My keys just got bigger. Haven't we stopped yet?
MI5 boss: We NEED to break securo-tech, get 'assistance' from data-slurp firms
MI5's recently appointed boss has placed the ability to intercept communications at the centre of the security agency's counter-terrorism efforts. Andrew Parker's most detailed justification of the controversial surveillance programmes by GCHQ and the NSA, came in a pre-planned speech (transcript here) to the Royal United …
COMMENTS
-
-
Tuesday 13th January 2015 04:48 GMT Mark 65
The dark places from where those who wish us harm can plot and plan are increasing. We need to be able to access communications and obtain relevant data on those people when we have good reason to do so.
Perhaps we should also place cameras with microphones in every single place imaginable - homes, toilets, showers, everywhere - and thus leave no place for these dastardly types to plot?
-
-
Friday 9th January 2015 14:30 GMT Anonymous Coward
Indeed
I will believe in what he is saying when he shows me a case where they have successfully used such information and it did not involve an entrapment or "Four Lions" scenario.
They supposedly followed Adebolajo, right? They even tried to recruit him right? So why exactly did they fail to prevent him from going out on a street and slaughtering an innocent person?
This is just one example, if we go through all the attacks recently the pattern is there:
1. Attacker known
2. Attacker followed
3. Attacker (in 50% or so of the cases) on file as security services informant or attempted to be recruited.
So why didn't they stop him and WTF else do they want?
-
Friday 9th January 2015 15:36 GMT streaky
Re: Indeed
I've said it before quite publicly, if you read the report on the specific case you mention it's fairly obviously a catastrophic failure of the services that the government managed to somehow contort into "it's Facebook's fault" and the press followed it dutifully.
It's pretty clear they had multiple opportunities and the information available to have recognised that they were both a pretty serious threat without hindsight - seems to me there's no system in place to recognise that the more dangerous people a subject comes into contact with pretty much guarantees that person themselves should be escalated as a threat.
They knew what was going on and they did nothing about it, and we all know the result. For that incompetence we get "we need to decrypt everything". They could get all the private keys in the western world and it will still do nothing for them because they have no useful threat escalation systems (namely that aren't prone to the massive human errors as noted in the report) in place so they won't be able to join the dots. It's not even an AI problem it's a simple look at the communications we already know about problem; it's solvable even with an upside-down page-rank style algorithm targeted at people, organisations and aliases.
If all comms were in the clear all the doors they'd be kicking down would be the talkers and the trolls as opposed to the real threats that as I mentioned they seemingly have no way to classify.
-
Friday 9th January 2015 16:00 GMT streaky
Re: Indeed
Just to be clear I'm not saying that they shouldn't be using more "traditional" forms of threat assessment, what I'm saying is that they need a parallel system that can tell them if they're maybe missing people or mis-allocating resources - Bin Laden FWIW isn't as big an actual direct threat as the Hamza al-Ghamdi type; Bin Laden confers threat status on Hamza al-Ghamdi, not the other way round - yet who were the resources being thrown at. That's what I mean.
-
-
Saturday 10th January 2015 02:10 GMT Anonymous Coward
Re: Indeed
@AC re: ".. and WTF else do they want?"
How long have you got?
- Imprisonment without charge.
- Increased detention periods.
- Abolition of human rights.
- Suspension of habeas corpus.
- A police state.
- Guilty unless proven innocent.
- Oath of loyalty to the government.
- A camera in every house.
- Banning of all encryption.
etc etc.
And they're supposed to be the good guys.
-
-
-
-
-
Friday 9th January 2015 12:47 GMT big_D
Re: Want to pry?
Exactly.
"We need the capability to shine a light into the activities of the worst individuals who pose the gravest threats. They use the same communications tools as the rest of us."
Yeah, and if you had gotten warrants and observed these worst individuals, then we wouldn't have this problem now... But you (the intelligence community) decided to categorise everybody who doesn't work for MI5 or the NSA as "the worst individuals", so you got what you deserved...
-
Saturday 10th January 2015 00:08 GMT xperroni
Re: Want to pry?
We need the capability to shine a light into the activities of the worst individuals who pose the gravest threats.
