back to article Wales: We'll encrypt Wikipedia if reborn gov net-snoop plan goes live

Jimmy Wales, talking in a purely personal capacity, has lambasted Britain's Home Office for its plans to massively increase online surveillance of all UK citizens. The Maximum Leader says that such a draconian measure would prevent him from plonking Wikipedia servers on Blighty's soil. Talking in Westminster last night to a …

COMMENTS

This topic is closed for new posts.

Page:

  1. Anonymous Coward
    Joke

    WTF Wales?

    You give them their own assembly and next thing you know they're encrypting Wikipedia.

    (or maybe just translating it into Welsh, which is the same thing)

    1. Anonymous Coward
      Anonymous Coward

      Re: WTF Wales?

      An assembly isn't that big a deal, my school had an assembly.

      1. GitMeMyShootinIrons

        Re: WTF Wales?

        We had assemblies at school too. I wonder if the Welsh one hands out swimming badges and sings hymns. We even had a Welsh headmaster...

      2. Anonymous Coward
        Anonymous Coward

        Re: WTF Wales?

        If Yorkshire doesn't need an assembly with its 4 million people, I can't see why Wales with its paltry 3 million needs one.

        1. Anonymous Coward
          Anonymous Coward

          Re: WTF Wales?

          Logic and nationalism rarely go hand in hand.

    2. The Man Who Fell To Earth Silver badge

      Re: WTF Wales?

      Just seems odd that Wikipedia doesn't already default to https connections. Same for Google.

  2. SJRulez

    Lansman said the figure must have been based on "best guesses", and Hutty added "25 per cent of what?"

    Jimbo simply claimed that the number had been plucked out of "thin air".

    You can guarantee if this does get implemented those figures if accurate will rise anyway as more and more people use encryption, proxy's, vpns and as some companies are now offering a remote desktop based machine in another country.

  3. Anonymous Coward
    Anonymous Coward

    Soooo...

    ... the bureaucrats are being deliberately opaque with their plans because they know for a fact the population doesn't want them to go ahead? But they're going ahead regardless? Who are they serving, anyway?

    1. This post has been deleted by its author

    2. Thomas 4

      Re: Soooo...

      Come now AC, our government has a proven track record in managing important data securely and safely.

      It's just a shame that it's not a good one.

    3. Norm DePlume

      Re: Soooo...

      They're serving the people who fund their masters' political parties. Who were you expecting them to serve?

  4. Anonymous Coward
    Anonymous Coward

    If.

    If Jimbo Wales is against it, then I'm for it.

    1. John H Woods Silver badge
      FAIL

      Re: If.

      If Jimbo Wales is against it, then I'm for it.

      I hear he quite likes breathing. Do feel free to stop imitating him in this regard any time you wish.

    2. CmdrX3

      Well there you go...

      @AC 8:26 ......If ever an idiot was looking to find a moron, then you've certainly found yourself today.

    3. SJRulez
      Facepalm

      Re: If.

      Well you may as well stop using the AC logo now as they'll know who you are anyway!

  5. John H Woods Silver badge
    Mushroom

    You snoop on everything...

    ... we encrypt everything.

    I can see this bill being self defeating. People like me, who remember both the cold war and the reasons for it, are not going to accept living in the surveillance society that we risked a nuclear Armageddon to avoid.

    When you finally break the >kilobit encryption on my communications, you will find it is just email to my friends complaining about my job, my wife's horse, and the weather. When you break it on my laptop, all you will find is bank statements and correspondence. And you will wish in vain for the return to the world where you could focus your attention on the strongly encrypted stuff as the likely location of interesting material.

    1. Michael Palmer

      Re: You snoop on everything...

      Mass surveillance is a legacy of the Cold War. When it ended organisations like the NSA had a lot less to do but then September 11th happened and (I suppose depending on your view) it was either a new opportunity to use their skills against the West's enemies or an excuse to turn the surveillance apparatus on their own populations. I understand the need to keep the expertise, but I find it incredibly sinister that the so-called democratic governments find it necessary to turn up surveillance on their own people.

      1. heyrick Silver badge

        Re: You snoop on everything...

        "I find it incredibly sinister that the so-called democratic governments find itnecessaryto turn up surveillance on their own people."

        Its to make sure that we don't know their dirty little secrets. Look at some of the fallout from the Murdoch Mess and read between the lines. I'm sure a lot of it is suppressed, the conspiracy theorists will be ridiculed and the people right on the money will be...handled.

      2. Peter Johnstone
        Big Brother

        Re: You snoop on everything...

