This Phone Was Designed By The FBI To Catch Criminals - Anom Phone Hands On
This smartphone was marketed as an encrypted secure device that "enforces your right to privacy". As it turns out the phone was developed by the FBI and AFP as a honeypot. Giving them the ability to read every message sent from the device. Among other things.
-------------------------------------Socials------------------------------------
Website: www.hughjeffreys.com
Store: www.hughjeffreys.com/store
Instagram: / hughjeffreys
--------------------------------------Links--------------------------------------
Get parts, tools and repair guides at iFixit:
Shop US: iFixit.com/hughjeffreys
Shop AU: ifix.gd/hughjeffreysau
Tools I Use: www.hughjeffreys.com/tools
Some of the sites referenced in the video:
www.vice.com/en/article/n7b4g...
online.afp.gov.au/ironside
en.wikipedia.org/wiki/ANOM
---------------------------------------------------------------------------------------
(DISCLAIMER: This description contains affiliate links, which means that if you click on one of the product links, l will receive a small commission.)
The FBI should teach a masterclass in degrading public trust.
I would agree, if it didn't work. But unfortunately for some people this was a successful operation. So how is the public harmed? The public should buy phones from trusted manufacturers and just use encrypted messaging if they REALLY want that privacy.
Ironically no one in the US was arrested as part of this sting operation due to established privacy laws. The operation was more successful in Europe and Australia.
@@UhOhUmm What a hilarious response, classic victim blaming. Same vibe as "she shouldnt have been wearing a short skirt".
@@jjpelham7548 i mean you would have to be an idiot to immediately trust a device like this from a company with no history or background. Edit: why did you delete your reply?
@@SatoshiAR didn't delete reply. Yours is gone when I click see all replies aswell so I'd assume a glitch.
This is why you should never trust proprietary software when talking about privacy. This is a golden example made by the FBI themselves
Right, verified Free and Open Source software is what we should look for 👍
Fbi, and Cia, are like rival.. actually more like democrats and Republicans. Then you have companies actually allowed and cooperate with them. At the end, they have you in controlled. They control your life in terms of how much money you can make, or harassing you indirectly
@@saidultima and everyone can find vulnerabilities way faster
@@whannabi Not really. We are yet to see an epidemic of zero day attack on GNU/Linux servers because of vunerability of the OS even if the source code has been always open for everyone. There are many Linux servers that one can take indefinite amount of advantage. It's because there are limited methods one can use to break security, and security experts are usually smarter.
just throw away any computers and use wooden sticks and paper mail
Even if the story wasn’t real, this is still a a masterclass, it makes it impossible for criminals to trust somebody else with the same privacy claims.
most criminals don't trust phones to begin with
"criminals to trust" Are you being serious right now? That is an oxymoron.
as anyone should? the claims are bogus, anyone with 5 minutes to spare on infosec youtube shorts can see how they are impossible
You can trust it if it's open source
Yess😮😮😮😮😮
Good thing the FBI would never make criminals out of ordinary people.....
Hahahahah the fbi dea nsa HMI who all the alphabet agencies are criminals
They hire them
@@METATRON33 They are criminals
@@Daniel-ph7or they hire
@@Daniel-ph7or Me: "I want privacy." You, an Oblivion NPC: "That means you are criminal."
While not for crimes, being able to either switch between work and personal phone on the same device or safely know you’re not being tracked by 100 apps would be pretty cool.
I mean for the most part it's doable
Iirc Huawei phones had this function -- typing a special passcode opens a "second" interface and you could install apps and log in to different accounts.
@@koala2587 but it's a Huawei tho
@@whannabi true dat loll but I'm just saying the feature is actually pretty doable, at least on Android
my xiaomi has this thing where i can do a gesture to open a "hidden apps" folder & each of those apps has a special passcode
This is why you can never really trust any "privacy" software if it isn't open source. Only open source allows you, the user, to ensure there is nothing sketchy going on.
Mega proved this wrong years ago. closed source and very much honor privacy that's why it was shut down because they did not share anything about anyone using it.
@@notlNSIGHT a filesharing service, notorious for its use by bad actors
@@MartinBarker its the exception not the rule. And you are still better off just using local disk, or running your own nextcloud instance
Unless, there's a hidden closed source within the open source.
@@paimonbutter they're talking about megashare, i dont know if mega is related to it, it might. But its irrelevant anyways because its not the same not sharing how your back end works than not showing who are the users and what they're sharing. You can have an open source software that doesnt share user data like signal and you can have close source software that shares your data like... any major app basically
I wonder what the legality of something like this is. If this ever got sold to and tracked someone without a warrant, I feel like this would be a massive invasion of privacy and overreach by the government, and end up in a lawsuit that could easily work its way to the Supreme Court.
Oh youre so naive
welcome to the 21st century
They did... just keep watching I'm about to put my foot into someone's ass for exactly that
the legality of it is that the government can do whatever the fuck they want lol
@@user-ep3bb9fk6n welcome to *America
I wonder if this system breached any open-source licenses, since it contained what appeared to be builds of open-source software but was apparently closed-source.
you answered yourself there
The fact the display open-source licenses button doesn't work is also going to breach nearly all open-source licenses.
Yes it has
LineageOS (if it is based on that) is under the Apache license (non-copyleft), so in this case I believe there's no violation with not distributing source code
@@jonathanberkeley4109 lol nevermind
If you think iOS is restrictive or locked down enough, ArcaneOS makes iOS feel like Android in comparison
Apple is taking notes don't worry
Haha. It's funny because it's TRUE! 👍😆
I have both ios and Android and ios isn't that restrictive these days. You can even run Linux apps on it through ish
@@jjcoolaus sideloading is the biggest thing for me. IOS makes it much harder to do anything of that sort. That and proper customization
does it make Android look like Windows?
