British Prime Minister wants to ban encryption.

Seen something interesting in the news or on the intertubes? Discuss it here.

Moderators: Zamfir, Hawknc, Moderators General, Prelates

User avatar
Sizik
Posts: 1225
Joined: Wed Aug 27, 2008 3:48 am UTC

British Prime Minister wants to ban encryption.

Postby Sizik » Tue Jan 13, 2015 4:15 pm UTC

http://bits.blogs.nytimes.com/2015/01/1 ... ging-apps/

LONDON — Popular messaging services like Snapchat and WhatsApp are in the cross hairs in Britain.

That was the message delivered on Monday by Prime Minister David Cameron, who said he would pursue banning encrypted messaging services if Britain’s intelligence services were not given access to the communications.

The statement comes as many European politicians are demanding that Internet companies like Google and Facebook provide greater information about people’s online activities after several recent terrorist threats, including the attacks in Paris.

Mr. Cameron, who has started to campaign ahead of a national election in Britain in May, said his government, if elected, would ban encrypted online communication tools that could potentially be used by terrorists if the country’s intelligence agencies were not given increased access. The reforms are part of new legislation that would force telecom operators and Internet services providers to store more data on people’s online activities, including social network messages.

“Are we going to allow a means of communications which it simply isn’t possible to read?” Mr. Cameron said at an event on Monday, in reference to services like WhatsApp, Snapchat and other encrypted online applications. “My answer to that question is: ‘No, we must not.’ ”

Mr. Cameron said his first duty was to protect the country against terrorist attacks.

“The attacks in Paris demonstrated the scale of the threat that we face and the need to have robust powers through our intelligence and security agencies in order to keep our people safe,” he added.

Any restriction on these online services, however, would not take effect until 2016, at the earliest, and it remained unclear how the British government could stop people from using these apps, which are used by hundreds of millions of people worldwide.

Mr. Cameron’s comments are part of a growing debate in Europe and the United States over whether Internet companies and telecom providers must cooperate fully with intelligence agencies, who have seen an increased use of social media by groups like the Islamic State, also known as ISIS or ISIL.

After the Paris attacks, European leaders, for example, called on Internet service providers to report potentially harmful online material aimed at inciting hatred or terror.

“We are concerned at the increasingly frequent use of the Internet to fuel hatred and violence and signal our determination to ensure that the Internet is not abused to this end,” European Union politicians said in a joint statement.

Last year, European officials also met with some American tech giants, including Microsoft and Twitter, to discuss how companies could control what was published on their networks, though the companies have resisted greater oversight by intelligence services.

Yet in a sign that tech companies are coming under increased scrutiny, British lawmakers blamed Facebook in November for failing to tell the country’s authorities about specific online threats made by two men, who later killed a soldier in London in 2013.

Facebook declined to comment on the accusations, though said that it had taken measures to prevent terrorists from using the social network.
gmalivuk wrote:
King Author wrote:If space (rather, distance) is an illusion, it'd be possible for one meta-me to experience both body's sensory inputs.
Yes. And if wishes were horses, wishing wells would fill up very quickly with drowned horses.

User avatar
Vahir
Posts: 456
Joined: Wed Aug 29, 2012 7:20 pm UTC
Location: Ontario, Canada

Re: British Prime Minister wants to ban encryption.

Postby Vahir » Tue Jan 13, 2015 4:22 pm UTC

Knee jerk reactions limiting civil liberties as a response to perceived terrorist threats! Whee!

User avatar
Diadem
Posts: 5654
Joined: Wed Jun 11, 2008 11:03 am UTC
Location: The Netherlands

Re: British Prime Minister wants to ban encryption.

Postby Diadem » Tue Jan 13, 2015 4:47 pm UTC

My first response was "His opinions are irrelevant, he will be out of a job after the election anyway". But according to this things have actually gotten rather close recently.

Still I doubt this will happen. It's simply not enforceable.

But it is a further step along a worrying road.
It's one of those irregular verbs, isn't it? I have an independent mind, you are an eccentric, he is round the twist
- Bernard Woolley in Yes, Prime Minister

User avatar
Dthen
Still hasn't told us what comes after D
Posts: 553
Joined: Sat Jan 02, 2010 6:35 pm UTC
Location: Ayrshire, Scotland

Re: British Prime Minister wants to ban encryption.

Postby Dthen » Tue Jan 13, 2015 4:50 pm UTC

He wants to do what?
Dthen wrote:I AM NOT A CAT.