I just love how the only response to terrorism the G-men can ever think of is more surveillance. How about Western powers stop bombarding, occupying and otherwise being real jerks to Middle East countries (as well as everywhere else)? I bet it would help avoid an attack or two.
-
-
-
Friday 9th January 2015 11:57 GMT Valeyard
oh no
Is the register going to start using BBC stock photos showing "hackers" wearing balacavas in darkened rooms with binary in their eyeballs?
they're REALLY bad and completely unnecessary, to the point where no picture at all would be better and they make the BBC look like absolute idiots
a hacker "downloading" the "password" inside a wall of "hackercode" on the "mainframe" is how i imagine selling this particular image to the rory cellan jones
-
Friday 9th January 2015 12:12 GMT Anonymous Coward
Discrepancy
There are a couple of quotes from the article that need to be carefully looked at. Specifically:
"A key part of the evidence which brought the plotters to justice was coded conversations by email, forensically retrieved by police following their arrest..."
"Information recovered forensically following the group’s arrest..."
So in both specific cases mentioned, the electronic evidence was retrieved _following_ the arrests.
-
-
Friday 9th January 2015 16:27 GMT Doctor Syntax
Re: Discrepancy
"Did they already know what they were going to find though?"
I suspect that that's what's happening in the Microsoft email case. Anybody who's seen anything of it in the media and had dodgy emails on Hotmail/Live/Outlook/What's it called this week would have long since deleted them. They already have the text & want someone of their own to be in a position to introduce it in court as evidence. Going through the proper channels would result in some Garda going to court & testifying that there was nothing of significance on the account; that wouldn't do at all.
-
-
-
-
Friday 9th January 2015 12:21 GMT Anonymous Coward
And yet all the snooping did fuck-all good in Sydney or France. And the French shooters, apparently, have been on the naughty list for years. Including (in the case of one of the French guys; again apparently) an 18-month stint in prison for trying to go and jihad it up somewhere sunny. How much more of a fucking clue do you guys need?
I can't speak for the general public, because I haven't had a chance to chat with them all yet; but what I'm seeing is a total lack of results; a similar lack of accountability; and a direct personal threat...both to my ability to do business with some expectation of confidentiality and the ever-present "be a good citizen because we have enough blackmail to keep you in deep shit or years, even if we have to make something up". It'd probably help if you didn't lie your tits off every time you opened your mouths, as well.
Transparency works both ways matey.
(3 minutes of edit/rant to go...) And while I'm on the subject, balancing guaranteed loss of privacy against the statistical likelihood of being attacked by terrorists, I will opt for privacy every time.
-
Friday 9th January 2015 12:53 GMT Anonymous Coward
"And yet all the snooping did fuck-all good in Sydney or France."
Or in the London 7/7 bombings. Or the botch 21 July attempted bombings. Or the June 2007 attack on Glasgow airport, and linked attempts to detonate car bombs in London. Or the Boston marathon bombs. Or the murder of Fusilier Lee Rigby. Or the Madrid bombings.
And whilst I can't comment on the Madrid cases, in almost all the other cases the assailants were on the radar of the security services beforehand, just like the vermin causing grief in France.
-
Friday 9th January 2015 17:25 GMT Anonymous Coward
"And while I'm on the subject, balancing guaranteed loss of privacy against the statistical likelihood of being attacked by terrorists, I will opt for privacy every time."
And what if that attack is of an existential nature. Are you willing to live your entire live under a gigantic Sword of Damocles, knowing that one slip at any point and any time means you can kiss yourself and perhaps your entire civilization goodbye?
-
Friday 9th January 2015 19:09 GMT Anonymous Coward
And what if that attack is of an existential nature. Are you willing to live your entire live under a gigantic Sword of Damocles, knowing that one slip at any point and any time means you can kiss yourself and perhaps your entire civilization goodbye?
We are already living under the sword. And that pisses me off.
-
-
-
Friday 9th January 2015 12:24 GMT nematoad
"... MI5 and GCHQ, acting with proper legal warrant... "
Ah, there's the rub.
