> The DOJ further noted in the memorandum that "to date, neither Australian, Canadian, nor American law enforcement has identified a single non-criminal user of Phantom Secure devices."
In February 2018, after doing a deal in Mexico, Ramos boasted in a text, later submitted to U.S. Federal Court: "We are f--king rich man. I swear to God you better f--king appreciate it. Get the f--king Range Rover brand new. Cuz I just closed a lot of business. This week man. Sinaloa Cartel that's what's up."
...
Ramos later pleaded guilty to one count of racketeering and is serving a nine-year sentence in a U.S. federal prison. As part of his plea, he agreed to forfeit proceeds of crime totalling $80 million US.
It sounds like he knew that he was selling these phones to criminals for the purpose of committing more crime. If he had some plausible deniability he might have been able to avoid charges, but in this case he's basically a co-conspirator. The sale of phones for illegal activities is the racket
You might be interested in this article [1] about the prosecution of an auto installer who specialised in fitting special compartments in cars.
Here's a summary:
The guy thought, much like a shop can sell bongs but only to customers who don't mention weed, he could install hidden compartments so long as his customers didn't mention drugs.
He gets some pretty big hints - like the customers' willingness to pay $5000 per compartment in cash, and unjamming a compartment containing $800,000 in cash.
Then the cops get wind of his business, tap on his phone and pressure him to help them spy on his customers; he refuses, fearing for his family's safety.
Then the cops catch a gang with one of his compartments full of drugs, and in exchange for a reduced sentence, one of them testifies they'd told the installer to make them a compartment for ten kilo bricks of cocaine.
Boom, convicted of conspiracy to traffic drugs. 24 years without parole.
> Then the cops get wind of his business, tap on his phone and pressure him to help them spy on his customers; he refuses, fearing for his family's safety.
That's the problem when working with organized crime. You take a dollar from them, and you and yours are theirs, for life.
And if the cops catch wind of this, they aren't going to do a thing to protect you if you flip.
How do you even know how to avoid that that first dollar? I can imagine a lot of slippery slopes that start without any significant greed or malice.
But moralizing his intent misses the point. Laws and law enforcement is a tax-funded service we pay to protect us from other people that would do us harm. If people understood and believed in that, they would never help someone trying to evade the law. Without that trust, it’s so easy for violent criminals to find unwitting aid from those that are trying to protect themselves (security), or want to be left alone (privacy).
Side note: There are extremely strong laws against refusing business to a customer. You can’t have it both ways.
> How do you even know how to avoid that that first dollar?
It's pretty easy. When you pop a compartment open and $800,000 in cash falls out, you tell the customer that you aren't doing any business with them. Most crooks will take the rejection, because they'd rather do business with someone more enthusiastic.
The big problem is when you get in trouble with the law, because then the law has leverage on you, which makes you a serious liability to your customers.
The descent into criminality by the RCMP chief is shocking.
Obviously, opportunities were there since the article points out poor controls and personnel reviews, but still, being that there are no clear motives established, its hard to fathom a chief going out of his way to make this breach happen for financial gains on the side.
The article remarked that his stint as a mole started 8 years into thr job (2015) - but there is no analysis on whether money mattered a bit more then than it did in 2019.
However, whenever the breach started, I assume it became difficult to unwind without compromising himself in the process.
Deeper analysis of his motives would make for a interesting read.
> It’s still an incomplete picture. Ortis stood at the top of his field, not struggling on the middle rungs. Why risk it all? In his book The Anatomy of a Spy: A History of Espionage and Betrayal, Michael Smith describes four main motivators for going rogue: lust, money, ideology, and revenge. Ortis fits awkwardly into those categories.
This is journalistic negligence. They are obviously referring to MICE or MALICE which are mnemonics for analyzing motives in counterintelligence that stand for "Money, Ideology, Compromise, and Ego" and "Money, Anger, Lust, Ideology, Compromise, and Ego" respectively.
The simplest explanation is "Ego" in this case, which is probably why the article went out of its way to point his self confidence bordering on arrogance, yet replaced it with "revenge" to leave an air of mystery. He likely just enjoyed playing James Bond with all the opsec and secrecy that goes into that. The reasons for betrayal like that are often the most banal.