I'd love a system like this with two pins on a phone - it seems a lot faster than different user accounts. kind of a shame the only option is a honeypot lmao
most phone have a parallel space option (at least my mi11 has it and my mate 20 pro had it too)
I know Xiaomi flagships have this sort of feature where you open a different space depending on what finger you use to unlock the phone
@@defnotatroll that's so cool! I had no idea
most xiaomi phone have dual space like this
Yup, you can assign different passwords to each space
First glance: ah yes, the google logo.. I trust my privacy is safe with this device
😮😮😮😮😮😮
Point of the story: NEVER use phones while committing crimes.
not phones with any identity ties, that is
Omg 😮😮😮😮😮😮
I did a unit in Cyber Security last year at uni and got an answer wrong on a quiz about which is the more secure option. Open or closed source software? The teacher said I was wrong in saying open source software is better for security and privacy. (As long as its kept up-to-date) He argued if the code was hidden people couldn't find vulnerabilities... Thought that was one of the biggest points to open source software. Especially allowing people to see if there is any backdoors. There is advantages to both but still I would of liked to show him this one to emphasise my point.
Your professor is a typical old timer brainwashed by Microsoft propaganda of the early 2K. No self-respecting security researcher believes in security through obscurity anymore.
I think open-source can be more secure, but with a caveat that that is only true provided people vetting the changes to the particular piece of software actually fully understand the code being altered or added. There have been quite a few times where researchers have added "malicious" code to projects to show the pitfalls of the vetting process. Despite that, it's still better than security-by-obscurity, which is basically what your teacher is referring to. It's definitely considered a bad practice. There will always be someone capable of reverse engineering the software and finding holes, even without the source code.
You didn't get the answer wrong, he did. Intelligence agencies and security companies love to use open source software as it's verifiable by people all over the world, not to mention it's not tied down by the same restrictions as closed source software. Keeping your source private, for basic systems like a kernel, just means only your team is putting time into verifying it. Security by obscurity is no security at all.
Open source is ABSOLUTELY more secure than closed source software. Your teacher is definitely wrong and obviously biased. Claiming "if the code is hidden people can't find vulnerabilities" is total BS and proven so by the fact people find vulnerabilities in closed source software all the time!
i agree but only when it comes to more popular projects. The smaller the community gets the less advantages open source software has
Imagine being a regular person just spending more money for privacy then having all your messages read by authorities 🗿
It wasn't for regular people though. It was marketed to criminals, mostly on darknet sites.
@@Decommissioned pretty sure i saw ads and/or reviews for arcaneOS here on youtube
What? No if you want privacy you are clearly a criminal.🙄
@@slyguythreeonetwonine3172 I'm assuming this is either bait or sarcasm. However the fact that a sizeable amount of the population really thinks like this makes me unreasonably angry and i truly hope for an uprising one day.
@@ric84 What
Someone, somewhere, must still have one of these with the calculator in installed which could be dumped from the memory chip and reverse engineered. For bonus points, use Ghidra which the NSA released publicly.
Wowwwww😮😮😮
i like how he gets straight to the point. +1 sub.
I remember seeing these phones at launch. Marketing them as super secure and privacy focused. I almost picked one up. I remember reading an XDA thread stating something about how odd it was when they got a copy of it.
damn that's scary you almost PAYED for that
Wow wtf
@@uncrustable9923 and the worst part is that no serious criminal would use a closed source "privacy" OS because that's literally an oxymoron. Calyx or Graphene on a newish pixel is super easy to do. They shipped 11,000 phones and only caught 300 people, and how many of those do you think were harmless neighborhood pot dealers? The next time somebody tries to argue with me that Australia isn't a police state, I will send them this video.
@@tissuepaper9962 facts, although he usually ships his devices from the us to au so I'm not sure if they were doing this in Australia
@@tissuepaper9962 what do you mean? They only built cases against people with significant evidence who’d incriminated themselves with crimes not just pertaining to drug dealing. All because they thought they were smart by buying a special phone to do illegal activities. No backyard drug dealer is gonna drop $2000 on a phone that no customers own. They have a Snapchat and iMessage and understand that those services are 128-bit SSL encrypted. The only people who were buying these phones were doing so because they believed that what they were doing was so incriminating that they became paranoid of the services they were using and were willing to fork over a fortune for some unique service. And if you’re trying to make the argument regular people bought it because only 300/11000 were charged, well that’s because not everyone incriminated themselves. There were stupid teenagers who were dumb enough to incriminate themselves but most were smart enough to still be careful with their wording so a case couldn’t be built against them. Also this is the best example of Australia being a police state? People voluntarily overlooking red flags and purchasing a product to incriminate themselves? That’s worse than America and the NSA using Google services to track users who were not warned beforehand and had no red flags to indicate that they were being tracked? If anything America is a far more targeted, efficient and powerful police state than Australia could ever dream to be and unlike Australia they get to excuse it by saying they’re “preventing terrorism” . A get out of jail free card Australia doesn’t have. At the end of the day Australia found a cheeky solution to a problem and you’re upset because you didn’t think they had the smarts to do it.
The reason most apps and functions like sending messages, call out and saving contacts don't work is because all that data is saved in cloud, albeit FBI's cloud. Since that cloud server is down, none of the apps can save that data and thus crash at any command. I guess the Clock app is the only one that doesn't need its data stored.
you'd be wrong the clock app is the most used feature every action is coreleated to the allmighty time stamp and it's the single largest factor in making sense of the noise. without the time stamp your gps data would be jumbled your call logs wouldn't make any sense. Not a single app can be trusted especially the tik tok of the all mighty clock
it's a decoy mode, more likely the apps are just shells designed to be as small as possible
This makes allot more sense, seeing as no authority who poked around that non-functional "decoy mode" for more than 2 seconds would buy it.
@@BokBarber Unless they were trained to know what it meant. It could very easily have been an intentional dog whistle.
God please stop using the word cloud to refer to a server.
This is the only kind of phone you can buy when you're in hell.
Teamwork makes the dream work. Nuff said.
FYI: ArcaneOS was the old name for Project Arcana, a pretty popular, feature-rich custom rom. It's literally just that, with some apps removed and a custom calc.
