logs and were like, uh, there’s nothing here, because Anom was just a startup company and 00:17:39.480 --> 00:17:43.400 didn’t have any users yet. With the product all ready and the infrastructure in place, 00:17:43.400 --> 00:17:48.240 it was time to start marketing the thing. The next plan was figure out how to get these Anom 00:17:48.240 --> 00:17:54.320 phones in the hands of criminals, specifically criminals, and I guess now I’m starting to see 00:17:54.320 --> 00:17:59.680 why this phone was purpose-made for criminals; so the FBI and AFP could see what everyone was doing. 00:17:59.680 --> 00:18:07.080 JOSEPH: So, it starts when Afgoo, the creator of Anom, offers the phones to a particular 00:18:07.080 --> 00:18:16.200 phone-seller/drug-trafficker in Australia. His name is Domenico Catanzariti, and he used to 00:18:16.200 --> 00:18:22.080 sell Phantom Secure phones, one of those earlier companies, and when that company was shut down, 00:18:22.080 --> 00:18:27.360 he obviously doesn’t really have any phones to sell. Well, lo and behold, here comes Afgoo 00:18:27.360 --> 00:18:32.160 with what looks like it’s gonna be the hottest new phone on the market. [MUSIC] So, they — he 00:18:32.160 --> 00:18:39.240 provides some of those phones to Catanzariti and just starts using them and just starts talking 00:18:39.240 --> 00:18:43.080 about them and spreading them around. I think initially the phones were actually just given 00:18:43.080 --> 00:18:49.200 for free to Catanzariti. It’s almost like a sort of uber technique, Silicon Valley growth 00:18:49.200 --> 00:18:54.720 technique. I don’t know; just get it out there for free and we’ll figure out the laws, we’ll 00:18:54.720 --> 00:19:00.120 figure out the market later, but we just want to get devices into people’s hands, basically. 00:19:00.120 --> 00:19:05.680 JACK: Early users were liking these phones. Word was getting out about them and more orders 00:19:05.680 --> 00:19:11.860 were being made. Chat messages started to show up, and the AFP could see what was happening. 00:19:11.860 --> 00:19:16.880 JOSEPH: At least for the Australians, the AFP, it was relatively real time, 00:19:16.880 --> 00:19:23.320 instantaneous. They could see that, oh, the Comancheros are talking about beating up this 00:19:23.320 --> 00:19:31.120 guy. Oh, this biker gang is talking about doing a weapons drop-off of high-calibre assault rifles at 00:19:31.120 --> 00:19:37.920 this time and this location. It was really like peeling back the curtain on these conversations. 00:19:37.920 --> 00:19:42.560 JACK: Was AFP actually arresting people or were they just watching, 00:19:42.560 --> 00:19:44.400 trying to figure out what to do at this point? 00:19:44.400 --> 00:19:50.480 JOSEPH: At the start, the AFP, as far as I know, was simply collecting the intelligence. 00:19:50.480 --> 00:19:56.440 There is this massive trade-off constantly throughout this entire story which is that, 00:19:56.440 --> 00:20:00.920 okay, you have a backdoor into a phone, but how do you act on that, do you act on it, 00:20:00.920 --> 00:20:05.560 and when do you act on the information? Because if you go too loud too quickly, you’re going — it’s 00:20:05.560 --> 00:20:10.960 going to because obvious to the criminals that something bad is going on, at least for them. 00:20:10.960 --> 00:20:16.720 JACK: Yeah, yeah. I found this tension while reading the book quite interesting, 00:20:16.720 --> 00:20:22.960 of, oh my gosh, there’s some crime going on here. We can see it happening. What do we 00:20:22.960 --> 00:20:29.920 do? Do we bust in? ‘Cause you have to have some sort of good reason how you knew that 00:20:29.920 --> 00:20:36.440 was happening, and if it was, well, we’ve got access to your chats and your phone, 00:20:36.440 --> 00:20:41.320 then that’s gonna just ruin the whole company. So, they really have to be very careful, 00:20:41.320 --> 00:20:45.760 and I’m surprised there wasn’t just some AFP officer like, oh, I’m not gonna be careful; 00:20:45.760 --> 00:20:52.660 I’m gonna go stop this drug deal, and just not understand the intricacies of it. 00:20:52.660 --> 00:20:58.760 JOSEPH: Yeah. It got to the point where the people I’ve spoken to, the law enforcement 00:20:58.760 --> 00:21:05.560 officials around the world, they had to do stuff like basically lie. They had to make up a story 00:21:05.560 --> 00:21:10.880 where it’s like, okay, we are finally going to strike on this drug lab or this drug warehouse 00:21:10.880 --> 00:21:16.440 or whatever because it’s so large and we have to act, but we’re going to write the intelligence in 00:21:16.440 --> 00:21:21.111 such a way that it looks like it’s coming from an informant or a source. There’s gonna be no mention 00:21:21.111 --> 00:21:28.600 of Anom, no mention of a backdoor, and from a law enforcement perspective, that’s great. Okay, we 00:21:28.600 --> 00:21:35.600 managed to get the drugs and arrest the people or whatever while without revealing the secret about 00:21:35.600 --> 00:21:43.440 Anom. On the flip side, there is a justice issue there. That’s basically parallel construction. 00:21:43.440 --> 00:21:48.520 It’s very complicated. It gets very nuanced. But I do think that civil libertarians would be 00:21:48.520 --> 00:21:53.820 a little bit aghast at sort of the trade-offs that were being made here on a daily basis. 00:21:53.820 --> 00:21:57.301 JACK: I think everyone’s aghast at the whole story. 00:21:57.301 --> 00:21:58.520 JOSEPH: [LAUGHING] Yes, okay. 00:21:58.520 --> 00:22:05.360 JACK: Yeah, because here’s a situation where the federal police are lying on the record about where 00:22:05.360 --> 00:22:10.640 they’re getting their intelligence from. Are the citizens of that country okay with that? Here in 00:22:10.640 --> 00:22:16.240 the US, during court, you’re asked to swear that you’re telling the truth. The cops weren’t telling 00:22:16.240 --> 00:22:20.960 the truth here. Or, I guess not yet telling the truth. We learn later how they did get this 00:22:20.960 --> 00:22:26.720 information, but the evidence in these earlier cases did not mention Anom. But additionally, 00:22:26.720 --> 00:22:32.320 they were working with this criminal, Afgoo, to get these messages. I call him a criminal because 00:22:32.320 --> 00:22:37.480 if someone makes an app exclusively for criminals to conduct crimes with, then historically, 00:22:37.480 --> 00:22:43.200 that’s criminal behavior. So, who’s Afgoo and when did the police start making business deals 00:22:43.200 --> 00:22:49.920 with criminals? Is there proper oversight here? Is this within best practices for the feds? Point to 00:22:49.920 --> 00:22:56.120 the policy that allows this. This just isn’t sitting right with me. You might say to me, 00:22:56.120 --> 00:23:01.160 Jack, the ends justify the means. If all this results in a takedown of a lot of criminals, 00:23:01.160 --> 00:23:05.920 then it’s okay for them to lie and do back-alley deals with criminals. 