[dankent]

That sounds like it would be a big win for law enforcement. If you can force your opponent to avoid some modern ways to communicate, you can put a big dent in their efficiency.

It's possible that paranoia might lead to criminals avoiding even technology that they could be using safely, further slowing them down.

An old fashioned system also seems like it would require more people, opening up more opportunities for human intelligence operations targeting the network.

[yholio]

Or they could learn to use Signal.

Properly installed (F-Droid) on off-the-shelf phones with fresh prepaid sims and OS updates disabled, it can be considered secure software against all but the most sophisticated adversaries.

Then, simply verify the handshake key for your contacts, and you can be sure there is no man in the middle attack. Rotate phone+sim every 2 months, while keeping the same "outside" number, say, a landline you control.

There are attacks against this too, but they are very noisy (modify all Signal binaries delivered to a certain area) or typically exceed the technical capabilities of run-of-the-mill agencies (exploit an OS zero day).

[monocasa]

The easier way to attack this is by instituting a know your customer law for phone systems including prepaid SIMs, combined with accomplice charges for anyone who's SIM is used in connection with criminal acts.

[VLM]

People are too free with their phones. Just walk into a bar and say you're too drunk to drive and could the bartender call my wife to pick me up? Not knowing its actually picking up $60M worth of coke instead of picking up me.

Or pull off to the side of the road, walk in well dressed, wave a dead iphone in front of them, ask the receptionist "hey my car broke down and my battery is dead, could you call this number and tell them my car broke down?" Or bonus points if the cops arrive because you're blocking traffic, ask the cop to call on their phone.

(edited I got the best idea that most anyone would fall for: Slip a kid $20 to ask an adult to call his mommie because he got lost...)

[vkou]

This is all well and good for communicating a single, pre-planned operation, but you're going to need to communicate a lot more in order to actually do all that pre-planning for it.

[monocasa]

That's a function of there not being penalties. You'd see that change if the laws changed.

[dredmorbius]

Penalties for what exactly, here?

Good Samaritanism?

[monocasa]

The whole thread here is about penalties for assisting criminal enterprises with a SIM tied to your identity.

[yholio]

That doesn't really work in practice. All it does is raise the price of black market sims by a fixed, low dollar amount, that is irrelevant for criminal operations willing to spend thousands of dollars for secure coms.

Think about it: unless you distribute SIMs at the local police station, your last mile enforcement officer is just some guy in a kiosk making minimal wage. Assuming he is motivated by law to do his job right, and photocopy IDs etc., he's still untrained to spot fake ones, unwilling to make a ruckus if the customer face does not really match the ID etc.

All it takes is one rogue distributor or some homeless guy, and you will have thousands of SIMS that can't be traced. Then you have anonymous roaming sims for people willing to pay the data roaming fees.

It's a friction, not a silver bullet.

[notyourday]

> Properly installed (F-Droid) on off-the-shelf phones with fresh prepaid sims and OS updates disabled, it can be considered secure software against all but the most sophisticated adversaries.

IMEI will identify the phone.

Signal does not work well without GCM.

[yholio]

You can easily identify the phone of the target by physical surveillance coupled with Stingray type of cell traps. No need to bother with IMEI, plain cell number which you will then intercept with operator support.

So you will prove the target uses a phone, and that phone connects to Signal servers or some offshore VPN. That's not very useful.

The quest is to access communication contents, or map out a criminal network that can then then lead to identifying other physical locations of terminals and unknown members of the ring.