1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Cameron calls for an end to privacy

Discussion in 'Article Discussion' started by Gareth Halfacree, 13 Jan 2015.

  1. Corky42

    Corky42 Where's walle?

    Joined:
    30 Oct 2012
    Posts:
    9,648
    Likes Received:
    386
    IMHO it was when that paragon of intellectual thought Mr Bush declared war on terror.

    I'm not going to defend what they've done, but do you think any other flavor of government would have done anything different ?

    There is hope, well if we are still members of the ECHR or the ECJ by the time the case is heard.
     
  2. Cheapskate

    Cheapskate Insane? or just stupid?

    Joined:
    13 May 2007
    Posts:
    10,878
    Likes Received:
    931
    Does he have a plan for little bits of paper being passed around? What about meeting in a cafe?
     
  3. Nexxo

    Nexxo * Prefab Sprout – The King of Rock 'n' Roll

    Joined:
    23 Oct 2001
    Posts:
    34,008
    Likes Received:
    1,545
    Naah, back to the old school of spy craft: surreptitious meetings by men in trenchcoats at the duck pond of the local park. :D

    The sale of red carnations will go through the roof...
     
  4. Anfield

    Anfield Well-Known Member

    Joined:
    15 Jan 2010
    Posts:
    5,618
    Likes Received:
    521
    Our only hope to stop that madness is the EU declaring it illegal...
     
  5. David_Fitzy

    David_Fitzy I modded a keyboard once....

    Joined:
    8 Jan 2004
    Posts:
    206
    Likes Received:
    2
    Welcome to the Free Peoples Democratic Republic of England, Scotland, Wales and Northern Ireland.

    Might as well rename the country to that just like North Korea etc

    All hail our great leader Kim Jong Cameron
     
  6. ModSquid

    ModSquid Active Member

    Joined:
    16 Apr 2011
    Posts:
    614
    Likes Received:
    49
    1. WTF indeed. I've had enough. Where can we go to avoid all this?
    2. Failing that, can we not just get someone in power who allows us to vote on EVERYTHING? They issue a paper every quarter with proposals and you tick Yes or No at your polling station, then whatever gets voted in goes through. Although you would have the added complication of voting for what goes on that quarterly proposal paper...
    3. Does anyone else add the harshest four letter word they can think of whenever they see "****"? It's a good job the Govt can't read our thoughts (yet)
     
  7. mclean007

    mclean007 Officious Bystander

    Joined:
    22 May 2003
    Posts:
    2,035
    Likes Received:
    15
    It's not as simple as that, though. Even if the UK gov can force all ISPs to cooperate with its tracking efforts (by, say, routing all traffic through GCHQ monitoring servers), there is a defence against man-in-the-middle attacks through trusted certification - when you make an https connection, the cryptographic credentials presented by the site are tested against ones obtained from a trusted certification authority (I thought Verisign was the best known, but seems it has been bought by Semantec, which is now the market leader in trusted certification).

    The MITM can intercept the request and proxy the traffic so it can see what you are sending and receiving, but you know it is doing so because your https connection doesn't have the right certificate, and the MITM can't spoof the certificate without either hacking/stealing/forcing the third party site to reveal the private key to its certificate or falsifying certification so its incorrect credentials appear as legit. Since the first scenario is impractical for every SSL certificate holder in the world, to conduct a successful MITM attack they would need to subvert the certificate authorities, which just isn't going to happen.

    They could set up a bogus certification authority and mandate that all software installed on new devices sold in the UK must recognise its "authenticity", but (a) they would very quickly be found out; (b) people would riot after the press s***storm that would follow when they were found out; (c) how would UK gov solve for old software that predates the mandate?; (d) how would they solve for grey imports circumventing the mandate?; (e) how would they stop people installing "illicit" software in breach of the mandate?; (f) how would they solve for people modifying software to ignore the bogus CA?

    Basically it's impossible. Basically the only way they could spy on substantially all internet traffic would be to force all ISPs to drop all encrypted packets, forcing everyone onto unsecured connections that anyone could eavesdrop on. This would destroy e-commerce, banking, and all other legitimate reasons for which people use encrypted channels. The fallout would be insane. And even then, people that really REALLY want to keep things secret from the government will find a way, so the outcome of the ill-advised scheme would be to basically put us back to the pre-internet era without even fixing the supposed problem they're trying to solve.

    Why don't they just nuke the UK from orbit? It's the only way to be sure nobody is using encrypted channels for nefarious purposes.

    The problem with your point (2) is that it is distortive in its own way and the questions asked on the ballot are crucial - as you point out the political process moves to deciding which questions make the ballot. For example, if your quarterly referendum had a question like "should income tax be abolished?" it would very likely get passed (who likes paying tax?!) but the outcome would be disastrous for the economy.