00:23:05.920 --> 00:23:12.000 Really? [MUSIC] What about Fast and the Furious? This was a real operation done by the ATF, 00:23:12.000 --> 00:23:17.880 Alcohol, Tobacco, and Firearms, where they set up weapons deals with criminals so they could track 00:23:17.880 --> 00:23:22.880 where these weapons are going and ultimately try to arrest a bunch of weapon-sellers. Yeah, well, 00:23:22.880 --> 00:23:28.720 it all went wrong. The ATF made weapons deals but lost track of the guns that were sold. 00:23:28.720 --> 00:23:34.800 They didn’t make significant arrests and basically armed the very criminals they were trying to find 00:23:34.800 --> 00:23:40.520 and arrest. This ultimately resulted in a border patrol agent getting killed, and at the scene of 00:23:40.520 --> 00:23:48.360 the crime was one of the guns the ATF sold to criminals. The ends did not justify the means 00:23:48.360 --> 00:23:55.320 here. The Fast and the Furious operation was a big mishap, and it showed how the ATF was 00:23:55.320 --> 00:24:02.040 operating without proper strategy or oversight or following policies put in place. Wait, 00:24:02.040 --> 00:24:08.610 what is the deal? Did the FBI take ownership of it, or how did they…? Was there a licensing…? 00:24:08.610 --> 00:24:16.280 JOSEPH: Yes, licensing Anom and stuff, it is — so, the deal itself is between Afgoo and 00:24:16.280 --> 00:24:24.560 the US authorities and got paid something like $120,000 and then $60,000 for travel expenses, 00:24:24.560 --> 00:24:32.960 I think it’s how it’s phrased in some of the documents. But Anom basically became an FBI 00:24:32.960 --> 00:24:39.760 tech company. From what I’ve been told from people with direct involvement, the FBI was picking up 00:24:39.760 --> 00:24:45.440 the bill. They were paying for infrastructure, they were paying for hardware, Android hardware 00:24:45.440 --> 00:24:51.400 for the phones — for the app to be flashed on. They were running a tech company, and I think 00:24:51.400 --> 00:24:57.140 that’s just the craziest thing here. Beyond that, they were running a tech company for criminals. 00:24:57.140 --> 00:25:02.640 JACK: Yeah, and it’s fascinating, too, that Afgoo was somehow able to control the company 00:25:02.640 --> 00:25:09.560 in a way that all the developers and suppliers and shippers and every — even the distributors 00:25:09.560 --> 00:25:14.120 had no idea that the FBI or AFP was involved, right, or even that there was a man in the 00:25:14.120 --> 00:25:19.640 middle. What was the thought going on in the developer’s head? Did they know that they were 00:25:19.640 --> 00:25:25.320 building man-in-the-middle encrypted — end-to-end encryption, or what was — what did they think? 00:25:25.320 --> 00:25:30.000 JOSEPH: So, yeah, I’ve spoken to people who actually coded the app and basically made 00:25:30.000 --> 00:25:38.640 the phone, and these were completely ordinary developers. One I spoke to who I call Athit in 00:25:38.640 --> 00:25:44.280 the book — I used a different name just to protect their identity, but they found a freelancing gig 00:25:44.280 --> 00:25:49.800 online about the secure communications app. They get involved and they’re doing normal coding like 00:25:49.800 --> 00:25:55.480 they’ve done a million times before for an Android app, and what they’re told is that we make this 00:25:55.480 --> 00:26:01.000 app and we sell it to businesses. We sell it to corporations to protect their communications, 00:26:01.000 --> 00:26:07.800 and as part of that, companies like to be able to audit their messages, and that’s 00:26:07.800 --> 00:26:11.640 very common in banking, very common in finance, all of that sort of thing, for legal reasons. 00:26:11.640 --> 00:26:15.640 JACK: Yeah, I found that part to be interesting. I didn’t realize how common that was. So, 00:26:15.640 --> 00:26:22.440 the other day I was looking to see if Google has any sort of end-to-end encryption in their chats, 00:26:22.440 --> 00:26:27.320 and I didn’t think they did, but they’re like, yeah, we do. I was like, well, shoot, 00:26:27.320 --> 00:26:33.760 sign me up. It’s like, well, what we have is for businesses, for enterprise, and the way we have 00:26:33.760 --> 00:26:38.880 it set up is that the admin of the account can see all the messages that your users are 00:26:38.880 --> 00:26:43.960 sending encrypted. I was like, what? Hold on a second. Why would you have a man-in-the-middle 00:26:43.960 --> 00:26:49.760 of an encrypted thing? Then I read your book and I was like, oh, this is more common than I realize, 00:26:49.760 --> 00:26:57.720 where companies do — for instance, I think you mentioned federal agencies have to be able to 00:26:57.720 --> 00:27:02.400 pull up any communications; e-mails, chats, messages and stuff in case there’s indictments 00:27:02.400 --> 00:27:09.400 or subpoenas, what was talked about federally, or even state agencies. At least in the US here, 00:27:09.400 --> 00:27:14.720 this stuff has to be archived. If it’s encrypted, you can’t archive it in a proper way, 00:27:14.720 --> 00:27:20.020 so there is a reason to get in and take a look. I don’t know, this kind of just surprised me. 00:27:20.020 --> 00:27:25.400 JOSEPH: Yeah, I mean, Customs and Border Protection, part of DHS, they use Wickr, 00:27:25.400 --> 00:27:30.040 the encrypted app that many people will be familiar with, but they use an enterprise 00:27:30.040 --> 00:27:36.440 or government version, which, yes, it’s encrypted, but it has that extra archiving 00:27:36.440 --> 00:27:42.600 function. The developers of Anom, that’s what they thought they were building. They thought 00:27:42.600 --> 00:27:48.920 they were building a communications platform for businesses to, yes, talk somewhat securely, 00:27:48.920 --> 00:27:54.240 but have the messages archived so then, for whatever reason, the administrator can go through 00:27:54.240 --> 00:27:58.400 them at a later date. That’s what they thought they were doing. What they weren’t told was 00:27:58.400 --> 00:28:02.680 that the phones were being sold to criminals and the archiving feature is actually for the 00:28:02.680 --> 00:28:08.200 FBI. Afgoo left that bit out when telling the developers about that, and I mean, just very 00:28:08.200 --> 00:28:15.960 briefly on there. Like, the compartmentalization that Afgoo did I think is very interesting, as in, 00:28:15.960 --> 00:28:20.640 there were the people designing the app and they were sort of in their own silo, there were then 00:28:20.640 --> 00:28:26.880 people making the custom fork of GrapheneOS, the Android operating system, and there was those 00:28:26.880 --> 00:28:32.520 people, and then somewhere else there were the criminal re-sellers on the ground. These groups 00:28:32.520 --> 00:28:38.360 never really communicated with one another, and I’m surprised it didn’t leak, to be perfectly 00:28:38.360 --> 00:28:45.740 honest. I’m genuinely surprised, but somehow it managed to stay a secret at least for a long time. 00:28:45.740 --> 00:28:52.600 JACK: Too many secrets; Setec Astronomy. I mean, think about it; the criminals think they’re the 00:28:52.600 --> 00:28:58.120 ones being the most secretive here. They’ve got these super-private Anom phones which you 00:28:58.120 --> 00:29:02.160 need a PIN to unlock and then go through a dummy calculator app to punch in a secret code to get 00:29:02.160 --> 00:29:06.840 into the chat apps that are end-to-end encrypted, right? Then they’re doing things like disguising 00:29:06.840 --> 00:29:11.520 their voice and having disappearing messages and being super secretive about their crimes, 00:29:11.520 --> 00:29:18.040 trusting Anom with all their secrets. Then there’s Afgoo who is secretly scooping up 00:29:18.040 --> 00:29:23.440 all these messages and lying to his developers of who these customers are. Then there’s the FBI and 00:29:23.440 --> 00:29:30.400 AFP who are secretly reading them all and secretly making business deals with Afgoo. I mean, did you 00:29:30.400 --> 00:29:36.640 know that the FBI was operating a tech startup which was a phone purposely built for criminals 00:29:36.640 --> 00:29:45.000 to use to message each other? Secrets were kept from you in this story, too. [MUSIC] Wow. 00:29:45.000 --> 00:29:51.520 Criminals had no idea they were being played, so Anom phones just kept spreading. They ended up 00:29:51.520 --> 00:29:56.220 making their way to some criminals in Europe, and things really started to heat up there. 