Heh
"as well as effectively make unbreakable encryption illegal"
Not convinced it does this, but lets pretend it does - it's a technology war they'll lose so they're welcome to go proverbially nuts.
The UK government has secretly drawn up more details of its new bulk surveillance powers – awarding itself the ability to monitor Brits' live communications, and insert encryption backdoors by the backdoor. In its draft technical capability notices paper [PDF], all communications companies – including phone networks and ISPs …
It does not restrict the use of encryption. What it effectively prohibits is the provision of encryption by carriers. So customers just have to get their encryption from somewhere else.
This has been the position in New Zealand, for example, for some time. As a tool for nobbling local companies competing in the data security space, it'll probably work a treat. As a way of stopping the use of strong encryption, not so much.
I'm not sure that they haven't already lost the technology war. See this short video about Signal at theintercept.com.
Maybe, but if being based in the US is your criterion for not trusting encryption, iPhones and Android are not safe, so we may as well not even try. theintercept.com came about as a result of Glenn Greenwald publishing Edward Snowden's revelations, so they are very strong on encryption and I'm inclined to trust their recommendation of Signal.
Yes, it was Snowden's recommendation: https://whispersystems.org/
Sorry, totalitarian rulers, but unless you plan on using technical measures to physically block access to foreign (as in beyond your jurisdictional powers) VPN privacy services, what you plan to "allow" is of no consequence.
Although I fully expect that such services will in fact eventually end up being deemed "illegal", in principle, even if it's beyond their power to actually stop us using them.
The draft does not seem to say this - it seems aimed at communication carriers. On the other hand, is there anything to prevent another order, or perhaps a new law, requiring devices sold in the UK with manufacturer provided encryption be decryptable by the manufacturer, much the same as this order appears to require carriers to be able to decrypt communications encrypted by or for them?
Seems like a cunning plan to put local ISPs out of business. They will flee to overseas providers as private data gets hoovered, bank transactions get hijacked and everyone is massively defrauded. The entire UK internet user base will be transformed into low-hanging fruit if this shit ever passes.
Unless of course the HMG thought all this through carefully, just like the NSA and CIA did. Good luck with that.
I'm sorry, Steve, but I have to get you down from your high horses because Android poses no problem to mass surveillance lovers. On my beautiful shiny Samsung Galaxy S6 an application I want to shutdown (because I don't use it) will always be restarted and the button to disable it is greyed out. More than that, I disabled notifications from this application and now it sends me notifications to alert me that it can't send me notifications. My wife's LG pesters her to download and install Evernote and there's no way to tell it to shove off. This is to prove that you have absolutely no control over Android, somebody else has so it can't protect you like Linux would do. Linux trusts and obeys you while Android is not, even though it runs a Linux kernel.
"Android rooting is your friend"
Deliberately circumventing platform security is not your "friend" and certainly shouldn't be the expectation that users have to get the functionality they want.
Send a message with your money, people. Don't buy crap phones.
"Maybe you shoukd consider a technically competent choice of phone over the big brand loyalty."
100% agree, your problem is not with android, but with LG and Samsung. My Nexus doesn't do anything like this, runs the latest Android version and gets monthly security updates. Android isn't one thing it's thousands of things don't assume they are all the same.
By illegal we mean it outlaws the implementation of truly secure encryption. You, as an individual, using it may not be in trouble, but you, an app developer, will be if your product doesn't obey a technical capability notice served on it (that's a backdoor with a fancy name).
C.
This post has been deleted by its author
outlaws the implementation of truly secure encryption
That's the end of the economic system as we know it. Quantum key distribution is out, vpns are out, ssh is out. This will never happen.
what I got from the document which means they will block them
They can block my outbound ssh if they're willing to pay my wages until I'm 70, or they can do one. I'm happy to take this to court. If they're not blocking ssh then the law is moot.
> but you, an app developer, will be [in trouble]
Is that correct? From the PDF, "A technical capability notice imposes obligations on a telecommunications operator or postal operator in order to", implies that this could not be applied to an app developer per se, although it could be applied to an app delivered by a telco or postal operator.
There may be more to read in the full act et al, but I didn't see anything applying to individuals. Although that could be the next logical step.
Regardless of the scope though, this proposal does appear to place an obligation on telcos etc to undermine the fundamental security of the communication systems they provide in a manner that can eventually be subverted by ne'er-do-wells. I did particularly like the obligation to design for the hacking of any supplied equipment, "1. To provide and maintain the capability for interference with equipment to be carried out, for the purpose of obtaining communications, equipment data or any other information ..."
"14. To consider the obligations and requirements imposed by any technical capability notice when designing or developing new telecommunications services or telecommunication systems."
That there looks like banning e2e encryption and building in realtime monitoring.
If my Auntie had balls she'd be my Uncle.
"Looks like" doesn't cut it. Encryption has not been banned in the UK. The UK has reserved the right to punch a hole in it whenever it wants to, and it will probably be unsuccessful.
This is a disturbing development, but not a surprising one.
If you're developer in the UK making something that can be considered a telecoms app or service, you need to avoid e2e encryption and build in realtime monitoring otherwise, if you are told to give up data on someone, you won't be able to respond in 24 hours with the data they ask for and therefore you will have broken the law.
They even tell you to consider this law when designing your app or service.
But no, there's no "we ban e2e encryption" clause. Why would there need to be if you end up in a whole heap of trouble anyway?
"you, an app developer, will be"
It's vague, but the legislation reads very much as if app developers aren't included because they don't provide end points. The same wording was used in previous legislation that never covered apps. However an enterprising policeman might argue that Skype, for example, is a communication provider.
He doesn't need to argue, Skype etc... already are covered:
A telecommunication service is defined at Clause 223(13) as ‘a system that exists for the purpose of facilitating the transmission of communications by any means involving the use of electrical or electromagnetic energy’.
Again, it's the over the top services that will be the "fun".
MPLS/BGP/TCP et al can be inspected, as it's a known protocol. If the packet's going up/down said wires turn out to contain encrypted stuff, that's WAY beyond the OpCo's wires, and the Telco's will simply go "meh" as it's not in their domain to control, unless they start doing DPI and being ordered to block anything they can't decode.
In which case we'll see digital steganography of another kind. Stuff will look like/be valid traffic, and just be nonsense, with anything relevant buried in some way that'll be harder to spot.
That's a horrible piece of English. Could argue this only covers electrical and electronic hardware? Skype is facilitated by using a system based on these, but could just as well use Naval Flags or the CLACKS to transmit, but does not actually directly "facilitate the transmission of communications by any means involving the use of electrical or electromagnetic energy".
