back to article British intelligence recycles old argument for thwarting strong encryption: Think of the children!

Two notorious characters from the British security services have published a paper that once again suggests breaking strong end-to-end encryption would be a good thing for society.  Nearly four years ago Ian Levy, technical director of the UK National Cyber Security Centre, along with technical director for cryptanalysis at …

Page:

  1. Will Godfrey Silver badge
    Unhappy

    What are they trying to hide?

    Never mind the man behind the curtain. Look over here.

  2. Anonymous Coward
    Anonymous Coward

    Who are they trying to con ?

    Having no Encryption won't solve child porn, nor will it help against organised crime or terrorism.

    If one avenue becomes closed, others will be used.

    I mean, stealing national secrets with a usb drive smuggled out in a short (coffee cup, lip balm, pack of smokes) who would ever imagine that that could happen to secure government, tempested and air gapped devices ?!?!

    Having regular snooping, or scanning of user data by a private company in the interest of 'national security' ???

    Come on, do they think we're all stoopid, and if they don't encrypt our data, how will it meet data protection compliance?

    Oh yes, we've got it covered, we'll use a physical key on the cupboard. :(

    1. Anonymous Coward
      Anonymous Coward

      Re: Who are they trying to con ?

      no encryption should certainly help organised crime... think how easy it would be to get intel on the next 'mark'

    2. Korev Silver badge
      Childcatcher

      Re: Who are they trying to con ?

      I mean, stealing national secrets with a usb drive smuggled out in a short (coffee cup, lip balm, pack of smokes) who would ever imagine that that could happen to secure government, tempested and air gapped devices ?!?!

      Any competent organisation would have blocked USB discs by now...

      1. Will Godfrey Silver badge
        Coat

        Re: Who are they trying to con ?

        First find your competent organisation that has control over anything significant.

  3. Anonymous Coward
    Anonymous Coward

    Did I mention useless political posturing?...and perhaps a darker long-term goal?

    There are lots of people (and groups) who can implement private encryption before their messaging enters either a client or directly into a service provider channel.

    Then.....the service provider is to be made responsible for scanning the messaging for "illegal content". How would that work? Service providers get to set up an internal cryptography group? And since well designed AES (or samba, or chacha) ciphers are thought to be secure......to what end?

    Maybe the long-term STASI goals are actually:

    (1) Make private encryption (and the possession of encryption tools) completely illegal

    (2) Make service providers responsible for blocking any message that looks like encryption

    (3) Make service providers responsible for reporting anything that looks like encryption to "the authorities"

    But then "We do not seek to suggest that anonymity on commodity services is inherently bad....." Really?

    And all this before we start thinking about the mapping of end-points to specific real people:

    (4) The smartphone is a burner (no account registered, pay-as-you-go minutes bought for cash)

    (5) The email account is fictitious (say gmail authenticated with a burner phone)

    (6) The email account has an assigned "app password" so that software can do the heavy lifting (i.e. no GUI interface is ever seen by anyone)

    (7) The laptop and the email client is only ever used from a public wifi connection, never from a place of domicile

    Yup......the privacy argument says this is a piece of political posturing.....

    .....because anyone who wants to avoid ALL the downsides associated with the STASI scanning content can do so.....see above!

    .....and there's always steganography!!!

    1. batfink Silver badge

      Re: Did I mention useless political posturing?...and perhaps a darker long-term goal?

      Quote: "These safety systems will be implemented by the service owner in their app, SDK or browser-based access,"

      OK, so how long would it take for the scumbags to start using some other "service" then?

      As usual with these things, it's only designed to catch the honest crooks.

  4. Cereberus

    Google* Golden Opportunity?

    since non-governmental organizations could be used to moderate the scanning of personal information and

    Her Majesty's Government has no intention of picking up the tab for this project, nor overseeing its operation

    Company x is now going to monitor all encrypted communications, since the government will not oversee the operation it will be an entirely private company affair - think of all the additional data a company such as Google* could get for marketing opportunities as a result, which would of course be acceptable as their revenue stream for doing all this work.

    They definitely would NOT abuse it in any way of course.

    * Other companies are available to abuse your personal data

    1. TimMaher Silver badge
      Big Brother

      Someone’s creeping; round the corner.

      Hi Mack, this is Google.

      Our decryption bot spotted a message that said you have left your knife on the sidewalk.

      Would you like to buy another?

    2. Anonymous Coward
      Anonymous Coward

      Re: Google* Golden Opportunity?

      since the government will not oversee the operation it will be an entirely private company affair

      Most likely an opportunity to shower some corporate sugar daddy with taxpayer money.

  5. elsergiovolador Silver badge

    Surveillance

    Why stop at private communication? We have the technology to install cameras and microphones in every home.

