back to article Top secret UK data network goes live two years late

A system to link a secure communications network used by UK intelligence agencies with other government departments and posts overseas has finally swung into operation, two years later than originally expected. The slow progress of the SCOPE project drew a rebuke in the annual Parliamentary Intelligence and Security Committee …

COMMENTS

This topic is closed for new posts.
  1. Lupus

    Sigh.

    Maybe you should report when they DON'T lose any important info - Would be more newsworthy, it seems.

  2. Hate2Register
    Happy

    Hmm

    It'll break. As sure as roses are red, violets are blue. Just like the NHS national database pilot system..

  3. Nomen Publicus
    Black Helicopters

    Not Invented Here Syndrome?

    I wonder how much more secure it was than ssh over the internet with a decent cryptography algorithm and key length?

  4. Dai

    Just goes to prove...

    The only UK governmental body who should be allowed to do any big IT stuff is JISC. The large number of Reg Readers in academia will know how good stuff like SuperJANET is...

  5. amanfromMars Silver badge
    Linux

    Good Guys 1 .... Bad Guys 0

    "but one UK spooks reckon will give the bad guys an advantage in working out the strengths and weaknesses of current techniques. ®"

    The Good Guys though will present them with a wholly new technique with wholly new techniques to counter and overwhelm those who have left Office and traded secrets for their thirty pieces of silver. And yes, that would be QuITe Probably everything to do with Royal and Ancient Arts and Covetous Dark Matters and the Post Modern Binary Interpretation and Analysis of them in the Holiest of Holy Grail Territories.

    Step into that Fray underprepared and the Gods you Bank on and in will lose all Interest in your Support. And if they be Gods in Banking at all, they will already already be Shifting Invisible Supports to the Good Guys 42 Feed their Sweetest and Darkest of Pleasant Milk and Honey Addictions.

    And the penguin because it is cold in the mountains, especially in the winter and on dark nights.

  6. dervheid
    Paris Hilton

    What!? Again!?

    So another government IT system is late, presumably over-budget, and leaks like a sieve. And this would be surprising, how?

    The Paris Hilton Angle.

    Could it be any worse if it had been put together by the oft misunderstood heiress? Nah. Thought not.

  7. Simon Ball
    Black Helicopters

    Strengths and weaknesses?

    If intercept use is common in most other countries, then I'd of thought that most of the bad guys would already know the strengths and weaknesses of current techniques.

  8. I. Aproveofitspendingonspecificprojects
    Happy

    @ Anyone

    Data is read, something just blew; no more CDs

    Over to you.

  9. Hal Dace
    Coat

    A case of...

    "The slow progress of the SCOPE project"

    Hmmm, sounds like creeping SCOPE.

    Right, got my coat...

  10. Tim

    How hard can it be...

    ...to cover this stuff up and pretend they're aleast compitent. I mean they're not even trying. They must have known they were going to loose loads of data it's government procedure, but classify the system and it wouldn't reach the public.

    Although I guess they're doing that already with the REALLY important stuff, like uranium going missing, and contained outbreaks of Ebola etc.

    Right I'm off, where's my Tin Foil hat? I can't go outside without it.

  11. mike
    Alert

    how long

    how long before someone hacks it.mmmmmperhaps its done already knowing the UK gov. so called security when it comes to data.

  12. This post has been deleted by its author

  13. RichardB
    Coat

    Does that mean

    The SCOPE network was disabled?

    sorry....

  14. N

    Rumour has it...

    That the delay was due to developing & training the extra large pigeons,

    capable of carrying a total load of two CDs

  15. Chris Miller
    Black Helicopters

    Already solved

    Why don't they just use Tor like everyone else?

  16. Anonymous Coward
    Stop

    Re: Mike

    "How long before someone hacks it.mmmmmperhaps its done already knowing the UK gov. so called security when it comes to data."

    Doubt it. Gov inter-network security is actually pretty good. How often do you hear of the GSI or xGSI being hacked? The problems they've had recently with CDs going missing are a direct result of a lack of a secure network connection between the sites involved - where there has been no gsi connection or network like this to enable the secure transfer of the data, so some muppet has resorted to sticking the data in the post.

  17. paul clarke
    Happy

    How do you know this?

    If this project is Top Secret, how do you know it was late?

    It may have been two years early but no one told us. And how do we know data has been lost if it was top secret? think about it eh (picture me tapping my nose!)

    Still not the first goverment project to be fleeced by the private sector eh?