Several hundred million in legal fees later...
A telecommunication service is defined at Clause 223(13) as ‘a system that exists for the purpose of facilitating the transmission of communications by any means involving the use of electrical or electromagnetic energy’.
Interesting. Returning to pneumatic tube technology may be worthwhile after all. As long as it's pumped by hand.
"telecommunication service is defined at Clause 223(13) as ‘a system that exists for the purpose of facilitating the transmission of communications by any means involving the use of electrical or electromagnetic energy’."
so the post office is not a telecommunications provider but someone using smoke signals is?
Hence skype is "Cloud" not p2p anymore. MS has too much to lose if leaned upon.
So no large telcoms provider can provide e2e encryption. That means you have to do your own. I'm not sure that changes much, if you are at all interested in privacy.
In short, you probably shouldn't trust anyone with a significant amount of money to lose from non-compliance. It doesn't matter how much encryption your application does if the OS taps the microphone.
Err... no, it just doesn't. Look at the language again:
to disclose, where practicable, the content of communications...to remove electronic protection applied by or on behalf of the telecommunications operator
There's nothing there that prevents you from having all the encryption you like. You just can't get it from a "telecommunications operator". At least, not a UK one.
If I understand it correctly, any developer who offers an encrypted app or service and is served a notice has 24 hours to decrypt the data they have on someone and hand it over or they are breaking the law.
This is does not allow for e2e encryption. Despite MPs saying it wasn't banned, it was banned.
Has their braindead legislation just made hashed and salted passwords illegal?
Maybe the future for apps is a plugin architecture and open source e2e plugins on github, similar to PGP encrypting email messages despite SMTP knowing nothing about how that's done.
Erm, democracy?This is how it works.
Are you suggesting no-one should ever argue against a proposal after a vote has been taken, or against the implementation of the resulting policy? Are you arguing in favour of the tyranny of the majority?
That would be very UKIP of you. I really hope you don't deserve that label, and instead just haven't thought it through.
We don't directly vote for Prime Ministers in the UK. That's why half of the Prime Ministers in the last century didn't reach that position through a General Election.
Also, why this issue with May in particular? Either (like me) you didn't vote Conservative, in which case they're all pretty much as bad as each other. Or you did vote Conservative and ended up with a PM who seems pretty standard tory as far as I can see.
"Also, why this issue with May in particular? Either (like me) you didn't vote Conservative, in which case they're all pretty much as bad as each other. Or you did vote Conservative and ended up with a PM who seems pretty standard tory as far as I can see."
You may want to read up on all the big brother style laws she tried to push through as home secretary. She is definitely towards the authoritarian end of the spectrum, even when compared to much of the Tory party.
They're basically the same surveillance laws that various Home Sec's have been trying to pass since Jack Straw.
But yes, perhaps May is more evil than a standard Tory, I do tend to tar them all with the same brush.
ID Cards and surveilance were a good reason to kick out Browns lot in 2010.
Just a pity Cameron chose an authortarian nut job for Home Secretary.
Remember there are a lot of people who want economic competence with small government who let us live in peace, but we are neglected.
"a pity Cameron chose an authortarian nut job for Home Secretary."
And who, back then, was the senior civil servant advising May on terrorism and intelligence matters?
And who, in 2017, is still a senior civil servant advising May?
http://www.dailymail.co.uk/news/article-2649035/The-discreet-affair-two-Home-Secretarys-closest-advisers-REAL-reason-bitter-split-Cabinet-colleague-Michael-Gove-Islamic-plot-schools.html
https://www.gov.uk/government/people/charles-farr
https://en.wikipedia.org/wiki/Charles_Farr
Who needs elections anyway, so long as we've got strong and stable kleptocrats, spooks, and lunatics running the shop.
"Remember there are a lot of people who want economic competence with small government who let us live in peace, but we are neglected."
I'm with you on that, and also add that if the majority of people don't vote for a change, don't make it - but i keep being told that the 52% won so my views are of no consequence ....
You think that all Conservative voters like May?
Actually many do not and are either abstaining or LibDemming this election. However kippers will be boosting Mays vote. Younger ones who remember Brown and then the Coalition are very happy to go LibDem. Seems quite common among the late teens early 20s. They even understand the tuition fee issue.
See the bit about David Cameron and 45 minute walk and chat vs locked in a room away from Theresa May.
https://www.theguardian.com/politics/2017/may/02/theresa-may-liberal-democrats-defectors-south-west-stick-with-tories
This was just top link, seen it in other places as well.
I know it is unfashionable but I liked all 3 main party leaders last election. I thought Cameron was the best for the job then, but Clegg and Milliband were OK. Actually Clegg did pretty well as Deputy PM despite being the minor party with only partial influence.
I am not sure if it would be wise to compare May to the secret Police ranks, but May is an authortarian nut job and Corbyn a CND loving old fool with no clue. Farron, well he seems to have no image.
"Actually many do not and are either abstaining or LibDemming this election."
A little while ago a lot of folk commenting on some article in the Financial Times mentioned that they'd joined the LibDems. They also seemed to be much more impressed with Sadiq Khan than Theresa May - strange times where FT readers end up on the liberal/left end of the political spectrum.
"We don't directly vote for Prime Ministers in the UK."
True - and that's why traditionally the PM was always the primus inter pares/first among equals in the government, rather than being a president. However, recent PMs and especially the current one seem to have forgotten that aspect of British constitutional law, and act as if they were a president.
>"No one voted for Chairman May to be Prime Minister"
>Surely elected members of the conservative party did....
Technically, some voted for her in the early rounds. Then Andrea Leadsom dropped out, so she won the final vote by default.
Why are the British government such a bunch of complete arseholes? Technically illiterate, impervious to logic, bent on destroying all and any freedoms that the population might have.
I'm glad I didn't waste my vote today. In the sense that I took a deliberate choice not to use it to support the fuckwits of the establishment.
They're not.
However the cabal of high level data fetishist civil servants (who seem to infect mostly the Home Office) but any of the assorted spy agencies see no reason why it can't (or rather shouldn't) be done.
Inside their heads more is always better. All (recorded all the time forever) is best of all.
Stuff the "safety" BS. This is all about "Give me 6 lines from an honest man and I'll find something with which to hang them."
why ?
many reasons, but the main reasons seem to be the gubernment has absolute power,
YOU are the proliteriat, and are one of Kisingers 'useless eaters' a poor, stupid powerless pawn in the big machine, who only exists to serve the state and be USED. You do not matter, your views do not matter.