Wowwww😮😮😮😮
I think this is just proof that if you want something truly secure, it has to be open source and transparent to the user. i mean, hell, companies even decline alerting their customers when they've been hacked just because they'd look bad
Little do they know that doing so only makes them look worse.
@@rollerskdude well... not if no one ever finds out. but yeah, absolutely terrible, but unfortunately I think a lot of users are sheltered even when the news breaks that their favourite big corp has been up to fuckery. partially, they get a little blind to faults, and the big corps themselves are the ones distributing and controlling news and media, being a big corp also makes you seem a little infallible and you sort of set the rules of what is justified or moral and people just go with it. which is fucked by the way
Sadly there are basically no phones that are. Even the most libre of phones usually have a proprietary modem, and these modems are fully capable of interacting with the SIM card, and receiving/sending SMS (a lot of weird carrier behavior uses this functionality.) I remember reading a really interesting piece on this but can't for the life of me find it now. SIM cards can even run embedded Java apps using the Java Card target, which I find terrifying.
NordVPN moment.
This is flawed thinking. Open source CAN lead to the best possible security and privacy, but it's not a guarantee. The user is the most unimportant part of the equation, because the user is always the weakest link. User also doesn't have to source code on their device. The most likely scenario to succeed is a small piece of software used by small group of users for a niche use case. Or a widely adopted software with thousands of security researchers poking at it. I would favor the first one and it doesn't have to be open source.
Thanks man I was gonna buy one of these for all my crimes, good to know I shouldn't.
God help us
Fun fact, the author of that same article contacted the FBI about the phone being watched. Little did he know.
😮😮😮😮😮😮
Using the pin code to switch users is super neat. Would legit want this as a feature!
Would be great for a parent with kids.
The android OS actually has an "Accounts" feature which allows this.
@@SSFallingTTBhow do you?
@@lowelldiggs Android actually allows you to set up multiple users account on a single device.
@@tymmbearded544 how do you?
I’m impressed by how in depth u went in exploring every nook and cranny in the phone’s OS and trying to find a crack in the system, this is quality content
How about opening it up and JTAG it
LOL. "every nook and cranny" would have been taking the board out and bench hacking it. He just clicked on all the buttons and reported if they worked or not.
@@gastonbell108 it's interesting to see different channels gain attention of tards that just can't think for themselves. But at least there is no cock sucking pose on the thumbnail.
@@gastonbell108 bro took it too literally 💀
@@BoiLeek well since you literally said "every nook and cranny" how else was he supposed to take it? Because that shit wasn't even close to being done "half-assed" let alone being a thorough exploration of the phones capabilities. So basically...you said something stupid, somebody told you it was stupid, and instead of admitting it was stupid, you tried to make them look stupid, which only made you look more stupid than you already were. Yeah, that seems about right.
It wasn't only the FBI that worked on this though. Europol and the Australian Federal Police were also involved (and others). Thus why there were arrests made in Europe and Australia. The FBI didn't do it behind the other countries' backs.
Hellooooo😮😮😮😮😮😮
Honestly, this is why open source is so important... Closed source means you don't know what it's doing, and can't find out (at least not easily). Edit: Damn, not going to lie, the "decoy pin code" is actually a cool idea for a normal phone. :P Get your files / apps, etc., complete setup hidden for a "work mode" or something like that, simply swapped based on the pin code entered.
It was based on open source software. How did that make it safer?
Xiaomi phones have a "dual space" where you can set it up as a second phone and you allocate how much storage you want for it. It's pretty neat
most android oses/stock android supports multiple users and a "work mode" that's enabled by companies if you connect their email to your phone. there's also apps that simplify that process (like Shelter) and do just that.
@@WorksOnMyComputerdoesn't matter what it's based on, if it's not open source, its not open source
Bless you 🙏🏼
The whole interface screams "trap." Just as a privacy enthusiast, I would want a "decoy" mode and a "secret" mode. The "decoy" mode should let you show government agents that you have "nothing to hide" and should function like people expect a phone to function. The apps should work. And a regular government agent should not have any reason to believe there is anything else under the hood. The "secret" mode should also be fully functional. It should just store, encrypt, and possibly transmit encrypted things you don't want prying eyes to see. Maybe the sting operation provided apparent functionality. But otherwise, I don't see how they got their targets to use this.
i'm guessing no one was using this phone for anything outside of the texting app. it basically worked as a burner phone. But you have a very good point about the decoy mode being suspicious as hell.
Don't even have to look at the phone. If you're buying a prebuilt you should only go from a reputable brand or source. Some new gimmick device appearing out of thin air already gives that away. GMSK has been making actual security phones for decades now and no reason to defer from that.
@@kishascape It really is hard to be sure. A "reputable source" may be quietly giving the government all your data anyway. Anything people are a little _too_ confident about makes me leery.
@@kishascape how do we know GMSK haven't defected and started feeding the government your data? How do we know that feds haven't already installed a backdoor on their devices? They've already done it with Apple
Yeah I'm not sure if I'm missing something in this video but I feel like the kind of person who would buy a phone like this would figure out it was bugged in about 30 seconds at most
Use EDL mode to install custom firmware. EDL mode or Emergency Download mode is a mode that gives you full access to EVERYTHING (and i dont think they can remove edl mode because its a snapdragon feature.) You might need to open up the phone and short a test point to ground though or get an EDL cable, but i don't think that will be a problem for you :)
I'm not sure about the Pixel's secure boot mechanism... but if its bootloader is currently expecting some specifically signed image then you won't be able to replace it with another one, even when you pull the chip out and reflash it
@@pierreuntel1970 I suppose that makes sense. I think it might be possible to unlock the bootloader in EDL.
@@pierreuntel1970 EDL mode is a feature of the SoC, and should allow the secure bootloader to be replaced. I'm really curious to know if Hugh can pull this off.