    The other problem is that most people probably don't want to have to deal with the tedious minutiae of voting on every issue (or of taking the time to really understand each individual issue), so you'd have some (few) issues that were hotly contested with most people voting but most issues people would just vote blindly or abstain, which is again distortive.

    Finally, the sad truth is a large proportion of people are hugely swayed by what they see on TV / hear on radio / read in the press. You'd be handing enormous political power to the media. And while Cameron certainly has his faults, I'd choose him as PM over Rupert Murdoch every single time.

    Cam Jong Un?

    Passing of paper shall be outlawed without prior approval of the contents of any messages by the Ministry of Love. All cafes shall be monitored at all times by agents posing as old ladies drinking tea.
     
    Last edited by a moderator: 15 Jan 2015
  8. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    13,377
    Likes Received:
    2,429
    Except that a national government which is a big player on the world stage would have little trouble in setting itself up as a trusted certificate authority and issuing wildcards. Imagine the scenario if Internet Explorer doesn't trust the GCHQ certificate: "Hi, Microsoft? It's the UK government here. Stick our certificate authority into IE's trusted list, or we'll ban all Microsoft products. What's that? It'll be live next Patch^WUpdate Tuesday? Excellent, cheers chap."

    Convincing browsers like Firefox - which doesn't have a big corporate relying on income from the UK behind it - to do the same would be a bigger challenge, easily solved by making the use of any non-compliant browser illegal. We've already got a Great Firewall of the UK blocking porn and 'extremist content;' just set it up to monitor browser headers and send the anti-terror squad to offer whoever has the temerity to use verboten software (and lacks the wherewithal to falsify the headers, a 'crime' I'm sure would be severely punished if detected) a quiet chat at the loud end of a gun. Bosh.

    Or, the sneakier way: we've already seen numerous CAs get compromised, and Snowden documents have indicated that many - indeed, most - CAs 'cooperate' with national security agencies. No new CA required - just use a friendly one, or an unfriendly one you've back-doored.
     
  9. mclean007

    mclean007 Officious Bystander

    Joined:
    22 May 2003
    Posts:
    2,035
    Likes Received:
    15
    Did you read the rest of my post? Microsoft couldn't accede to this - it would lose the trust of millions of users. Also, even if they did accede, the backlash when the press get hold of the fact that UK gov has coerced a major software manufacturer to insert what amounts to a backdoor to all secure communications would be severe. And they would get hold of it very easily - the list of trusted CAs is easily accessed from the settings pane. Unless it was a sneaky hidden CA, which would trigger even more backlash when it was inevitably found out.
    I know you're being facetious, but it's hard to tell where your serious comment ends and the joke begins. There's no chance of the UK dropping connections on the basis of browser ID header; the knowledge of how to modify a browser's header would become commonplace; and there's no chance of it becoming criminal to use a browser that doesn't happen to allow GCHQ to spy on every byte it sends.
    This is the more likely, if still highly paranoid, scenario. But yes, if you have the right combination of computational resources, knowledgeable people and political reach, I will concede that you could theoretically instigate a nationwide MITM attack (or at least cultivate the ability to silently monitor any arbitrarily selected target's traffic with minimal chance of detection).
     
  10. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    13,377
    Likes Received:
    2,429
    You're assuming it would be done in secret. I'm arguing it wouldn't be: Cameron has already gone on record saying he wants to make sure the security services can read all communications, digital or analogue. Simple announcement: "Today, I am requesting that Microsoft gives the UK Security Services the ability to decrypt the communications of terrorists (and everybody else, but let's gloss over that fact) by installing a certificate authority backed by the Government Communications Headquarters in its web browser. If it refuses to do so, clearly it is on the side of terrorism and wants everyone in the country to die." Now imagine the Daily Mail's headline: "MICROSOFT SIDES WITH TERRORISTS: Wants to hide communications from our brave security services, allow mass murder and - worse - immigration."

    A week later: "VICTORY FOR COMMON SENSE: Microsoft agrees to turn over terrorist communications, cooperates with security services."

    Dun.

    Yes, paranoid. After all, trusted root-chain certificate authorities have never been breached and used to generate fraudulent certificates for the precise purpose of performing man-in-the-middle attacks. Oh, wait...
     
  11. mclean007

    mclean007 Officious Bystander

    Joined:
    22 May 2003
    Posts:
    2,035
    Likes Received:
    15
    I didn't say it hadn't been done. But so far as we know it hasn't been done by the British government. If that's what they want to do, why have Cameron announce it? Just go ahead and do it.

    Tin foil hats at the ready!
     
  12. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    13,377
    Likes Received:
    2,429
    British government? Perhaps not. French government, though...
     
  13. Anfield

    Anfield Well-Known Member

    Joined:
    15 Jan 2010
    Posts:
    5,618
    Likes Received:
    521
    He has to announce to score points with the ukip voters.