Why is it hard to imagine? The opportunities are there. You get to know the right people. You are already dealing with risky smart acts that you have to be ok with.
The mass shooter in Canada that happened recently, there are suspicions it was RCMP related too. (and RCMP itself did some weird shit during the shooting, like the cops shooting at firefighters O.o)
An alternative reality where everyone is a highly trained shooter and there are no law enforcement agencies (except those that enforce that everyone carries a gun) is a fun thought experiment.
> Fundamentally, Phantom Secure was a hardware company. It sold modified BlackBerry handsets that had been customized to communicate only with other Phantom Secure devices. On top of that, it ran an email system that routed encrypted messages through Panama and Hong Kong. As a result, conversations were nearly impossible to intercept, and if law enforcement did snag a message, there was no way of decrypting it.
There's free/open "encrypted chat" networks which may be more or less secure than commercial gray-market/criminal products. Is there any free-of-charge and open-source software for running your own infrastructure for messaging, blocking unencrypted communication and Apple/Google "phoning home" (perhaps through an unlocked-bootloader phone running AOSP/LineageOS), blocking data exfiltration through USB MTP/ADB/exploits (and possibly safeguards or automatic wiping upon hardware/RAM/CPU/TPM hijacking), automatic timer/face/accelerometer-based screen locks to prevent a phone from being used for long after being seized, and automatically wiping devices if they don't receive a signed "all clear" message from a server every few days (to guard against putting a phone in a Faraday cage to block out remote-wipe signals)?
Of course this is mostly idle speculation, and I haven't tried implementing any of these ideas, even though I feel they would be useful to many.
Each of these problems is not so difficult to implement with currently available custom roms and scripts.
I believe that using a very popular handheld with a clear rom like Lineage and implementing features like unlock and wipe from freely available open source solutions is much more secure, than trusting a company that only offers such devices, that they have not added a backdoor or a phone home.
The exploration of his motivations could have been deeper. I suspect the basic problem in espionage work is that being interested in it at all is precisely the reason not to hire someone to do it. I'm imagining a trade off where either you take some very earnest people who want to serve their country and then manage the risk of disillusioning them, or you find a cluster of people who really just get off on deception and find a way to somehow exploit them.
> I suspect the basic problem in espionage work is that being interested in it at all is precisely the reason not to hire someone to do it
Interesting way to put it, I hadn't thought about it this way. It sounds analogous to what is argued in "The Rise of the Warrior Cop" (about cop militarization and abuse in the US): that the people more enthusiastic about combat gear and working in a SWAT-like unit are exactly the kind of people who shouldn't be allowed in those units.
"It is a well-known fact that those people who most want to rule people are, ipso facto, those least suited to do it... anyone who is capable of getting themselves made President should on no account be allowed to do the job."
The people working in spy craft must be pretty cynical. I imagine the CIA is more about realpolitik. Doing whatever it takes to keep America ahead. You don't need to have an existential crisis torturing someone when you know that your Chinese counterpart is doing the same.
You only get disillusioned if you believe the facade.
18 comments
[ 2.3 ms ] story [ 46.8 ms ] threadIs this all from selling encryption devices, or was he doing crime on the side?
> The DOJ further noted in the memorandum that "to date, neither Australian, Canadian, nor American law enforcement has identified a single non-criminal user of Phantom Secure devices."
In February 2018, after doing a deal in Mexico, Ramos boasted in a text, later submitted to U.S. Federal Court: "We are f--king rich man. I swear to God you better f--king appreciate it. Get the f--king Range Rover brand new. Cuz I just closed a lot of business. This week man. Sinaloa Cartel that's what's up."
...
Ramos later pleaded guilty to one count of racketeering and is serving a nine-year sentence in a U.S. federal prison. As part of his plea, he agreed to forfeit proceeds of crime totalling $80 million US.
It sounds like he knew that he was selling these phones to criminals for the purpose of committing more crime. If he had some plausible deniability he might have been able to avoid charges, but in this case he's basically a co-conspirator. The sale of phones for illegal activities is the racket
[1] https://www.cbc.ca/news/canada/cameron-ortis-investigation-r...
