
We know they'll never stop
But, I have to wonder if hackers will eventually have their own lobbyists pushing for this.
British spies are once again stipulating that tech companies break their encryption so life is made easier for state-sponsored eavesdroppers. The head of the domestic spy agency, Sir Andrew Parker, demanded that companies such as Facebook compromise the security of their messaging products so spies could read off the contents …
Okay, fine. I'll accept that if you accept that the front door to your house and to the houses of all top-level government officials, including the Queen, can be opened by a special button "only known to the authorities". That button also disables all alarms.
Deal ?
No ?
What a surprise.
'No-one employed or commissioned by HMG engage in, or faciliate, bulk data collection in the UK'
That doesn't rule out the NSA hiring someone who worked for GCHQ until last week, and will go back to working there next week, but currently is 'unemployed'. (Much in the way that the CIA employed U2 pilots who'd 'resigned' from the USAF, and were therefore technically civilians).
This 'non-GCHQ' worker then helps the NSA do some bulk collection, the results of which can of course be shared with the UK via 5-eyes, but in this scenario no-one currently employed by HMG has done anything.
The head of the domestic spy agency, Sir Andrew Parker, demanded that companies such as Facebook compromise the security of their messaging products so spies could read off the contents of messages at will.
Well, there may well be something to this. If Facebook is found to have breakable encryption, then likely fewer and fewer netizens will be tempted to drink the Kool-Aid use the "platform" for ... well, anything. This could conceivably starve the Beast of sufficient oxygen, resulting in its collapsing from its own largess.
...
What am I on about? No -- even that lofty and worthy goal is not worth the risk of allowing any government back-door access to encryption on any platform.
It was a nice dream while it lasted....
If global trawling of communications applies to members of the public (regardless of whether those communications are of a private or business nature) it should also apply to all private and official communications by government officers including those of the security agencies.
It is a fundamental principle of our laws that they apply equally to all persons.
Or is it?
UK spies are not doing bulk surveillance
One doesn't need to whenever effective targeting of certain prime and primeval assets of international security interest deliver the ability with facilities and utilities to ensure guaranteed future stability. Are MI5 excellent in that field?
Sir Andrew is stepping down in April, along with National Cyber Security Centre founding chief Ciaran Martin, whose service ends at some point this summer. Both their replacements will be appointed by the current government.
Appointed by the current government maybe but chosen by secure secret ballot of peers one presumes, for who else are as well equipped or better qualified? One of their own highly respected and considered awfully awesome would certainly be a Popular Sterling Stirling type choice. :-) You know, somebody who might actually know what the fcuk is happening and what to do about with all of the tremendously sensitive and explosive assets now freely available to spooks and straights alike for anywhere everywhere.
Who/Where/What do you imagine best placed and Top Secret Equipped to handle and deal with such Sensitive Compartmented Information with particular and peculiar attention being afforded for comment on just these two for now ......... Military Intelligence Bods or Cabinet Office Bots ...... Latter 0Day Cowboys and Injuns into Playing Advanced IntelAIgent Roles with Post Modern Saints and Sinners.
To the Victor the Spoils :-) ......which Certainly be Always All Ways Hellish Heavenly Delights when most things are done almost perfectly right and hardly ever wrong. Travel that Path Diligently and Just Dessert Rewards are Endless and Almightily EMPowering and Stealthily Surreally Supplied and Applied
So, .... now y'all know what some folk are up to and busying themselves and others with. The difficulty one might have, because it is a simply made mistake to ponder on such as a problem, is a dogged and aggressive disbelief ...... which is akin to a certifiable madness whenever one does battle against something which you believe to be not there and/or out there.
> He told the broadcaster: "We do not approach our work by population level monitoring – looking for, you know, signs of: 'Out of this 65 million people, who should we, you know, look a bit more closely at?' We do not do that."
I know it's a different agency, but the announcement that cops are going to start engaging in widespread face recognition makes this assertion seem rather dubious.
Well of course it's so much easier if instead of investigating a crime, arriving at a suspect, and determining that said suspect did the dirty, you just work on the basis that everyone is a criminal.
Then it's just a case of deciding who is guilty of what.
Remind me again - isn't the rationale for a police force supposed to be that it polices by popular consent?
That 'lawful intercept' backdoor that hardware manufacturers have to put in as part of the 5G standard which is causing the current noise about a certain Chinese company should tell them all they need to know about forcing weaknesses and backdoors in systems.
Total bollocks that its not about mass surveillance and data mining for juicy shit. Real criminals they can and do get warrants and such to investigate properly. This is just for mass surveillance and everyone knows it.
... try again. In language even a politician should understand.