User avatar
Xenomortis
Not actually a special flower.
Posts: 1426
Joined: Thu Oct 11, 2012 8:47 am UTC

Re: British Prime Minister wants to ban encryption.

Postby Xenomortis » Tue Jan 13, 2015 5:10 pm UTC

Pretty sure the government has trodden this ground before.
Image

User avatar
sardia
Posts: 6566
Joined: Sat Apr 03, 2010 3:39 am UTC

Re: British Prime Minister wants to ban encryption.

Postby sardia » Tue Jan 13, 2015 5:17 pm UTC

I'm surprised he openly called for it. The NSA just breaks or sabotages encryption behind the scenes.

elasto
Posts: 3575
Joined: Mon May 10, 2010 1:53 am UTC

Re: British Prime Minister wants to ban encryption.

Postby elasto » Tue Jan 13, 2015 5:18 pm UTC

Taken literally I don't think it's controversial, is it?

Prime Minister David Cameron wrote:would pursue banning encrypted messaging services if Britain’s intelligence services were not given access to the communications.


If companies serving UK customers are presented with valid court orders and refuse to comply, under the rule of law they will end up prosecuted if jurisdiction permits or blocks/bans will be attempted if not. No society could permit otherwise, could they? Yes it'd be impractical, like trying to police the dark web, but occasional victories as with Silk Road can be achieved.

(Of course, if he's expecting companies to cooperate with warrantless fishing expeditions then he's in for a rude awakening; The tide largely appears to have turned on that one.)

speising
Posts: 2290
Joined: Mon Sep 03, 2012 4:54 pm UTC
Location: wien

Re: British Prime Minister wants to ban encryption.

Postby speising » Tue Jan 13, 2015 5:41 pm UTC

the issue is with technologies which provide end2end encryption. no company can give access to this communications, so he wants to ban that.

User avatar
Thesh
Made to Fuck Dinosaurs
Posts: 6333
Joined: Tue Jan 12, 2010 1:55 am UTC
Location: Colorado

Re: British Prime Minister wants to ban encryption.

Postby Thesh » Tue Jan 13, 2015 6:06 pm UTC

sardia wrote:I'm surprised he openly called for it. The NSA just breaks or sabotages encryption behind the scenes.


The NSA and GCHQ work together on those efforts, but there are limits to what they can accomplish. They only work to accomplish their stated goals (terrorism/organized crime) if it's all done in secret, which is why intelligence organizations rely on planted employees, national security letters, and straight-up blackmailing people, i.e. they find something they can arrest someone for, and threaten to throw them in jail unless they comply (it's an old tactic used by law enforcement organizations). If people know a program is backdoored, terrorists/criminals will find something else to use, and it will be a complete waste of time unless your goals are not to take down major criminals, but to dig up minor dirt on the general public.
Summum ius, summa iniuria.

User avatar
Dthen
Still hasn't told us what comes after D
Posts: 553
Joined: Sat Jan 02, 2010 6:35 pm UTC
Location: Ayrshire, Scotland

Re: British Prime Minister wants to ban encryption.

Postby Dthen » Tue Jan 13, 2015 6:11 pm UTC

Errr ... hang on. Wouldn't this make SSL and HTTPS illegal? Would that not have disastrous effects? I can't imagine many people wanting to engage in e-commerce without HTTPS.
Dthen wrote:I AM NOT A CAT.

User avatar
Thesh
Made to Fuck Dinosaurs
Posts: 6333
Joined: Tue Jan 12, 2010 1:55 am UTC
Location: Colorado

Re: British Prime Minister wants to ban encryption.

Postby Thesh » Tue Jan 13, 2015 6:14 pm UTC

Dthen wrote:Errr ... hang on. Wouldn't this make SSL and HTTPS illegal? Would that not have disastrous effects? I can't imagine many people wanting to engage in e-commerce without HTTPS.

Those are already sufficiently weak for the NSA/GCHQ.

http://www.spiegel.de/international/ger ... 10361.html

Even more vulnerable than VPN systems are the supposedly secure connections ordinary Internet users must rely on all the time for Web applications like financial services, e-commerce or accessing webmail accounts. A lay user can recognize these allegedly secure connections by looking at the address bar in his or her Web browser: With these connections, the first letters of the address there are not just http -- for Hypertext Transfer Protocol -- but https. The "s" stands for "secure". The problem is that there isn't really anything secure about them.