" ... MI5 has no desire to seek sweeping powers for their own sake or loosen our long-held commitment to necessity and proportionality."
But it appears from the Snowden revelations that they do neither. Rather they take what they want when they want, " Because we can." and rationalise this activity afterwards. WE are asked to trust them to do what is legal without us having any chance to see if it is or not. That's all taken care of by Parliament's Intelligence and Security Committee. Trust in politicians is a rare commodity and the close tie between Parliament and the security apparatus means that the rules governing the conduct of such organisations are usually slanted as to allow them to do pretty much as they please. If criticism is then made out comes the standard reply. "We operate within the law." Of course they do, they helped write it.
It all comes down to trust and by their actions they have forfeited this. Commercial companies such as Apple and Microsoft see this as a threat to their business and take measures to counter such threats. Hence the new empahsis on security for the users.
It will be interesting to see which side wins, the bottom line or the security organisations.
-
Friday 9th January 2015 12:31 GMT alain williams
checks and audits
I do not have a problem with targetted surveillance where MI5 need to justify their concerns to a judge before they snoop. ISPs/website_operators must be given these decisions (judgements but not the evidence) as part of a request for help in an intercept. These applications to court must all be published after, say, 10 years. I do not like warentless hoovering of all communications data.
The other thing that I do not see is full auditing and a truely indepdendent auditor - ie not an establishment figure. This guy would be given free access to what is happening and will publish an annual report (yes: summary only) and when there is a 'bust' say how important surveillance was in achieving it - currently I get the feeling that how imporant e-evidence was in a bust is somewhat over played.
-
Friday 9th January 2015 13:49 GMT Yet Another Anonymous coward
Re: checks and audits
Their surveillance is targeted.
Any students that are a bit lefty - especially those that end up being labour cabinet ministers
Any bishops that suggests Thatcherism isn't completely what Jesus would have done.
Any journalist that writes about anything in government
Anyone who complains about any local or national government activity.
All perfectly targetted at potential threats to MI5
-
Friday 9th January 2015 12:36 GMT Haro
Put up a Tor relay
I'm just combining this with the other article on a certain oil state. What can one do other than be brave enough to run an exit Tor relay, and buy an electric car. As stated here, all the massive fishing does is allow the Saudis to whip people, since I'm sure Mr. MI5 and Mr. Facebook give them everything.
-
Friday 9th January 2015 12:45 GMT Warm Braw
Wood, trees, needle, haystack
The more information you gather covertly, the more "plots" you suspect. People who believe their conversations are private spout all sorts of gradiose nonsense about politicians/immigrants/partners/football often in an exaggerated and threatening way. Attempts at secret mass data collection actually gather more noise and proportionally less data.
There's a great deal to be said for letting it be know that mass surveillance is taking place - the law-abiding populace will be cowed into desultry exchanges of trivia and anyone who isn't is clearly either a terrorist or a troublemaker (which is close enough to the same thing). I'm surprised Mr. Parker is trying to diminish the public perception of his organisation's remit.
-
-
Friday 9th January 2015 12:58 GMT Anonymous Coward
Re: So in all these years of snooping when phones were not encrypted…
"How many terrorist plots did they actually foil?"
Errrrr.....there was that one where some "terrorist" tried to have a crafty e-fag on board a coach, and the whole resources of the state were deployed to nail him:
http://www.theguardian.com/commentisfree/2012/jul/06/megabus-smoke-buses-terrorist
I particularly like that picture, showing the innocent passengers rounded up like animals and made to sit on the road, with millions of coppers milling around threateningly.
-
-
Friday 9th January 2015 13:02 GMT Mike Ozanne
In the end he's doing the typical flunkey thing of wanting what he can't have. Crypto and transmission protocols will continue to evolve in the direction of routine use of complex, temporary, non-stored keys and short of disconnecting the entire UK from the Internet there is fuck all that can be done about it. All that can be acheived is drive revenue, jobs and innovation overseas. If Cameron had the sense god gave a goose, he would have sacked this useless twat after his firat speech.
-
Friday 9th January 2015 14:07 GMT Anonymous Coward
"If Cameron had the sense god gave a goose....."
