Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Swedish Police Use WhatsApp For Surveillance Ops, Share Intel With Civilians

Soulskill posted about 7 months ago | from the what-happens-in-CopSpace-stays-in-CopSpace dept.

Communications 37

New submitter TheP4st writes "A group of Swedish police officers thought it would be a good idea to use WhatsApp as a work tool for surveillance operations. The officer that set up their chat group mistyped one of the phone numbers to mistakenly include a civilian IT teacher. Once the teacher informed authorities about the mistake, it took more than 24 hours before he stopped receiving sensitive case information, which included criminal records, passport photos, and communications between surveillance teams tailing suspects. When confronted by Computer Sweden (Google translation of Swedish original), the officer responsible for setting up the group said, 'I know this server is not located in Sweden and that one cannot share every kind of information.' The only mobile chat medium approved for sensitive information is BlackBerry, and this initiative by a small group of officers happened because they do not have access to BlackBerry handsets."

cancel ×

37 comments

Sorry! There are no comments related to the filter you selected.

LOL (1)

Anonymous Coward | about 7 months ago | (#46256373)

The only mobile chat medium approved for sensitive information is BlackBerry, and this initiative by a small group of officers happened because they do not have access to BlackBerry handsets.

This problem could have been solved in two ways: 1. Get Blackberries, 2. Upload sensitive data to a private company in a foreign country. It's shouldn't be this easy to pick the wrong one.

Re:LOL (1)

Anonymous Coward | about 7 months ago | (#46259743)

Aren't those two options pretty much the same thing? Option three: increase police budget to include a system for such communications, and the necessary insurance, supervision and monitoring to not to fuck the project and the operations up. Surely Swedish engineers are capable enough to implement and run such a system.

Re:LOL (1)

gl4ss (559668) | about 7 months ago | (#46260219)

police don't need insurance in nordic countries... they'll just say oops.

(and any damage payments would come from state anyways)

Re:LOL (1)

Kichigai Mentat (588759) | about 7 months ago | (#46267253)

Aren't those two options pretty much the same thing? Option three: increase police budget to include a system for such communications [...]

Nope. BlackBerry Enterprise Server (BES) was developed to do just this job. You spin up a BES instance in your existing IT infrastructure (much like you would set up a Exchange server), and then link your BlackBerry to it. Then basically all communications go through that, rather like a VPN setup. And it's encrypted, too.

Re: LOL (0)

Anonymous Coward | about 7 months ago | (#46274051)

Our how about just the fact that they have a company that is going down in flames as the only legit device. Good on you sir's... good on you. Way to aim to be the biggest possible train wreck possible. Go big or go home... that's what I always say ( no really I do )

SubjectsInCommentsAreStupid (3, Funny)

lesincompetent (2836253) | about 7 months ago | (#46256385)

And this is why i use Telegram.
And why you should, too.
Truly cross-platform (even PC!)

Re:SubjectsInCommentsAreStupid (3, Funny)

lesincompetent (2836253) | about 7 months ago | (#46256401)

No, i did not read the article before commenting. I hereby certify myself a veritable idiot.

Re:SubjectsInCommentsAreStupid (0)

wonkey_monkey (2592601) | about 7 months ago | (#46256487)

Spoilsport!

Oh FFS! (5, Insightful)

Anonymous Coward | about 7 months ago | (#46256429)

A shoddy chat app that is hardly good enough for personal communication is used for sensitive police work? And if they hadn't used that, they would have used fucking Blackberrys, which also store everything on foreign servers? Does the Swedish police not have an IT department which can provide them with secure communication tools?

Re:Oh FFS! (1)

Anonymous Coward | about 7 months ago | (#46256749)

"Blackberrys, which also store everything on foreign servers"

Why do you say Blackberry runs only on "foreign" servers? You can have your own Blackberry server in any country you like. Even your own

Re:Oh FFS! (0)

Anonymous Coward | about 7 months ago | (#46257407)

Yes. They use Oracle. It has gone about as well as you would expect. Seriously (in Swedish, sorry). [nyteknik.se]

Re:Oh FFS! (3, Funny)

rasmusbr (2186518) | about 7 months ago | (#46259061)

Yes. They use Oracle. It has gone about as well as you would expect. Seriously (in Swedish, sorry). [nyteknik.se]

The last comment on that article claims that the Swedish police basically got a new CIO who felt he had to prove his worth by making some sort grand decision. He decided to switch tracks and use Siebel as the basis of their new system.

