back to article Departing MI5 chief: Break chat app crypto for us, kthxbai

British spies are once again stipulating that tech companies break their encryption so life is made easier for state-sponsored eavesdroppers. The head of the domestic spy agency, Sir Andrew Parker, demanded that companies such as Facebook compromise the security of their messaging products so spies could read off the contents …

Page:

  1. GnuTzu Silver badge
    Joke

    We know they'll never stop

    But, I have to wonder if hackers will eventually have their own lobbyists pushing for this.

    1. Sanctimonious Prick
      Coat

      Re: We know they'll never stop

      The Pirate Party....? No? Umm... The Hackers Party Of The World Party? No? Wait, I've got it, The Harry Potter Party!!!! :D

      No holes in my pockets ----->

      1. BitEagle

        Re: We know they'll never stop

        The NSA? GCHQ?

        Take your pick...

  2. Pascal Monett Silver badge

    Backdoor only for authorities

    Okay, fine. I'll accept that if you accept that the front door to your house and to the houses of all top-level government officials, including the Queen, can be opened by a special button "only known to the authorities". That button also disables all alarms.

    Deal ?

    No ?

    What a surprise.

    1. Brewster's Angle Grinder Silver badge

      Bring your own psychic paper

      The Queen, Prime Minister etc... are guarded by police officers. And I bet a single piece of id issued by "the authorities " will allow you past those guards - they'll even unlock the doors for you.

  3. Anonymous Coward
    Anonymous Coward

    More worrying, is that Priti "counter terrorism" Patel

    is in charge ?

    Or is she ?

    Is my assumption that people whose security clearance doesn't go all the way to the top are never aware of the fact correct ?

  4. Anonymous Coward
    Anonymous Coward

    Ha

    > Sir Andrew Parker also claims UK spies are not doing bulk surveillance

    Well, it's not as if GCHQ would tell him if they were.

    1. Sir Runcible Spoon Silver badge
      FAIL

      Re: Ha

      Don't forget the get out of letting the Americans slurp all that data for them.

      Get him to say something like: 'No-one employed or commissioned by HMG engage in, or faciliate, bulk data collection in the UK'

      Otherwise, go fish.

      1. phuzz Silver badge

        Re: Ha

        'No-one employed or commissioned by HMG engage in, or faciliate, bulk data collection in the UK'

        That doesn't rule out the NSA hiring someone who worked for GCHQ until last week, and will go back to working there next week, but currently is 'unemployed'. (Much in the way that the CIA employed U2 pilots who'd 'resigned' from the USAF, and were therefore technically civilians).

        This 'non-GCHQ' worker then helps the NSA do some bulk collection, the results of which can of course be shared with the UK via 5-eyes, but in this scenario no-one currently employed by HMG has done anything.

    2. Stuart Castle Silver badge

      Re: Ha

      They might actually tell him, but that doesn't mean he'd ever admit to it publicly.

  5. Someone Else Silver badge

    The head of the domestic spy agency, Sir Andrew Parker, demanded that companies such as Facebook compromise the security of their messaging products so spies could read off the contents of messages at will.

    Well, there may well be something to this. If Facebook is found to have breakable encryption, then likely fewer and fewer netizens will be tempted to drink the Kool-Aid use the "platform" for ... well, anything. This could conceivably starve the Beast of sufficient oxygen, resulting in its collapsing from its own largess.

    ...

    What am I on about? No -- even that lofty and worthy goal is not worth the risk of allowing any government back-door access to encryption on any platform.

    It was a nice dream while it lasted....

    1. Mike 137 Silver badge

      The same law for everyone

      If global trawling of communications applies to members of the public (regardless of whether those communications are of a private or business nature) it should also apply to all private and official communications by government officers including those of the security agencies.

      It is a fundamental principle of our laws that they apply equally to all persons.

      Or is it?

  6. amanfromMars 1 Silver badge

    Extra Special Operational Forces?

    UK spies are not doing bulk surveillance

    One doesn't need to whenever effective targeting of certain prime and primeval assets of international security interest deliver the ability with facilities and utilities to ensure guaranteed future stability. Are MI5 excellent in that field?