00:29:56.220 --> 00:30:03.560 JOSEPH: The phones start popping up in Europe, and that’s when broadly the Swedish police get 00:30:03.560 --> 00:30:08.680 involved, and then also the Dutch. They are the two main European agencies that first come 00:30:08.680 --> 00:30:15.000 forward, because that’s simply where the phones are ending up. Obviously the AFP doesn’t really 00:30:15.000 --> 00:30:22.120 have jurisdiction over Sweden or the Netherlands, and the FBI, although they are reading the 00:30:22.120 --> 00:30:28.600 messages by this point, they’re not in English, for a start, and the FBI can’t really go over and 00:30:28.600 --> 00:30:34.000 start arresting people in the Netherlands, and nor should they. So, they decide to share some of the 00:30:34.000 --> 00:30:39.640 intelligence with their Swedish and their Dutch counterparts, and it starts to mirror what’s going 00:30:39.640 --> 00:30:45.280 on in Australia with more intelligence-gathering and the rest here and the rest there. But it’s 00:30:45.280 --> 00:30:50.620 still very much under wraps even though more and more cops are being looped in. 00:30:50.620 --> 00:30:55.800 JACK: Some crazy things started happening with Anom at this point. It takes more and 00:30:55.800 --> 00:31:00.000 more ninety-degree turns. I’m not even going to get into what happened in Europe or South 00:31:00.000 --> 00:31:04.240 America or Turkey. I’ll simply say that there were a few criminals that loved this Anom phone 00:31:04.240 --> 00:31:08.800 so much that they tried to purchase ownership of the company and eventually just started 00:31:08.800 --> 00:31:14.240 calling themselves the CEO of Anom, which when a major underground criminal is saying he’s the 00:31:14.240 --> 00:31:18.960 CEO of Anom, it really legitimizes the phone for other criminals to want to buy it. So, 00:31:18.960 --> 00:31:23.760 the Anom phones were starting to grow wings and take on a life of their own in Europe. 00:31:23.760 --> 00:31:31.000 JOSEPH: At this point I’ve read I think tens if not hundreds of thousands of Anom messages 00:31:31.000 --> 00:31:35.800 and messages from other providers as well, and what emerges through reading those is 00:31:35.800 --> 00:31:41.600 that a lot of people who sell these encrypted phones in a particular market or territory, 00:31:41.600 --> 00:31:46.960 they treat it like having a drug territory, like in the same way that somebody may be 00:31:46.960 --> 00:31:55.720 a — the wholesale distributor for a certain part of Sweden or maybe Antwerp or something 00:31:55.720 --> 00:32:01.600 like that. These phone dealers treat their product in the same sort of way. 00:32:01.600 --> 00:32:06.960 JACK: So, I want to shift gears here to the FBI. So, I got a lot of questions 00:32:06.960 --> 00:32:14.600 about what the FBI’s doing here. First of all, the FBI handles internal threats to 00:32:14.600 --> 00:32:21.120 the United States. They’re not the CIA which is doing international investigations. So, 00:32:21.120 --> 00:32:26.200 I don’t even understand why the FBI would be looking at foreign messages in the first place. 00:32:26.200 --> 00:32:30.520 JOSEPH: Yeah, I think this is something that a lot of people reading the book are 00:32:30.520 --> 00:32:35.720 gonna have an issue with, basically. I think that’s the only way to put it, which is like, 00:32:35.720 --> 00:32:42.080 why is this US law enforcement agency intercepting and reading messages from all over the world? The 00:32:42.080 --> 00:32:47.120 best answer I have is that — well, there’s two. There’s sort of the legal one which is that the 00:32:47.120 --> 00:32:51.360 Fourth Amendment only protects people on American soil, right, where you have to 00:32:51.360 --> 00:32:56.360 get a search-and-seizure warrant to go through communications or a wire-tap order or whatever, 00:32:56.360 --> 00:33:05.240 right? Not to get too technical. The FBI does not need that for overseas, and that’s basically sort 00:33:05.240 --> 00:33:10.440 of the loophole that they use, where they were able to go through all of this data. The second 00:33:10.440 --> 00:33:18.080 one is sort of a — how they see themselves and maybe how they see their ethical obligation as 00:33:18.080 --> 00:33:24.560 well. But the prosecutors I’ve spoken to who are involved in this case, they just simply see this 00:33:24.560 --> 00:33:29.960 as a good thing, and they want to go out and they want to shut down all of these criminal 00:33:29.960 --> 00:33:35.320 gangs. They want to intercept them. I think that there are valid questions about national 00:33:35.320 --> 00:33:40.800 sovereignty and all of that sort of thing, but that is what the FBI set out to do. [MUSIC] They 00:33:40.800 --> 00:33:46.680 set out to wire-tap the world, essentially, and they were very, very successful of it. 00:33:46.680 --> 00:33:52.240 JACK: There’s just so many questions I have. At this point, not many phones were in the US, 00:33:52.240 --> 00:33:56.040 so the FBI couldn’t really look at US citizens’ chats even if they wanted. 00:33:56.040 --> 00:34:01.640 But the FBI was heavily involved with Anom creating this startup, basically; 00:34:01.640 --> 00:34:06.040 funding it, creating the infrastructure, actively monitoring the messages, 00:34:06.040 --> 00:34:12.360 and it just makes me wonder, have they solved all the cases in the US already? Because to 00:34:12.360 --> 00:34:17.400 start a tech company and collecting and analyzing and reporting intelligence so 00:34:17.400 --> 00:34:23.160 that you could give it to other countries, that takes a lot of time and resources. So, 00:34:23.160 --> 00:34:32.440 whose idea was it to divert FBI resources to focus on stopping crimes in Sweden and Australia? 