Sounds plausible enough.

Re:Oh FFS! (1)

stymy (1223496) | about 7 months ago | (#46257599)

BlackBerrys only store stuff in foreign servers by default. You can set up your own servers, with end-to-end encryption from them to the phones, and that's presumably what the Swedish police has done.

Re:Oh FFS! (1)

Kichigai Mentat (588759) | about 7 months ago | (#46267317)

This seems to be the part that everyone is forgetting about why BlackBerries were so popular among IT professionals. You just drop BES into your setup, and now connected BlackBerries can be managed like any other part of the infrastructure. It's encrypted, you control the server and all the data, and you can do all sorts of remote provisioning and security tasks. It's the same reason that many companies still like using Microsoft Exchange: they control the servers, and hence the data.

It's not like Android or iOS where the system has to (and does, on its own) phone home in order to use basic, built-in services. You can't just plunk down your own private Gmail or Siri server inside of your racks.

blackberry (1)

Anonymous Coward | about 7 months ago | (#46256439)

Just got a Z10, I love it! It's OK if you guys hate me though :)

Re:blackberry (3, Funny)

fuzzyfuzzyfungus (1223518) | about 7 months ago | (#46256517)

Just got a Z10, I love it! It's OK if you guys hate me though :)

No, no, I find endangered species from vanishing ecosystems to be quite interesting. Some of them are also cute, tasty, or a source of fascinating new biologically active compounds. Like those wacky Amazonian frogs.

Re:blackberry (2)

cold fjord (826450) | about 7 months ago | (#46258191)

Narrator: The bug-eyed Blackberry has entered the clearing.... by the way its moving it appears to be looking for market share. But wait, what's this? It looks like an iSnakepad has grabbed it in a lightning fast strike! The iSnakepad is wrapping itself around the bug-eyed Blackberry and is starting to squeeze. Sadly now, there can be but one outcome.

Re:blackberry (1)

SpzToid (869795) | about 7 months ago | (#46258873)

Hey folks, you won't believe this but I just shot that entire well-lit video sequence using my Nokia N9, and it looks great! I'd share it with you, except I'm in one of those countries, and you are probably in one of the other ones.

Re:blackberry (1)

Kichigai Mentat (588759) | about 7 months ago | (#46267367)

Why would we hate you? It's the disjointed user interface of BBX that most of us have trouble stomaching. That and the lackluster native app selection. There was a lot I really liked about my old BlackBerry Curve, but RIM did a poor job of attracting third party developers, and made a total hash of the touch interface in the latest OS iteration.

It's very much how I felt about Nokia and Symbian. Great hardware, and the OS wasn't too shabby, but there were a lot of things you just couldn't do on the platform simply because no one was writing the programming to do it. Also the S60 email client was beyond basic.

Common problem. (5, Insightful)

SuricouRaven (1897204) | about 7 months ago | (#46256479)

1. Workplace has confidential information.
2. Workplace puts up elaborate high-security protocols and technology intended to protect that data.
3. Workers find that all this security is getting in the way of actually doing their jobs.
4. Workers ignore protocol and devise their own means of going behind the backs of those dictating security.
5. Embarassing breach occurs.

A common example occurs when IT dictates all passwords must be at least seven characters an include mixed case and punctuation. Faced with difficulty remembering passwords, the staff respond by putting them on post-it notes under their keyboards. Or when getting a new staff member approved for access to the confidential data takes a few days, leading to staff letting temps borrow their credentials so they can get started right away.

Re:Common problem. (5, Insightful)

ottothecow (600101) | about 7 months ago | (#46256581)

Pretty much this.

When an organization sees people doing things like this, they should recognize that they are not providing the right kind of IT services to their employees.