@@ickipoo don't you know even the bootloader is signed? there are fuses in the CPU for the factory to burn the first signature of the chain-of-trust, you can't just replace the bootloader without it's being properly signed, the CPU will refuse to continue
@owo グーチmoshi :) 9:26 it says in the bootloader: "Device state: locked" so no the bootloader isn't unlocked.
I do cyber security, and i can confirm that there is nothing on earth that is "Secure" when it comes to anything that has a relation with a SERVER.
You do cyber security when you're not being a Russian EDM superstar?
@@gastonbell108 Music is fun, but building a business and a social media platform has more purpose. thanks for the compliment tho, I will one day go full on making it big in Russia
There is one particular brand that is deeply hated by the American government for not allowing them to spy so easily.
what about when you delete your account. e.g twitter account. the company is forced to delete database data after a specific amount of time? @@KnellAnwyll
My Huawei Black Shark 5 has the option for Dual Apps & Dual Locks. I have two different profiles I can sign into with two different pins at the lock screen. They can also be accessed with different Fingerprints as well.
I can't exactly pinpoint *all* the exact reasons (which there are a lot of) but this seems both highly unethical and also possibly extremely illegal but I mean hey as long as it's the FBI doing it right?
ikr? For non-criminals this is disgusting. Also, phones get shipped out to overseas, so FBI still keeps an eye on other nationals?!? It makes me hate FBI and the US gov in general.
@@notyourbusiness1352 What's absolutely hilarious to me among all this is that from what I can tell, criminally charged or not, you get like absolutely completely scammed like that is about $2000 down the shitter for a phone that is essentially a brick hahaha! The final 'update' should have literally just been the phone booting to an ASCII image of a middle finger with the text "Get fucked" underneath
who's gonna investigate the fbi? the fbi? lol
Its just like how the government is the biggest distributor and hoster of CP but as long as they're doing it its okay.
nukes and chemical weapons and the kkk are also illegal, so what? thats what usa is founded on!
I mean....unironically the decoy and regular pin is a very good idea and would be great for casual use for business uses My mother has a business phone that has personal and business uses, but getting to personal from business is easy AF and considering the business requests she gives that phone to other people while working it's definitely not secure It'd also just be a good thing for NDA business ideas like artists and designers, allowing people to still use biometrics and be asleep and not worry about someone using their thumbprint to get in Also just keeping NSFW stuff from kids or making it to where you have to buy apps from the main but still let you use them on the decoy to avoid kids spending money or seeing stuff they shouldn't while still having that convenience of biometrics Sure there's security folders but I feel like this would help even more Kinda sucks that for someone like me who believes in privacy and would probably buy this for that privacy would get burnt by the government because I just want freedom from prying eyes
Which is why it's best to use open source privacy tools
Android has options for seperate users. So you could configure a home and work profile. Not a complete replacement for what this phone has but its similar.
@@HughJeffreys I actually didn't know that. Shows just how needed these videos you make are for people who even think their relatively tech savvy, cheers But that only makes me look at the work phone my mother was given with more disgust, there is no difference between the two besides a single pin and once it's used its open until the phones reset working like a big security folder
Had something like that on my Xiaomi, had different users depending on if I unlocked it with one finger or the other
@@Reinreith samsung secure folder is pretty good imo and looks like it has everything you are looking for. can use separate biometrics or passwords for it and you can have it lock up only when you tell it to, every time you close it, once the phone has been turned off, or after a set period of time
Made by Criminals to catch other Criminals.
You got it. Btw, give one of these little gems to Sammy "The Bull" Gravano. He likes to talk.
Omg 😮😮😮😮😮😮😮
Well there is 3rd mode also available, on a master pin you can access full admin mode, where you can manage both of the main and decoy modes and make some changes as well…
More info pls ):
The Australian Federal Police making plans with the FBI over beers... sounds about right.
Yeah, but was it Budweiser or Fosters?
@@mattelder1971 - probably BOTH! 🍻🍻🍻
Lol XD
@@mattelder1971 fec off with you're piss water! we send that shit to america for a bloody reason!
@@mattelder1971 Australians don't even drink Fosters.. They just export that crap.
"There isn't any way of knowing what it's doing behind the scenes" is terrifying and that they're capable of doing that with only software all of this could be featured in our next software update
My ex has government clearance and has people remotely control my phone.. we broke up over 10 years ago.. yeah.. he's completely sane. 😂
Bold of you to assume that these functions aren't already in our devices
Or our last update
it already is like this since ever
@@someoneout-there2165 No chance that could happen. I dont doubt the government has that ability, but the amount of red tape you would have to go through would make petty revenge on an ex impossible lmao. No single person has that power
It is basically the same thing with free phones and service for those who are on some government assistance program. Snap, SSI, ssdi, accessing and monitoring everything you do, limited settings, I ended up putting tape over the cameras. I turned off location and microphone. But I doubt it turns it off.
I remember hearing about these, but always suspected something was too good to be true
My wife use to work for Sony-Ericsson, we have some preproduction/experimental models floating around from the early-mid 00's, one even use to receive an sms once a month saying something like please return this phone to SE as it's not a production model. None of them work given the change in edge/2g/3g stuff, but love the pre-iphone designs and feel of them.
This is why a device like the PinePhone is one of the most secure devices on the market. It is almost (if not) entirely open source, has physical killswitches for hardware features, easy OS swapping, etc. If it ain't open source then it ain't safe.
Purism Librem 5 is another incredibly secure phone
@@kodyballard49 Librem 5 and Pinephone are extremely unsecure. Installing a malicious program allows said program to replace the bootloader and baseband with a rootkit from it's installation script. Heck, you don't even need root. All you need to do is change the user's $PATH to point apt to a malicious program and on update it will run the malicious program which runs with superuser privileges if sudo isn't compiled with secure-path enabled. Compare to closed-source QNX-based BB10 which has had 0 root exploits ever.
Open source won't prevent this since the devs can just compile a different source and obfuscate the binaries. Since the audience for these is very small, someone discovering inconsistencies by chance is low. Additionally you can also keep critical code on the serverside if possible. The political censorship programme in MIUI was discovered years after Xiaomi had grown into a giant company, and it's still not entirely clear what they are doing.
