Very little information is known about how the terrorists, who allegedly had links to ISIS, planned the attacks. Yet, that hasn't stopped commentators and the media from speculating the group likely avoided surveillance by using messaging apps that use encryption, and even by communicating over PlayStation 4.
Belgian interior minister Jan Jambon ignited the speculation over the weekend when he complained that communications over PlayStation 4 are extremely hard to spy on. His comments were not related to the Paris attacks, however; in fact, they came three days before they even happened, during a talk at a POLITICO event.
The author of the viral Forbes article that started the speculation over the weekend also posited that terrorists might very well be communicating "without speaking a word," perhaps spelling out attack plans in Super Mario Maker's coins, or writing messages to each other by firing bullets on a wall in Call of Duty.
The height of the media frenzy over the unsubstantiated possibility that ISIS is using PlayStation 4 to plot attacks or communicate was probably this inadvertently hilarious segment on the Today show on Monday, where correspondents sent each other chat messages while playing video games.
"And remember this doesn't go through your phone company," a Today show producer said.
Yet, no one has presented any evidence to support the claims that the Paris attackers were using any of these methods.
No one has presented any evidence to support the claims that the Paris attackers were using encryption or the PlayStation 4
Matt Suiche, a French security researcher who lives in San Francisco, said that obviously it's possible that ISIS is using video game consoles to recruit or communicate, but that in this case, it's more likely they "they planned it physically, to avoid leaving any traces." Many of the suspects involved in the attack were reportedly all living in the same Belgian town.
"You may as well use a homing pigeon and write in slang to coordinate a meeting, and nobody would be able to do anything," Suiche told Motherboard in an online chat. "When it comes to planning we are talking about people who live in the same area, within a few miles radius. They can also definitely pop up to the apartment of one other, like before cellphones existed."
A spokesperson for Sony, which owns Playstation, declined to answer a series of specific questions regarding how Sony collaborates with law enforcement authorities to investigate potential crimes.
"We are dedicated to checking behavior and we urge our users and partners to report activities that may be offensive, suspicious or illegal," the spokesperson said in the statement, sent via email. "When we identify or are notified of such conduct and verify it, we are committed to reviewing it and taking appropriate actions."
Julian Sanchez, a senior fellow at the Cato Institute and an expert on surveillance, said that as far as he knows, "there's no end to end encryption of user communication" on the PlayStation 4.
Sanchez, who noted that he owns and uses a PlayStation 4, also added that it's possible to access a user account from any device, something that'd be "very hard" to do if there was strong encryption. Moreover, he added, if Sony has mechanism in place to report users being abusive, the company probably has the capability to intercept and review users' communications for other reasons. In fact, Sony clearly says it can monitor the PlayStation network in its software usage legal terms.
Obviously, there are some theoretical advantages to using a non-traditional means of communication that's less likely to be monitored by authorities. But thanks to documents leaked by Edward Snowden we know that's not the case. Spies from the NSA and the British intelligence agency GCHQ have been so worried about this in the past that they've sent undercover agents into World of Warcraft and Second Life, and monitored users of Xbox Live.
"It's just going to be inherently very difficult to catch every single suspicious person who's having a conversation [online]."
Jay Kaplan, who used to work at the NSA, told Motherboard that while non-traditional platforms are more challenging than widely used ones, "at this point there is very much a 'whatever it takes' mentality."
"It is possible that these networks have simply been overlooked or difficult to sort through the troves as data," Kaplan said in an email. "Impenetrable? That word doesn't exist in the [intelligence community's] vernacular."
It's not even clear ISIS tolerates the use of video gaming consoles. The group, which has very strict religious rules, has apparently banned its members from even playing billiards, according to documents retrieved from Syria, and published by Aymenn Jawad Al-Tamimi, a fellow at the Middle East forum think tank.
"It is not proper for the mujahideen servants of God to occupy their leisure time with these sorts of things that render no benefit on them but rather constitute a waste of time," reads a translated ISIS legal document, or "fatwa."
Moreover, given that ISIS members can use, and have been reported to use, encryption apps on their phones, why use the less-portable PlayStation? On Sunday, a New York Times article reported that the attackers used encryption to communicate, namechecking the popular chat program WhatsApp. The article was based on quotes of unnamed European officials, and has since mysteriously disappeared.
It's worth noting that despite the fact that WhatsApp has enabled encryption between Android users, the platform doesn't appear to be spy-proof. Earlier this year, in fact, a group of alleged terrorists were arrested in Belgium after authorities intercepted their WhatsApp messages. Moreover, even if the messages over WhatsApp are encrypted, authorities likely can still see who's talking to whom—in other words, metadata.
Europol declined to comment for this article.
It's possible that the Paris attackers used encryption apps, and even the PlayStation 4, to communicate. But so far, no one has presented any evidence supporting this claim.
The mayor of Vilvoorde, a Brussels suburb where many jihadists who have travelled to Syria reportedly originate from, said on Monday that the country's intelligence agencies lack of Arabic speakers is "without doubt one of the biggest challenges" to investigating jihadists, according to a Belgian newspaper. Also on Monday, Turkish authorities said they had alerted France months ago about one of the attackers involved in the massacre on Friday, to no avail.
The reality might very well be that intelligence and law enforcement simply missed the clues that would have led to the suspects.
"It's just going to be inherently very difficult to catch every single suspicious person who's having a conversation [online]," Sanchez told Motherboard. "Totally independent of the technical obstacle, it's always going to be tough."