        The conspiracy theorists claim that September 11th was orchastrated to justify increasing surveillance on the general public as part of some Orwellian Illuminati scheme. While I don't subscribe to that view, it does all seem a bit over the top. Probably more people are killed by their own trousers than are killed in terrorist incidents!

      3. Anonymous Coward
        Anonymous Coward

        Re: You snoop on everything...

        > but then September 11th happened and (I suppose depending on your view) it was either a new opportunity to use their skills against the West's enemies or an excuse to turn the surveillance apparatus on their own populations.

        For the benefit of historians looking at these ramblings in the future, I feel I should point out that 9/11 was the greatest failure of the US security services since Pearl Harbor. It could and should have been prevented at the time. The failure of the security services was the inability to put two and two together from snippets of information that were spread across several large agencies. Capturing more snippets of information is not the problem, yet that is exactly what more surveillance does.

        1. Heathroi
          Facepalm

          Re: You snoop on everything...

          it was worse than that, various regional cop shops did ask HQ if they should make further enquires which were either ignored or stopped.

        2. Anonymous Coward
          Anonymous Coward

          Re: You snoop on everything...

          Pearl Harbor? Ignore the evidence then. Ignore it now. It's the need to make your bed feel safe to sleep in. They may not have any interest in you personally, but for fodder, bait, food, etc. Mmmmmm yummy!

    2. Anonymous Coward
      Anonymous Coward

      Re: You snoop on everything...

      I'd vote you up but "they" may be watching my every move online...

    3. zooooooom
      Happy

      Re: You snoop on everything...

      "When you finally break the >kilobit encryption on my communications, you will find it is just email to my friends complaining about my job, my wife's horse, and the weather."

      Now that one-2-one correspondence has been found to be "publication", the decrypt costs will be recovered from you by your irrate employer. Probably your wifes friends won't like being talked about like that either.

      1. Anonymous Coward
        FAIL

        Re: You snoop on everything...

        His wife has already left him after finding encrypted emails on his computer and assuming the worst...

  6. mark l 2 Silver badge

    The ironic part for the government is that those people out there who don't know about encyption and proxys at the moment are more likely to look into and start using them since they announced the proposed bill, by the time the data retention is started there will probably be more people who use methods to avoid the monitoring than there is now.

    1. Spearchucker Jones
      Go

      TL/DR: Fuck surveillance. Who will think of the children?

      The really sad thing is that the general reaction from everybody is an eye-for-an-eye. You snoop, I encrypt.

      Both sides might do well to be a little self-absorbed and think further than their collective noses.

      If we employ such thinking we might start by considering the root cause behind the proposed bill. I would suspect that if pushed far enough, most would settle on it being the avoidance of unnecessary deaths, be that by means of murder, plague, terrorism, racism, and so on.

      If we establish then that the ultimate objective is to save lives, we might consider how our limited resources are applied to save the most lives. We'd quickly discover that the number of people that checked into the Wooden Waldorf because of murder and terrorism pales when compared with the likes of (for example - I have no idea about actual numbers) children born with aids, plague, and poverty.

      We tackle those much more probable threats to life, and deal with low-probability threats like murder and terrorism in a manner appropriate to their probabilities.

      1. This post has been deleted by its author

      2. JimmyPage Silver badge
        FAIL

        @Spearchucker Jones

        Ah, evidence-based policy making. Not the way we do things in the UK, old bean.

        1. Anonymous Coward
          Anonymous Coward

          "Ah, evidence-based policy making"

          Nope, the UK has been a fan of policy-based evidence for a good few years, sadly.

          Yeah, we know they have WMDs. We just do, OK?

      3. Anonymous Coward
        Anonymous Coward

        @ Spearchucker Jones

        You must belong to the reality-based community.

        What are you doing on Planet Earth?

      4. Anonymous Coward
        Anonymous Coward

        Re: TL/DR: Fuck surveillance. Who will think of the children?

        Unfortunately, work on real problems (like the ones you mention) simply won't interest the elites running most of the world.

        They are much more worried about boarding an airliner with a bomb on it (and for many, that is becoming an increasingly justifiable concern).

        Hence, it has become far more important to ensure that people will only have a 0.0001 % chance of dying in an air crash (as opposed to 0.001% ) and that nothing can prevent Hollywood moguls from making more profits each year.

        That's what your elected officials want to do with technology because that's the stuff that gets headlines and campaign contributions, not because it actually makes a difference for most of us.

        Feeding starving kids, creating employment or helping sick people doesn't really bring the votes or the money in, y'know?

        So what does that leave us with ?

        1) Increasingly draconian security measures to help "improve" airline security, monitor international financial transactions and "protect" broken business models.