The NSA and its allies routinely intercept such connections -- by the millions. According to an NSA document, the agency intended to crack 10 million intercepted https connections a day by late 2012. The intelligence services are particularly interested in the moment when a user types his or her password. By the end of 2012, the system was supposed to be able to "detect the presence of at least 100 password based encryption applications" in each instance some 20,000 times a month.
Summum ius, summa iniuria.

User avatar
Dthen
Still hasn't told us what comes after D
Posts: 553
Joined: Sat Jan 02, 2010 6:35 pm UTC
Location: Ayrshire, Scotland

Re: British Prime Minister wants to ban encryption.

Postby Dthen » Tue Jan 13, 2015 6:20 pm UTC

I think you're missing my point.
Dthen wrote:I AM NOT A CAT.

User avatar
Thesh
Made to Fuck Dinosaurs
Posts: 6333
Joined: Tue Jan 12, 2010 1:55 am UTC
Location: Colorado

Re: British Prime Minister wants to ban encryption.

Postby Thesh » Tue Jan 13, 2015 6:24 pm UTC

They aren't making encryption illegal, they are banning services that use encryption that the government can't get around.
Summum ius, summa iniuria.

User avatar
Dthen
Still hasn't told us what comes after D
Posts: 553
Joined: Sat Jan 02, 2010 6:35 pm UTC
Location: Ayrshire, Scotland

Re: British Prime Minister wants to ban encryption.

Postby Dthen » Tue Jan 13, 2015 6:37 pm UTC

Thesh wrote:They aren't making encryption illegal, they are banning services that use encryption that the government can't get around.

Not that they can't get around. Encryption that they can't be given access to.
Dthen wrote:I AM NOT A CAT.

aoeu
Posts: 325
Joined: Fri Dec 31, 2010 4:58 pm UTC

Re: British Prime Minister wants to ban encryption.

Postby aoeu » Tue Jan 13, 2015 8:57 pm UTC

elasto wrote:Taken literally I don't think it's controversial, is it?

Prime Minister David Cameron wrote:would pursue banning encrypted messaging services if Britain’s intelligence services were not given access to the communications.


If companies serving UK customers are presented with valid court orders and refuse to comply, under the rule of law they will end up prosecuted if jurisdiction permits or blocks/bans will be attempted if not. No society could permit otherwise, could they? Yes it'd be impractical, like trying to police the dark web, but occasional victories as with Silk Road can be achieved.

(Of course, if he's expecting companies to cooperate with warrantless fishing expeditions then he's in for a rude awakening; The tide largely appears to have turned on that one.)


If the government has a warrant, it can always install some monitoring software on your machine, and get all your future communications and any logs you have kept, pretty much regardless of any encryption. (Conceivably they could even enlist your messaging software to push their bug to you in a software update, there's no shortage of options) The legal hurdles for that vs getting just message logs might be different but I'm sure it's on the menu in the UK by now. So really this is about having complete access to anyone's communications, and if past conservations and their decryption keys are stored somewhere, those can possibly be stolen in bulk.

User avatar
PeteP
What the peck?
Posts: 1451
Joined: Tue Aug 23, 2011 4:51 pm UTC

Re: British Prime Minister wants to ban encryption.

Postby PeteP » Tue Jan 13, 2015 10:03 pm UTC

[quote=''Cameron from another article']That is why, in extremis, it’s been possible to read someone’s letter. That is why, in extremis, it’s been possible to to listen in to someone’s telephone call … This cannot happen unless the home secretary personally signs a warrant… The question remains, are we going to remain a means of communication where it simply isn’t possible to do that?[/quote]
There still is face to face communication and sending messengers. Oh you can use microphones to listen in but once you go to that level you can do similar things with computers and smartphones. Point being as long as you don't require people to give you logs of their own conversations and intercept messengers there will remains means of communication where you can't easily do that. And you know actual organized groups with secrets can exchange public keys, encrypt their messages locally and then use unencrypted services to send them they can even do that with letters. In the end people who have something to hide will still be able to.
(Beside the dead or wounded people and the fear it causes the worst thing about terrorism is how politicians use it to push agendas.)

elasto
Posts: 3575
Joined: Mon May 10, 2010 1:53 am UTC

Re: British Prime Minister wants to ban encryption.