00:34:32.440 --> 00:34:38.840 JOSEPH: I mean, it’s partly they’re doing it because they can. They can monitor these 00:34:38.840 --> 00:34:43.920 communications. They can — yes, they can’t go arrest people themselves, but then they can 00:34:43.920 --> 00:34:51.680 provide that intelligence to foreign partners. I mean, it’s sort of a overused cliche at this 00:34:51.680 --> 00:34:58.440 point, the idea of America being the world police or whatever, but there is — there’s an element of 00:34:58.440 --> 00:35:05.360 that stereotype here, in that the FBI went out and they collect all these messages all around 00:35:05.360 --> 00:35:11.280 the world even though they couldn’t monitor what was going on in America. This is sort of the 00:35:11.280 --> 00:35:16.200 future of policing that we’re in now, and there wasn’t really a debate about it. It was just like, 00:35:16.200 --> 00:35:22.560 one day or several days over the past few years, police have just decided that they’re going to 00:35:22.560 --> 00:35:28.160 hack or otherwise intercept communications all around the world, basically, and 00:35:28.160 --> 00:35:31.920 we didn’t really get a chance to talk about that as a society, about whether that’s something we 00:35:31.920 --> 00:35:37.000 want. Maybe it turns out we do. Like, I don’t know, but we can’t have that conversation unless 00:35:37.000 --> 00:35:40.120 we know what’s going on, and that’s kind of what I was hoping to do with this book. 00:35:40.120 --> 00:35:46.240 JACK: Pause and consider this; the FBI’s fundamental mandate is to protect and 00:35:46.240 --> 00:35:53.120 defend the nation from threats. Defend. However, in this story, they’ve gone on 00:35:53.120 --> 00:36:00.480 the offence in the name of defense. This difference is worth noticing. I mean, 00:36:00.480 --> 00:36:04.520 imagine you’re defending yourself in some legal battle and you’re worried you might lose because 00:36:04.520 --> 00:36:10.320 of some surprise thing the opposition might bring up. So, to defend yourself better, you decide to 00:36:10.320 --> 00:36:14.160 break into the other lawyer’s office and steal all their notes that they have on the case or hack 00:36:14.160 --> 00:36:21.000 into their phones and see their chat messages, all so you can better defend yourself? Well, 00:36:21.000 --> 00:36:29.120 this tactic would be unequivocally unethical, yet the FBI’s strategy here is to penetrate private 00:36:29.120 --> 00:36:35.240 chats in pursuit of criminal activity. It’s crossing that boundary from passive monitoring 00:36:35.240 --> 00:36:40.600 to active intrusion, and I think it’s important to be aware when that boundary gets crossed, 00:36:40.600 --> 00:36:47.560 because we never see them cross it since it’s always done in the shadows. If the FBI were to 00:36:47.560 --> 00:36:53.120 cross that boundary in the physical world, it would be akin to them secretly breaking into 00:36:53.120 --> 00:36:59.320 thousands of homes, rummaging through personal belongings because they’re trying to detect crime. 00:36:59.320 --> 00:37:03.720 This wouldn’t be acceptable, so why then should our digital lives be subject to a 00:37:03.720 --> 00:37:07.920 lower standard of privacy? I guess the FBI uses all kinds of spy gear, though, 00:37:07.920 --> 00:37:12.840 to cross that threshold all the time, like wire-tapping and planting bugs. They’re always 00:37:12.840 --> 00:37:17.680 covertly reaching into someone’s communication and taking it. But I think what’s different about 00:37:17.680 --> 00:37:25.720 this story is the mass-surveillance aspect to it. All messages for all users were being collected 00:37:25.720 --> 00:37:32.120 and stored. Maybe it wasn’t stored in the FBI’s database exactly, but the FBI was funding this 00:37:32.120 --> 00:37:37.440 company who was collecting it all. I remember when the Snowden revelations came out. The 00:37:37.440 --> 00:37:42.600 NSA and GCHQ were trying to collect massive amounts of data flowing over the internet, 00:37:42.600 --> 00:37:47.720 not targeting a specific person, just grabbing everything, which means a lot of non-criminals 00:37:47.720 --> 00:37:54.360 were getting their data analyzed. I wonder, is that offensive as well? It’s mass-spying, 00:37:54.360 --> 00:38:00.320 at least, and I for one don’t approve of governments doing mass-spying on their citizens. 00:38:00.320 --> 00:38:05.860 But this is a crazy ethical dilemma because what if the mass-spying is just on the criminals? 00:38:05.860 --> 00:38:11.960 JOSEPH: I think that’s — it’s something that cryptographers and privacy experts I spoke 00:38:11.960 --> 00:38:18.400 to in the book were worried about, which is that some of them are less worried about the 00:38:18.400 --> 00:38:22.400 specific case of Anom while some are, to be clear, but they’re more worried about, 00:38:22.400 --> 00:38:29.240 well, what happens now? If we have a network that’s 90% criminal and 10% normal users, 00:38:29.240 --> 00:38:35.560 is that a fair target? I don’t know. What happens when it moves to 50/50? There’s a 00:38:35.560 --> 00:38:40.400 really good quote in there from Matthew Green, the cryptologist, and he says that, well, 00:38:40.400 --> 00:38:44.760 maybe 50% of the criminals on this network are doing really, really bad stuff like trafficking 00:38:44.760 --> 00:38:50.640 or whatever, and then 50% are doing, I don’t know, copyright infringement of song lyrics, 00:38:50.640 --> 00:38:55.240 something that I don’t think many people really care about. In the eyes of law enforcement, 00:38:55.240 --> 00:39:00.160 is that a fair target? That’s the discussion we’re not having, and we need to have that 00:39:00.160 --> 00:39:03.880 as quickly as possible because otherwise law enforcements are just gonna go ahead and do it. 00:39:03.880 --> 00:39:07.520 JACK: People sometimes say to me when we’re talking about government surveillance that 00:39:07.520 --> 00:39:12.840 they’ve got nothing to hide and they aren’t worried about it. Well, 00:39:12.840 --> 00:39:18.880 what those people are really saying is that they’re always going to comply with the 00:39:18.880 --> 00:39:27.040 government no matter what. They’re never going to have dissenting views or protest, and honestly, 00:39:27.040 --> 00:39:34.240 I’ve never met anyone who 100% agrees with the government no matter the leadership. It’s 00:39:34.240 --> 00:39:41.320 important that we preserve our freedom to have opposing views without the government watching us, 00:39:41.320 --> 00:39:48.120 because the thing is if we’re being watched, it changes our actions. Gosh, in this story, 00:39:48.120 --> 00:39:53.200 the FBI themselves has stuff to hide, and they can’t spy on people in the US 00:39:53.200 --> 00:39:58.520 without proper warrants and stuff, but they were circumventing this rule by providing 00:39:58.520 --> 00:40:03.260 intelligence to other countries, and then those countries providing intelligence back to the FBI. 00:40:03.260 --> 00:40:07.160 JOSEPH: Yeah, yeah. It’s a worry, and that was a big worry in the Snowden ones, 00:40:07.160 --> 00:40:11.840 and in this case it was like, even though the FBI can look at phones in America, 00:40:11.840 --> 00:40:17.920 the AFP agreed to keep an eye on the ones on American soil for threats to life. On one 00:40:17.920 --> 00:40:22.480 hand you could say that, well, it’s good the AFP were monitoring that so nobody got hurt, 00:40:22.480 --> 00:40:27.320 hopefully. On the other end, well, why didn’t the FBI just get a warrant and do it themselves? Yeah. 00:40:27.320 --> 00:40:31.960 JACK: We’re gonna take a quick ad break, but stay with us because, well, clearly you can 00:40:31.960 --> 00:40:37.680 see there’s a ticking time bomb going on at this point. The Anom phones were getting picked up by 00:40:37.680 --> 00:40:42.000 some criminals in Europe who were taking them to Dubai to try to sell them there. 00:40:42.000 --> 00:40:49.240 JOSEPH: Some of the phones landed in Dubai and part of the UAE. The UAE is very interesting 00:40:49.240 --> 00:40:53.680 because it’s one of the very few places that you’re not allowed to just go around and start 00:40:53.680 --> 00:40:58.440 selling an encrypted phone or an encrypted app. If it is not approved by the government, 00:40:58.440 --> 00:41:05.000 you can get into a lot of trouble, I guess sort of in the same way as the Russian Federation, right? 