back to article New UK Home Sec invokes infosec nerd rage by calling for an end to end-to-end encryption

Priti Patel has declared war on encryption safeguards, demanding they be torn up for the convenience of police workers. Patel, the social conservative appointed Home Secretary by British Prime Minister Boris Johnson last week, used this morning's Daily Telegraph to call for end-to-end encryption to be broken with backdoors …

Page:

      1. Pascal Monett Silver badge

        Right, so because "true" end-to-end is impossible, we're supposed to sit back and do nothing ?

        I'll be happy with encryption from my PC to its destination PC/server, thank you very much.

        1. Anonymous Coward
          Anonymous Coward

          RE: encryption from my PC to its destination PC/server

          Certainly can be a lot more secure than mobile "apps". Unless anyone is willing to bet their lives that Android/iOS don't slurp keystrokes before you've actually encrypted anything ?

          At least with a decent Linux kernel you can check your keystrokes aren't watched and build up from there.

          1. Doctor Syntax Silver badge

            Re: RE: encryption from my PC to its destination PC/server

            "At least with a decent Linux kernel you can check your keystrokes aren't watched and build up from there."

            You need a decent userland around it. You can start with that kernel but then wrap it in layers of opaque binaries and it doesn't matter what the kernel is.

            1. whitepines
              Megaphone

              Re: RE: encryption from my PC to its destination PC/server

              Also don't forget about the whole OS-under-your-kernel thing that's all the rage now. The signed one *you* can't replace but the manufacturer can decide to or be forced to -- a.k.a. the Intel Magement Engine or the AMD PSP depending on whether you're blue blooded or red blooded.

              Unlike the Clipper chip, because people have already given up control to one type of "encryption" (signing, in point of fact) to save a few pounds on their media computer, there's no fighting this technically. If the authorities say no encryption, every "normal" (x86/Android) computer manufactured in the last decade can be made to make sure your keystrokes are logged and display monitored.

              Scary world, innit?

            2. eldakka Silver badge
              Black Helicopters

              Re: RE: encryption from my PC to its destination PC/server

              "At least with a decent Linux kernel you can check your keystrokes aren't watched and build up from there."

              You need a decent userland around it. You can start with that kernel but then wrap it in layers of opaque binaries and it doesn't matter what the kernel is.

              Can you?

              Have you read the source code of everything compiled into the kernel?

              What about the compiler, have you read the source code of that? Do you know if it compiles only what's in the kernel source code files and does not inject its own code into the final binaries? What did you compile the compiler with?

              What about the firmware in the USB controller? Did you inspect the source code of the firmware, compile it yourself with a trusted compiler (see above), and is the code that was compiled from that inspected source code and trusted compiler the code that was actually loaded into the firmware? The keylogger could be in there, logging everything between the keyboard and the kernel before it gets to the kernel.

              How about the secure controller most commonly available processors (Intel, AMD, ARM, Apple, IBM, etc.) have embedded in them/their chipsets? The same caveats apply as for the USB firmware. Same for HDD/SSDs, NICs, PCIe controllers/switches. They all have embedded microcontrollers with their own firmware.

              And they're coming to take me away ha-haaa

              They're coming to take me away ho ho hee hee ha haaa

              To the funny farm

              Where life is beautiful all the time

              And I'll be happy to see those nice young men

              In their clean white coats

              And they're coming to take me away ha haaa

              1. whitepines
                Boffin

                Re: RE: encryption from my PC to its destination PC/server

                Quick correction, IBM is one of the few without one of these signed nasties. RISC-V and a bunch of the weaker ARM chips also lack them.

                And really, you only need to be concerned about the firmware of things that have direct network and CPU internal access. What's your keyboard going to do, radio the key out somewhere? Needs a modem and antenna to do that, so spend 5 minutes looking at the PCB for one -- it's not hard.

                The ME, PSP, and TrustZone on the other hand, are perfectly suited based on their position in the system and more importantly that there is *no* way to use the system without them or replace them with something you compiled from source. None, nada, zilch -- they're signed "for your protection".

                More like Google, GCHQ, and Hollywood's protection, but we'll just handwave over that. It's better PR.

                1. eldakka Silver badge

                  Re: RE: encryption from my PC to its destination PC/server

                  If you have compromised firmware, then there is no requirement for comms between devices to pass through processing done by software. E.g. a compromised USB controller on the motherboard doesn't have to go through the O/S to access the NIC. If the NIC is separate from the processor, e.g. a PCIe expansion card, it could go point-to-point along the PCIe bus.