    Sir Andrew is stepping down in April, along with National Cyber Security Centre founding chief Ciaran Martin, whose service ends at some point this summer. Both their replacements will be appointed by the current government.

    Appointed by the current government maybe but chosen by secure secret ballot of peers one presumes, for who else are as well equipped or better qualified? One of their own highly respected and considered awfully awesome would certainly be a Popular Sterling Stirling type choice. :-) You know, somebody who might actually know what the fcuk is happening and what to do about with all of the tremendously sensitive and explosive assets now freely available to spooks and straights alike for anywhere everywhere.

    1. Anonymous Coward
      Anonymous Coward

      Re: Extra Special Operational Forces?

      upp

      #6

    2. amanfromMars 1 Silver badge

      Re: Extra Special Operational Forces?

      Who/Where/What do you imagine best placed and Top Secret Equipped to handle and deal with such Sensitive Compartmented Information with particular and peculiar attention being afforded for comment on just these two for now ......... Military Intelligence Bods or Cabinet Office Bots ...... Latter 0Day Cowboys and Injuns into Playing Advanced IntelAIgent Roles with Post Modern Saints and Sinners.

      To the Victor the Spoils :-) ......which Certainly be Always All Ways Hellish Heavenly Delights when most things are done almost perfectly right and hardly ever wrong. Travel that Path Diligently and Just Dessert Rewards are Endless and Almightily EMPowering and Stealthily Surreally Supplied and Applied

      So, .... now y'all know what some folk are up to and busying themselves and others with. The difficulty one might have, because it is a simply made mistake to ponder on such as a problem, is a dogged and aggressive disbelief ...... which is akin to a certifiable madness whenever one does battle against something which you believe to be not there and/or out there.

  7. Will Godfrey Silver badge
    Facepalm

    So Sad

    that all these noble people are suffering from advanced dementia, and are quite unable to remember any of the times this sort of thing has been attempted.

  8. JohnFen Silver badge

    ...and yet

    > He told the broadcaster: "We do not approach our work by population level monitoring – looking for, you know, signs of: 'Out of this 65 million people, who should we, you know, look a bit more closely at?' We do not do that."

    I know it's a different agency, but the announcement that cops are going to start engaging in widespread face recognition makes this assertion seem rather dubious.

    1. Anonymous Coward
      Anonymous Coward

      Re: ...and yet

      Having just watched a facebook vid on how they "cloned" agent smith in the fight scene in The Matrix, I see, as there's no law against trying to bypass facial recog, a great market in celeb latex masks.

      I, for one, will enjoy wearing a pretti patel mask :-)

      1. Sir Runcible Spoon Silver badge
        Meh

        Re: ...and yet

        "enjoy wearing a pretti patel mask"

        You have issues.

      2. BebopWeBop Silver badge

        Re: ...and yet

        Does your partner have ideas? (odd ones)

    2. Neil Barnes Silver badge

      Re: ...and yet

      Well of course it's so much easier if instead of investigating a crime, arriving at a suspect, and determining that said suspect did the dirty, you just work on the basis that everyone is a criminal.

      Then it's just a case of deciding who is guilty of what.

      Remind me again - isn't the rationale for a police force supposed to be that it polices by popular consent?

      1. BebopWeBop Silver badge

        Re: ...and yet

        It apparently was - a long long time ago,

  9. HmYiss

    It's like..

    ..asking a company that makes donuts to stop making donuts cus you think donuts are bad mkay?.. fucking spazzes in power.

  10. NonSSL-Login

    How does he keep a straight face

    That 'lawful intercept' backdoor that hardware manufacturers have to put in as part of the 5G standard which is causing the current noise about a certain Chinese company should tell them all they need to know about forcing weaknesses and backdoors in systems.

    Total bollocks that its not about mass surveillance and data mining for juicy shit. Real criminals they can and do get warrants and such to investigate properly. This is just for mass surveillance and everyone knows it.

  11. John Smith 19 Gold badge
    Gimp

    Well I think we've identified one of the real data fetishists

    Process for facial recognition.

  12. The_Idiot

    OK, so lets...

    ... try again. In language even a politician should understand.

    Question (yes or no): You technical folks. Yes, we know 1+3 must equal 4. But surely you can come up with a clever way to make it equal 7, or maybe 2, so long as we produce a warrant? Oh, and only for us - everyone else gets 4. OK? Thanks.