00:41:05.000 --> 00:41:07.480 JACK: Wait, why is encryption a problem there? 00:41:07.480 --> 00:41:12.480 JOSEPH: It has to be approved by the government. It is basically a combination 00:41:12.480 --> 00:41:17.520 of a censorship and a surveillance sort of posture, whereas if you were selling 00:41:17.520 --> 00:41:23.760 an encrypted app that the local authorities and national authorities do not approve of, 00:41:23.760 --> 00:41:29.440 you’re not allowed to do that. The reason being is that, well, they want to be able to access that, 00:41:29.440 --> 00:41:33.740 and somebody running around selling Anom phones is not going to get on their good side. 00:41:33.740 --> 00:41:39.600 JACK: See? It’s not completely out of the question for your government to ban encryption, 00:41:39.600 --> 00:41:45.360 to force the people of the country to use certain apps so they can see into it. This, 00:41:45.360 --> 00:41:50.640 I think, is a huge violation of our privacy. Luckily in the United States, 00:41:50.640 --> 00:41:55.240 we have the Fourth Amendment of the Constitution, which states — I’ll read 00:41:55.240 --> 00:42:00.400 the whole thing for you. “The right of the people to be secure in their persons, houses, papers, 00:42:00.400 --> 00:42:06.520 and effects against unreasonable searches and seizures shall not be violated, and no warrants 00:42:06.520 --> 00:42:12.280 shall issue but upon probable cause supported by oath or affirmation, and particularly describing 00:42:12.280 --> 00:42:18.960 the place to be searched and the person or things to be seized.” The Fourth Amendment is needed 00:42:18.960 --> 00:42:25.920 to maintain a balance between national security interests and individual rights. It’s a tool to 00:42:25.920 --> 00:42:31.480 make sure that the government actions are subject to oversight and grounded in legitimate need. 00:42:31.480 --> 00:42:37.960 If we eliminate that protection, it creates a really dangerous power dynamic and a slippery 00:42:37.960 --> 00:42:45.000 slope towards a government that could abuse its power with no accountability. If the US government 00:42:45.000 --> 00:42:52.120 did some kind of mass-surveillance and was searching through all that data without a warrant, 00:42:52.120 --> 00:43:00.720 it seems to me it would be in direct violation of the US Constitution, and yet, here’s a situation 00:43:00.720 --> 00:43:08.440 where the FBI was running a tech startup with the entire goal to be snooping on other users’ chats, 00:43:08.440 --> 00:43:14.840 watching every message to see if there was criminal activity. There’s no targeted search 00:43:14.840 --> 00:43:20.320 here. No individual warrants were being made at this point. They were analyzing all the 00:43:20.320 --> 00:43:27.160 chat messages going through Anom. Is this in violation of the Fourth Amendment? I can 00:43:27.160 --> 00:43:34.000 make a case that it was, and the FBI had that in their head, too, so they were trying hard not to 00:43:34.000 --> 00:43:40.800 peek into any American’s messages. [MUSIC] The data was available in Anom’s database, 00:43:40.800 --> 00:43:44.820 but they had to program their system to only show them foreign chats. 00:43:44.820 --> 00:43:49.600 JOSEPH: I mean, I walked through the same rooms that the FBI was reading the Anom 00:43:49.600 --> 00:43:57.400 messages in. I’ve obtained screenshots of what the FBI interface looked like, so I feel like 00:43:57.400 --> 00:44:00.920 I can put myself in the head of some of these FBI agents, ‘cause I’ve also read 00:44:00.920 --> 00:44:08.480 a ton of these messages as well, right? The system itself is called Hola iBot. You log in; 00:44:08.480 --> 00:44:12.880 initially it was just from the San Diego FBI Field Office, but then they made it remote as 00:44:12.880 --> 00:44:17.400 well for the European partners. Also because of COVID, people couldn’t go to the office 00:44:17.400 --> 00:44:24.440 as much. You log in, and there’s sort of a green-and-black interface. You can click on 00:44:24.440 --> 00:44:30.183 an individual Anom user and it will show sort of a constellation of all of their contacts. There 00:44:30.183 --> 00:44:34.400 will be a circle in the middle and there will be another circle with the person they spoke to, 00:44:34.400 --> 00:44:38.760 and then another circle which shows the group chat. You can then zero in on those. 00:44:38.760 --> 00:44:44.800 It’s almost like a Maltego sort of interface. Then once you go to a specific user, you can see 00:44:44.800 --> 00:44:52.000 all of their messages. You can see all of their photos. Rather handily, there was also AI-powered 00:44:52.000 --> 00:44:57.840 summaries of what was being spoken about, powered, at least in some way, by Amazon. The FBI used some 00:44:57.840 --> 00:45:03.160 Amazon capability there. So, you can look on the right-side of the screen and it’s like, 00:45:03.160 --> 00:45:09.240 Jerry is talking about a cocaine deal or whatever it is. Sometimes it’s that blunt, 00:45:09.240 --> 00:45:13.960 which was just always hilarious to me. But when it gets to the point where there are millions 00:45:13.960 --> 00:45:20.920 and then tens of millions of messages, the FBI had to turn to some of these AI capabilities, 00:45:20.920 --> 00:45:25.680 ‘cause otherwise they’re gonna be swimming in data, and by the end, they were absolutely 00:45:25.680 --> 00:45:32.760 swimming in data. There was a real danger that if they did not analyze every single message — well, 00:45:32.760 --> 00:45:37.280 what would happen if the one message about a death threat got through and then somebody died? 00:45:37.280 --> 00:45:43.560 That was a constant threat and it really, really ramped up as Anom became especially more popular. 00:45:43.560 --> 00:45:48.640 JACK: This tool that they were using, was it developed by Anom or developed by FBI? 00:45:48.640 --> 00:45:52.880 JOSEPH: Hola iBot was developed by FBI computer scientists. It 00:45:52.880 --> 00:45:57.780 was made in-house as basically the surveillance interface of Anom. 00:45:57.780 --> 00:46:03.840 JACK: It sounds pretty advanced to be able to have this graphical view 00:46:03.840 --> 00:46:08.920 of who’s connected to who and then also use AI to search for — ‘cause a lot of 00:46:08.920 --> 00:46:13.120 the criminals are using code words for different drug names and all this kind 00:46:13.120 --> 00:46:18.080 of stuff thinking they’re outsmarting the police, but they’re able to find all that. 00:46:18.080 --> 00:46:25.440 JOSEPH: Yeah. If you think about it — imagine a normal wire tap in LA or something and it’s one 00:46:25.440 --> 00:46:29.840 guy talking to another guy on a normal phone, and they’re talking about a drug deal. If you’re the 00:46:29.840 --> 00:46:34.760 FBI or whoever, you have to figure out who these people are, and that might be tricky, 00:46:34.760 --> 00:46:38.920 as you say. Maybe they’re using code names. Maybe they’re using pseudonyms. Then you go 00:46:38.920 --> 00:46:43.080 about and you maybe get phone location data; you figure out who they are or whatever. Now 00:46:43.080 --> 00:46:52.160 imagine doing that for something like 12,000 people in 150 different countries. It’s like, 00:46:52.160 --> 00:46:57.000 I almost can’t picture the task in front of them, and that’s why they had to turn to these pretty 00:46:57.000 --> 00:47:02.280 sophisticated systems for figuring out not just what people are saying, but who the hell 00:47:02.280 --> 00:47:06.720 these people even are. They would do that and they would even put the stereotypical graphs 00:47:06.720 --> 00:47:13.800 on the wall in the FBI with the layouts of the different criminal organizations. In some cases, 00:47:13.800 --> 00:47:19.080 the FBI doesn’t even know who these people are at first. They’re just like, well, we have a 00:47:19.080 --> 00:47:24.200 new crime syndicate on the platform. Let’s start mapping out how they’re related to one another. 