Closed source is actually safer because it’s harder to hack, stop being brainwashed by propaganda
I think there is a FBI in the comments xd
hi,did you try shorting testpoints for bootloader unlocking and rooting? Nice video btw
When it comes to security, nothing beats open source.
God help us
I would love to see someone with an intact anom phone dump the APK for the messenger app that was removed on yours. It would be fun to decompile that app and see exactly how it worked.
Bet the alphabet agency's would not like that very much
Someone has to Reverse Engineer that shit
But how would you do this? You would have to desolder the emmc
got to be a question of timing finding one that havnt been active edit: sense;since the FEDS was scouting users.
@Efraim reverse engineer a messaging app with less features than any of the currently open source messaging apps that already exist?
I remember watching the Channel 9 news report of the Australian side of the operation. The 'anonymous' chat appeared to relay messages into a modified XMPP client. (0:44) I imagine all of the ones that were sold were based on the US market models. (6:20) I recognise that as a brain-dead version of the LineageOS/AOSP text messaging app, but with the icon of the Google version. I also suspect that there may be a hidden method to enter Android developer options, and/or the option to unlock the bootloader might even be enabled. I doubt the official Pixel Repair Tool would work.
The best os is one you build yourself and build it to keep no logs, every os has forensic friendly components and services dedicated to gathering intel on people, learn to disable them and make a incognito os
Well, I guess the easiest way to flash something on it is by putting the phone on EDL mode and flashing the stock firmware by hand. If there are no hardware mods this should work as at that point not even a locked bootloader has any power over it. You could use QPST or for an easier time EDL unbrick tool (courtesy of XDA member raystef66). Just get the signed firmware file and boom you're good as new. Sadly, there's no way I can think of off the top of my head to examine the installed software as it's so heavily guarded but I'm pretty sure, given enough time, we could exploit it some way to at least peek into it's file system.
EDL mode doesn't work when the device is locked.
@omerakgoz34 then time for a chip off job, haha. assuming only userdata is encrypted, the system usually isn't
how any criminals could trust it in the first place is beyond me, If i was a criminal, my first thought would be "Sting operation"
Because most criminals are stupid.
Guess they thought it would be too "crazy" to imagine or "paranoid" for some.
A lot of them are really dumb and don't know anything about the tech world.
They forced a known criminal to distribute them who already gave out encrypted softwares
Unless I missed it, what I don't understand is how the FBI expected someone to use that phone without being suspicious of why nothing works or can be done on it. 🤔
Most criminals are very, VERY dumb. The main selling point of this phone was that secret messenger app in the calculator. They thought that by using that app and the "privacy focused" phone, they could stop the authorities from listening in on their conversations. Because the criminals only wanted the phone for the messenger, all the other apps were put there for show in case someone else looked at their phone I guess
I suppose this is some kind of a beta project. It definitely looks unfinished, although it has much potential if done well
Was supposed to work like that. It was marketed as ultra secure, no gps so no tracking, no ability to call so no wire taps and no non encrypted messages so no-one in the organisation could be sloppy, while looking like a normal phone to outsiders. Only anom the encrypted app was to work for communication.
ds is just to make peepoo think they dont already have access to all devices
That was the whole point lmao. It was marketed as a secure and locked down communication device for criminals. Nothing more. Not meant to play games on or casually text your friend. More like for drug lords to coordinate hits with high ranking members. While still looking like a normal phone from the outside if it were stolen
me casually with that phone without being a criminal: **roots the phone, then installs a custom OS**
yea. fs
Thanks for alerting the criminals
I like how this Anom phone is closed source software create false sense of security & privacy by making apps harder to access. The criminal clearly have no idea about software in general. Only Open-source can be trusted.
Also helped that the police around the world targeted the "techies" in the environments and got them to suggest it to their colleagues in return for a deal Don't remember exactly how if was, but something like that
"open source can be trusted" Brandon Nozaki Miller said hi.
They wont spy on you for watching porn budd. This phone was specifically made to catch criminals
Watch out for "bug doors" in open source stuff either put there intentionally or just exploited by someone who stumbled across a bug that allowed them to gain access
@@UmiZoomR "it's OK! I'm only watching you while you sleep to make sure you're safe!"
We had something similar to this in the uk. Don’t know if it was the exact same thing but the idea was the same. It was meant to be encrypted and safe to any “business” so got quit popular with mid level drug dealers etc etc. The phone apparently cost a good grand or 2 afaik. It was a really simple device that would only do txt and calls through one app or something and you couldn’t do much if anything else at all a normal phone can do. Literally jus set up for msgs and calls via a pre installed all afaik. But the whole lot was a honeypot set up by the metropolitan (I think it was met.) police from the very start. We also had encrochat which had its encryption cracked in 2020 which led to over 700 arrests from people using the device thinking it was safe. I’m unsure if the 2 are the same event/bust and device or if there’s 2 different devices but I think it was 2 different devices/busts. I’m sure one was specifically set up to be a honey pot from the start but encrochat just had its encryption cracked apparently. It’s hard to find stuff online about it now tho. Edit; after watching the full video I’m gonna assume the fbi honey pot device “arcane” or woteva it’s called etc was the same device the uk police used just tailored and changed a bit for the uk etc. Cos it seems to be the exact same kinda thing.
No. Encrochat was real. It just was seized by Europol. They then infiltrated the servers and pushed an update that decrypts everything. Also It didn't just got popular with mid level drug dealers. It also was used by Hitman and in drug laboratories. It also wasn't just the UK. It was used all over Europe.
Yeah it seems to be a slightly different version of the exact same software with a different name and obviously different hardware (from my very hazy memory)
Reminds me of the Scotland Yard operation to create a dark website for criminals. It was in operation for 15 years, before the police struck. During this time it gained the trust of criminals.