Postby elasto » Wed Jan 14, 2015 1:47 am UTC

aoeu wrote:If the government has a warrant, it can always install some monitoring software on your machine, and get all your future communications and any logs you have kept, pretty much regardless of any encryption. (Conceivably they could even enlist your messaging software to push their bug to you in a software update, there's no shortage of options) The legal hurdles for that vs getting just message logs might be different but I'm sure it's on the menu in the UK by now. So really this is about having complete access to anyone's communications, and if past conservations and their decryption keys are stored somewhere, those can possibly be stolen in bulk.

It just seems to me that this thread has a title that doesn't seem to match with the contents of the actual post. This article only talks about messaging services like SnapChat, Facebook, WhatsApp and the like - whereas the title talks about banning all encryption - meaning I couldn't even write a local encryption program on my pc and email the output to my friend who has an equivalent decryption program.

Now, the Prime Minister may wish to make that illegal, but this article doesn't say that. If someone can link to another article saying that then I'd be interested in reading it.

All I'm saying is let's make sure we're actually getting upset about the right thing here: The article taken literally it doesn't seem to me to be anything different to what any law-abiding country should or would seek to do.

HungryHobo
Posts: 1708
Joined: Wed Oct 20, 2010 9:01 am UTC

Re: British Prime Minister wants to ban encryption.

Postby HungryHobo » Wed Jan 14, 2015 2:47 pm UTC

elasto wrote:Now, the Prime Minister may wish to make that illegal, but this article doesn't say that. If someone can link to another article saying that then I'd be interested in reading it.


http://uk.businessinsider.com/david-cam ... pgp-2015-1

Title:David Cameron Wants To Ban Encryption


Speaking on Monday, the Prime Minister asked whether "we want to allow a means of communication between two people which even in extemis with a signed warrant from the home secretary personally that we cannot read? ...My answer to that question is no, we must not. The first duty of any government is to keep our country and our people safe."


http://www.bbc.co.uk/news/technology-30794953

As the UK's Prime Minister David Cameron put it in a speech this week - there should be no "means of communication" which "we cannot read".
Give a man a fish, he owes you one fish. Teach a man to fish, you give up your monopoly on fisheries.

cphite
Posts: 1302
Joined: Wed Mar 30, 2011 5:27 pm UTC

Re: British Prime Minister wants to ban encryption.

Postby cphite » Wed Jan 14, 2015 9:03 pm UTC

elasto wrote:
aoeu wrote:If the government has a warrant, it can always install some monitoring software on your machine, and get all your future communications and any logs you have kept, pretty much regardless of any encryption. (Conceivably they could even enlist your messaging software to push their bug to you in a software update, there's no shortage of options) The legal hurdles for that vs getting just message logs might be different but I'm sure it's on the menu in the UK by now. So really this is about having complete access to anyone's communications, and if past conservations and their decryption keys are stored somewhere, those can possibly be stolen in bulk.

It just seems to me that this thread has a title that doesn't seem to match with the contents of the actual post. This article only talks about messaging services like SnapChat, Facebook, WhatsApp and the like - whereas the title talks about banning all encryption - meaning I couldn't even write a local encryption program on my pc and email the output to my friend who has an equivalent decryption program.


Basically what he's saying is that unless services like SnapChat, Facebook, WhatsApp and the like provide some sort of backdoor means of allowing the government to snoop, he wants to basically ban those services. I'm not sure what legal means he has of actually banning those services; if he's suggesting for example making SnapChat "illegal" does he mean illegal to distribute? Illegal to download and use? How is that going to be enforced?

Now, the Prime Minister may wish to make that illegal, but this article doesn't say that. If someone can link to another article saying that then I'd be interested in reading it.


It could be that the author doesn't really understand the subject matter; it could be that the editor felt that "banning encryption" sounded more dubious and therefore would sell more copies. Probably a little of both.

All I'm saying is let's make sure we're actually getting upset about the right thing here: The article taken literally it doesn't seem to me to be anything different to what any law-abiding country should or would seek to do.


I don't think that any law abiding country should seek to mandate that people to allow their privacy to be violated. I don't believe that my communications to my friends and family (or to anyone, really) are any of my governments business, or that it's at all reasonable for them to expect to be given any sort of back door means of obtaining it. If they have suspicions about something, they can get a warrant and do their own fucking legwork to get the information they think they need.

Firstly, because there is little reason to believe (and even less evidence to support) the notion that having this sort of back door access is actually useful in preventing anything. Secondly, because putting back doors into things makes them less secure; which is the main reason the tech industry has revolted every time this sort of thing comes up. Back doors lead to exploits.

