back to article New UK Home Sec invokes infosec nerd rage by calling for an end to end-to-end encryption

Priti Patel has declared war on encryption safeguards, demanding they be torn up for the convenience of police workers. Patel, the social conservative appointed Home Secretary by British Prime Minister Boris Johnson last week, used this morning's Daily Telegraph to call for end-to-end encryption to be broken with backdoors …

Page:

    1. Yet Another Anonymous coward Silver badge

      Careful. In the UK not handing over the key to anything the government thinks is encrypted gets you 5 years.

      We did ask what happens to all Tb of background thermal noise in our data - which is indistinguishable from encrypted data - we were told not to worry because the law was only for use against criminals and terrorists.

      1. MJI Silver badge

        Criminals and Terrorists

        As I keep saying to death sentence supporters, are YOU prepared to be the mistake.

        Look at that paedo who got the Police investigating lots of other people including gay MPs, mititary people, death cults and the like.

        He was the criminal but his victims were treated like them.

        1. Anonymous Coward
          Anonymous Coward

          Re: Criminals and Terrorists

          Or pethaps he was fitted-up and had stuff planted on his PC because he upset some VIPs ?

          1. Anonymous Coward
            Anonymous Coward

            Re: Criminals and Terrorists

            I hate the fact that you could both be right.

        2. Anonymous Coward
          Anonymous Coward

          Re: Criminals and Terrorists

          "Another useful ploy is the false accusation. First, create a situation where you are wrongly accused. Then, at a convenient moment, arrange for the false accusation to be shown to be false beyond all doubt. Those who have made accusations against both the company and its management become discredited. Further accusations will then be treated with great suspicion."

          “The New Machiavelli: The Art of Politics in Business” by Lord McAlpine

          1. Anonymous Coward
            Anonymous Coward

            Re: Criminals and Terrorists

            "Further accusations will then be treated with great suspicion."

            At which point all the reputational damage will have been done.

      2. Anonymous Coward
        Anonymous Coward

        Communication vectors

        On the subject of background thermal noise, we picked up a threat vector in the wild from a piece of malware crafted to bypass air-gapped networks. The malware deliberately altered the fan speed of a given piece of equipment akin to a flashlight being used for morse code. All you then need is a microphone (or laser interferometer) to pick up the changes in air pressure to recieve the message.

        The bit rate of this approach is of course atrocious, but that might not matter for the right kind of information. And virtually every electronic gadget in circulation larger than a phone has a fan in it now...

        1. Paul Stimpson

          Re: Communication vectors

          That is really clever.

          /me disconnects all the fans in his PC. "Right, that's me safe. Oh bollocks! It's sending smoke signals now!"

    2. Efer Brick

      Yes, I agree, much better in the original Klingon

    3. osmarks

      Ebg13 "rapelcgvba" vf frpher rabhtu sbe gur nirentr pvgvmra, bayl tbireazrag zrzoref ernyyl ARRQ nalguvat orggre.

  1. WonkoTheSane
    Headmaster

    Same old tune

    One agency's backdoor will quickly become every hacker's catflap.

    1. Mark 85 Silver badge

      Re: Same old tune

      Well, it is a race to the bottom between the Brits and the US. The hackers are the winners no matter who hits the bottom first. I fear that if this crap succeeds, the days of the Internet are over as basically every company, every bank, every person online will be at risk.

      1. Dr Scrum Master

        Re: Same old tune

        Well, it is a race to the bottom between the Brits and the US.

        That's because we only ever seem to get news about the UK and US...

        1. Anonymous Coward
          Anonymous Coward

          Re: Same old tune

          Australia already "won", so...

      2. Brent Beach

        Re: Same old tune

        The latest US version of this demand exempts BIG COMPANIES - they are allowed to have encryption. Presumably this includes people communicating with big companies.

        This elevates the corporation once more step further above the mere person. Not only are they people for purposes of free speech and donation of unlimited amounts to political campaigns (making bribes legal), they now can conduct their business - off-shoring money to tax shelters - without fear of police snooping (making tax cheating impossible to detect).

        The dupes in the Five Eyes countries outside the US will all bobble head this. Australia has already made encryption illegal.

        I hereby define the Murdoch law of Mass Media - the more Murdoch media there is in a country, the lower the intelligence of the elected politicians.