00:47:24.200 --> 00:47:29.600 JACK: So, you said we’re looking for that threat to life? Or what was their — what 00:47:29.600 --> 00:47:34.700 was really what they were — like, let’s not let this slip through and really trying to focus on…? 00:47:34.700 --> 00:47:37.720 JOSEPH: Yeah, so, as well as the drug trafficking, 00:47:37.720 --> 00:47:42.520 the main thing that flowed across Anom were what the FBI calls threat to life, 00:47:42.520 --> 00:47:50.320 and this is where a criminal organization or just an individual criminal will want to harm, torture, 00:47:50.320 --> 00:47:59.160 or in many cases kill somebody else. This happened across Anom constantly to the point where one of 00:47:59.160 --> 00:48:05.160 the FBI agents who was reading the Anom messages at first, his task was just to go through every 00:48:05.160 --> 00:48:12.040 single image that was sent across the platform, and often these were weapons or locations or 00:48:12.040 --> 00:48:18.600 targets. The way it was described to me is that it’s trying to figure out a puzzle, basically, 00:48:18.600 --> 00:48:23.920 as quickly as possible. You have to take all these disparate pieces of information, and maybe you 00:48:23.920 --> 00:48:29.880 only have a photo of a weapon, so that indicates there’s probably going to be violence here. Or 00:48:29.880 --> 00:48:34.400 maybe you only have a photo of the location and it’s like, well, something’s gonna happen there, 00:48:34.400 --> 00:48:39.800 and the FBI would have to very, very quickly, as best as they could, figure out this puzzle, 00:48:39.800 --> 00:48:46.920 give information to foreign authorities who could then act on it, and then maybe save people or 00:48:46.920 --> 00:48:53.720 maybe not. I don’t think it was always successful, but they did save lives in the process as well. 00:48:53.720 --> 00:48:58.120 JACK: It’s gotta be really complex, because when you just see two criminals talk to each 00:48:58.120 --> 00:49:03.120 other over messaging, they’re gonna easily say, I’m gonna kill you, man, 00:49:03.120 --> 00:49:07.000 and that doesn’t necessarily mean he’s gonna kill him. But it’s just one of 00:49:07.000 --> 00:49:12.240 these — this is the way our lingo is. Then the opposite is when you’re saying, okay, listen, 00:49:12.240 --> 00:49:21.360 we really need to off this one person, there’s also all kinds of coded messages in there. Just 00:49:21.360 --> 00:49:25.920 be like, alright, minus one this guy. They’re like, minus one? What does minus one mean? Oh, 00:49:25.920 --> 00:49:34.040 it means get him — kill him, right? So, you have to decode this. That must be incredibly difficult. 00:49:34.040 --> 00:49:37.520 JOSEPH: Yeah, there’s a lot of posturing in there through the Anom messages I’ve 00:49:37.520 --> 00:49:41.880 read where there are people doing exactly that. Like, oh, I’m gonna effing kill him or whatever, 00:49:41.880 --> 00:49:46.920 and then you’ll come across messages where they are talking specifically about getting 00:49:46.920 --> 00:49:52.080 a getaway car to drive away from the restaurant after they’ve killed somebody, then they need 00:49:52.080 --> 00:49:57.600 to rent an air B&B to hide the assassin in. When it starts to get specific and granular, 00:49:57.600 --> 00:50:03.320 at least to me, that’s when it’s like, oh, okay, we need to actually take this seriously, 00:50:03.320 --> 00:50:07.340 and that’s what the Swedish authorities did, the Dutch as well, and especially the FBI. 00:50:07.340 --> 00:50:12.400 JACK: Yeah, and it’s also wild because typically what we’re talking when we’re 00:50:12.400 --> 00:50:16.440 looking at the — or, I know when I was reading the book, it seemed like this 00:50:16.440 --> 00:50:22.960 is criminal-on-criminal, gang-on-gang activity, right? So, trying to save the 00:50:22.960 --> 00:50:30.720 life of a criminal is sometimes a strange moral situation you’re dealing with here. 00:50:30.720 --> 00:50:36.040 JOSEPH: Yeah. It puts the FBI in a complicated ethical spot and it puts the agents — the foreign 00:50:36.040 --> 00:50:41.920 agencies in the same spot as well. What started to happen was that the FBI or its partners would 00:50:41.920 --> 00:50:46.800 intercept communications about a threat to life, the authorities would then act on it — they would 00:50:46.800 --> 00:50:51.320 somehow stop the killing and that could be in various ways — but then what would happen would 00:50:51.320 --> 00:50:56.920 be that the criminals would continue talking and they would go, huh, how do the authorities 00:50:56.920 --> 00:51:02.600 know we were going to kill this guy? They wouldn’t assume it was Anom; they would assume there was a 00:51:02.600 --> 00:51:07.720 mole or a rat in their organization, and then they would try to kill that person. So, then the FBI 00:51:07.720 --> 00:51:15.280 has another threat to life, and it almost became this endless cycle or spiral where it just started 00:51:15.280 --> 00:51:21.860 to become exceptionally difficult for the FBI to maintain tempo, is the way they described it. 00:51:21.860 --> 00:51:26.200 JACK: There’s so many ethical and moral dilemmas here. Just imagine 00:51:26.200 --> 00:51:31.040 the AI tool that’s out there scouring messages, looking for threats to life, 00:51:31.040 --> 00:51:35.360 but the tool has to be trained to ignore it if it’s an American. 00:51:35.360 --> 00:51:39.600 JOSEPH: Anom phones, as I found through reporting this book, 00:51:39.600 --> 00:51:45.760 they absolutely landed on American soil. There were Anom phones being used inside the United 00:51:45.760 --> 00:51:52.940 States. There was a plan to start — for the FBI to start reading those messages. 00:51:52.940 --> 00:51:56.640 JACK: But it was very difficult for them to figure out what to do 00:51:56.640 --> 00:51:58.660 with all this information they collected. 00:51:58.660 --> 00:52:05.080 JOSEPH: They are basically stonewalled into being able to look at US communications. 00:52:05.080 --> 00:52:13.080 There just didn’t seem to be the appetite to go after people inside the states even though 00:52:13.080 --> 00:52:18.120 the prosecutors and the agents on the case very, very much wanted to. They were ready 00:52:18.120 --> 00:52:24.760 to do it. They were collaborating with the field office in Los Angeles as well. It was 00:52:24.760 --> 00:52:31.600 just a matter of basically pulling the switch, but higher-ups at the DOJ shut that down, essentially. 