The system is Everything and it pretty much hates you.
The system is dark and nasty.
The proliteriat are dumb and lazy.
@Ledswinger
"Why are the British government such a bunch of complete arseholes?"
Stop whinging and do something. You have until 4pm on 11th May to form a party and nominate candidates. There is nothing to stop you from forming the next UK government. OK, well there are the great unwashed masses of the British electorate, but if they can be brainwashed into voting for bloody difficult stupid May, then maybe they can be soft soaped into voting for you!
As has been demonstrated time and again over the last couple of decades, one individual, or a small collective of like-minded individuals, have proven an existential threat to those that have socio-politico-economic power. Osama bin Laden, a civil engineer, used jet aircraft as kamikazi missiles. More recently, someone tried to transfer a billion dollars out of the Bangladeshi banking system and was only caught on the larger transaction by a typo.
I happen to be an engineer, thankfully one without homicidal intent. I can certainly come up with all kinds of interesting things to do to "the system" if I was ticked off enough to do so. Hell, my own government did about half the training and paid for all of it. That doesn't even count the talented amateurs out there who have undergone, and survived so far, a serious Darwinian evolutionary process scaling what can be done technically. Lastly, state-actor's techniques are quite commonly found in-the- wild now whether we are talking about IT systems or arms (an increasingly meaningless distinction).
Wiring up a "surveillance state" (FVEY's) covering the planet, and bringing force of arms to bear on those parts that don't play well with others, is the solution du jour. Apparently they don't understand Information Theory (why such "states" will fail absolutely), but it's unlikely they will ever "get it" anyway. It'll be interesting to see which ends first: The "New International Order" or The Human Race. I won't be around to see it.
"By not voting, you support the status quo"
what utter tripe. another bunch of re-peddled myths,
by actually voting, you pretty much acknowledge their system, and
have to choose between being screwed by either the blue or green.
no point screwing up ballot papers. no one cares.
run yourself, yes, if only we had the money. time and connections eh.
ohh.. feel the democracy..
Decisions are made by the people who turned up. You decided not to turn up.
The next time you complain that the government did something completely stupid, keep in mind that this was partially enabled by your lack of participation.
Write to your MP. donate to a civil liberties group or, God forbid, actually vote.
"Decisions are made by the people who turned up."
Wrong. Decisions are made by people who learned how to keep themselves in power indefinitely by manipulating the general political climate to their favour by any means available, on a statistical level, until polls tell them they have sufficient electorate support to get re-elected - whether by pandering to the masses, scaremongering, attacking their rivals: it doesn't matter. They have no interest in anyone's individual vote, they are playing the game of large numbers that any successful politician knows how to play and win. Anything that makes you specifically vacillate is not their concern, only the stuff that sways large masses is - and they know what that stuff is and how to control it.
You, as an individual, decide nothing beyond when you want to ###k off. Sorry.
This post has been deleted by its author
There is nothing new here, you only need to look at the history of government in Britain to see the trend (not that most other countries are much different).
Britain has hundreds of years of government and civil service acting in a patronising and autocratic way towards the people of the nation. The governing system is, after all, a reflection of and a means of sustaining the 'class system', or more accurately, a means of the privileged maintaining their privilege, regardless of where they fit into the 'class' structure.
Power and money - how to get them, how to hang on to them, and how to prevent, limit, reduce the power/money available to others, especially those who you depend on for your own excessive acquisition of the same. It's an old game, and a dirty one.
That is not to say there aren't very 'good' people working in the system who through their working lives do a lot to mitigate the worst excesses of the wankers, idiots, and scum who work the system as hard as they can for their own advantage.
"Local <> national"
Indeed not, and yet what are the lead stories today across the UK meejah? "If these results were repeated on a national bas...." (etc). Not that there is any evidence that "national" politics exists as such in the UK any more, we just seem to have a set of separate regions, and the only region with any real influence is the geographically quite small one currently centred on Westminster and the City.
It appears that the proposal will only apply to "communications" companies, ISP, telco's etc - who in their right mind trusts these people anyway?
I say give them the law - well, they are going to do it anyway whether it's official on not. Meanwhile, if you care, route everything through a VPN that you control (not a commercial vendor) can carry on as normal.
Unless UK English words carry rather different meanings than the same (up to spelling) US English words, telecommunications providers may be required to be able to decrypt the encryption they apply or that is applied on their behalf by another party.
The document does not appear to prohibit other use of encryption, or require the providers to be able to decrypt messages not encrypted by or for them.
On its face, this appears to be a regulation governing ordinary wiretapping (and examination of mail, which I did not see mentioned in the article), with the additional requirement that a carrier could not evade warrants or other authorized orders by encrypting the communications or hiring someone else to do so.
with the additional requirement that a carrier could not evade warrants or other authorized orders by encrypting the communications or hiring someone else to do so.
I think the point here is that warrants aren't mentioned. The carrier is expected to roll over & drop its pants whenever the "authorities" ask. If it needed a warrant signed by a judge first there would be less opposition.
Doesn't make it any less pointless, of course. Just hook up your RPi "Enigma" machine to your email program, and you don't need ISP encryption at all.
How does the ISP know if the encryption I use is breakable unless they break it first? Which would be a hacking offence since it's done by them and not the government. And how can they block it since I run it on port 80 (or 443 or whatever)?
Here's a non-encrypted message to the UK government - FUCK RIGHT OFF.
She should really stop shaving her mustache. A small rectangular mustache can do wonders to your look. A set of handlebars and a military headgear look stunning too.
On a more serious note she is pressing all the buttons to advance towards a fascist dictatorship.
Declaring barely won refernda sacred and inviolate by any normal democratic process - exactly like Hitler and the referendum on changing the Weimar republic constitution, quoting straight out of his and Geobels rants just doing s/Jew/European/g. Having her lapdog quote out of the Law for the restoration of the Professional German Civil Service while applying the same regexp. And now trying for a quick war. Nothing to advance a dictatorship like putting the country on a war footing.
Make June the end of May.
Nice one!
I'm not confident though - it seems that most of our population are turkeys who enjoy Christmas, and are easily spun by media and political hysteria, and don't find the opposition a viable alternative... Where have we seen that recently? :-(
I've always loved dystopian sci-fi movies; Brazil, Blade Runner, Logan's Run, GATTACA, Cube, V for Vendetta, Dark City etc., a brief bit of escapism to another, strange reality, but now I look around at what's happening on our planet those films don't seem quite so appealing anymore...