        1. Barrie Shepherd

          Re: Same old tune

          "Australia has already made encryption illegal."

          Don't think so - they have legislation which would allow security operatives to require service providers to push 'encryption breaking code' into a targets communication devices - but last time I checked encryption services were still operational in AUS. They wanted to force WhatsApp etc. into Aus wide encryption breaking but I think they got a encrypted finger.

      3. Mike Richards Silver badge

        Re: Same old tune

        Are we already forgetting Australia’s contribution to this idiocy?

        Former PM Malcolm Turnball: “The laws of Australia prevail in Australia, I can assure you of that. The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia."

        Given her precious form, I fully expect Priti Patel to go one step further and try to revoke the laws of mathematics.

    2. Anonymous Coward
      Anonymous Coward

      I'm not even worried about hackers

      Let's say they could leave a backdoor for the police while making it just as resistant to hackers as full encryption is today (which is not 100%, there are constantly holes being found in the way encryption is applied i.e. MiTM attacks and so forth so encryption isn't proof against hackers anyway)

      What I'd be worried about is abuse like hoovering up all communications, decrypting it, and doing word searches looking for things that fit their filters. Or some stalker cop forging the court approval (because you know it'll allow for stupid stuff like judges that don't believe in technology faxing an order with their all-too-easily-forged signature)

      Or worse it'll be directly accessible to anyone anywhere who can claim to be law enforcement, like a part time sheriff in a tiny town, so hackers will simply phish him and then use his access to look up the encrypted comms of their target for e.g. corporate espionage. The hackers won't need to break the encryption through the backdoor like you are worried about, they'll just need to steal the credentials to the system from anyone who has access and walk right in through the front door.

      No one should expect them to hand out a 2FA physical key to everyone, and audit all accesses, with no exceptions. That's how we would set it up, but they will want to make it "convenient" for its users.

      1. Richard 12 Silver badge

        Re: I'm not even worried about hackers

        So Mr Upstanding Police Chief has their back door.

        Mr Evil Hacker puts on their black hat and steals it from Mr Upstanding. It takes them a few days to get it, perhaps by applying a brown envelope or rubber hose to Mr Upstanding or their staff.

        Next, Mr Evil sells it to the highest few bidders. Who sell it on to the next-highest.

        Within a few weeks, every script kiddy in the world has a copy of said back door, several criminal organisations have a new income stream and the body of Mr Upstanding's private secretary still hasn't been found.

        1. stiine Silver badge
          Coffee/keyboard

          Re: I'm not even worried about hackers

          You may be dissapointed to discover that the body of Mr Upstanding's private secretary has been promoted and is now your prime minister.

    3. 0laf Silver badge
      Terminator

      Re: Same old tune

      Don't worry the politicians will invent magic unicorn encryption. It will be perfectly protect from all but the pure of heart. The wicked and sinful can't access your data

      Unfortunately they will reject that coz clearly none of those corrupted sick fuckers would get near your stuff

      1. Dr. Mouse

        Re: Same old tune

        Don't worry the politicians will invent magic unicorn encryption

        Our politicians are great at providing Unicorns! Sounds like an excellent idea!

    4. CrazyOldCatMan

      Re: Same old tune

      every hacker's catflap

      At which point they become Filthy Rich..

  2. Augie
    FAIL

    That moment when you find it hard to find the words that adequately describe you what think of the morons in government these days..

    1. MJI Silver badge

      Useless

      A Foreign Secretary who confuses the Red Sea and the Irish Sea

      https://www.indy100.com/article/dominic-raab-brexit-irish-sea-red-foreign-secretary-boris-johnson-9024901

      https://www.irishpost.com/news/dominic-raab-irish-sea-169391

      He is a moron, he think he just stares at things shouting Brexit and Raaaaaaaaaaaaaaaaaaaaaaaaaaab!

      Bloody hell TWO Raab fans so far!

      1. Yet Another Anonymous coward Silver badge

        Re: Useless

        To avoid further confusion on the new official Brexit maps all seas are named the "British Sea" because they touch the sovereign coast of Britain and protect it from foreigners.

      2. Loyal Commenter Silver badge

        Re: Useless

        I like to pronounce Raab's name as the kind of sound a velociraptor might make. The missus doesn't like it when I do that though.