    1. Roj Blake
      Big Brother

      Re: Surveillance

      As most domestic abuse and child abuse takes place in homes, having telescreens that transmit as well as receive would definitely stop crime

      1. Hubert Cumberdale Silver badge

        Re: Surveillance

        "telescreens that transmit as well as receive"

        What, smartphones?

        1. Strahd Ivarius Silver badge

          Re: Surveillance

          Intelligent walls...

          1. Shooter

            Re: Surveillance

            Smart TVs...

    2. monty75

      Re: Surveillance

      And we're installing them ourselves at our own expense

    3. gryphon

      Re: Surveillance

      There was a book or story written about that but I can't remember by whom.

      Basically it was illegal to be out of view or hearing of a govt. owned camera or microphone whether at home, in the street or in a vehicle.

      Even the brothels had them.

      1. Snow Hill Island

        Re: Surveillance

        It was a prediction of the future. Pity the author got the date wrong by about 38 years...

      2. Strahd Ivarius Silver badge
        Trollface

        Re: Surveillance

        well managed brothels have them

    4. hplasm
      Big Brother

      Re: Surveillance

      "We" by Yevgeny Zamyatin.

      People who live in glass houses dare not cast aspersions...

  6. elsergiovolador Silver badge

    Common Purpose

    They are simply lying. They want to get rid of encryption, so that they can obtain data points to calculate a factor in your social credit score.

    Did you send a photo with a BBQ you've been doing in your garden? Oh you supposed to reduce meat in your diet! We know that from your connected health data. That's minus 20 points for you and your coming salary will be programmed to no longer work on meat products. If you buy sugary products your salary will be set to expire in month's time.

    1. elsergiovolador Silver badge

      Re: Common Purpose

      UK central bank digital currency

      Economic Design: The Behavioural Effects of Programmable Money

      If you Google a central bank name and CBDC you will see that every country penetrated by WEF is working on this.

      Overton window is moving steadily.

  7. Doctor Syntax Silver badge

    No paper of this nature should be given credence unless its authors are prepared to expose themselves in the way they'd expose others: they should include all their online credentials for banking, shopping, email and everything else.

    If they do include such details then the paper shouldn't be given credence as the authors are either outright liars or stupid.

  8. J.G.Harston Silver badge

    "These safety systems will be implemented by the service owner in their app, SDK or browser-based access,"

    So, BrowseBork 2.6 will have the new-fangled SmutMonitor(tm). Ok, I'll just use BrowseBork 2.5.

  9. veti Silver badge

    I always have the same response when this nonsense comes up. "If you think I've been trafficking in this material, send a goon squad to sieze my hardware. Once you've got it, you should be able to decipher anything on it. That's fair enough, it's no different from what governments have been doing for centuries.

    "If, on the other hand, you don't have any evidence to back up a warrant for that, then GTFO. Your suggestion is to drastically reduce the barriers and costs of snooping on me, and I see absolutely no reason why any person of goodwill should support it."

    1. monty75

      They don't even have to decipher anything. Just ask for your password and when you refuse, lock you up under Regulation of Investigatory Powers Act 2000 (RIPA). S.49

  10. JustSomeBloke

    Does anyone have a suggestion?

    Borking encryption is a really daft idea, with endless reasons against it.

    That said, I’m not keen on criminals either.

    Genuine question - does anyone have a credible idea what could be done, or is this simply a trade that society has to make?

    1. Anonymous Coward
      Anonymous Coward

      Re: Does anyone have a suggestion?

      @JustSomeBloke

      False dichotomy: choose between:

      (1) Encryption

      (2) Criminals

      People (all people, including criminals) are responsible for their actions.

      Obviously criminals will attempt to hide their actions, so that they avoid responsibility.

      The criminals might do this in any number of ways.....

      ......why pick on "encryption"?

      Just one more reason (do we need more?) why this debate is just empty posturing!

      1. elsergiovolador Silver badge

        Re: Does anyone have a suggestion?

        Also most criminals don't use any encryption, because police won't catch them regardless...

  11. This post has been deleted by its author

  12. Mike Richards

    Why this? Why now?

    To become a technical director at GCHQ you have to be smart, really smart - possibly one of the smartest people in the country. And here we have two of them putting their name on a paper that is nothing more than a rehashing of lazy ideas going back decades.

    Why on earth are they flying this particular kite? They must know it is stupid and unworkable, but they publish anyway.

    The only answer must be that ministers (who are certifiably dumb) are planning yet another attempt at breaking modern society.

    1. Irony Deficient Silver badge

      Why on earth are they flying this particular kite?

      They must know it is stupid and unworkable, but they publish anyway.

      Why does a stage illusionist perform certain actions with great flourish? To divert attention away from other actions happening simultaneously.

  13. Anonymous Coward
    Anonymous Coward

    Defence of the realm

    WTF is going on here?