                  If you compromise the firmware of the entire system, the UEFI, then you can do what you like without any CPU involvement (assuming you don't want or need the horsepower above the embedded microcontrollers).

                  And, depending on what the firmware does, the firmware could inject into the O/S it's own malware that can't be seen by the O/S, to do its own nefarious tasks, like capturing data coming in from the attached keyboard and then sending out out through the NICs. No extra hardware required. There are known HDD firmware that do this, they inject malware into the system so it runs as a rootkit, has full access to the system. When someone detects a virsus/malware and removes it, even does a reformat/reinstall, the firmware in the HDD re-injects the malware after the reinstall. Some security researchers found this HDD firmware a few years ago (2015 I think) and presented it at a BlackHat conference.

              2. Loyal Commenter Silver badge

                Re: RE: encryption from my PC to its destination PC/server

                What about the compiler, have you read the source code of that? Do you know if it compiles only what's in the kernel source code files and does not inject its own code into the final binaries? What did you compile the compiler with?

                A proof-of-concept of this attack was done decades ago...

                https://scienceblogs.com/goodmath/2007/04/15/strange-loops-dennis-ritchie-a

                Essentially, Thompson modified the C compiler to insert a backdoor into the login command. He then modified the compiler to add the code to do that into itself when compiled, compiled the compiler, then removed his extra code from the compiler's source code, so that when you compile the compiler, it adds the code to backdoor the login command on compilation back into the compiler, even though the mechanism to do so is nowhere in the source code.

                The only way to get around this is to hand-compile the compiler, and then you have to trust the hardware it runs on anyway. Get your soldering iron out, and start hand-rolling your own capacitors...

                1. Charles 9 Silver badge

                  Re: RE: encryption from my PC to its destination PC/server

                  Didn't Bruce Schneier provide a counter to the "Trusting Trust" argument by using a second compiler from a vouched or near-vouched source so as to trip up and evil compiler?

          2. richardcox13

            Re: RE: encryption from my PC to its destination PC/server

            > At least with a decent Linux kernel you can check your keystrokes aren't watched and build up from there.

            That is not sufficient. You need a completely trusted tool chain leading to that kernal and all software running on top of it.

            Cf. https://www.archive.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf

      2. Nick Kew

        Re: So where is the antidote ?

        True end-to-end encryption is physically impossible without brains

        I think you just redefined end-to-end.

        Now if you'd just pointed out the risk of malware on a user's 'puter, you'd be right. But this Newspeak seems to me just to confuse the issue. Your end isn't final either in a world where spyware might read the human mind (even if that world is still SF).

      3. hammarbtyp

        Re: So where is the antidote ?

        True end-to-end encryption is physically impossible without brains that can directly grok encrypted data

        Nah, dead simple. Using a random process to create a one time pad. Hand deliver pad to recipient. Encode message by hand and send via snail mail. Destroy one time pad, repeat.

        Oh you want a system which is scalable and quick? Why didn't you specify that?

        1. Charles 9 Silver badge

          Re: So where is the antidote ?

          How do you know Bob is really Bob and not Gene?

  1. Anonymous Coward
    Anonymous Coward

    incompetent, easily lead, stupid, or evil?

    It's a piece of shit politician so you can probably just go with ALL of the above.

  2. Anonymous Coward
    Anonymous Coward

    AmbassadorGate

    The Kim Darroch affair proved conclusively that this administration can't even keep its own internal secret communications out of the newspapers. Whether the leakage route be politicians grinding axes, crooked employees or coppers with dubious connections to the tabloids, I can't see why anyone with any sense would trust sensitive information to any arm of the British state.

    Given that end-to-end encryption isn't going to go away for those determined enough to set it up, I guess we'll see something like the password reveal law to catch those who don't roll over and accept backdoored apps, and those who really don't want their business pried into will be finding other jurisdictions.

    1. MJI Silver badge

      Re: AmbassadorGate

      The handling of him was terrible, BoJo was a complete embarrasment.

      I hope the leaker gets a holiday at Her Majesties pleasure.

      1. Anonymous Coward
        Anonymous Coward

        Re: AmbassadorGate

        >I hope the leaker gets a holiday at Her Majesties pleasure.

        Not just the leaker, but also the journalist/editor. There is no public interest defence to the publication of classified UK gov information, and it is a clear breach of the OSA for *both* the leaker and the publisher.

        The only issue is whether it is decided not to prosecute as it is not in the public interest.