        2) The collection of massive amounts of data on "free" citizens

        3) The tracking of large swathes of the "free" population's online activity

        4) A chilling effect on people's civil liberties, freedom of expression and economic growth.

        Which can only end in tears.

        It will deepen and prolong the complete economic cluster-fuck and pain our political leaders seem hell-bent on maintaining.

        IMHO it MAY ACTUALLY REQUIRE > 60 % of the internet population to become completely anonymous and encrypt everything before Western governments understand what they are up against. Building a massive spy apparatus is just a waste of time. It didn't work in Russia and Eastern Europe either. It simply pissed people off until they finally overthrew their leaders. It's hard to do anything productive when you are scared all the time.

        The current trend (nay obsession) of marching us towards a surveillance society is counter-productive, dangerous and a complete waste of money.

        Perhaps these fuckers should stop chasing imaginary bogeymen and start spending money on things that actually help people.

        We could begin with stronger privacy legislation, limited data retention laws and default strong-encryption of all email and internet traffic.

        Imagine if you will, that instead of printing more money and flushing it into the toilet bowl of state-sponsored capitalism, governments instead invested money into sectors that don't create artificial demand for more paranoid surveillance technology, more weapons, more law suits, and more oil wars. How about creating some jobs which don't require you to wear a uniform for a change, hmm ?

        /end rant

    2. Anonymous Coward
      Anonymous Coward

      a few more might start looking.

      the average person already accepts CCTV everywhere and is probably as equally cavalier about government monitoring as they are about smoking, crossing the road, and heavy drinking.

    3. Paul_Murphy

      There are also....

      Those people who _do_ know about encryption, but can't be bothered to implement it yet.

      Though once they do they'll start prompting their circle of friends to jump on board the encryption train, or at least use TOR and whatever else comes up.

      Rhetorical: What would it take for people to start putting postcards in envelopes before sending them?

      Most peoples mindsets are in the postcard stage of electronic communication, but once it becomes obvious that the postmen are reading all the postcards would everyone make changes to keep prying eyes out? I suspect they would.

    4. MrXavia
      FAIL

      The most worrying part is that it's a government initiative, which means it will be compromised fairly quickly, and all our data will be public.

      Personally I will be encrypting mail in the near future, using sites over SSL where possible, and anything critical goes through a VPN or two....

      #

      I know SSL can be done by a man in the middle attack, but as soon as the government forces ISP's to do that, then our country goes backwards....

  7. My Alter Ego
    Thumb Up

    This is a good thing

    Forcing everything to be over SSL can only be a good thing. It can't be suspicious to be using encryption if everyone is using it. Also, it should increase the take-up of IPv6 as SNI is a bit of a pain, especially as IIS has only just got around to supporting it.

    1. Ken Hagan Gold badge

      Re: This is a good thing

      "It can't be suspicious to be using encryption if everyone is using it."

      More to the point, it can't be suspicious to be using encryption if you were forced to because the web-site in question does not offer an unencrypted version. Mainstream web-sites that switch to SSL are protecting their users from suspicion as well as from snooping.

      1. M Gale

        Re: SSL

        Bloody useless when the root certificates are owned by businesses that can be leaned on by governments.

        Self-cert perhaps, but then how do you tell the browser's "I don't know this certificate" warning from a man in the middle trying to snoop?

        1. Dazed and Confused

          Re: SSL

          > Bloody useless when the root certificates are owned by businesses

          The root certs, or upstream certs, might be owned but they aren't used to do the encryption. You encrypt with your private key, they sign you public key. This isn't going to help them at all.

    2. cyberdemon Silver badge
      FAIL

      The trouble with HTTPS

      Is that all browsers seem to think that an out-of-date or self-signed certificate is _WORSE_ than loading a page in plaintext.

      Personally, I would prefer a warning at the top of the page, that simply tells me what is wrong with the certificate, so if my bank suddenly starts using a self-signed cert then I can phone their fraud department, while if wikipedia or the reg have an out of date cert, I can simply prod their admin by email and continue browsing. Of course if every page on the net suddenly goes self-signed, I can pick the appropriate tinfoil hat.

      That would be much better than simply point-blank refusing to load the page unless I either manually trust the dodgy certificate or load the page in plaintext!

      Of course if a bank's "login to online banking" link mysteriously changed to HTTP instead of HTTPS, most users, possibly including me, might not notice. There is nothing in browsers to protect users from accidentally loading a page in plaintext, but for using an untrusted certificate they could be forgiven for thinking they'd committed some sort of crime, the way browsers scream about it.

      1. Anonymous Coward
        Anonymous Coward

        Re: The trouble with HTTPS

        This.