If I can give a word of advice, I'd suggest if LibDems formed strong opposition to Conservatives on this election, that would be just good enough. You certainly cannot rely on UKIP or Lab to form an opposition, they will first stab each other before position on anything can be formed.
(I'm not voting, not holding the right passport, thank you)
No, not that. Since we're desperate for Trump to deign to grant us a huge free trade deal in the hope of stopping our economy going down the toilet the year after next, we have to suck up to the US more than usual. That means Putin is safe until he actually releases that golden shower video, or until Trump goes so far overboard that even the Republicans want him impeached. Right now, it's a lot easier to pick on the little guy with no real friends (you know, just like in school), so the false flag op will arrive courtesy of Kim Jong Un.
i will just add that just joining a group online doesn't actually *do* anything.
well, apart from maybe moral self licensing or virtue signalling if you then (quite rightfully)
re-post it on social media. We need to GET noticed. keyboard warrioring isn't enough.
comms providers will be required to make bulk surveillance possible by introducing systems that can provide real-time interception of 1 in 10,000 of its customers. Or in other words, the UK government will be able to simultaneously spy on 6,500 folks in Blighty at any given moment.
That makes the assumption that each person only has one Internet connection. For many it is 3: home, work & mobile. So double that number - at least.
Some dodgy numbers there
If they can intercept 1 in 10 000 ...
10 000 * 6 5000 gives 6 500 0000 users only in UK
Which seems quite small number of people ... although obviously there will be some shared use of landlines so one landline can snoop on multiple folk, but, as Alain said, multiple users of landline can be offset to a reasonable degree by mobile internet usage
From ONS
The internet was used daily or almost daily by 82% of adults (41.8 million) in Great Britain in 2016, compared with 78% (39.3 million) in 2015 and 35% (16.2 million) in 2006.
https://www.ons.gov.uk/peoplepopulationandcommunity/householdcharacteristics/homeinternetandsocialmediausage/bulletins/internetaccesshouseholdsandindividuals/2016
(worth reading a few lines of that just for depressingly high (IMHO) internet Smart TV number)
"comms providers will be required to make bulk surveillance possible by introducing systems that can provide real-time interception of 1 in 10,000 of its customers. "
That will not be free of cost, so ... if those providers could be required to break out the cost of that on their bills, people might actually notice, and want to do something? </pointless_optimism>
For a sufficiently long key current well known and extensively analyzed algorithms are thought to be secure against "breakable" for period of the order of the expected life of the universe. And the keys are not that long.
Technology and mathematical research could change that, but recent weakening results seem to be in the range of a bit or two here and there, and not overly useful in the context of a 4096 bit key.
There are, however, other means to circumvent encryption.
Mathematically, encryption can be unbreakable, but in the same way that physics has theoretically ideal constructs.
In the real world though, you use engineering to break encryption - and indeed all the high profile encryption flaws uncovered have not been discovered as mathematical flaws but generally, breaking in by using flaws in which the encryption is implemented. It was true for enigma, it was true for heartbleed, and it's true today.
After all, it's theoretically possible to have a perfect key and a perfect lock. Add in humans and they can be lost, stolen, cloned, misdirected and intercepted during transit, replicas of similar looking locks and keys made to fool users, or rubber-hoses used to acquire said items. These are not mathematical attacks but engineering ones. The public want engineering attacks outlawed, and gummints want to be able to do them, so the easiest way is for gummint to try to outlaw mathematics, "prove" that encryption promotes terrorism and peadophilia and "compromise" on allowing engineering attacks for themselves only when the public have an outcry about it.
So are 3rd party VPN providers going to be classified as telecommunication providers/ISP's ?
That's certainly possible, but I don't see how this has much impact in practice. Many 3rd party VPN providers are not UK based, and it's hard to see how the British government could do much except force them to shut down their UK servers if they did not comply. And of course, they would comply - for those servers. But it's utterly irrelevant, since if you are exitting from a UK server, you lose VPN encryption at that point anyway - VPN's do not provide e2e encryption unless you own both 'e's'.
Of course, if VPN connections to overseas VPN servers are going to be forbidden period, that would be.... interesting :).
If *every* company that operates a VPN for corporate purposes is now classified as a telco/ISP, that would be a pandora's box of grief. I just don' t see that happening here.
Are end users going to be forced to install ISP root certificates ( to allow HTTPS MITM attacks ) before they are allowed to use an ISP's services ? I can't see this. That would require touching every endpoint connected to the ISP, it would be a nightmare for the ISP's, and pinning complicates even this.
If neither of these things is true, then I'm struggling to see what the fuss is about on the encryption front. When we talk about e2e, in what sense does 'e' ever refer to the ISP/Telco ? What capability does this proposal give that they don't already have ? All that it appears to do is to give the Government explicit power to demand that ISP's/telcos do certain things *if they can*.
So what we're left with, really, are overlay services like Skype ( but who trusts that anyway ? ) and WhatsApp. And to be pulled in to this, they would need to be classified as telecommunication providers. That's certainly arguable. But I'm completely confident that nefarious persons with more than one brain cell will still be able to communicate securely if they wish to. So as usual, this is a Government scale hammer that might just crack a few peanuts if they're lucky.
"Are end users going to be forced to install ISP root certificates ( to allow HTTPS MITM attacks ) before they are allowed to use an ISP's services ? I can't see this. That would require touching every endpoint connected to the ISP, it would be a nightmare for the ISP's, and pinning complicates even this."
Erm, not quite. A nice nudge to Google & MS and hey-presto, your next s/w or OS update contains new certs.
Chrome already overrides machine level certs, as I found out when I was using a CA it opted to distrust (warnings ahoy, even though the root CA was trusted).
Unless you keep tabs on EVERY cert in your machine, with fingerprints, something could merrily install and opt to use one.
Pinning also only works if the apps respect it (or are allowed to)...
I'm sure someone will be along shortly to insert an obvious comment about not using Windows, or Google, or <other large well known app> - but for the masses, it's not going to be that hard to do...
It quite frankly puzzles me that with the surveillance capability available to the state security apparatus, there hasn't been an decrease in the availability of illicit drugs, black-market arms sales and the vast sums of money made from such trade. Which begs the question as to the real purpose of such legislation. Which if I have to spell it out for you is this. This is really about suppressing political dissent within the population.