Mostly, I just don't believe in surrendering liberty in exchange for security; especially when said security is dubious at best.

User avatar
BlackSails
Posts: 5315
Joined: Thu Dec 20, 2007 5:48 am UTC

Re: British Prime Minister wants to ban encryption.

Postby BlackSails » Wed Jan 14, 2015 9:06 pm UTC

Also a typical college sophomore majoring in math ought to be able to make a cryptosystem that the government could not break. You cant put the genie back in the bottle

User avatar
Thesh
Made to Fuck Dinosaurs
Posts: 6333
Joined: Tue Jan 12, 2010 1:55 am UTC
Location: Colorado

Re: British Prime Minister wants to ban encryption.

Postby Thesh » Wed Jan 14, 2015 9:27 pm UTC

BlackSails wrote:Also a typical college sophomore majoring in math ought to be able to make a cryptosystem that the government could not break. You cant put the genie back in the bottle

Typical? No, most cryptosystems that have been made by even above average people have either had serious weaknesses in their designs, or were difficult to implement securely.
Summum ius, summa iniuria.

mousewiz
Posts: 107
Joined: Wed Oct 26, 2011 6:50 pm UTC

Re: British Prime Minister wants to ban encryption.

Postby mousewiz » Wed Jan 14, 2015 10:51 pm UTC

Thesh wrote:
BlackSails wrote:Also a typical college sophomore majoring in math ought to be able to make a cryptosystem that the government could not break. You cant put the genie back in the bottle

Typical? No, most cryptosystems that have been made by even above average people have either had serious weaknesses in their designs, or were difficult to implement securely.


Indeed, if all graduating CPSC and math majors from the year I graduated were to implement a cryptosystem, and we all had significant help from the Internet, I figure the one I implemented would at least be in the top 5%. I base this on a combination of my grades and the fact that I was one of 5 people who were interested enough to take the 3rd year crypto course (the second year crypto course had more like 20 people due to being a requirement for stuff like network security for CPSC students and I think some other stuff for the math students; both were considered pure math courses... I know not all 20 of those people did well enough to even qualify to take the 3rd year course).

I'd still trust certain existing implementations far more than my own, and I definitely wouldn't trust my implementation to the level of "government could not break". Note, this is just implementing an existing system, nevermind coming up with my own.

I mean I agree that the typical college sophomore who is majoring in math and will go on to graduate should be capable of understanding the math behind a cryptosystem that the government hasn't been proven to be able to break, if given the internet as a resource. But that's a long ways off Blacksails' statement.

I do agree that the genie is out of the bottle, though.

elasto
Posts: 3575
Joined: Mon May 10, 2010 1:53 am UTC

Re: British Prime Minister wants to ban encryption.

Postby elasto » Thu Jan 15, 2015 8:57 am UTC

cphite wrote:Basically what he's saying is that unless services like SnapChat, Facebook, WhatsApp and the like provide some sort of backdoor means of allowing the government to snoop, he wants to basically ban those services.

Can you point to another article that says that? Because this one definitely doesn't.

I don't think that any law abiding country should seek to mandate that people to allow their privacy to be violated. I don't believe that my communications to my friends and family (or to anyone, really) are any of my governments business, or that it's at all reasonable for them to expect to be given any sort of back door means of obtaining it. If they have suspicions about something, they can get a warrant and do their own fucking legwork to get the information they think they need.


Are you reacting to the (misleading) title of this thread or the Prime Minister's statements? Because I see nothing in the article saying he wants warrantless access to the contents of anyone's communications.

Firstly, because there is little reason to believe (and even less evidence to support) the notion that having this sort of back door access is actually useful in preventing anything. Secondly, because putting back doors into things makes them less secure; which is the main reason the tech industry has revolted every time this sort of thing comes up. Back doors lead to exploits.

Mostly, I just don't believe in surrendering liberty in exchange for security; especially when said security is dubious at best.


Once again: Can we make sure we're getting upset about the right thing here - because if your assumptions are true then I agree with everything you say - but I see nothing to suggest they are.

User avatar
Paul in Saudi
Posts: 262
Joined: Fri Sep 07, 2012 12:52 pm UTC
Location: Dammam, Saudi Arabia

Re: British Prime Minister wants to ban encryption.

Postby Paul in Saudi » Thu Jan 15, 2015 2:00 pm UTC

He probably wants to ban envelopes in the post too.