    Anyway, I don't believe Cameron even has the faintest hint of an idea about the devastating impact a law like that would have, as it would effectively ban development, manufacturing, sale, ownership and use of every piece of hardware and software that doesn't allow the government unrestricted access to all user data.
     
    Last edited: 15 Jan 2015
  14. mclean007

    mclean007 Officious Bystander

    Joined:
    22 May 2003
    Posts:
    2,035
    Likes Received:
    15
    Yeah but those guys are animals.
     
  15. Corky42

    Corky42 Where's walle?

    Joined:
    30 Oct 2012
    Posts:
    9,648
    Likes Received:
    386
    It seems Mr Cameron isn't happy to just limit the breaking of encryption by GCHQ to the UK, apparently he is going to ask Mr Obama to do more.

    http://www.theguardian.com/uk-news/2015/jan/15/david-cameron-ask-us-barack-obama-help-tracking-islamist-extremists-online
     
  16. t5kcannon

    t5kcannon Member

    Joined:
    7 Jan 2011
    Posts:
    140
    Likes Received:
    2
    I think the real question here is why the internet should not be subject to the same laws governing print media and telephones, and other established forms of communication. Quite simply, of course it should be subject to the same laws. The fact is that right now, the internet is not subject to the same laws. Cameron and also the Labour Party have both expressed the view that the internet should be subject to the same established laws. Some of those laws may need to be adapted, because the quick development of electronic communications has created legal loopholes that terrorists are able to exploit. The question is whether we wish to close them, or whether we don’t.
    Does anyone think there should be specific forms of electronic communications terrorists should be free to use with legal immunity from interception? Or do they think, that under appropriate safeguards, the security services should be able to monitor all of their communications? What is the case is that banning snapchat is not an attack on freedom. Killing innocent people is.
     
  17. Corky42

    Corky42 Where's walle?

    Joined:
    30 Oct 2012
    Posts:
    9,648
    Likes Received:
    386
    Don't let the politicians fool you into believing they only want to extended the same laws governing print media and telephones to the internet, what they propose goes much further, if we reverse what they propose would you still think its a good idea ?

    If every letter you posted was opened at the post office, a copy was made to be stored for a year, resealed and sent on it's way, would you see that as acceptable ?

    If ever time you used your phone they logged your location, the time, who you called, and for how long would you think that was acceptable ? Do you not think it wouldn't be abused.

    It's not a question of legal loopholes, it's a question of civil liberties, is it right to invade innocent peoples privacy ?
    It's also not a matter of gathering ever increasing amount of data, it's what's done with the data you do have. Need i remind you that every time there has been an attack the terrorists were known to the security services, 9/11 they were on the radar, 7/11 they were on the radar, Lee Rigby, Charlie Hebdo, the list goes on.

    So what's to stop people passing pieces of paper, or talking face to face ?
    What's to stop terrorists from using the dark web ?

    If this is purely about monitoring specific forms of electronic communications terrorists use with legal immunity from interception then why the need to monitor non-terrorists ?

    The politicians answer to an attack on our freedoms is, to take away our freedoms. :wallbash:
     
  18. Shirty

    Shirty W*nker! Super Moderator

    Joined:
    18 Apr 1982
    Posts:
    12,346
    Likes Received:
    1,583
    Well if we have no freedoms left to be attacked, we can't very well complain about our freedoms being attacked now can we?
     
  19. Anfield

    Anfield Well-Known Member

    Joined:
    15 Jan 2010
    Posts:
    5,618
    Likes Received:
    521
    If it was just snapchat...

    But it relates to all electronic communication, which would for example ban all companies from using VPN solutions (unless it has a backdoor) so forget working from home, it would ban all companies from using internal chat software (unless they save and hand over all logs), it would force all software developers to add backdoors to every piece of software that has any sort of communication feature. It would ban the sale and use of every last bit of software capable of communication if it doesn't have a backdoor.

    And don't forget that every backdoor is a massive security risk, who guarantees that the data won't end up on some lost laptop on a train?
    What if someone other than law enforcement figures out how to access the backdoor? (competitors stealing trade secrets, hackers taking down networks).
    What about the entire legal process getting thrown out of the window? (you know, needing a suspicion instead of blanket surveillance, needing a search warrant from a court and so on).
    How many software developers would simply move their jobs elsewhere?
    How many software developers would be willing to add a backdoor to their software just for the UK versus simply not doing business with the UK and how would the UK function without it?
    Is there even any benefit? China has been doing widespread censorship and monitoring of the internet for a long time already, but newsflash, bad stuff can happen in China regardless of that.
     
  20. Nexxo

    Nexxo * Prefab Sprout – The King of Rock 'n' Roll

    Joined:
    23 Oct 2001
    Posts:
    34,008
    Likes Received:
    1,545
    If he adopted the same hairstyle it would almost be worth it. :p
     

Share This Page