Here's a summary:
The guy thought, much like a shop can sell bongs but only to customers who don't mention weed, he could install hidden compartments so long as his customers didn't mention drugs.
He gets some pretty big hints - like the customers' willingness to pay $5000 per compartment in cash, and unjamming a compartment containing $800,000 in cash.
Then the cops get wind of his business, tap on his phone and pressure him to help them spy on his customers; he refuses, fearing for his family's safety.
Then the cops catch a gang with one of his compartments full of drugs, and in exchange for a reduced sentence, one of them testifies they'd told the installer to make them a compartment for ten kilo bricks of cocaine.
Boom, convicted of conspiracy to traffic drugs. 24 years without parole.
[1] https://www.wired.com/2013/03/alfred-anaya/
That's the problem when working with organized crime. You take a dollar from them, and you and yours are theirs, for life.
And if the cops catch wind of this, they aren't going to do a thing to protect you if you flip.
But moralizing his intent misses the point. Laws and law enforcement is a tax-funded service we pay to protect us from other people that would do us harm. If people understood and believed in that, they would never help someone trying to evade the law. Without that trust, it’s so easy for violent criminals to find unwitting aid from those that are trying to protect themselves (security), or want to be left alone (privacy).
Side note: There are extremely strong laws against refusing business to a customer. You can’t have it both ways.
It's pretty easy. When you pop a compartment open and $800,000 in cash falls out, you tell the customer that you aren't doing any business with them. Most crooks will take the rejection, because they'd rather do business with someone more enthusiastic.
The big problem is when you get in trouble with the law, because then the law has leverage on you, which makes you a serious liability to your customers.
Obviously, opportunities were there since the article points out poor controls and personnel reviews, but still, being that there are no clear motives established, its hard to fathom a chief going out of his way to make this breach happen for financial gains on the side.
The article remarked that his stint as a mole started 8 years into thr job (2015) - but there is no analysis on whether money mattered a bit more then than it did in 2019. However, whenever the breach started, I assume it became difficult to unwind without compromising himself in the process.
Deeper analysis of his motives would make for a interesting read.
This is journalistic negligence. They are obviously referring to MICE or MALICE which are mnemonics for analyzing motives in counterintelligence that stand for "Money, Ideology, Compromise, and Ego" and "Money, Anger, Lust, Ideology, Compromise, and Ego" respectively.
The simplest explanation is "Ego" in this case, which is probably why the article went out of its way to point his self confidence bordering on arrogance, yet replaced it with "revenge" to leave an air of mystery. He likely just enjoyed playing James Bond with all the opsec and secrecy that goes into that. The reasons for betrayal like that are often the most banal.
The mass shooter in Canada that happened recently, there are suspicions it was RCMP related too. (and RCMP itself did some weird shit during the shooting, like the cops shooting at firefighters O.o)
There's free/open "encrypted chat" networks which may be more or less secure than commercial gray-market/criminal products. Is there any free-of-charge and open-source software for running your own infrastructure for messaging, blocking unencrypted communication and Apple/Google "phoning home" (perhaps through an unlocked-bootloader phone running AOSP/LineageOS), blocking data exfiltration through USB MTP/ADB/exploits (and possibly safeguards or automatic wiping upon hardware/RAM/CPU/TPM hijacking), automatic timer/face/accelerometer-based screen locks to prevent a phone from being used for long after being seized, and automatically wiping devices if they don't receive a signed "all clear" message from a server every few days (to guard against putting a phone in a Faraday cage to block out remote-wipe signals)?
Of course this is mostly idle speculation, and I haven't tried implementing any of these ideas, even though I feel they would be useful to many.
I believe that using a very popular handheld with a clear rom like Lineage and implementing features like unlock and wipe from freely available open source solutions is much more secure, than trusting a company that only offers such devices, that they have not added a backdoor or a phone home.
I can say I harbour no envy for any of them.
Interesting way to put it, I hadn't thought about it this way. It sounds analogous to what is argued in "The Rise of the Warrior Cop" (about cop militarization and abuse in the US): that the people more enthusiastic about combat gear and working in a SWAT-like unit are exactly the kind of people who shouldn't be allowed in those units.
-Douglas Adams