    Crypto. It's mathematics, not a debate, or a vote in the house.

    1. Anonymous Coward
      Anonymous Coward

      Re: OK, so lets...

      It is like Scotty in Star Trek when asked for the impossible says "I cannae change the laws of physics".

      1. Alister Silver badge

        Re: OK, so lets...

        Yeah, except that normally, when Scotty says that, he then goes on to do it anyway...

        This is the trouble with confusing fact and fiction, something politicians and civil servants appear to have a problem with.

        1. Sir Runcible Spoon Silver badge
          Black Helicopters

          Re: OK, so lets...

          And Scotty is known to exaggerate by at least a factor of 4.

          --> Ignore the rotors, it's looks like a Federation ship

    2. Sir Runcible Spoon Silver badge
      Facepalm

      Re: OK, so lets...

      "but surely you can come up with a clever way to make it equal 7, or maybe 2"

      Yes, it's called encryption...oh.

  13. Camilla Smythe

    Dear Home Secretary...

    Dear Home Secretary,

    https://www.theregister.co.uk/2020/02/26/mi5_chief_itv_interview/

    "Current UK home secretary Priti Patel is firmly anti-encryption, with

    the social conservative having banged on about paedoterrorists shortly

    after her appointment last summer."

    I run Linux. It comes fully loaded with all sorts of encryption stuff

    and I can apt-get even more of it should I really care.

    For less hardcore paedoterrorists this sort of stuff is also available

    on the Interwebs assuming you have the right #hashtags.

    https://gpg4usb.org/download.html

    There is no need to use the encryption available from popular online

    platforms and you do not gain much from asking them to cripple it.

    No doubt any backdoors you care to introduce will rapidly fall into the

    hands of undesirables.... such as the [HUGE COUGH] Israelis.

    Don't mention this to Sir Andrew Parker. He used to work for MI5 and

    apparently they don't trust you.

    HTH

    Faithfully

    1. Alister Silver badge

      Re: Dear Home Secretary...

      Oh come on Camilla, she's going to want to ban Linux now, as well...

      1. Anonymous Coward
        Anonymous Coward

        Re: she's going to want to ban Linux now, as well...

        Remember that Kali Linux is a hackers tool and needs reporting to the police ...

        https://www.theregister.co.uk/2020/02/14/silly_police_infosec_parental_advice_poster/

  14. Vimes

    https://www.gchq.gov.uk/information/national-technical-assistance-centre

    Whilst the underyling interception is done by GCHQ it's still often the security service seeking and obtaining the warrants that underpin the spying. He may claim that MI5 isn't interested in bulk surveillance, but who'd care to bet them and their warrants are still quite happily taking advantage of it?

    1. Vimes

      From their homepage:

      The National Technical Assistance Centre (NTAC) is a government unit made up of staff from a range of backgrounds. It is responsible for the lawful interception of communications on behalf of law enforcement and other agencies, as well as recovering data from seized media. NTAC also offers technical advice to government and industry on interception, data recovery, and digital forensics.

      [...]

      NTAC does not apply for interception warrants in its own right. Rather, it manages the delivery of intercepted communications to the agencies that have a lawful authorisation in place to acquire them.

      So in this instance GCHQ is often little better than an extension of MI5, and doing their bidding.

  15. Jamie Jones Silver badge
    Black Helicopters

    So GCHQ...

    So GCHQ do dragnet surveillance of everybody (I thought we were innocent until proven guilty?), and it had been revealed some of them were perving on peoples private photos, and yet the spooks seem to be surprised at the determination to keep everything encrypted?

    If you guys obeyed the law, and treated innocent people with the respect they deserve, you wouldn't be getting such a reaction. It's your fault, and tough. You can't deinvent encryption.

    Perhaps you should start investigating crimes the old fashioned way, and stop acting like "Big Brother" is an instruction manual.

    1. Sir Runcible Spoon Silver badge

      Re: So GCHQ...

      "and stop acting like "Big Brother" is an instruction manual."

      'Big Brother'? Do you mean 1984? If so, that was more of a primer than an instruction manual. We're waaaay beyond that now.