....we'd all be pleased with the marginal improvement. I'm no spring chicken, but I can't recall a more lightweight, ineffectual PM since, well, ever. Look at his latest endeavours to dodge a TV debate. I care not for the things, but for a politician to run away from one, strewth.
-
Friday 9th January 2015 13:28 GMT Bob Wheeler
Interesting..
From the article, Mr Parker mentions "Irish Repulicans".
Given that the 'troubles' lasted some 30/35 years, way before comminications where more sophisiticated than fixed land-line telephones and the post. Which did makes things very easy for the state, as they controled the telephone exchanges and the post, to intercept such comminications.
So, back when things where easy, how come the troubles lasted as long as they did, and what the F**K do these guys think they are going to catch all these bad guys now?
-
Friday 9th January 2015 13:31 GMT Graham Marsden
"first person in the UK to be convicted of terrorist offences...
"... in connection with the Syria conflict had received advice on how to access extremist training and weaponry in Syria through online contact with other extremists based overseas."
Wow, you mean they didn't write letters and send them through the post...???
-
Friday 9th January 2015 14:07 GMT Anonymous Coward
Re: "first person in the UK to be convicted of terrorist offences...
That's worrying too. I have received all sorts of information from the internet, including information about weapons and training. Is this terrorism now? I thought that you had to actually go out and terrorist at people for it to count.
Knowing about things and actually doing them are -I thought- two entirely different propositions.
(NB for any spooks reading this; terrorists do it outside; there's a distinct lack of comfy chairs; and proper terrorists disapprove of beer; any one of which should eliminate me from enquiries. Please make a note).
-
Friday 9th January 2015 14:31 GMT Anonymous Coward
Re: "first person in the UK to be convicted of terrorist offences...
Have a upvote for the words "terrorist at people".
By the same logic extrapolated just a bit, the IT security industry is going to become very thinly populated a bit quickly too.
Posting anon, because well, its friday afternoon and I'd rather not make the lower levels of monitoring's job too easy.
-
-
Friday 9th January 2015 14:08 GMT simmondp
Wanting privacy and security does not equal terrorist.
If privacy is outlawed, only outlaws will have privacy.
Philip R. Zimmermann, June 1991
and it's corollary;
If encryption is outlawed, only outlaws will have encryption.
Thus if I encrypt, does that make me a bad guy, or just someone that wants to protect my privacy.
This is the start of a very slippy legal slope.
-
Friday 9th January 2015 14:26 GMT Vladimir Plouzhnikov
Lies and misrepresentations
Invariably, what they are all saying is "No, we cannot stop the bad guys who we know about from doing bad things. We need to know everything about everyone in order to do that".
Now, they can't really be so dumb as to mean it, therefore, the obvious conclusion is that they are lying.
The DO want to know everything about everyone but mainly so as to be able to better detect, manipulate and counter the threats to their own position of power. That may be acheived by blackmailing an MP or by catching a whistleblower before he can spill the beans or by making sure that someone with unacceptably liberal points of view would never be able to make a career in the public service.
Stopping terrorists is not a priority. One can even say that if there were no terrorists they would have had to be invented...
-
Friday 9th January 2015 14:40 GMT Anonymous Coward
As Charb said
"I'd rather die standing than live on my knees"
This isn't just in reference to terrorist or "people who means us harm", but also governments and agencies who are being increasingly oppressive and encroaching on personal lives and liberty.
These agencies guys are also way too naive. Let's just say, ok they somehow managed to force everyone to forsake their privacy and liberty by getting Theresa May or whoever else coming to force another unpopular legislation through for the sake of the children. Guess what, the bad people will just move on to another technology, develop their own dark nets, internet protocol or even create and use encrypted botnets to communicate. They will NEVER get the result they want - which is full disclosure/transparency of communications from criminals, terrorists etc...
You'd think they ought to know by now that law enforcement has always been a game of cat and mouse. Just because the mouse is now is in some innocent person's home. Doesn't mean the cat has any permission to demolish it. How dare he even ask!