Omg 😮😮😮😮😮😮😮
Enlarge it's allowed space in memory and the decoy account should run apps.
when the government does this, they get applauded, *especially* if it's "to catch bad guys", but when i do this I get sued and jailed. the fuck
@@mlx39996 no. my point is that it is not ok to do illegal shit to catch people doing illegal shit. seems pretty hypocritical to me that on one hand, you have this; then on the other, poisoned tree doctrine.
This seriously lol, fuck criminals they have it coming
@@mlx39996 It's more about having a fair standard law that applies to everyone equally, because the 'bad guys' is a broad unuseful term when everyone involved is in violation of the law. Yesterday it could be applied to drug dealers and organized crime, Today and Tomorrow it could be applied to oppressed people organizing to resist a tyrannical government that singles them out for their race, religious beliefs, political affiliations, or immunity to the usual methods of social engineering.
When I arrest someone it's "kidnapping" but when the police do it is legal. WTF????
@@mlx39996 Technically, it is legal, even encouraged for you to do such things in an emergency too. You can exceed the speed limit to avoid getting hit by a vehicle and even run a red light if staying where you are would get you or others killed. Ambulance drivers are not law enforcement, they are not even a part of the government, yet they are allowed to do these things.
Regardless of whether its used to catch criminals or not, this is a major breach of privacy rights. Disgusting.
No privacy is bigger than national security
@@ankitchaubey1293 L
well Majority of government want control for every citizen in their country
@@ankitchaubey1293 L
I agree
Damn that is some good use of a device right there Hope the FBI wont show up to take that phone away from you.
You should pull the ROM off of it and inspect it. Probably have to pull it directly from the NAND chip, I doubt the phone has ADB or any custom bootloader accessible.
First of all, the flash chip needs to pulled out of one of these and have it's files dumped manually, just for preservation purposes. Then, you could try using EDL mode, because that might just be able to bypass the secure boot, since it's a hardware feature you can't really remove.
Still would be missing the Anom messaging platform. A file dump should be done on a handset still containing the apk.
@@kanedaku Yeah... That's sad. But, at least, the OS modifications would be great to have. Especially the dual UI would be an amazing feature to implement in other ROMs.
What about full disk encryption?
@@efraim. Android had FDE before. But all clowns say that FBE is better than FDE. Yeah, because having apps that can access the decryption key AT BOOT without your explicit permission is really a lot better. Secure boot would also be a nice feature to have, but that needs to be implemented in the bootloader itself, unfortunately.
Dumping files is impossible as the flash contents are all encrypted, and EDL is one of the methods to flashing it.
Security and privacy can be verified by using open source projects.. no restrictions.. but this phone went the total opposite direction. Anyone with any bit of technical knowledge should have immediately seen all of that as a bunch of huge red flags.
npm said hi.
"Anyone with any bit of technical knowledge should have immediately seen all of that as a bunch of huge red flags." Interestingly, a story I read on the subject noted that some discussion forum post flagged that the phones were in 'constant contact with google servers and relaying messages to corporate servers in the 5 Eyes countries". Which this person knew because..... they had tested it! Note to self: if involved in running an international drug cartel and using a supposedly secure phone to openly talk about all that stuff, it might pay to have the phone tested by an expert to check the outgoing data streams!
well only morons who still use outdated drug dealing methods from movies in the 80s buy this nonsense. Just proves how mentally inept and what a bunch of useless desk jockies the FBI is.
You put a good argument forward that organised crime gangs, need a bigger and better IT department.
In general, criminals aren't exactly known for being the brightest bulbs in the shed.
Recently purchased new a Samsung A03s phone. its a amazing phone for the price... which makes me a tad suspicious. However there is a ton of stuff running in the background that i can't turn off. and those apps and services are simply described by Samsung as "Other" which is a bit disconcerting and they are literally taking up HALF of the phones memory and storage.
I mean all tech glows in the dark but this is fucking radiant.
Yeahhh😮😮😮😮😮😮😮
Sounds like a huge invasion of privacy without acknowledgment lawsuit
Privacy is an illusion. It's not that they don't know. It's whether they have the resources to act upon the intelligence they have. Without criminals there is no budgets for law inforsment. A lot of crime could be eliminated by offering better educational opportunities. And creating national industrys. But it's cheaper to just make larger law inforsment agencies. That's what the public think we need. So its cheap political points for politicians. Proper Social Welfare Drug rehabilitation. And higher levels of employment. Can all radically reduce crime. But it doesn't win votes. People what instant results. More police wins conservative votes. Social reform can take generations before the results really start to show.
CCP doesn't care about privacy. "But my country isn't the CCP" Well, they don't admit it... but they are.
I'm sure the AFP and FBI put some thought into that issue.
Shoutout to all the open-source code that was used in breach of its license because this phone literally doesn't have a functional text viewer for the attributions.
That isnt correct.
who's gonna do something about it? nobody is going to enforce that
AOSP is Apache 2.0
@@Oscar4u69 tell the FBI to enforce it
Wait until the fbi sees my browse history
If you want an actual private phone, you should always ask for the source code if the OS and compile it yourself. Also this OS was clearly based on LineageOS so they're breaking the license by not open sourcing the code and even worse if they didn't include a copy of the licenses. I think only s stupid criminal would fall for this one, hopefully not a cyber criminal since they're supposed to be tech savvy
proof it's based on Lineage?
@@alabasterharmony6268 While there isn't any hard proof, due to this being closed source, it sure does look like it.
@@I_Love_Learning I did wonder a bit about that; given that the "OSS Licenses" page is broken in at least one of the apps, it's very possible this phone's software violates copyright law by failing to comply with the license of at least one included app or service.
Love this alternative subject matter for your channel. Hope to see more in the future. 👍👍 Still technology, but different perspective.
Thank you 😊
I have a Xiaomi Mi 9T, which has an actual "2 phone" thing called second space, where you can load into different images, almost like different accounts, which are two completely separate phones basically. Different apps, home screen, setup, etc. You can have it load into either from different fingerprints, patterns, or different faces.