The politicians won't oppose this, they can't, the spooks have the photos. I mean the spooks even have IMSI catchers installed around the parliament building and the MPs phones and emails are recorded and not a whisper of this from the MPs or the so-called free press. What we have here is what was once described as corporatism, that is the total union of the corporations and the state, what's that word, it's on the tip of my tongue, anyone.
"Which begs the question as to the real purpose of such legislation."
Think about this:
Who is the surveillance supposed to cover in the UK, why is this even remotely necessary? Is it because of the naughty UK natives?, if not who?
The national socialists?
The members of the Red Brigades?
Members of the IRA?
Members of ETA?
The Bolsheviks?
The FARC?
The Khmer Rouge?
The members of GRAPO?
I wonder who could be so problematic as to grant the government the power to spy over everybody.
The funny bit is that these who the legislation try to address were brought in by a political decision which could be easily reversed if the politicians had any honesty.
But instead you and me have to now see our freedom eroded.
This will be used to spy on political adversaries, and anyone critical of (((the system)))
This is a massive slippery slope.
'..wait until you have a camera inside your house by law. You think I'm joking don't you?'
I think you've missed the point about the way the surveillance state in the UK has been implemented, forcing things like this 'by law' tends to generate a 'bolshie' reaction amongst the 'great unwashed'...softly, softly catchee monkey and all that.. besides, it'd cost the state money to implement, money they'd rather spend on important things like Chablis and the suchlike...
Far better to get the 'great unwashed' to buy the shackles of the surveillance state themselves, the smart TVs, Xboxen with Kinects, mobile phones with multiple cameras, microphones and GPS so 'They' know where 'we' are, the internet connected 'Home Security Systems', the 'Smart Meters', the IoT BS..etc. etc, once they've purchased all that stuff, we, the state, can hack/intercept all their traffic rather nicely at the ISP/Backbone level.
The way things are going, I think I'll be looking for a nice cave somewhere in the Cape Wrath area real soon..
Exactly this!
Technician, we want you to build a component
For each of our workers, to be with them always,
At all time watch closely, so we can keep track of
Their actions, their interests, their morals, their time out.
Some musak to maim them, some fear to contain them.
Policy will judge them, brute forces degrade them.
Practical behaviour, the cleanser, the saviour.
A private vocation has no sense of nation.
The maintenance of power can be so fulfilling,
Just as long as all the slaves are willing.
- Twelfth Night, We Are Sane, 1982
"Far better to get the 'great unwashed' to buy the shackles of the surveillance state themselves, the smart TVs, Xboxen with Kinects, mobile phones with multiple cameras, microphones and GPS so 'They' know where 'we' are, the internet connected 'Home Security Systems', the 'Smart Meters', the IoT BS..etc. etc, once they've purchased all that stuff, we, the state, can hack/intercept all their traffic rather nicely at the ISP/Backbone level"
You and everyone up voting you clearly have no idea what you are talking about.I must ask you do you own a smart TVs, Xboxen with Kinects, mobile phones with multiple cameras, microphones and GPS?
Why would they? They know we're bloody stupid enough to want new toys like webcams and Skype on mobile phones. We buy into things like Alexa and Siri, talking to boxes that transmit our every thought back to the master servers. They won't have to make it law because the next generation are already practically brainwashed into sharing every single thought and deed online.
I have to admit, that after reading title, I dived into article fully ready to be angry. But this is no "mass-surveillance" is normal legal intercept. For details, 6500 people at the time is not much for the country of the UK size and there is some resemblance of legal process. Only the encryption bit is stupid.
Is not like the GHCQ tapping Vodafone proxy to spy on third of the Europe in the same time.
All in all, this is something to be discussed, which is surprising in these times.
investigatorypowers@homeoffice.gsi.gov.uk.
the email address does not work
The data that the government trawls is rarely used by security agencies but shared by over 60 other government departments who like the hse and environment agencies just use to prosecute small businesses for petty regulation infringement .
They are making a very good living from this process like speed cameras , not about safety just generating money electronically
The one everyone is missing, is how 'normal' historic Speed Limits are being reduced (with little to no opposite, using "Experimental Planning Notices" (i.e. no authority to do so, no Safety reason) to make Camera Enforcement effective, by setting the bar low enough to "head clip" everyday drivers making slightest of mistakes.
They are removing the permissable margin of error. Why? because Speed enforcement/Speed Cameras make very good (regressive) revenue streams.
It’s a great pity that people with zero understanding of what they doing, command large taxpayer (or more appropriately borrowing) funded budgets that they’re allowed to waste on futile endeavors, perhaps the UK should introduce a Tokugawa approach to the civil service, where wastage was punishable.
So now I need to communicate with my friends using CB radio or the Post Office for the inconsequential, and dead letter boxes for anything else. Why the assumption (by HMG and everyone else) that the WHOLE communications story involves mobile phones or the internet?
i was recently in the US and had a play on their CB, i learnt that there's a movement afoot for turning to low-tech de-centralised comms, like CB and Ham radio.. though Ham radio, hugely diverse hobby that it is, does have a couple of global data and voice systems that do use internet.
the spies do of course listen on radio, they have been since the invention of radio, but obviously that's harde for them to intercept, much of the time & if done right.
MESH networks and heavy encryption must become the norm, and low tech comms need to be rediscovered.
everything that is old is new again, or can be. we use 2 way radio for off-net comms.
so liberating, no data plans, wifi, spam, daily recharges, junkmail, cat videos, updates,
works anywhere, (comparitavely) low tech, decentralized, fun,.
thankfully Lumberjack shirted, mustachioed, cowboy hat wearing CB died in the 80s,
now it's accessible, license free, shiny new sets and PC programmable etc, empty space.
it's becoming time to make off-grid comms fashionable again.
even (none CB) cheap $20 FM chinese UHF walkie talkies usually ship with some basic encryption in.
plenty of high tier hi tech TDMA or CDMA ex mil stuff available too.
All those empty channels waiting to carry comms, around towm, around the country or even globe (occasionally) too bad it doesn't carry cat videos and share 'Like' buttons or it may have caught on already.. most people dont actually care. We do on here, most dont. we will have to work 'round it.
In the UK at least, it's illegal to transmit encrypted content over the radio - if you're using a broadcast channel, eg. VHF, then it must be cleartext. I'm a bit hazy on the source of this info but that's how I remember it. I'm sure there must be a HAM here to back this up?
What's good for the goose is good for the gander is something APT for such snoopy systems admins to be wary and aware of.