        They used to have some kind of different color or icon for self-signed certs. Now it's way over the top. I wish they made adding a cert manually more obvious.

  8. Miek
    Big Brother

    "The bureaucrats of the ministry seem to have learned to be opaque after being carpet-bombed by privacy advocates when they first attempted to introduce the Capability under its old name, the Interception Modernisation Programme. ®" -- Can anyone clarify at which point the UK became a Dictatorship comprised of a party of Dictators?

    1. Ken Hagan Gold badge

      That depends on your definition of dictators.

      In terms of "desire", I think you will *really* struggle to identify any UK government in all of history that hasn't wanted to be able to make people do as they are told and keep a watchful eye on anyone they like. If anything, they are less bloody-minded in recent centuries than in the past. The rot set in about 10,000 years ago in the Middle East as far as I can tell.

      In terms of "ability", obviously we've seen changes in technology but since most of the same technologies are available to the populace (SSL-on-everything has been mentioned already) it isn't clear to me that the government has an advantage. If you look at the reaction of *real* dictatorships to the internet then you might reckon that the 21st century will see a truly historic shift in power away from the centre. (Like, the biggest shift in ten thousand years.)

    2. amanfromMars 1 Silver badge

      The Office of CyberIntelAIgent Security and Virtual Protection on AIMission IMPossible ®

      "The bureaucrats of the ministry seem to have learned to be opaque after being carpet-bombed by privacy advocates when they first attempted to introduce the Capability under its old name, the Interception Modernisation Programme. ®" -- Can anyone clarify at which point the UK became a Dictatorship comprised of a party of Dictators? ...... Miek Posted Thursday 6th September 2012 08:46 GMT

      The seeds were probably sown at Yalta, Miek? Do you know anything currently significant or presently particular and peculiar about ARGonauts, other than the fact that Spooks UKGBNI and/or Cheltenham GCHQ are embedded and in bed and in LOVE with them. But it is no big official secret for ARGonauts were openly BetaTesting Big Brother British Telecommunications and SMARTR InterNetional SISter ProVision ...... Communication Capability in Intercepted Modernisation Programmes .... with them as clearly as only yesterday in a Vulture Venture on El Reg ....... http://forums.theregister.co.uk/post/1535705

      It is all a bit hush-hush though, and perfectly understandably so in its Myriad APT Phorms, as IT replaces Dunce Dictatorships with Meritocratic Minders ....... with SMARTR AI and Future Programmeable Apps.

      And now no one can say that they don't know of such things whenever they are so clearly placed in the public and intelligence domains and virtual reality space. One's ignorance is only as a result of one not bothering or having no interest nor facility or curious capability to search for the truth of one's current condition, which are invariably a result of situations and programs of the past, and would now in their present engagements, be being presumably extremely well paid to boot and deliver one's present existence/opportunities/struggles.

      Methinks the Great Game can up itself a level or three or more, don't you? To leave behind all that primitive stuff and nonsense which so blights the ignorant and fools the arrogant.

  9. batfastad

    TLS/SSL

    I thought that TLS/SSL encrypts the content of the communication. It doesn't hide the source/destination of the traffic. Looking at a Wikipedia article is a simple HTTP GET request from the browser. So snoopers won't be able to see the content of the Wikipedia article being transmitted from the server but they will be able to see the requested URL. Then all they have to do is visit the URL themselves and read the article.

    Isn't that right?

    1. Anonymous Coward
      Anonymous Coward

      Re: TLS/SSL

      No. The whole of the communication, apart from some of the certificate exchange and encryption negotiation handshake at the start, is encrypted. That includes what URL you are GETing. All they will be able to tell is that you connected to a particular IP address on port 443 (or whatever port they're running HTTPS on).

      The thing to be concerned about is those sites which embed HTTP links and images into their HTTPS served web pages. Those will leak unencrypted information as you click on them, or as they are downloaded automatically by your browser.

      1. Anonymous Coward
        Anonymous Coward

        Re: TLS/SSL

        Presumably you have never heard of Traffic Analysis?

        Thats your homework.

  10. M Gale

    http://www.freenetproject.org/

    I hear they are looking for content that doesn't come from paranoid schizophrenics, peadophiles and /b/tards.

    Anyone wanna help?

  11. Piloti
    Thumb Down

    As if the UK needs advice from.....

    .... a former banker who now lives on charity donations through his online story telling shit bazaar.

  12. JimC

    Wales: I will have such revenges on you both,

    That all the world shall--I will do such things,--

    What they are, yet I know not: but they shall be

    The terrors of the earth.

Page:

This topic is closed for new posts.

Other stories you might like