  18. Anonymous Coward
    Stop

    @ Chris Miller

    ..."Why don't they just use Tor like everyone else?"..

    Because they want security not *ANONYMITY*.

    Presuming your talking about using tor in the way of having "Organisation1 -> TOR -> Organisation2", you don't want "Organisation2" to not know who "Organisation1". Which, AFAIK is what tor provides for.

    The difference between anonymity and privacy has been covered thousands of times on El-reg and all over the web, not to mention countless papers and text books. Hell, its even covered on the Tor site. Tor does not provide security, it provides anonymity and these are very different things.

    Digital security encompasses (among other things) the following:

    Privacy - (making sure no one but the intended recipient can see the message) [Tor allows anyone running an exit node to see the data going in and out and where its going to "in the clear"]

    Integrity -- (Knowing a message has not been tampered with (and in some cases even viewed when in encrypted form)) -- [Tor cannot stop an exit node from manipulating data]

    Authentication -- (Knowing the message has from from someone authorised to send the message) [Outside of remote server control, Tor has no mechanism to provide for authentication as far as I know.]

    Non-repuduation -- (Proof that the person who stated they sent the message actually did send the message. (e.g. to prevent replay attacks) -- [Tor cannot provide this]

    The SCOPE system presumably has to provide for all these. Not simply hide the source of a message.

  19. Anonymous Coward
    Anonymous Coward

    GSI (X)

    The GSI is only secure enough for "restricted" documents and the "X" version is only good up to "confidential".

    I guess the spooks need something that's OK for secret and top secret documents.

  20. jimbarter
    Paris Hilton

    ummmm....

    VPN over SSL anyone?

    http://openvpn.net/

    So easy Paris could do IT

  21. Anonymous Coward
    Anonymous Coward

    Hmm, 12 hours to 15 minutes

    I wonder what the baud rate is?

    @ Chris Miller

    Also ToR has not been evaluated under common criteria (EAL?), if they did need anonymity, so the couldn't use it.

  22. Anonymous Coward
    Alien

    Lol at suggestions

    I have to laugh at ridiculous security suggestions for a Secret/Top Secret government network. Suggestions of SSH or a VPN over SSL etc. Don't forget most forms of internet encryption involve doing a key transfer over a public key system in order to set up a private key session. The public key system used is usually RSA with either 1024 or 2048 bit keys. The largest number known to have been factored in the public domain is 663 bits. GCHQ invented RSA 4 years before Rivest, Shamir and Adleman, and recently allowed that tit-bit of information out into the public domain. Also public key algorithms are very susceptible to meet-in-the-middle style attacks, especially if government scale resources are involved.

    The symmetric algorithm used typically has a 128 bit key length. US restrictions were at 40 bit for a while but then those restrictions got dropped got dropped. Anyone want to guess why?

    Who would like to bet that no government on the planet has found a way into SSL? Especially with the amount of resources that get swallowed up by NSA and GCHQ. I certainly wouldn't make that bet.

  23. Christoph
    Flame

    Paging King Harold

    Your Mark 1 eye protectors are ready for testing.

  24. James
    Unhappy

    "counter-terrorism priorities"

    "This has led to a focus on counter-terrorism priorities to the possible detriment of other work."

    Surely priorities should be focused on real threats such as China/Russia/NKorea/Iran/especially the USA. and counter-espionage against these countries. I'm not saying that a bomber setting off a bomb and killing people isn't bad but I would say its not the biggest problem is it?

    Its not a regular occurrence or as bigger threat as the gov./media would like us to believe.

    Also ROFLCOPTERS at the guy above who said just use TOR: http://www.theregister.co.uk/2007/09/10/misuse_of_tor_led_to_embassy_password_breach/

  25. Anonymous Coward
    Alien

    The full SP

    xGSI only offers accreditation upto CONFIDENTIAL. Properly implemented SSL (as per Manual T guidance) is acceptable for RESTRICTED only. The main problem comes with any kind of network connectivity when you are at SECRET or above.

    As for TOP SECRET ATOMIC PRINCIPAL ARTIFICER well, I'll tell you...oh hang on there's somebody at my front door....

  26. I. Aproveofitspendingonspecificprojects
    Coat

    Code Direct

    I don't know what was wrong with CDs. They seem to be perfectly secure.

    Beats throwing them out of the car in a lap top anyway. Waste of a perfectly good lap top, I always thought.

  27. Anonymous Coward
    Flame

    For goodness sakes

    Now they're giving away top secret intelligence data.

    Not enough that they give away military secrets, now it is intelligence data?

    What next?

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2022