Xiaomi makes a tracking request in the background almost every minute last time I checked and also had an incognito mode tracking scandal a few years back
Thanks for letting me know
Very interesting video. The idea with the honeypot is ingenious, and I hope they could make the world a little safer with it. One thing bothers me a lot though, not everyone who buys such a device with such an OS is a criminal, many people just want more privacy and security. As an end user, do I practically always have to assume that such devices are honeypots? What happened to the data of consumers who were not criminals? In our time, after so many scandals, it is not wrong to look for more security.
Not really. Just shows that there is very little respect of laws by the ones that enforce them. How many cops ended up with one of these phones? Big gangs have tech experts in this day and age. So who did they really catch.
@@dilligaf8349 A mixture of people who weren't smart enough to spot the trap, and a whole lotta Australians who were violating their nanny state's guidelines.
Hi! I think i have an idea for installing a custom firmware on that device. Since that phone has a Qualcomm SoC, you can acces EDL mode, you maybe have to disamble the device and short a test point to ground or also i an EDL cable. With that I believe that it is indeed posible to install a custom firmware, or maybe even reflash a stock bootlader and see if that works too. Also im pretty sure you can unlock the bootlader in EDL.
Now technically speaking this is officially the world's first government smartphone.
You haven't met the north Korean android phone. It's so advance it has a anti fly app
@@Pandahhhhhhhhred star os "anti virus"
the docoy thing is what i need
They really went through millions of private messages to catch a couple of petty criminals WOW. we live in a dystopia
Considering the video mentioned thousands of pounds of drugs, and tens of millions of dollars of illegally acquired currency, I’m not sure how “petty” those criminals were.
No, you are not right. en.wikipedia.org/wiki/ANOM
@@TBH_Inc people saying "if you have nothing to hide" is the issue. Do you want them looking through _your_ shit _looking_ for reasons to arrest you? It's a violation of basic human rights in basically every civilized country.
@@cherrypepsi2815 to those people one just has to say that if there is nothing to hide there is no reason for government agencies to be spying but they wouldn't get it anyway, some people were born to be slaves and that would be ok if they didn't also want everyone else to become one, the further time goes on the more reinforced I'm in this belief
@@shinrapresident7010 Dude, I'm making a point in agreement with the guy I replied to, you dipshit How about you go reply to someone whose actually doing stupid shit
I know the US had/has something like this. The original was similar to this, but used Motorola G phones I believe. Apparently they where used because they where cheap and easy to disassemble, which was important because they physically bricked cameras, gps and something else that I can’t remember. Shits crazy
I think I had one of those.
Not being able to unlock it and install custom Rom or reinstall the original pixel 4a image kinda makes this phone now as good as a paper weight. FBI should at least unlock the bootloader prior to the end of their sting operation. Well at least people can still use it as a source so genuine pixel 4a parts....
I guess its so people cannot find out how the phone was developed. Yes it is a waste of good phones now that the app has been shut down.
I'm pretty sure that these phones shouldn't be able to come in our hands and use it since they only have a specific users which are the criminals so it make sense for FBI to strengthen the security of the phone (but create a backdoors that only them knows)
Went back and looked, it's in yellow boot, not orange boot. The bootloader is locked. Oof. Best bet is see if you can get a hold of MSM Tool or whatever it is Google uses for EDL. OnePlus usually "leaks" it shortly after launch and it's really handy to unbrick. Unless you can manually adb sideload the full system zip? It's signed with Google keys so it should hopefully take, although then you'll just be the proud owner of a Pixel 4a.
Wondering if other models can be unlock especially the Xiaomi one since their phone was very open and easy to unlock
@@HughJeffreys true indeed. That's a complete lemon, you can't even use the mp3 player, so what's the use of keeping that paperweight??? I've seen Android Go phones which were horrible to use due to their miserly 1 GB RAM but at least, they do work as they should
The people who used these phones should be able to sue the FBI for invasion of privacy and fraud.
When they gave me this phone I knew it was fishy. Still have it this day, used only for 2 weeks, then got too paranoid to use it again. Still have it til this day.
9:51 "There is plenty of reasons to want more privacy and security. Especially with most companies tracking you..." I was almost certain you were about to divert into "that's why I use NordVPN..." 😂
that wouldve been a LinusTechTips level of butter smooth sponsorship segway.
@@Sharpless2 It's pretty unoriginal nowadays though
nordvpn isn't open source so you can never know what they actually do with your data. It's only secure if you don't want your ISP to know what you're doing.The feds can still demand all of the data that nordvpn has on their users
@@your_average_cultured_dude Your Toothpaste isnt opensource either. They could literally be putting in Microdoses of cocaine to make sure youre always coming back to the same brand. Oh and if the Government wants something, they WILL get it no matter what.
This world is rapidly passing away and I hope that you repent and take time to change before all out disaster occurs! Belief in messiah alone is not enough to grant you salvation - Matthew 7:21-23, John 3:3, John 3:36 (ESV is the best translation for John 3:36) if you believed in Messiah you would be following His commands as best as you could. If you are not a follower of Messiah I would highly recommend becoming one. Call on the name of Jesus and pray for Him to intervene in your life - Revelation 3:20. Contemplate how the Roman Empire fulfilled the role of the beast from the sea in Revelation 13 over the course of 1260+ years. Revelation 17 confirms that the beast is in fact Rome. From this we can conclude that A) Jesus is the Son of God and can predict the future or make it happen, B) The world leaders/nations/governments etc have been conspiring together for the last 3000+ years going back to Babylon and before, C) History as we know it is fake. You don't really need to speculate once you start a relationship with God. Can't get a response from God? Fasting can help increase your perception and prayer can help initiate events. God will ignore you if your prayer does not align with His purpose (James 4:3) or if you are approaching Him when "unclean" (Isaiah 1:15, Isaiah 59:2, Micah 3:4). Stop eating food sacrificed to idols (McDonald's, Wendy's etc) stop glorifying yourself on social media or making other images of yourself (Second Commandment), stop gossiping about other people, stop watching obscene content etc. Have a blessed day!