Re:Common problem. (3, Insightful)

ottothecow (600101) | about 7 months ago | (#46256591)

And if the free software (Whatsapp) isn't deemed secure enough...then they need to look into something like Good where they can still keep the communication walled in but let people use things that aren't outdated blackberries.

DO NOT CALL IT FREE (0)

Anonymous Coward | about 7 months ago | (#46260929)

Do not call proprietary (gratis) software as Whatsapp free!
It is not!

Re:Common problem. (0)

Anonymous Coward | about 7 months ago | (#46257481)

Have fun with you non dictated password where people use password, 123456 or the like and your network gets hacked easily.

Re:Common problem. (1)

allypally (2858133) | about 7 months ago | (#46258689)

> all passwords must be at least seven characters an include mixed case and punctuation

People can and will work around any barrier that stops them working, even if they are now working in an unsafe environment.

I worked somewhere once with those rules, plus the password had to be changed monthly, and no reuse of ones you'd used previously.

Pretty much everyone would have a compliant password today that was a slight variant on the unforgettable:

          Feb.2014

Re:Common problem. (1)

ProzacPatient (915544) | about 7 months ago | (#46260427)

A common example occurs when IT dictates all passwords must be at least seven characters an include mixed case and punctuation.

Ha! My IT department where I work (I shall not disclose whom I work for) requires that all passwords have a minimum of 14 characters and the password is required to be changed on a regular interval in a mandatory basis. There is a policy in place against passwords; on post-it notes, in notebooks and so forth so it's really frustrating and really easy to forget if you're not careful.

Re:Common problem. (0)

Anonymous Coward | about 7 months ago | (#46265017)

A place I worked at almost 20 years ago had the IT department generate random passwords monthly and leave them in envelopes on the users desks.

Re: Common problem. (0)

Anonymous Coward | about 7 months ago | (#46261043)

Actually, step 3 would be "some workers don't have access to the approved technology and come up with their own solution".

So... (1)

fuzzyfuzzyfungus (1223518) | about 7 months ago | (#46256509)

On a scale from 'paid vacation' to 'hahaha, paid vacation' do we have any estimates on the penalty for this sort of fantastic adherence to good evidence handling practices and adherence to both the security of an investigation in progress and the rights on anyone who turns out to be investigated but uninvolved?

(Incidentally, who wants to bet that the officers involved may not have adhered to every tedious little 'best practice' in their handling of past cases? Sure is a good thing that they aren't in a position where sloppiness could cause real damage or anything, or I might be concerned.)

Re:So... (0)

Anonymous Coward | about 7 months ago | (#46258185)

I honestly think that the only thing that will happen is that someone will tell them that they shouldn't do that and that will be the end of it.

#1 motive for sadistic 'net trolling is money (-1)

Anonymous Coward | about 7 months ago | (#46256649)

not so much a personality disorder as a spiritual bankruptcy malady http://www.youtube.com/results?search_query=bank+pr+firm+paid+internet+trolls&sm=3

I accidentally a wrong phone number.. (0)

Anonymous Coward | about 7 months ago | (#46256791)

yeah right.

you Fail It... (-1)

Anonymous Coward | about 7 months ago | (#46257223)

Re:you Fail It... (0)

Anonymous Coward | about 7 months ago | (#46267993)

damn it, you know you've been too long on the interwebs when you scroll past a goatse link, and it is marked in the 'visited' color.

But? (0)

Anonymous Coward | about 7 months ago | (#46257423)

Yes, but beta sucks.

Slightly improved translation (0)

Anonymous Coward | about 7 months ago | (#46258329)

The machine translation of the quote in the summary sounds a bit wonky. A better (tone-maintaining) translation is:

"Yes, I know the server isn't in Sweden and it's a medium where you can't just drone on about any old info you have"

BBM is cross platform now. Was there an excuse? (0)

Anonymous Coward | about 7 months ago | (#46260931)

Aren't these officers aware of BlackBerry Messenger being available for iOS and Android devices? Surely they would also be aware of Whats Apps recent public vulnerabilities in the news (I'm sure they consider themselves somewhat tech savvy).

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?