Oh and FYI, the scenarios above is just a matter of time. Especially when the world is promoting coding at a young age. Developing your own communication protocol, hijacking and creating botnets etc... isn't exactly all that hard. My 5 year old will know how to by the time he's 10.
I think most of us are fine if they're just going for highly dangerous targets, in that case I really do not see why they cannot go through a court over-sight system and get a damn warrant.
The news of his speech is getting more and more boring. Liberty, Privacy, Freedom of Speech and Expression shouldn't be up for discussion. Protecting these values should be what our governments be doing, not jeopardising them with excuses. Je suis Charlie. Let us remember. People died protecting these values.
-
Friday 9th January 2015 16:47 GMT arrbee
Re: As Charb said
"Guess what, the bad people will just move on to another technology, develop their own dark nets, internet protocol or even create and use encrypted botnets to communicate"
Guess what, the bad people will simply move in at the top of what will have become a fully equipped ready-to-go totalitarian state, no assembly required.
FTFY
-
-
Friday 9th January 2015 16:17 GMT Doctor Syntax
"I’ve said before and I’ll say again MI5 does not browse through the private lives of the population at large."
Just those using Yahoo visual chat. Or maybe that was GCHQ, not 5?
"You should not imagine that MI5 is always arguing for new powers or more tools"
No imagination required. We keep seeing them do just that.
I'd like to see him start again and specifically address:
Due process. Maybe he could find a date to tackle this one in June when we'll be celebrating the 800th anniversary of Magna Carta which brought this into English law. Restoring it would be a good contribution to those celebrations.
Presumption of innocence. If the population at large are to be presumed innocent than he doesn't need blanket powers. If he doesn't presume the population at large to be innocent then he should come clean and admit he rejects one of the basic precepts of British law.
Reasonable expectations of personal and commercial privacy. If organisations we use in the course of regular - innocent - communication are to slurp data how does he propose to prevent this being (a) sold for corporate profit by those organisations, (b) sold for personal profit by individuals working in those organisations, (c) passed, for profit or otherwise, by his organisation and his confrères as industrial espionage and (d) secured against intruders who might grab the data to be sold for profit.
-
Friday 9th January 2015 16:39 GMT Anonymous Coward
"A key part of the evidence which brought the plotters to justice was coded conversations by email, forensically retrieved by police following their arrest"
They should probably mention something about how these people came to be on their radar instead of telling us that the evidence was gathered AFTER their arrest.
It doesn't lend much to their argument for live mass surveillance if this information was gathered "offline".
Just look at the disgusting attacks in France, or Boston - these people were already on their scope anyway - does that not prove that mass surveillance doens't work?
-
Friday 9th January 2015 17:20 GMT Graham Cobb
Come back when you have done some housecleaning
I am getting very bored with this whining from the securocrats. I know your job has got quite hard. No amount of whining will change that. Come back when you have:
1) Cleaned up. Owned up about the out-of-control years. Heads have rolled. Some people are in jail (yes, really -- there are no excuses for what has been going on and justice needs to be seen to be done).
2) Changed. Stopped untargetted surveillance. Reduced data retention to 30 days. Got warrants. Put in place an overview regime we can actually trust (yes, that is hard to do -- work out how to do it).
3) Come back with a realistic plan for how you will do your jobs to protect us given that technology means that the bad guys will have access to perfect encryption, high performance dark nets, etc (even if you make them illegal). Note: "I believe in fairies" is not a plan.
According to the speech there are 600 returned jihadists. Even if all of them managed to radicalise 100 other people, those 60,000 would be less than 0.1% of the population. That is not a justification for snooping on 64 million people. At those odds I am happy to take the risk of becoming the victim of a terrorist and just close down GCHQ.
-
Friday 9th January 2015 18:01 GMT WalterAlter
This is all so, um, moot...
Dudes, let's all wake up to the fact that If we get close to throttling the Combine's march towards martial law like ranks of Hitlerjugen with picks and shovels on their shoulders, they'll just blast another World Trade Center to smithereens. How can we chop off the Beast's head if we don't even know where it is? What's that, we DO know where it is but are just too ding dong comfy in our mentally sandbagged revetments to lift a finger? But yah, kvetching is soo cathartic and feeling good about...whatever...has supplanted our collective ethical backbone.