SMARTR IntelAIgent Servers for Services is an AIDevelopment Klondike with No Earthly Bounds to ITs Virtual Powers and Zero Day Energies ...... Singularity Synergies.
And that delivers to Astute Anonymous ACTive Vendors more than just a wealth shaming Croesus with Greater IntelAIgent Games Play Leads.
Capiche? Are you ready for the Future with ITs AI Realisation of Greater Unknown Unknowns?
He [amfM1] loses it a bit in the middle but the beginning and end make a lot of sense.... need more dried frog pills. Frankly I am surprised it took so long for someone to mention the old pros. …. James 51
Hi, James 51,
You might like to consider that rather than he losing it, you just don’t yet get what is currently HyperRadioProActively happening and forever changing the nature of realities all around you, and everyone and everything else too for that matter, in and with CyberSpace Command and Control Centres of Virtualised Excellence.
Would you expect that to be in a Blighty context, more of a secretive MOD/Military Industrial Complex/snoopy MI5 thing or a civilised GCHQ/spooky MI6 thing, if not something else Rogue and Renegade in an Almighty Revolutionary Underground Movement conversing with Followers who be Leaders and Followers alike.
To consider and accept that greater intelligence is confined and resides in old established institutions and attending spooky secretive services is to prove to one and all that one is not thinking anywhere near deep and far enough to be an effective help in ....... well, Future Business AIdDVentures.
So, the government want to be able to spy on named individuals, subject to the Home Secretary's personal signature on each warrant. Much like demanding that the Post Office allow them to read the mail of named suspects, even if the envelope is sealed and locked in a van. Oh, my, they can do that already, is there no hope for mankind? (Be sure to encrypt your holiday postcards, boys and girls. We recommend a onetime pad passed by a different route.) But who is this named individual, "Mass", the surveillance is targeted at? Is Mr Mass the new Mr Big, or what?
I delighted you decided to boost not-based-in-the-UK businesses with these proposals. You see, those proposals are so full of holes they will never properly work and will keep you in court for years to come, but you will have scared so many people that they will seek protection from this lunacy.
The problem: you effectively ban this sort of protection in the UK, thus handing a solid chunk of business to the exact foreigners you tried to ditch with Brexit. Well done.
From all those damn foreigners, a well felt Thank You.
Will the last sane person leaving Whitehall please switch off the lights? Don't worry, the rest won't notice anyway.
I mean come on, the SS7 protocol is as leaky as a rusted bucket. 99.99% of telco's use it.
The GSM Spec offers an encrypted voice on/off switch. The default is on, All telco's already have the ability to turn it on & off at will.
Data, would you trust a telco / ISP's encryption of your data transfers? I'm pretty sure nobody posting here would. Or any legit business for that matter. Surely there wouldn't be a market for VPN's if it was secure enough already (which we all know it clearly isn't).
It is rather strange that the UK Gov is insisting that already compromised comms security must be given MORE backdoors. The Gov already have the technology to eavesdrop already.
There must be a financial reason behind all this. Make the Telco's / ISP's pay for the monitoring instead of it coming out of GCHQ's future budgets.
How is this going to work with the likes of Apple who say no to their law enforcement agencies who ask them to break/weaken their encryption?
How will the UK government get people like apple/whatsapp to weaken their software or provide backdoors. I realise they could say you can't sell your products in the UK if you don't do this... but how can you stop someone who already has an iPhone or whatapp installed? I don't think these companies are going to bend over backwards just because the UK government says they have to weaken their stuff... I can't see it happening.
I can see shitty ISPs not having any trouble with it and handing over your data willy nilly... but how is say Virgin Media going to hand over unencrypted whatsapp traffic?
FBI Director Comey (re: I DID NOT screw over Hillary Clinton. It was purely professional and I came away slightly nauseated!) essentially frothed at the mouth during his open Congressional Oversight Committee hearing this week concerning Apple and encryption. He all but openly labeled Apple an "enemy of state security." During his remarks, it was made quite clear that both he as FBI director, and the Republican leaders of the Oversight Committee, will move forcefully and purposely to deal with the problem of backdoor-less encryption.
Please remember that Our Trumpeter-in-Chief and his Pygmy Bigot *, Attorney General of the US Jefferson Beauregard Sessions, have long ranted that all Human Rights are "contingent on State security" and they have a new portfolio of security safeguards. Encrypted communications is top of the list to eliminate (excepting Corporate & Shareholder Financial Data, of course.)
* JBS has no overt prejudice against those of the Pygmy persuasion, as there are too few in Alabama to fear/resent/oppress. He only resembles the pygmy.
"Apple has a quarter of trillion in cash in non US jurisdictions."
Right. But in recent years, Apple has borrowed huge amounts of money in the USA (by issuing bonds), and in not many years time, people who bought those bonds will want their money back. The two topics are rather closely related.
2013: https://www.forbes.com/sites/timworstall/2013/04/30/with-all-of-apples-cash-why-is-it-issuing-bonds/#3dce9bab5bad (worstall?)
2016: http://www.dailymail.co.uk/news/article-3451420/Apple-s-latest-tax-avoidance-ruse-Tech-giant-issues-12bn-bonds-doesn-t-money-low-tax-offshore-havens-pay-dividends.html
"* Apple announced it issued $12billion in bonds despite a huge cash reserve
* Scheme is reportedly to ensure they don't pay US tax on profits abroad
* The tech giant has $215billion in the bank - more than the US Treasury
* The company now has a total of £37billion in long term debt despite its reserves"
2017 (if paywalled, go via Google):
https://www.ft.com/content/2f8315b8-018c-3d1a-827e-eacfb5334649
etc
"Not to say you're not right"
Thank you :)
"both of those sources [DM, Forbes] are demonstrably more interested in grinding axes than reporting facts"
Fair comment. So, discount those two particular sources, the relevant facts are still widely reported elsewhere, and over a number of years (and a number of iterations of bond issues).
Been there since long before my labour was liberated from here.
And there's axes to grind and simple facts. Apple borrows inside the US in order to pay dividends and buy back stock. This means it does not have to repatriate foreign profits and then pay US corporate income tax to do so.
As to whether this is a good idea or not that can be axe grinding. But the simple facts are just that, the simple facts.
you believe Apple ?
At the moment, yes, for a very simple, ultra-American reason: they make money that way. Apple figured out early that security was a sales argument and has worked to keep it that way.
I can't predict what will happen when it becomes more financially beneficial to ship flawed hardware, but I do know that Apple would lose a fairly vast chunk of its client base if anyone discovered suggestions of a backdoor so I suspect there will be a major barrier for Apple to change its ways.