00:52:31.600 --> 00:52:37.880 JACK: What do these chats look like? Does the FBI go to Congress or what and say, 00:52:37.880 --> 00:52:43.640 hey, we’ve got this…? Okay, sit down because I’ve got some crazy story to tell you. We’ve 00:52:43.640 --> 00:52:51.013 got this mass-surveillance tool that we somehow bought from some guy…[LAUGHS] 00:52:51.013 --> 00:52:51.027 JOSEPH: Right. 00:52:51.027 --> 00:52:57.040 JACK: …and it’s now — we now have view into the whole criminal world here in the US and — or 00:52:57.040 --> 00:53:02.680 a large — a portion of it. We would like to do a mass-arrest because we 00:53:02.680 --> 00:53:08.360 can see this and — but we don’t have the warrant. We need your help. What 00:53:08.360 --> 00:53:12.100 does that…? Do you have any understanding of what those conversations were like? 00:53:12.100 --> 00:53:19.200 JOSEPH: Yeah. So, what happened when it was first approved for the FBI to gain access to the 00:53:19.200 --> 00:53:25.720 messages in general was that most drug prosecutors in San Diego in the specific meeting I describe, 00:53:25.720 --> 00:53:31.560 they were like, no, this is a ridiculous idea. You can’t do this. Then the most senior official… 00:53:31.560 --> 00:53:31.577 JACK: [CROSSTALK] 00:53:31.577 --> 00:53:31.594 JOSEPH: Go ahead. 00:53:31.594 --> 00:53:35.720 JACK: On top of that they were like, well, don’t even look at the US chats, 00:53:35.720 --> 00:53:40.140 right? Just look the other way because we don’t have approval to even look at it. 00:53:40.140 --> 00:53:43.200 JOSEPH: Yes, exactly. They were like, please don’t look at the US 00:53:43.200 --> 00:53:51.120 messages. We will figure that out later. What happened was was that he prosecutors on that, 00:53:51.120 --> 00:53:56.960 they send their request to a specific part of the DOJ called the Office of Enforcement Operations, 00:53:56.960 --> 00:54:01.320 and they’re the ones who basically approve every wire tap. If you want a wire tap in the US, 00:54:01.320 --> 00:54:08.840 they have to approve it. The prosecutors on the Anom case sent that and OEO just sat on 00:54:08.840 --> 00:54:15.400 it for months and months and months. There was clearly this divide between sort of the cowboys 00:54:15.400 --> 00:54:20.200 on the Anom case and then the scene — the more senior people in the DOJ who were just like, 00:54:20.200 --> 00:54:27.840 we’re absolutely not approving this. Anom obviously grew to a massive size even without 00:54:27.840 --> 00:54:33.840 that, but it could have grown even bigger with potentially even more disastrous consequences. 00:54:33.840 --> 00:54:40.000 JACK: Yeah, but like we’ve been talking, it induces so many ethical dilemmas within law 00:54:40.000 --> 00:54:45.480 enforcement of, well, do we need a wire tap for this and all this kind of stuff. What’s 00:54:45.480 --> 00:54:49.160 allowed and what’s not allowed? Then they’re just like, screw it, we’re gonna just get all 00:54:49.160 --> 00:54:54.040 the data and we’ll figure out what’s allowed later. It seems weird to go that direction. 00:54:54.040 --> 00:55:00.200 JOSEPH: Yeah, I absolutely think there should be a debate around whether secretly running a 00:55:00.200 --> 00:55:03.480 tech company should be allowed. There should be a debate on whether we want to be able to 00:55:03.480 --> 00:55:09.920 hack into entire telecommunications providers. Maybe the end result of that conversation is 00:55:09.920 --> 00:55:15.000 that we as a society are okay with the trade-offs, but I don’t think ordinary 00:55:15.000 --> 00:55:20.840 members of the public, one, first — even know this is basically happening, and second of all, 00:55:20.840 --> 00:55:24.880 aren’t aware of what those trade-offs even are. How can we even have that conversation 00:55:24.880 --> 00:55:28.380 when this is basically done in the shadows and then everybody moves on? 00:55:28.380 --> 00:55:35.840 JACK: Yeah, and I also just realized how, if the FBI is running a tech company that is a 00:55:35.840 --> 00:55:44.200 communication platform which is facilitating the murder and drug deal — are they responsible 00:55:44.200 --> 00:55:48.320 for — well, we’re the ones who made this communication possible. We’re the ones who 00:55:48.320 --> 00:55:55.700 put the phone in your hand to make this even happen. Is there some responsibility there? 00:55:55.700 --> 00:56:02.360 JOSEPH: I mean, there’s no two ways about it; the FBI facilitated crime with the development 00:56:02.360 --> 00:56:09.760 and the ongoing maintenance and the secret running of Anom. The FBI was a tech backbone 00:56:09.760 --> 00:56:15.240 of organized crime. Now, yes, of course they also had the surveillance capability as well, 00:56:15.240 --> 00:56:20.620 but they were selling a product to criminals, and the criminals were making great use of it. 00:56:20.620 --> 00:56:23.600 JACK: It’s like the ends justify the means in some way. 00:56:23.600 --> 00:56:27.320 JOSEPH: I think that is how people who worked in the 00:56:27.320 --> 00:56:33.280 operation would phrase it, and as for the ethical responsibility, from everybody I’ve spoken to, 00:56:33.280 --> 00:56:38.040 they did take the ethical consideration seriously. Like, we’re running this communications platform 00:56:38.040 --> 00:56:45.840 and that’s why, if a murder does flow across the chats, we need to respond to it aggressively and 00:56:45.840 --> 00:56:51.360 quickly. Now, that didn’t always work out, unfortunately, but that was the approach they 00:56:51.360 --> 00:56:56.880 were coming from. By the end of the day, those messages were still on FBI chatter. 00:56:56.880 --> 00:57:02.080 JACK: Gosh, I think about Afgoo again. He was making a phone for criminals, 00:57:02.080 --> 00:57:07.320 right? He was working with criminals, listening to their requests and adding in features like a 00:57:07.320 --> 00:57:14.920 remote-wipe ability. So, because Afgoo was making this for criminals, it meant he was a criminal, 00:57:14.920 --> 00:57:20.240 clearly, right? Yet it was the FBI who was the true owners of this company. So, 00:57:20.240 --> 00:57:26.600 what does that make the FBI if they were making something purposely for criminals to use? 00:57:26.600 --> 00:57:30.360 The implications of this story just keep going and going. I’m telling you, 00:57:30.360 --> 00:57:38.040 I have a million questions. I just love this book. [MUSIC] June 7, 2021… 00:57:38.040 --> 00:57:39.860 JOSEPH: Yes. 00:57:39.860 --> 00:57:41.800 JACK: What happens on this day? 00:57:41.800 --> 00:57:49.280 JOSEPH: Sure. So, the FBI and its foreign partners, they decide on a date, June 7, 00:57:49.280 --> 00:57:55.080 2021. The reason for that is that the country that was sort of part of the technical infrastructure, 00:57:55.080 --> 00:58:01.200 Lithuania, their court order was running out. But basically, Anom was just getting 00:58:01.200 --> 00:58:09.880 too unwieldy. It was starting to get out of the FBI’s control. Sellers were pushing 00:58:09.880 --> 00:58:17.440 into countries as they wished. Every time the FBI asked for more resources to monitor the messages, 00:58:17.440 --> 00:58:22.200 which was eventually like a hundred and thirty FBI agents in total, then more messages came and 00:58:22.200 --> 00:58:28.280 they had to ask for more resources. There had to be an end point, and that was basically the date 00:58:28.280 --> 00:58:35.640 that was picked before it went over the edge. I spoke to multiple law enforcement officials who 00:58:35.640 --> 00:58:43.520 were part of that day, and the pressure and the stress they felt was incredible. The way it was 00:58:43.520 --> 00:58:51.480 set up was that it was almost a global line of dominoes starting in Australia, and they would 00:58:51.480 --> 00:58:57.760 do their arrests first. It would then move over to Europe, and then they would do their arrests, 00:58:57.760 --> 00:59:04.240 and then eventually when people woke up on the West Coast in San Diego, the FBI would 00:59:04.240 --> 00:59:12.600 come forward and they would take credit for running Anom. It was the single largest law 00:59:12.600 --> 00:59:19.360 enforcement action in any one day. Something like 10,000 police officers were involved in 00:59:19.360 --> 00:59:26.560 that one day in this world-spanning, relay race, domino track of activity. 