Question (yes or no): You technical folks. Yes, we know 1+3 must equal 4. But surely you can come up with a clever way to make it equal 7, or maybe 2, so long as we produce a warrant? Oh, and only for us - everyone else gets 4. OK? Thanks.
Crypto. It's mathematics, not a debate, or a vote in the house.
Dear Home Secretary,
https://www.theregister.co.uk/2020/02/26/mi5_chief_itv_interview/
"Current UK home secretary Priti Patel is firmly anti-encryption, with
the social conservative having banged on about paedoterrorists shortly
after her appointment last summer."
I run Linux. It comes fully loaded with all sorts of encryption stuff
and I can apt-get even more of it should I really care.
For less hardcore paedoterrorists this sort of stuff is also available
on the Interwebs assuming you have the right #hashtags.
https://gpg4usb.org/download.html
There is no need to use the encryption available from popular online
platforms and you do not gain much from asking them to cripple it.
No doubt any backdoors you care to introduce will rapidly fall into the
hands of undesirables.... such as the [HUGE COUGH] Israelis.
Don't mention this to Sir Andrew Parker. He used to work for MI5 and
apparently they don't trust you.
HTH
Faithfully
https://www.gchq.gov.uk/information/national-technical-assistance-centre
Whilst the underyling interception is done by GCHQ it's still often the security service seeking and obtaining the warrants that underpin the spying. He may claim that MI5 isn't interested in bulk surveillance, but who'd care to bet them and their warrants are still quite happily taking advantage of it?
From their homepage:
The National Technical Assistance Centre (NTAC) is a government unit made up of staff from a range of backgrounds. It is responsible for the lawful interception of communications on behalf of law enforcement and other agencies, as well as recovering data from seized media. NTAC also offers technical advice to government and industry on interception, data recovery, and digital forensics.
[...]
NTAC does not apply for interception warrants in its own right. Rather, it manages the delivery of intercepted communications to the agencies that have a lawful authorisation in place to acquire them.
So in this instance GCHQ is often little better than an extension of MI5, and doing their bidding.
So GCHQ do dragnet surveillance of everybody (I thought we were innocent until proven guilty?), and it had been revealed some of them were perving on peoples private photos, and yet the spooks seem to be surprised at the determination to keep everything encrypted?
If you guys obeyed the law, and treated innocent people with the respect they deserve, you wouldn't be getting such a reaction. It's your fault, and tough. You can't deinvent encryption.
Perhaps you should start investigating crimes the old fashioned way, and stop acting like "Big Brother" is an instruction manual.
@Jamie Jones
"(I thought we were innocent until proven guilty?)"
Well, they did sort of get rid of that, but they worked out they're safe anyway. "We hereby define the proof of guilt as the absence of proof of innocence. Since nobody can prove they're innocent, everybody is therefore guilty! Guilty as charged! Er - as soon as we think up some charges!"
MI5, MI6, GCHQ et al are gonna do whatever they're gonna do. Regardless. But why so much time, effort and focus on breaking encryption and "authorities" only back doors?
Far far greater benefits to joe public would come from old fashioned policing. Anyone for Pizza? How hard can it be for plod/authorities to read a business card and make a phone call? The criminal comes straight to you, within minutes, along with the evidence.
https://www.bbc.co.uk/news/uk-england-leeds-51237885
Easier than Pizza, or a fast meal, at least using those services you don't get inundated with :
1) would you like to make it large Sir/Madam/They/It/**********
2) would you like additional toppings on it.
3) a queue of people at the counter demanding that staff search through the whole sack of figurines for that one elusive model because "our little brat TallulahDeLacy" already has this common figurine.
More importantly, they'd have to accept some level of transparency and accountability in their own actions. Given that even their tame secret court finds against them whenever there is an inadvertent disclosure of their activities, I can't see them clamouring for greater access to their own messaging.
They're supposed to represent us, not themselves!
If anyone should have their encryption broken, it should be the politicians
As soon as it becomes clear that FB, GGL, MS, APL or any other web service has given a backdoor to TLAs, I'll find that backdoor and give it to all my really good friends!
And that old Sea Hunt, Parker, he can just fluff off!
To be honest, regardless of what Facebook/Google/whoever say about their encryption. And what the spooks say to (outfits whose day to day job is using disinformation to achieve their end goals ....). I would only put data through the pipe that (a) I didn't care could be read; or (b) I had previously encrypted OFF the device sending it.
Any statement from the security services should be furthering their agenda - which in this case would be that they HAVE cracked the encryption, but by pretending they can't (and playing all sorts of games with courts and the like) they are luring the less bright bad guys into a trap.
And in any case, even being able to decrypt to plaintext is of limited use if what you then discover is something that makes no sense - like some sort of book code.
Biting the hand that feeds IT © 1998–2022