Follow the money. It's the American way.
"I don't think these companies are going to bend over backwards just because the UK government says they have to weaken their stuff... I can't see it happening."
GOVT: dear company. you have not complied with the law regarding giving us backdoor access to user X.
COMPANY: we are not a British based company so will not be complying with your demands.
GOVT: you are not allowed to sell your product in the UK your UK assets are frozen your UK Directors are being held on Remand while we investigate, UK offices closed, servers shut off, Nominet domains suspended and you will pay 10% of your global profits as a fine every 24 hours you do not comply.
GOVT: telcos you are ordered to block all traffic to these IP addresses, domains and any other technical resources belonging to company X and respond to any requests with the statement " Company X is blocked as requested by the GOVT they are being investigated for a Criminal breach of their legal responsibilities in assisting the GOVT in protecting the Country and its Citizens"
Company: But its not technically possible to give you the information its e2e encryption.
GOVT: thankyou for your comment but you are in breach of the law its not our fault you ignored your legal responsibility when designing and selling your service/product for sale in the UK, For your records So far your fines for the last 24 hours have paid for 10 nurses, 2 x F35 aircraft and 1 days foreign aid budget. and the MP's annual pay rise. we await your response, please take as long as you need as you are helping the GOVT balance the Budget and trade deficit.
There are undoubtedly people who for whatever reasons want to get their own way by indiscriminate violent means. The logic being, that if by perpetrating atrocities, they can show the elected authorities to be ineffective, public opinion will force the elected to give in. It rarely works and usually what happens is; after a ceasefire period talks take place with an implicit threat of chaos may be resumed.
Targeted eavesdropping may well uncover some plans but for all their moral emptiness the organisers of atrocities are not dumb. They will come up with alternative methods of encouragement and communication. The latest 'lone wolf' truck assaults show this. I doubt any form of Internet monitoring would have spotted these individuals before the event.
Like most people I don't think I have anything to hide, the odd emabarassing web search maybe, but I am concerned that such a law could be severely misused.
Imagine if the UK was in a state of emergency as France has been and still is. Our Home secretaries are controlling enough in normal times.
Sorry to disturb your slumber, but most (not all) of these so-called "lone wolf" attacks are in fact perpetrated by nation-states. Where the fuck do you think ISIS gets all its arms / funding from ?
(Turkey, Israel, Saudi Arabia etc.). Most of these individuals (often patsies) are "spotted before the event" - this is usually reported as "these individuals were known to {insert intelligence agency} prior to {insert pointless waste of life event pushing government agenda}". May I politely suggest you do some research on said events on non-MSM sites.
What is a 'communications provider'? The wires of the transport network or the establisher of the communications protocol?
What if banks for instance could be regarded as "communications providers" because they implement 'secure' e2e comms protocols for financial transactions directly between their server and a client over the internet? What about Paypal, Amazon, your doctor or dentist or anyone else initiating something as simple as an https connection? The entire eBusiness system could fall on it's knees as an insecure (backdoored by law) system.
That would be scary.
the last page of the document on ORG specifically excludes those operators who are providing telecomms for financial services, including banking.
As far as the e-commerce stuff is concerned, this only covers encryption services provided by the telco or isp. It might, for example, be a nice selling point for a telecom/isp to offer me a fully encrypted service. This paper would make that ineffective as that provider is required to be able to decrypt my communications on demand, if they are the ones providing the encryption. If I take the standard service offered today, and choose to encrypt the data I send over it (using https for example), that has nothing to do with this paper.
seems to be a few people talking about apps and phones.
If you cared abour privacy, you won't use a smartphone.
no smartphone, no app.
i know cell companies can and do track everything on their networks.
they *have to* yes, even ancient 2g Nokia phones, you know,
the ones where the battery only lasted a week.
But people buy smartphones and move their focus of paranoia at the apps.
No. focus on the OS and the hardware itself. see the bigger picture, and
don't buy a smartphone, well, not expecting privacy. You can't realistically disappear,
but you can share a bit less info, so don't buy smartphones, smart TVs, IOS, Android or any OS
you cant or dont trust enough to slimdown, debloat, tighten up and more, or stop fooling yourself.
for me the key wording is
"to disclose, where practicable, the content of communications or secondary data in an intelligible form and to remove electronic protection applied by or on behalf of the telecommunications operator to the communications or data"
So your ISP who may be using l2tp needs to be able to provide the Gov with an unencrypted copy of your traffic with 24 hours. As they encrypt the traffic they have to be able to decrypt it (or if they use a 3rd party the 3rd party needs to be able to). Now the question is does say a VPN provider or an app the encrypts the data before transmission class as a telecommunications operator.
Add to that the complexity of what happens if I use an app or vpn provider thats not goverened by UK law, my ISP can not have the capability to decode that traffic, and they cant demand the app/vpn provider supply unencrypted traffic. When will they go oh now you cant use these services because they are secure turning the user into the criminal.
This is where we need a telecommunications operator to stand up and say ok fine we will develop a service that is encrypted in such a manner that we do not have the technical cabability even under duress to decrypt. Sell that as a service to the public saying we care about privacy we use X technology, but oh dear UK gov we cant comply we would love to but its not possible. Will they be in breach of the law or would they be clear as its not "practicable".
This is where we need a telecommunications operator to stand up and say ok fine we will develop a service that is encrypted in such a manner that we do not have the technical cabability even under duress to decrypt.
The whole point of this paper is make doing that illegal. You (as the telco) will be required to able to decrypt anything that you encrypt, if you can't do that you would be in breach of this proposed law.
I hate to break it to ya'll. Especially as you most likely know it anyhow, but this really isn't worth wasting typing time on. Unless of course, you want to spend time discussing the finer points of a certain level of civil servants keeping themselves amused.
There is no online security, once you're on you are out there, and nothing devised so far is inaccessible, or unbreakable to those that have the gear and will to do it. And certain entities have a lot of gear. And they have the will.
The only way you can tell a secret, or even just have a private conversation is to talk to someone face to face, in a place that is difficult to eavesdrop.
The days of privacy, and respect for privacy are gone - if such a time ever existed.
In fact its ludicrous notion to expect to be connect to the 'world' (not the nice one on the other side of your office window) and to assume that those connections aren't monitored. It's like walking down the street naked, and not expecting anyone to notice you have a little tinkle.