00:59:26.560 --> 00:59:31.280 RANDY: Good morning. I am Randy Grossman. I’m the Acting United States Attorney for 00:59:31.280 --> 00:59:36.080 the Southern District of California. Welcome. Thank you for being here. We’re here today to 00:59:36.080 --> 00:59:40.240 announce the unsealing of a federal indictment by a grand jury in the Southern District of 00:59:40.240 --> 00:59:46.440 California, which charges seventeen foreign nationals in facilitating drug trafficking, 00:59:46.440 --> 00:59:51.920 money laundering, and obstruction of justice. This is part of a worldwide 00:59:51.920 --> 00:59:56.440 law enforcement operation that has resulted in hundreds of arrests 00:59:56.440 --> 01:00:03.160 for drug trafficking, money laundering, firearms violations, and crimes of violence. 01:00:03.160 --> 01:00:09.240 These international arrests and the US charges were possible because of a San Diego-based FBI 01:00:09.240 --> 01:00:16.280 investigation like none other in history. This investigation, called Operation Trojan Shield, 01:00:16.280 --> 01:00:22.280 shined a light into the shadowy industry of hardened encrypted devices. 01:00:22.280 --> 01:00:29.080 For the first time, the FBI developed and operated its own hardened encrypted device company called 01:00:29.080 --> 01:00:36.360 Anom, A-N-O-M. As we allege in our indictment, criminal organizations and the individual 01:00:36.360 --> 01:00:42.160 defendants that we have charged purchased and distributed Anom devices in an effort to secretly 01:00:42.160 --> 01:00:50.400 plan and execute their crimes. In fact, Anom’s distributors, administrators, and agents had so 01:00:50.400 --> 01:00:56.240 much confidency in the secrecy of their devices that they openly marketed them to other potential 01:00:56.240 --> 01:01:04.560 users as designed by criminals for criminals. But the devices were actually operated by the 01:01:04.560 --> 01:01:13.240 FBI. The worldwide implications of this investigation are staggering. In total, 01:01:13.240 --> 01:01:18.440 the criminals sold more than 12,000 Anom encrypted devices and services to more than 01:01:18.440 --> 01:01:23.840 three hundred criminal syndicates operating in over a hundred different countries. This 01:01:23.840 --> 01:01:28.920 was an unprecedented operation in terms of its massive scale, innovative strategy, 01:01:28.920 --> 01:01:34.640 international coordination, and investigative achievement. Operation Trojan Shield has 01:01:34.640 --> 01:01:40.520 shattered any confidence criminals may have through the use of hardened encrypted devices. 01:01:40.520 --> 01:01:44.200 JACK: Shattered any confidence that criminals may have in the use of 01:01:44.200 --> 01:01:51.880 encrypted devices? Hm, I’m not sure this is a good take, because what about me who 01:01:51.880 --> 01:01:57.900 just wants a hardened encrypted device for, you know, privacy and security? 01:01:57.900 --> 01:02:01.960 JOSEPH: Yeah, if you’re an ordinary person and you’re trying to figure out 01:02:01.960 --> 01:02:06.160 whether an app is legitimate or not, it can be really, really hard to tell. Yes, 01:02:06.160 --> 01:02:11.080 you’d look at the owners and all of that sort of thing, and maybe some researchers dig through the 01:02:11.080 --> 01:02:17.200 code or whatever it is, but even beyond that, even beyond looking for specific answers, 01:02:17.200 --> 01:02:21.600 it’s just that we know the FBI is prepared to do it now, which changes the conversation. 01:02:21.600 --> 01:02:25.840 JACK: Someone even asked the FBI at the press briefing about this. 01:02:25.840 --> 01:02:30.100 SPEAKER1: Well, I’m wondering, is this something you can replicate and do again? 01:02:30.100 --> 01:02:38.360 SPEAKER2: So, who knows, right? This will lead all of our criminals guessing of what company 01:02:38.360 --> 01:02:45.280 out there is actually a true secure company and which is run by potentially the government. So, 01:02:45.280 --> 01:02:48.640 we obviously have the technical capability and 01:02:48.640 --> 01:02:53.540 obviously the international partners to work these types of cases in the future. 01:02:53.540 --> 01:02:58.600 JOSEPH: I basically believe the FBI is absolutely exploring more of this. [MUSIC] 01:02:58.600 --> 01:03:03.920 To get some of the information in the book, I snuck into a law-enforcement-only conference 01:03:03.920 --> 01:03:10.000 in Vancouver where two of the agents were talking, and towards the end of that talk, 01:03:10.000 --> 01:03:15.320 one of them said they look forward to what the next version of Operation Trojan Shield, 01:03:15.320 --> 01:03:20.480 which is the Anom operation, looks like. That’s not an agency saying, okay, job well done; 01:03:20.480 --> 01:03:27.400 let’s all go home. That’s an agency looking for an even bigger thing to do next. As well as Anom, 01:03:27.400 --> 01:03:33.200 there was the Sky hack, there was the EncroChat hack as well. Absolutely law 01:03:33.200 --> 01:03:39.120 enforcement are continuing to push down this root. I mean, some of the police 01:03:39.120 --> 01:03:43.660 officers I even spoke to told me that. The Dutch authorities told me we are doing this right now. 01:03:43.660 --> 01:03:47.800 JACK: Dang. See? This is why I love Joseph so much. He’s sneaking into law enforcement 01:03:47.800 --> 01:03:54.640 conferences to get the story. We’ve skipped over so much of the book. I purposely left out some 01:03:54.640 --> 01:03:59.720 of my favorite parts of the book just so you can enjoy it still. This story goes deeper and deeper 01:03:59.720 --> 01:04:15.057 and deeper, and so, you should do yourself a favor and go read Dark Wire by Joseph Cox. 01:04:15.057 --> 01:04:18.440 (OUTRO): [OUTRO MUSIC] A big thank you to Joseph Cox for sharing this story with us. You can find 01:04:18.440 --> 01:04:23.360 a link to his book, Dark Wire, in the show notes. Again, it’s highly recommended. This episode was 01:04:23.360 --> 01:04:29.280 created by me, the bit-bumbler, Jack rhysider. Our editor is the silicon sorcerer, Tristan Ledger. 01:04:29.280 --> 01:04:32.960 Mixing is done by Proximity Sound, and our interim music is done by the mysterious Breakmaster 01:04:32.960 --> 01:04:38.000 Cylinder. One time I went into a client’s data center to do some work on their servers, and I 01:04:38.000 --> 01:04:55.640 found a computer that was so old, it’s IP address was 1. Just the number 1. This is Darknet Diaries.