        1. tiggity Silver badge

          Re: AmbassadorGate

          No, no, no

          Otherwise everything, no matter how trivial gets classified as a secret... and that was trivial (sure it caused embarrassment, got Trump ranty (but so do most things) but not e.g. putting spies at risk of being uncovered etc,)

          Already very little gets into the public realm due to over use of OSA (e.g. it's amazing how many bits of govt IT work want you to sign OSA, still means people get to be at risk of prosecution for revealing juicy bits about many govt IT project failures)

          1. Electronics'R'Us Silver badge
            Holmes

            Re: AmbassadorGate

            A couple of things:

            Signing a document that refers to the Official Secrets Act is simply stating that you understand your responsibilities in terms of the act and this is done because you are expected to routinely come into contact with classified material.

            Everyone in the UK is still covered by the act; you are just acknowledging that you really understand your responsibilities. I Have had to sign said pieces of paper more times than I care to remember over the past few decades.

            When I was in the service (many many years ago), it was clear that items were routinely over-classified. Even the magazines that were delivered were stamped 'Restricted' - the lowest level but still a security classification.

  3. Anonymous Coward
    Anonymous Coward

    Yep, Patel continues age-old tradition

    I'm sure there's a secret gov farm/lab/tank where they grow them, and when the time comes, hose, rinse, insert the battery, and out comes your new Home Sec, each one horribler than the one before.

    1. Flywheel Silver badge

      Re: Yep, Patel continues age-old tradition

      Sounds like Agile - move fast, break things, screw the collateral damage.

      1. Peter2 Silver badge

        Re: Yep, Patel continues age-old tradition

        I'm sure there's a secret gov farm/lab/tank where they grow them, and when the time comes, hose, rinse, insert the battery, and out comes your new Home Sec, each one horribler than the one before.

        I suspect that this is simply a very extensive dossier of particularly horrible true cases of child abuse at the hands of child pornographers and retrospectively obtained encrypted emails where the security services (quite rightly) say that "if we'd have been able to read these messages at this point, these kids wouldn't have been abused. These kids/people would still be alive." before then coming out with the same for terrorism etc, etc, etc, etc, etc. Do that for a few hours worth of briefings, and pretty much anybody (even if you have a heart of stone) is going to take the department line that "we need to do something about this".

        The question is "what?".

        There is a legitimate need in certain situations for law enforcement to lawfully get access to encrypted communications. The problem is that as noted, you can't trust any key you give them not to get leaked allowing remote access to pretty much any device.

        I'd think the eventual response will probably be more along the lines of breaking encrypted storage on a device in a way that requires local access to exploit.

        1. Intractable Potsherd Silver badge

          Re: Yep, Patel continues age-old tradition

          @Peter2: I wish I could agree with you about the dossier. Even if I did, I would have to think that the next words would be "It would be a shame if your knowledge of any of this were to come to the public's knowledge, wouldn't it, Minister? What would people think?" Someone senior in the Home Office has a serious obsession with regard to not being able to access everything they think they should be able to, and will do anything to get their own way, regardless of how disproportionate the result.

        2. Doctor Syntax Silver badge

          Re: Yep, Patel continues age-old tradition

          "I suspect that this is simply a very extensive dossier"

          Something like that. The last Home Sec, shortly after being appointed was interviewed in the Times describing being shown an alleged chat room and a child being groomed. This, he said, persuaded him. In other words he described the brainwashing without even realising that that's what was being done to him. He didn't even stop to wonder whether the entire thing was staged. Nor did he stop to ask whether, if this wasn't encrypted why breaking decryption should be necessary. This is the standard of thought that makes a good Home Sec from the HO's PoV.

  4. Anonymous Coward
    Anonymous Coward

    child abuse and terrorist content

    "child abuse" and "terrorist content" always works, because people are stupid, there's no gentler way of putting it.

    1. Sir Runcible Spoon

      Re: child abuse and terrorist content

      If those are the 'pro's' of banning encryption, perhaps we ought to be highlighting the 'con's' as a counterbalance?

      How about:

      -No more online banking/bonking by phone/contactless

      -Power utilities hacked and we get taken back to the Victorian era (without the horses to do all the work)

      In fact, we only have to lose the power for *everything* to fall apart very quickly..

      -no food

      -no fuel

      -no heating

      -no help (police/fire/ambulance)

      1. Peter2 Silver badge

        Re: child abuse and terrorist content

        The thing is, frankly people rely on encryption and security software where frankly, I feel it's outright inappropriate.

