GCHQ: Crypto's great, we're your mate, don't be like that and hate Robert Hannigan, director of UK spy agency GCHQ, has said this week there is an ethical problem presented by encryption. The snoop-boss, speaking to an audience at the Massachusetts Institute of Technology in the US, said the industry's technical experts should help intelligence analysts crack crypto used by criminals. …
I feel that GCHQ, like a lot of organizations suffer from meddling from the politicos, and in the main the majority are hard working highly motivated people. Unfortunately these people aren't the ones making the dumb decisions,such as lowering the bar, thats the politicos who have more to fear from the masses.
Yes we need them to protect us from the nasties out there, but no we don't need them, and I suggest they would agree, to their talents being utilised checking Mrs Scroggins isn't trying to fiddle the school entry rules.
Goodwill?
<voice=blade_runner_narrator>
The various government organs have burned through whatever little goodwill they had left
Overreaching councils snooping on your bins or police "just checking up" on neighbours, ex wives/husbands. Security agencies drag-netting all cell & internet comms (but its ok cuz it only meta data)
All because the ${badGuys} and ${boogyMen} will get us.... Won't somebody think of the ${emotionalHotButton}
</voice>
Mines the one with the meds in the pocket
Communications are either cryptographically secure or they are not. There is no magical half-way point where law enforcement or "friendly" governments can have some means to access the encrypted data without that same means being available to hackers, unfriendly governments, criminals or others.
They are not addressing backdoors because it's bad PR and it's what China and Russia do. Instead looking at France and the UK, laws are made which threaten heavy fines and jail sentences so that end-to-end encryption or devices with encryption that is too difficult to break are designed-out at the design stage.
so that end-to-end encryption or devices with encryption that is too difficult to break are designed-out at the design stage
The release of those papers is supposed to assure us that GCHQ are becoming more transparent and to demonstrate they are really, really clever people. So let's run with that for a moment.
Either through backdoors that aren't called backdoors, or simply through banning too-difficult to break security, GCHQ will know as the rest of do that the really organised crims, paedoterrorists and the like who are (supposedly, hah!) the real targets will quickly and readily find alternative communications tactics. Denying these people the ability to do business on an Android phone or Windows/Apple computer isn't going to stop them, and the inconvenience is going to be marginal when they are already always looking over their shoulders. In many cases they will happily continue to use these systems, because they rely on idiot codes - as did SOE very effectively during WW2. In that case GCHQ won't even have caused these people modest inconvenience.
Then again, Hannigan's a typical civil servant, having studied "Classics" at Oxford, so we shouldn't be surprised. Can you imagine the chortling amongst the Bullingdon chums: "Binky Hannigan's moaning that he's cleverer than Sherlock Holmes again because he studied Classics, and we all did PPE. So I'm going to call his bluff by putting him in charge of the most technical most secret agency the government has!"
So, knowing that this won't affect the real villains, the only logical rationale for GCHQ's ambitions to give themselves unlimited prying rights is that it nothing to do with serious criminals, and everything to do with spying on workaday criminals (which I doubt) or is purely to support Theresa May's dystopian vision of universal surveillance of the population by the state.
And another thing, Mr Hannigan: If you want things to be different, and to be held in higher esteem, and to have some support, why are you spouting off to MI-fucking-T in Merkinland? If you want to get some support in the UK from people other than Big State enthusiasts, write something for the Reg (I'm sure they'd be delighted) and join us down here in the dirt of the Commentariat, if that's not too common for you?
Dirt? How very dare you.
Also, I need to understand what you mean by classics at Oxford.
Are you referring to shoes, marmalade and dictionaries?
If so this chap needs to get a proper education, that knowledge is useless in his position. Frightful.
> laws are made which threaten heavy fines and jail sentences
The UK has had a standard approach to this for years - if a judge directs you to provide decrypted data for the court and you fail to do so, it's contempt and gets punished as such.
If anything the laws reduce your exposure - you can be held almost indefinitely on contempt charges.
That is what I said to someone I know who works at GCHQ just after the Snowden leaks. GCHQ have, by their actions over the last 20-30 years, voided our trust. They will never again be allowed, by my generation, to have the same power again.
Until those of us who remember their crimes are gone they can beg, whine, scream, threaten or corrupt as much as they like but they will be fighting the population.
The abuse had been going on since the 70s: completely illegal and dis-proportionate abuse of powers to monitor legitimate political parties (including the Labour party!) and trade unions. Later, helping the police to drive towards a police state for anyone who dares to protest (see the John Catt case). Finally their "climate of fear" pushing of a serious but very infrequent crime (terrorism) as if it was a serious threat to life or liberty.
The actual threat to liberty is the abuse of extremely dangerous powers which should be being used maybe once a year, not on the whim of a politician or police officer.
They were surprised by the vehemence of my concern and by my proposed solution: massive budget cuts to bring them under proper control and focus their minds on the things that are really important. Needless to say, they did not agree. Not that they were in a position to do anything about it anyway (as far as I know, of course).
Until those of us who remember their crimes are gone they can beg, whine, scream, threaten or corrupt as much as they like but they will be fighting the population.
Let's not give the powers that be any ideas, shall we? I can see here in the US that the "purge/gulag" mentality is rising. It appears to be that getting way in Blighty, also. Not too many countries that aren't pushing things that direction in the name of "security".