      1. Jamie Jones Silver badge

        Re: So GCHQ...

        Yeah, Brain fart moment! 1984... Big brother the 1984 character, not the trashy TV show!

    2. Neil Barnes Silver badge
      Big Brother

      Re: So GCHQ...

      Encryption.

      Ruining freedom since the times of Caesar.

      Apparently...

      1. Arthur the cat Silver badge

        Re: So GCHQ...

        since the times of Caesar

        Possibly even before that, see here.

    3. The_Idiot

      Re: So GCHQ...

      @Jamie Jones

      "(I thought we were innocent until proven guilty?)"

      Well, they did sort of get rid of that, but they worked out they're safe anyway. "We hereby define the proof of guilt as the absence of proof of innocence. Since nobody can prove they're innocent, everybody is therefore guilty! Guilty as charged! Er - as soon as we think up some charges!"

    4. The Nazz Silver badge

      Re: So GCHQ...- Policing the old fashioned way, anyone for Pizza.

      MI5, MI6, GCHQ et al are gonna do whatever they're gonna do. Regardless. But why so much time, effort and focus on breaking encryption and "authorities" only back doors?

      Far far greater benefits to joe public would come from old fashioned policing. Anyone for Pizza? How hard can it be for plod/authorities to read a business card and make a phone call? The criminal comes straight to you, within minutes, along with the evidence.

      https://www.bbc.co.uk/news/uk-england-leeds-51237885

      Easier than Pizza, or a fast meal, at least using those services you don't get inundated with :

      1) would you like to make it large Sir/Madam/They/It/**********

      2) would you like additional toppings on it.

      3) a queue of people at the counter demanding that staff search through the whole sack of figurines for that one elusive model because "our little brat TallulahDeLacy" already has this common figurine.

  16. Anonymous Coward
    Anonymous Coward

    Right to Privacy

    If they want to argue there's no such thing as a Right to Privacy, if someone were to put up Naked pictures of the people claiming this, then they'd obviously have no objection to this.

    1. Warm Braw Silver badge

      Re: Right to Privacy

      More importantly, they'd have to accept some level of transparency and accountability in their own actions. Given that even their tame secret court finds against them whenever there is an inadvertent disclosure of their activities, I can't see them clamouring for greater access to their own messaging.

  17. earl grey Silver badge
    Facepalm

    oh, so you're using encryption

    You must be a terriorist.

    Report to chokey immediately (if not sooner).

    1. ThinkingMonkey

      Re: oh, so you're using encryption

      One of our illustrious former heads of the FBI years ago once had posters on the wall in Internet cafes in the U.S. that anyone seen using TAILS or any other obviously "suspicious" OS should be reported to a certain hotline. True story.

    2. Anonymous Coward
      Anonymous Coward

      "Nothing to Hide, Nothing to Fear"

      © 1933 Joseph Goebbels

  18. Sanctimonious Prick
    Black Helicopters

    Politicians Have Forgetten...

    They're supposed to represent us, not themselves!

    If anyone should have their encryption broken, it should be the politicians

    As soon as it becomes clear that FB, GGL, MS, APL or any other web service has given a backdoor to TLAs, I'll find that backdoor and give it to all my really good friends!

    And that old Sea Hunt, Parker, he can just fluff off!

    1. Citizen of Nowhere

      Re: Politicians Have Forgetten...

      They've forgotten they are supposed to pretend to represent us, and now pretty much blatantly represent themselves and the vested interests who will be giving them directorships and other lucrative sinecures as rewards for their services.

  19. Anonymous Coward
    Anonymous Coward

    No quite sure I would have trusted anyone elses encryption anyway ...

    To be honest, regardless of what Facebook/Google/whoever say about their encryption. And what the spooks say to (outfits whose day to day job is using disinformation to achieve their end goals ....). I would only put data through the pipe that (a) I didn't care could be read; or (b) I had previously encrypted OFF the device sending it.

    Any statement from the security services should be furthering their agenda - which in this case would be that they HAVE cracked the encryption, but by pretending they can't (and playing all sorts of games with courts and the like) they are luring the less bright bad guys into a trap.

    And in any case, even being able to decrypt to plaintext is of limited use if what you then discover is something that makes no sense - like some sort of book code.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020