        People talk about "oh, you could hack that nuclear power plant and cause a disaster", but the controls in the control room of the nuclear power plant that I have seen were done in ways that were secure beyond any possible doubt.

        The controls for each reactor were on physically separate hardware with appropriate backups, on physically separate consoles with a purpose built 1970's OS that had never heard of networking. No remote access at all, everything was done via access to the console. They had a new computer next to the old box for searching digital copies of the manuals, but it was a completely separate system entirely and physical manuals, checklists, procedures etc were maintained as a fallback in hardcopy on shelves next to the control stations.

        While I suppose that it's possible that the gas power plants that now make up most of our power generation could be disabled remotely, i'd doubt it given that they would have been built from the 1970's-1990's, and so the control software is almost certainly incapable of being connected to the internet; even if built with the OS's commercially available at the time it appears unlikely that either the software or hardware could possibly be connected.

        That said, IMO anything capable of causing physical harm IRL shouldn't be directly connected to the internet. Losing websites would be an inconvenience. Losing power and major infrastructure could be a civilisation ending event if certain people in certain positions aren't as paranoid as i'd hope they are.

        1. Sir Runcible Spoon

          Re: child abuse and terrorist content

          "Losing power and major infrastructure could be a civilisation ending event if certain people in certain positions aren't as paranoid as i'd hope they are"

          You would be amazed, and not necessarily in a good way. I'm not saying there aren't plenty of people who care, but they are fighting a *system* that isn't designed to deploy security best practice in all situations. Bureaucracy will be the death of us all I expect.

          Also, whilst I'm not going to go into details (for obvious reasons) you don't have to disable a power station to turn off the power. Plenty of real-world examples of honest mistakes that have taken down large sections of the power grid in various countries.

          "That said, IMO anything capable of causing physical harm IRL shouldn't be directly connected to the internet. "

          I couldn't agree more, but that isn't the world we currently live in.

        2. Stork

          Re: child abuse and terrorist content

          Try to cut electronic payment systems and see what happens

          1. Charles 9 Silver badge

            Re: child abuse and terrorist content

            "Please send check or money order..."

            And money orders DO still exist for people who don't believe in banks...

  5. Pascal Monett Silver badge

    "the vital work which companies already undertake"

    Well if they're already doing the work, what's the problem ?

    Oh, you want the job to be easier ? And the fact that that totally tramples over innocent people's liberty is no matter to you ?

    Well then fuck you.

  6. Electronics'R'Us Silver badge
    Black Helicopters

    Self inflicted problem

    Poor Pritti and other embarrassed politicians and various 3 and 4 letter agencies.

    If the governments around the world (particularly the five eyes as revealed by Mr. Snowden) had not been trawling everything possible, then the push for end to end encrypted personal communications might not have been as hard, but after the revelations that they were spying on their own populations without good reason (other than trying to use computers where a real brain would be better and of course for the power trip) and slurping everything (which makes them no better than China in that respect) people decided it was none of their business what they were chatting about.

    Given that the various acts in the UK leave basically no privacy otherwise, it is of no surprise to anyone in technology that end to end encryption is very popular indeed. Methods to defeat (admittedly currently highly inaccurate) facial recognition are continuing apace, apparently.

    As it is, I personally use Signal for messaging (which is indeed end to end encrypted and I cannot give any keys because I simply do not know them).

    So my perspective is tough shit; you all brought it on yourselves.

    1. Yet Another Anonymous coward Silver badge

      Re: Self inflicted problem

      >I cannot give any keys because I simply do not know them)

      Then you go to prison for being a terrorist

  7. amanfromMars 1 Silver badge

    Strewth. Is there no end to the madness? The lessons learned are ... there are no safe back doors

    Why on Earth would Ms Priti Patel create almighty invisible foe and invincible intangible enemies for herself and self-serving friends with the fielding and fronting of a folly riddled with holes to its core?

    Whatever is she smoking?

    It's too strong for you, Priti. Try something else, not so powerful and overwhelming. It'll be doing everyone a great favour.

    Or is it a mental health problem for her and supporters which rejects the evidence and views of experienced experts mastering in the subject matter?

    We deserve better from those who choose to present themselves as a government representative of the people.

    1. Richard 12 Silver badge

      Re: Strewth. Is there no end to the madness? The lessons learned are ...

      Because she doesn't understand mathematics, doesn't want to understand, and thinks her career will be improved by refusing to listen to experts in whichever field she's currently trying to break.