He's pretty much mirroring Clinton's comments that "the government is not your enemy" to companies like Google who had their inter-datacentre links tapped by the NSA. That kind of comment is intended to frame the argument for the general public as a "these people are being unreasonable too, and even though we're making an effort now they're still refusing to budge!". It's a PR stunt, nothing more, which is probably why he did it in another country where people are less familiar with what's going on with GCHQ
identity verification for Government digital services ... the security of domestic “smart” power meters
If these are so important, and both fall within programmes mandated by government and presumably open to advice from GCHQ, why are the implementations so unfit for purpose?
The government are mandating permanently connected devices be installed in every house in the country, capable of monitoring temperature, energy use ... and sound? ... and reporting back to some centralised server somewhere. Why? To save the planet, of course, and stop looking too closely, it saves you money too. Squirrel.
The Register actually ran a story 2-3 years back about how outsiders can use intercepted telemetry from your smart meter to tell what you are watching. Apparently, the subtle changes in power consumption reported through the telemetry can allow others to figure out whether you are watching Star Wars, Citizen Kane or SpongeBob Squarepants.
http://www.theregister.co.uk/2012/01/09/smart_meter_privacy_oops/
As I recall, my solution was to leave your second TV set to high-brow costume dramas, the arts and news programs, while using a portable generator to power your big TV off the grid, where you actually watched bikini-babe movies and sports.
"For nearly 100 years we have been intimately involved in strengthening encryption."
(My edit: Strengthening for use by us & our friends but not for the general public).
Said in the same breath as finally revealing Ellis documents & GCHQ would doubtless have been very happy if Diffie, Hellman & Merkle had not published on public key encryption.
Some more:
> For those of us in intelligence and law enforcement, the key question is not which door to use, but whether entry into the house is lawful at all.
Note the use of "house" singular. The problem the public has with you, Mr. Hannigan, is that while you stand up and say "house", singular, at conferences, your employer has legislation going through Parliament at this very moment which says "houses", plural, in fact every single household in the land, and beyond.
This is the reason why no one trusts you.
"legislation going through Parliament at this very moment which says "houses", plural, in fact every single household in the land, and beyond." --- 2+2=5
More to the point, they were already doing it even before legislation was proposed, let alone passed, that they should be able to do so.
Once upon atime, the activities of GCHQ and the other security services were limited to thwarting the efforts of states and other groups that were hostile or unsympathetic to us as a country. But since the "end of the Cold War" and the advent of the glorious "peace dividend", their activites have been extended to counter ordinary "serious crime". That's what happens when we are ruled by bean counters.
We are told they work against "organised crime", i.e. gangsters, and against child molesters. If they say so, perhaps; but meanwhile don't recycle too many goody-goody recyclables into the plain old black bag, and be careful what address you choose to get your child into a good school (*).
I would like to see the remit of the security services firmly reset to its old position of thwarting the Queen's enemies.
(*)When my old grammar school was made comprehensive, it was relocated to the most expensive suburb of that city, where my parents could never have afforded to live.
I occasionally ponder how many of the WW2 "heroes" would have had their security clearances pulled had their private correspondence been known.
We quite possibly would have no GCHQ and no atomic bomb, leading to a very different outcome. We should learn from history and make sure we're not in that position the next time.
If a criminal commits a crime, you serve him with a warrant, approved by a court, he is compelled to unlock the device or can challenge the warrant. Why should GCHQ have a backdoor into encryption to bypass that judicial process?
If he's already dead, tough luck, you can't arrest him anyway. Anyone he talked to is a phone billing record away, go after them instead.
What you're actually trying here is to strip the judicial and privacy rights from Britain.
Once GCHQ were code breakers breaking ENEMY codes. Now they do a full take on BRITISH comms, they help conceal PRISM surveillance of Britain from Parliament, and here they want British encryption back-doored. You lot in the donut are the biggest threat to the UK.
It was revealed that Obama gets a briefing on governmental secrets. It was revealed that the 5-eyes-no-spy agreement was ignored if the information was useful to the US. It was revealed that "The Wilson Doctrine" is worthless, you hoover up all Parliaments and government ministers internet data along with everyone elses. Today its Obama, tomorrow it will be Chancellor Trump who gets his briefing if our secrets. Secrets that largely come from your Full Take data.
We need compulsory encryption to protect our government and Parliament's private communications from you. That encryption needs to be GCHQ proof. Because you lot have lost the plot.
'...stated he was “puzzled by the caricatures in the current debate, where almost every attempt to tackle the misuse of encryption by criminals and terrorists is seen as a ‘backdoor’.”'
When people have been lied to by state agents, and when those agents have seen fit to act regardless of 'just cause' or actual 'evidence', is it any wonder that said 'people' are just a tad cynical about any subsequent 'promises' and 'explanations', even when they are made in good faith. That's what happens when you lose trust---people don't trust you. Quelle suprize!
The 'moral' question is: What can our state agents do to convince us that they will act with integrity and good faith towards 'the people' whose lives and livelihoods they are charged to protect?
In reality there is probably nothing they can do; they've blown it. They blew it years (hundreds of years) ago. The only thing that has changed is the extent of their reach and the time-frame of their reach---longer reach, and much faster. Apart from that it really is business as usual, and hoping that there are always enough 'good' people in the system to mitigate the worst tendencies of those who are motivated by greed, power, and fear.
The best we can probably hope for is some kind of Mexican stand-off, between the state agents, the criminals, and the rest of us. The graveyard scene in 'The Good, the Bad, and the Ugly', comes to mind, but without a resolution.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