So go take a walk, get some fresh air, accept that this technology doesn't only empower you. Just remember to put some clothes on
I would think that banking technology providers in the UK will be required to build all bank security technology with back doors. Does this mean that no international companies should use or purchase UK provided, owned or developed Banking software. This would also apply to the entire blockchain space. I suggest that Level 39 and all of the tech providers should immediately announce their plans to move to Ireland as a PR stunt and let's see how long these plans continue. It just requires an appropriately worded British dry humor PR that articulates how due to governments desire to eliminate cyber security we have no choice but to explore a move of the corporate office to Dublin. ( or even worse Paris) ......... This is a legal space that will bend to economic blackmail performed out in the open. A great example has been the protests in North Carolina to stupid bathroom laws. These are stupid encryption laws. Over the top is here to stay and we are building the foundations to make the crypto strong, embedded, and part of everyday services. The economy that will win is the one that figures out this new model of subscriber-service provider globally and build the first multi-billion customer secure global digital empire. BT is to focused on pension programs to be a player anymore.
Relying on apps and ISPs to make encryption easier may become a thing of the past but anyone who feels the need can set up encrypted email, I'm not an IT pro, just a freelance journo with an interest in tech and I can do it. Unless the govt bans private mail servers and forces everyone onto one their approved mail systems the whole thing is pointless.
I have to say I am heartened by the fact that most of the commenters here have read the paper and are, largely, underwhelmed by the threat this will pose to our privacy. Very little waving of arms (in both senses of the word) and lots of "but this only applies to encryption applied by telecom providers, nothing to see here".
Buy your sensible, rational selves a beer, you deserve it.
As a Yank, I wonder... why is it fine and dandy to have x-million spy cameras all over the country, but horrible to have the gov peek at your correspondence? Do y'all spend all your time in your house on your phone/tablet/computer? You don't venture outside, so the cameras don't bother you?
Has social networking become so powerful that people worry only about big brother knowing what they write, but don't care if he knows where they go and what they do? Seems odd.
I was really surprised to hear someone quote Orwell.
I was starting to think that no Brit had ever read him.
Has social networking become so powerful that people worry only about big brother knowing what they write, … ….Anonymous Coward
The reality, both practical and virtual, AC, is that social media networking is so powerful that Big Brothers are terrified and terrorising and losing command and control with their pimping and pumping of austere narratives steeped in madness and mayhem which intelligence, in both public and private and secret services cannot support and/or justify. It provides a beautifully slippery slope down which all who are deserving of rightful scorn fall into the abyss of mass retribution/sweet just accountability and painful responsibility. And IT has a SMARTR Mind of its own and AIdDevelopments and The Almighty HyperRadioProActive Algorithm ensures and assures and insures the Future against the Failures of the Past perverting the Present.
Words Create Command and Control and Crash Test Worlds. Who and/or what corporation are you following with the spinning of tall promissory tales which you believe to be an honest changed reality in which to live/survive/exist/prosper.
Deny it if you will, but the truth of the matter and the manner in which everything and everyone be remotely led is a Sublime Supreme Stealth against which resistance is futile and revealing. I Kid U Not.
I'd love to know where in the good ol' US of A you live.
A large part of the issue with privacy in the UK is the sheer population density. That's something you don't have in the US outside of the major cities.
As it happens, Orwell is my favo(u)rite autho(u)r. By a long shot. Not just for 1984, I've read everything he's ever knowingly written.
You seem to think we feel that it's acceptable to be spied upon as long as we're not caught anywhere on camera. But then you go on to suggest that online surveillance is acceptable and/or that we don't understand it.
You just described residents of the USA.
Your message is mixed and there's no point to your barbed comment, unless I'm missing something integral to your argument?
PS: The Home Office ran a short public consultation earlier this year on a code of conduct for government snoops.
The simplest and most efficient and effective of the most complex of codes of conduct for government snoops is …… Don’t get caught and exposed to the lights of truths …. which is increasingly more difficult, and most probably quite impossible in a smarter emerging age and engaged spaces where a falsifying spin and fake news cycle is systemic and endemic.
And it is more than just odd and maddening even to realise that existing services supposedly supplying advanced intelligence to systems and media servants would not have the foresight to change their corrupted ways and perversely spun narrative adventurism to avoid all that is unavoidably coming their way to destroy them with their own dirty deeds done dirt cheap.
Whatever are they a’toking?
Proof positive of the increasing difficulty and most probable impossibility aforementioned above in the previous post ...... http://www.zerohedge.com/news/2017-05-06/france-warns-media-not-publish-hacked-macron-emails-threatens-criminal-charges ...... and the pathetic draconian reaction, which be not a proaction, to it.?!
Stupid is as stupid does in deed, indeed.
On Google's UK home page we're told:
"Want your say in June? Register to vote by 22 May"
What Google are really saying is (IMO) , the Government is coming after ALL you data (and it's going to make Google's life hell). Trouble is, whoever gets Power, seems to say/be singing from exactly the same hymn sheet.
Past/Present:
Jacqui Smith (Labour), Theresa May (Conservative), Amber Rudd (Conservative).
It's almost like GCHQ, manipulate who becomes Home Secretary, from very early signs to get the "right type of person" who's "onside", "thick as pig shit", says "anything we tell them to". There are common characteristics among all three, complete lack of empathy, being one.
Put it this way, I inherited a very manipulative personality and it's exactly the tactics I'd use.
"Jacqui Smith (Labour), Theresa May (Conservative), Amber Rudd (Conservative).
It's almost like GCHQ, manipulate who becomes Home Secretary, from very early signs to get the "right type of person" who's "onside", "thick as pig shit", says "anything we tell them to". There are common characteristics among all three, complete lack of empathy, being one."
Does the name Charles Farr mean anything to you? It should.
There are doubtless others, but he's become more visible than he'd probably like.
At the risk of repeating myself:
http://www.dailymail.co.uk/news/article-2649035/The-discreet-affair-two-Home-Secretarys-closest-advisers-REAL-reason-bitter-split-Cabinet-colleague-Michael-Gove-Islamic-plot-schools.html
https://www.gov.uk/government/people/charles-farr
https://en.wikipedia.org/wiki/Charles_Farr
Who needs elections anyway, so long as we've got strong and stable kleptocrats, spooks, and lunatics running the shop.
Nobody seems to be outraged by much any more. The first reaction to news like this should be outrage...and that outrage then transforms into passion and that passion is the fuel that motivates, and you need a strong motivation to kick against the pricks.
Suprised at the number of Auntie Marys here...