      Same as every Home Secretary in living memory. There's something very rotten in that department.

      1. AndyD 8-)₹

        Re: Strewth. Is there no end to the madness? The lessons learned are ...

        My living memory includes:

        Herbert Morrison

        Rab Butler

        Roy Jenkins

        Jim Callaghan

        Douglas Hurd

        Kenneth Clarke

        Jack Straw

        plus a number of notable omissions

    2. Dr. Mouse

      Re: Strewth. Is there no end to the madness?...

      Or is it a mental health problem for her and supporters which rejects the evidence and views of experienced experts mastering in the subject matter?

      It's not just her and supporters: There is a view by a large proportion of the population that experts are to be derided, that Gary down the pub knows more about a subject than someone who has spent his whole life working with or studying it. They also deride politicians and the media for being untrustworthy, unless of course they agree with what that politician or reporter is saying.

      We have taken confirmation bias to the extreme, and the internet has aided the creation of almost perfect echo chambers to encourage this (even though it should do the opposite, with all that information available at our fingertips).

      1. Charles 9 Silver badge

        Re: Strewth. Is there no end to the madness?...

        Problem is, a true true echo chamber is actually immune to outside influence, as it is able to turn that information against itself by using things like confusion-fu to make them look like they're "out of the loop" and don't really know any better. That's why it's so hard to argue with someone irrational: they're not thinking the same way we are.

  8. Velv
    Big Brother

    V for Vendetta

    It's coming...

    1. Anonymous Coward
      Anonymous Coward

      High Chancellor Johnson

      England Prevails.

      1. BebopWeBop Silver badge

        Re: High Chancellor Johnson

        Very much an 'English' prime minister - the only question is whether he will stay in power long enough to (a) screw the British economy and (b) be the last prime minister of a 'United Kingdom' (ha ha)

  9. Anonymous Coward
    Anonymous Coward

    Watch Priti Patel in debates on Question Time. She comes across as a very nasty person indeed. Scary to think that she is now home secretary.

    On a separate note, as much as the intelligence agencies complain about encryption, the truth is that this is a golden age for electronic surveillance. Never before have the agencies been able to gather, store and process so much data about so many people. End to end encryption only impairs a small part of that,

    1. amanfromMars 1 Silver badge

      Re: the golden age for electronic surveillance

      So much information, so little intelligence to process it into future knowledge.

      1. Doctor Syntax Silver badge

        Re: the golden age for electronic surveillance

        And even less to process it into wisdom.

  10. Anonymous Coward
    Anonymous Coward

    Shame the horse has already bolted, not like openssl hasnt been available for decades, so as much as they would like to, crypto (and its source) is out there, nothing can stop end to end, and at best all that would happen is that face book or what ever comes along and makes that curly haired pricks website the next myspace will end up in court, years pass by mp's get bought off one way or another and everyone is happy, decision comes down one way then appealed the other too many day to day tech interactions the great unwashed will rely on will use end to end by the time a decision is made to render it all moot, as denying them conveinience will cost the assholes their seat in parliment or unpractible to enforce anything anyway. perhaps crypto will be the new tobbaco industry, the popular liars must be shitting it thinking they will only have landmine manufacturers to give them bungs by 2030...

    1. whitepines
      Big Brother

      Oh don't worry, that's been fixed. The Intel Management Engine and AMD PSP will ensure that despite what you try to run open source, a copy of the key or direct keyboard input is taken from underneath the kernel and sent to the authorities (think some kind of unblockable multicast or HTTPs via DoH to some master provider that won't let you online if you're not talking to it).

      That's what years of just chasing the cheapest thing without caring about whether you actually have control of it or not will do. Welcome to 1984, comrade!

  11. Arthur the cat Silver badge

    To (almost) quote the Sex Pistols

    She's so Priti,

    Oh so Priti,

    She's vacant.

    1. Anonymous Coward
      Anonymous Coward

      Re: To (almost) quote the Sex Pistols

      Don't forget to pronounce the second "a" in vacant as a "u"...

    2. GrapeBunch
      Coat

      Quantum of Natalie Wood

      For us oldsters:

      I feel Priti

      Oh so Priti

      Not pretty or witty but fay ...

      Mine's the one with the o so attractive ahemline.

  12. davenewman

    Estonia tells you who in government has been looking at your data

    The records of identity card use go both ways. If someone in government looks up your data, you can find out who did and for what purpose.

    Imagine if we automatically got informed of who is snooping on us and why.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021