    GCHQ is supposed to be doing defence of the realm stuff - spying on the enemies who want to kill or destroy us with WMDs and suchlike. What on earth has that got to do with child abuse or mass surveillance of everybody's phone?

    Last time I looked, it was the police and not spies who were in charge of catching and prosecuting paedophiles.

    1. Anonymous Coward
      Anonymous Coward

      Re: Defence of the realm

      From their website “Misson” page:

      Serious & Organised Crime - Reducing the social and financial harm that serious and organised crime causes to the UK

      1. ThatOne Silver badge

        Re: Defence of the realm

        "Serious crime" being defined as crime which doesn't laugh.

  14. Winkypop Silver badge
    Big Brother

    “people seeking privacy aren't suspects”

    Officially, that is.

    Move along citizen, move along.

  15. J.G.Harston Silver badge

    It seems to be an automatic knee-jerk reaction amongst humans to be absolutely aghast that humans have mouths and ears. How *DARE* humans have the ability to communicate. Something Must Be Done.

  16. Ken G Bronze badge
    Childcatcher

    Let's pilot this, see if it works

    Start with UK government ministers* and run it for a few years, see if it reduces pornography and sexual assault before putting it to a vote on rolling out to the general public.

    *including ministers of state, parliamentary undersecretaries of state, whips, leaders of the houses etc.

    1. Eclectic Man Silver badge
      Joke

      Re: Let's pilot this, see if it works

      "including ... whips"

      Steady on there, old chap! How's a fellow who likes pinching another fellow's callipygien* derriere going to get a job in government if you let that sort of thing out?

      See https://www.newsandstar.co.uk/news/national/20252450.pm-didnt-know-specific-claims-chris-pincher-giving-whips-job/

      *(Callipygian comes from the combination of the two ancient Greek words for "beauty" and "buttocks")

      1. TimMaher Silver badge
        Joke

        Re: “whips”

        I don’t think it was Pincher @eclectic.

        I think that @ken was referring to actual whips; across those beautiful buttocks.

  17. Jaybus

    Reads like a paper proposing a perpetual motion machine

    It is clear that there can be no compromise. Data is either encrypted or it is not. No matter in what way the encryption algorithm is borked, criminal hackers will eventually find the bork. Borked encryption is exactly equivalent to no encryption at all. Actually, it is worse, a false sense of security. It is also clear that most online services are not viable without encryption. Basically, we either have unborked encryption or we pull the plug and stop using the internet. So like a perpetual motion proposal, their paper is entirely based on the false assumption that borked encryption is even possible. I wonder if that lot has written a paper about curing a headache by cutting off the head.

  18. Anonymous Coward
    Anonymous Coward

    Makes us sound more like China every day. But the government have proven they can brainwash people repeatedly to do their bidding over recent years so if it came around again I’m sure they can get their media mates to make a storm out of it. Won’t be much tech left in the country though as most of us will need to emigrate to a free country.

  19. Velv
    Facepalm

    What we need is for a company to produce an App that does exactly what they're asking. It encrypts to an extent, but has a back door that the company actively use to monitor the communications of its users.

    Users know up front they are being monitored, and exactly what content is being looked for and flagged to the authorities. If you've nothing to hide you've nothing to fear using that App, and by using that App your friends and colleagues get some reassurance you're not breaking the law (at least not through that App).

    I think it might attract half a dozen users before it dies a death...

    1. Swarthy Silver badge

      And then force the people who demanded it (MPs, CongressCritters, heads of inteligence agencies, etc) to use it exclusively "to ensure fitness for purpose".

  20. EnviableOne Silver badge

    UN Declaration of Human rights Article 12

    No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.

    They all signed up to it, its up to them to abide by it

    1. Alumoi Silver badge

      Re: UN Declaration of Human rights Article 12

      But it's not arbitrary if everybody has to bend over, right?

    2. Anonymous Coward
      Anonymous Coward

      Re: UN Declaration of Human rights Article 12

      it is one of the benefits of Brexit to be able to ignore international treaties

  21. Anonymous Coward
    Anonymous Coward

    only the guilty would have something to fear

    Or the innocent that find themselves accused because the AI thinks it has found something 'naughty', for which they have no explanation... or a 'feeble attempt' at explanation that fails because 'only a guilty person would do that'... or an explanation that sounds plausible but is 'statistically highly unlikely'

  22. DS999 Silver badge

    Child porn existed before the internet

    Even if every communication was legally required to be in the clear or encrypted only with something the police could crack, and the police had the means of looking at it all to make sure you weren't trading in child porn (or illegally using encryption they couldn't crack) it wouldn't eliminate child porn.

    Worse comes to worse they'd just go back to how they used to trade it, via mail. Are they going to require all mail be sent in transparent envelopes to remove that possibility?

    1. Infused

      Re: Child porn existed before the internet

      The US Post Office photographs the outside of every envelope sent: 160 billion letters in 2013.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022