You could probably get root with an exploit since it's outdated and there has been a few root exploits in the recent years, might need a browser/webview, filemanager, or terminal/shell as a minimum though, I'd love to mess around with something like that
That's why there is no browser app, not even in decoy mode
Yeah but there's always something overlooked or newly discovered, that's the excitement of it
I'm sure the fbi has top men on it
That changes nothing
@@jasonls221 +1
You may be able to dump all the partitions and explore inside if you got some advanced knowledge Or even restore the phone to factory OS
Reminds me of Onion routing. Everyone thought it was amazing, safe, and anonymous. Unfortunately, they lack the ability to research the origins of things. If they did, they would have noticed they were using a tool developed by the US Naval Research Laboratory in tandem with various intelligence bodies. This was to protect the communications of operatives abroad.
4:00 you can use an app called “Activity Launcher” to find hidden activities (menus) in the settings
Make more of these videos please. It's easy to tell that you have the knowledge to explore these phones properly and interestingly.
interesting phone. I have never seen where the keypad is scrambled @2:07 when inputting a code. Is this only available on this phone or something new? I imagine it's a great feature if you suspect someone is watching over ones shoulder and memorizing a pattern, but then changes the next time prompting of your PIN.
Yeah, its a feature that is on some custom roms. The first (and only) time I was introduced to it was grapheneOS (totally de-googled android, but you can re-google it within the "Apps" app) I still use it daily as the performance is way better and I can control what google apps have permissions to, including network.
Any idea on what possible use the decoy would have?
if your phone is ceased, and you give them that as your code
Whenever a company advertises themselves as being privacy focused and their source is "trust us", you should be skeptical of their true incentives since those are effective marketing words without any legally established definition.
If they claim to be privacy focused then LOOK AT THE SOURCE CODE If it's proprietary: 🚩🚩🚩🚩
i daily LineageOS, and basically all of these apps look exactly like the stock ones. Messages, clock, phone, the updater as you mentioned, and much more look just like it.
I wonder if that's all legal. I know most of lineage is on Apache, but is their specific design also on a permissive open license?
@@barnaba2137 yup. even the "freedom phone" is basically pure lineage.
This world is rapidly passing away and I hope that you repent and take time to change before all out disaster occurs! Belief in messiah alone is not enough to grant you salvation - Matthew 7:21-23, John 3:3, John 3:36 (ESV is the best translation for John 3:36) if you believed in Messiah you would be following His commands as best as you could. If you are not a follower of Messiah I would highly recommend becoming one. Call on the name of Jesus and pray for Him to intervene in your life - Revelation 3:20. Contemplate how the Roman Empire fulfilled the role of the beast from the sea in Revelation 13 over the course of 1260+ years. Revelation 17 confirms that the beast is in fact Rome. From this we can conclude that A) Jesus is the Son of God and can predict the future or make it happen, B) The world leaders/nations/governments etc have been conspiring together for the last 3000+ years going back to Babylon and before, C) History as we know it is fake. You don't really need to speculate once you start a relationship with God. Can't get a response from God? Fasting can help increase your perception and prayer can help initiate events. God will ignore you if your prayer does not align with His purpose (James 4:3) or if you are approaching Him when "unclean" (Isaiah 1:15, Isaiah 59:2, Micah 3:4). Stop eating food sacrificed to idols (McDonald's, Wendy's etc) stop glorifying yourself on social media or making other images of yourself (Second Commandment), stop gossiping about other people, stop watching obscene content etc. Have a blessed day!
so it's like every other piece of software released today
one way to do it would be to use qualcomm software to load a different OS, my suspicion though is the actual OS itself will be difficult to ever get a good look at, but in truth the phone software was poor and its strange that to my knowledge only one person knew something wasn't right but his guess was poor design and not a sting operation(before the project was revealed).
"the most locked down phone I've ever owned" Apple: WRITE THAT DOWN, WRITE THAT DOWN!
Rather have a normal truly optimised iphone than the most decked out android ever
@@shaggytewsak Android runs smoother nowadays imho. What type of old android phones do you use?
I’d rather use a Linux phone with barely-functioning hardware than let Google or Apple turn me into a revenue stream with a device I paid for. But hey, at least the Apple App Store has the most secure spyware on the market.
There is a "disposable" tablet by amazon called the fire hd 8
😂👌
Thats still way better than the Anom Pixel
It's reminding me of US prepaid phones that some people just use as 'burner' phones because they're often cheap low-end phones
i mean unrepairable
im not using a device with custom os if the os was flashed to it in the "factory"
so any project like this not that i even knew about this before the vid would need to be open sourced and tested a while to even be slightly trustable im guessing
Thank you for your amazing content Hugh. Glad to be one of the first haha :) ❤❤❤
They could modify the hardware to collect hardware-encrypted stuff like fingerprints
@weinerschnitzelboy Sure, but I think kezyhko's point is there is a reason for them to make hardware modifications. The video mentions there was no reason to modify the hardware, but If they modified the fingerprint scanner they could make it save a scan AND do the normal thing the OS is expecting. Or even just rewrite it so it doesn't do everything the normal way and does save the fingerprints. Did they, or would they? I doubt it, it probably adds too much complexity. Considering how they locked out pretty much everything they probably tried to keep it as mission focused as possible to stop any kind of errors from getting in the way, and making all those changes would probably be more error prone then it's worth.
@weinerschnitzelboy that’s why he’s suggesting hardware modifications to a sensor that does store readable data from the fingerprint
@weinerschnitzelboy Fingerprints aren't stored as images - in normal conditions. But if you can modify hardware - theoretically you can just silently send a fingerprint copy to OS. Idk how hard would it be to pull that off though
@weinerschnitzelboy it's the FBI after all so I'm pretty sure they could do it
@@WaltuhD you’d need to completely revamp the biometric reader from the ground up for that
I had flashed ArcaneOS on one of my Redmi devices. It too has a decoy mode but did not act this way
6:51 that beep killed me not in realife but hearing it!