You are stationed at Uxbridge, August 1940, you hear the claxon. Do you
A) Hold an inner debate on the safest course of action?
B) Fly the bloody Hurricane?
-
This post has been deleted by its author
-
Sunday 11th January 2015 15:45 GMT amanfromMars 1
Re: This is all so, um, moot...
Talking of fascists, WaterAlter, and we all know that they are always on the road to nowhere fast and will always be comprehensively defeated, here is a former US presidential hopeful exposing the truth about their existence in plain sight .......... http://www.zerohedge.com/news/2015-01-10/ron-paul-reality-now-setting-america-it-was-all-based-lies-ignorance
Are Cameron and Blighty raving fans of the system? Avid ignorant supporters of lame duck presidential executive office actions showing one and all that intelligence is missing in the nation and thus be ripe for novel and catastrophically disruptive and/or destructive attack vectors in vital sectors, for that is surely what the future is guaranteed to bring along with ITs SMARTR Solutions in Media Hosted Tales ...... Noble News Worthy Events that only the Earnest Fool and Useless Tool would Choose to Ignore and Avoid in Open Free Debate ....Sublime IntelAIgent Networking Chatter?
That is the New Real Present Normal and IT pays no Wasted Attention nor Dues to the Aged Past and Ye Olde Worlde Orders of SNAFU.
-
Sunday 11th January 2015 17:18 GMT Havin_it
Re: This is all so, um, moot...
Uh... Wut? [That's to the OP, not amfM1 for once]
My answer's A followed swiftly by B, because A doesn't take that long: If I refuse to do B, then I expect they'll bally well court-martial and/or shoot me for deserting, the rotters. Unless I'm not actually an airman, in which case maybe A but probably not B.
Also, how do you throttle a march? Especially when you're already carrying a pick and a shovel?
As for this "Beast" of yours (assuming that means global terrorism and not David Cameron; you're not entirely clear here), what on earth convinces you that it has only one head? To whom, then, does it belong? Ask anyone in mid-September 2001 and they might well answer Bin Laden; yet it took over a decade to decapitate, and even more strangely, the Beast still seems to be alive and kicking, running around knocking things over in fact. Is this Beast like a very tough chicken? Inquiring minds want to know!
To be honest, I just re-read your whole post again, and I'm still not quite sure whether you're bitching at ter'rists, Dave, ethical self-examination in general, Milquetoasts, the shit-scared, the security services, Hitler, or all of the above. Care to clarify? In language that focuses a bit less on making you seem well-read?
Here's one for you. You're George W Bush, reading a storybook to some children in September 2001. An aide whispers in your ear that a bunch of Saudis just fucked with your country, because they weren't happy about you and your predecessors fucking with theirs, or others a similar distance away. Do you:
A) Immediately up the level of other-country-fucking-with in response, because that'll work;
B) Prepare to make an unpopular but honest admission that though their methods were abhorrent (and the crime will be investigated and punished per civilian law), they have a point, and it's time to stop being the world's corrupt policeman already, because it appears that's only making matters worse;
C) Continue reading the storybook, hoping an answer may be found within, followed by A because Dick, Don and Paul all think that's the best thing to do.
-
-
Monday 12th January 2015 09:09 GMT Roj Blake
False Positives
Imagine that mass surveillance (including metadata collection) was 99% efficient at finding terrorists. That would be really good, right?
Say that there are 6,000 people in the UK who are potential terrorists (I suspect that the number is actually a lot lower than that).
The surveillance would get all but 60 of them. Success! Until those 60 do something bad.
Meanwhile, 1% of the innocent population are being falsely labelled as dodgy. That's 600,000 people. Good luck finding those 5,940 true positives amongst that lot.
So in fact, most of the terrorists identified as such by mass surveillance won't be hindered by it, and many innocent people would be caught up in the dragnet and have their lives ruined.
This of course is before you factor in the fact that non-idiot terrorists will be able to evade the surveillance.
And that, ladies and gentlemen, is why mass surveillance is doomed to failure