        1. Arthur the cat Silver badge

          Re: Useless

          I like to pronounce Raab's name as the kind of sound a velociraptor might make. The missus doesn't like it when I do that though.

          But is the the sound or the name she's objecting to?

          1. Snapper

            Re: Useless

            Or when you do it?

            1. Loyal Commenter Silver badge

              Re: Useless

              All three, I should think.

    2. MJI Silver badge

      Scotland

      And the new Scottish minister knows much more about Worcestershire than Scotland.

      His dad was MP, he is MP, demoted for working with May I presume

      1. Arthur the cat Silver badge

        Re: Scotland

        The Secretary of State for Scotland is Alister Jack, a born and bred Scot who's never left.

        Robin Walker, who you're obviously thinking of, is Parliamentary Under Secretary of State in both the Scotland Office and the Northern Ireland Office. He's MP for Worcester, as was his father who was MP while I was growing up there. I remember him coming to my school.

    3. MJI Silver badge

      More useless

      An evil clown caught trying to molest a chicken.

      https://www.abc.net.au/news/2019-07-31/boris-johnson-visits-a-chicken-farm-in-wales-1/11368674

      Wow a BoJo the Clown fan now!

      1. Oh Matron!

        Re: More useless

        That's fowl.

      2. IT Hack

        Re: More useless

        Truly ruling on a wing and a prayer.

        1. Jonathon Green
          Trollface

          Re: More useless

          Woah! we’re half way there...

          1. Anonymous Coward
            Anonymous Coward

            Re: More useless

            "Woah! we’re half way there..."

            Is that from the classic album "Slippery all the time", perchance?

          2. IT Hack
            Thumb Up

            Re: More useless

            Nice!

      3. Anonymous Coward
        Anonymous Coward

        Re: More useless

        A live chicken is a step up from a dead pig.

    4. Mike007

      I have a word for you: Codlepock

      Seems very "Boris" to me.

  3. MJI Silver badge

    I was just going to have a go at

    Sajid Javid but he has regenerated into a really dodgy person.

    I am trying to work out if she is incompetent, easily lead, stupid, or evil.

    1. Nunyabiznes

      Re: I was just going to have a go at

      That's like asking if you want cake or ice cream. The appropriate response is "Yes".

    2. }{amis}{
      Holmes

      I am trying to work out if she is incompetent, easily lead, stupid, or evil.

      Why do they have to be exclusive ill go with any or all of the above!

    3. Yet Another Anonymous coward Silver badge

      Re: I was just going to have a go at

      >I am trying to work out if she is incompetent, easily lead, stupid, or evil.

      That's unfair, she could be all three

      1. MJI Silver badge

        Re: I was just going to have a go at

        All three

        No that is the other party.

      2. Dr. Mouse

        Re: I was just going to have a go at

        >I am trying to work out if she is incompetent, easily lead, stupid, or evil.

        That's unfair, she could be all three

        Or even Four?

      3. TitterYeNot

        Re: I was just going to have a go at

        That's unfair, she could be all three

        Her three weapons are incompetence, gullibility, stupidity and evil!

        </Spanish Inquisition>

        "Well, I didn't expect that", said the Home Secretary...

    4. Anonymous Coward
      Anonymous Coward

      Re: I was just going to have a go at

      I'm not in the "Pritti Patel is stupid" club, I'm firmly in the "Pritti Patel is an authoritarian nightmare" club. That capital punishment discussion on Question Time if you haven't seen it.

  4. Anonymous Coward
    Anonymous Coward

    So where is the antidote ?

    One odd thing about all the catastrophising over dimwits like Patels pronouncements, is the lack of any apparent initiative to actually provide end-to-end encryption. On the basis that I don't actually believe anyone currently does. I start with a distrust of iOS and Android and any app built thereon.

    And as for the notion that Facebook is somehow the most secure platform around ? Are you having a giraffe ?

    1. Charles 9 Silver badge
      FAIL

      Re: So where is the antidote ?

      True end-to-end encryption is physically impossible without brains that can directly grok encrypted data. Anything else opens up the possibility of an Outside the Envelope Attack, where the data is obtained at the point where it MUST be decrypted so as to be typed by the Hand v1.0 or read by the Eyeball Mk I. Sadly, we're not at Ghost in the Shell levels of capability yet.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021