Just a month or so ago people were saying how encryption would have protected Sony from massive losses.

User avatar
Sizik
Posts: 1225
Joined: Wed Aug 27, 2008 3:48 am UTC

Re: British Prime Minister wants to ban encryption.

Postby Sizik » Thu Jan 15, 2015 2:43 pm UTC

Here's an article which, most importantly, has a video of the speech he made. He mentions that the government currently has the power to, if necessary, read someone's mail/listen to their phone calls, if they can get a warrant to do so. He's arguing that there shouldn't be a way to circumvent that power with online communications, because terrorists. So basically, there must be a way for the government to be able read your messages, which defeats the purpose of encryption (that only your intended recipient can read the message). This also may affect services like Snapchat, where the messages are automatically deleted after they are received.
gmalivuk wrote:
King Author wrote:If space (rather, distance) is an illusion, it'd be possible for one meta-me to experience both body's sensory inputs.
Yes. And if wishes were horses, wishing wells would fill up very quickly with drowned horses.

KnightExemplar
Posts: 5494
Joined: Sun Dec 26, 2010 1:58 pm UTC

Re: British Prime Minister wants to ban encryption.

Postby KnightExemplar » Thu Jan 15, 2015 2:52 pm UTC

BlackSails wrote:Also a typical college sophomore majoring in math ought to be able to make a cryptosystem that the government could not break. You cant put the genie back in the bottle


Somewhat. Any bozo can copy/paste RC4, throw away the first 256 bytes and have an unbreakable symmetric stream cipher. That's because RC4's weaknesses are known, its strengths are known, and it is implemented in less than 20 lines of code.

Move on to larger cryptosystems... and things become much harder in practice. Heartbleed is proof of that. (And for that matter, WinShock which had... of all things... arbitrary code execution in its SSL implementation)
First Strike +1/+1 and Indestructible.

leady
Posts: 1592
Joined: Mon Jun 18, 2012 12:28 pm UTC

Re: British Prime Minister wants to ban encryption.

Postby leady » Thu Jan 15, 2015 3:01 pm UTC

elasto wrote:Are you reacting to the (misleading) title of this thread or the Prime Minister's statements? Because I see nothing in the article saying he wants warrantless access to the contents of anyone's communications.


Soooo american centric :) the UK has none of those deliberate sensible restrictions on power. The wire the UK would have been a far shorter series

McNulty " I want a wire tap on Marlo"
Police Chief " sure i'll order the phone company"

:)

and as for our security services, they are pretty much in a do anything category anyway with a cross party commitee of 12 MPs ( i think) with total oversight, none of those "dirty laundry" senate hearings here.

HungryHobo
Posts: 1708
Joined: Wed Oct 20, 2010 9:01 am UTC

Re: British Prime Minister wants to ban encryption.

Postby HungryHobo » Thu Jan 15, 2015 3:05 pm UTC

thing is: there's a non-trivial cost to breaking each individual implementation.

encrypt with some well known and well tested system, then wrap that in your own using seperate keys etc and even if there's some subtle weakness in your implementation it's going to take human time to get through it rather than your messages being one of the hundred million auto-cracked based on known flaws in some common system
Give a man a fish, he owes you one fish. Teach a man to fish, you give up your monopoly on fisheries.

mousewiz
Posts: 107
Joined: Wed Oct 26, 2011 6:50 pm UTC

Re: British Prime Minister wants to ban encryption.

Postby mousewiz » Thu Jan 15, 2015 3:42 pm UTC

HungryHobo wrote:thing is: there's a non-trivial cost to breaking each individual implementation.

encrypt with some well known and well tested system, then wrap that in your own using seperate keys etc and even if there's some subtle weakness in your implementation it's going to take human time to get through it rather than your messages being one of the hundred million auto-cracked based on known flaws in some common system

Oh sure, if I wanted my communications with my girlfriend to be almost certainly not snooped, I'd make it happen. Or at least I'd try... it'd be tricky to get her to use the app.

It's just that if I wanted to make the next secure messaging service, I wouldn't bother trying to roll my own because I'd be hoping for it to get big enough that the non-trivial cost would be worth paying. Similarly, if I was planning a terrorist attack, I'd probably be wanting it to be terroristy enough that it'd be worth the cost of breaking whatever communications I made, though in that case I might be tempted to roll my own because I wouldn't want it to get automagically decrypted. I say "might be tempted" because every extra feature I added to my communication would be an extra place I might introduce a serious defect. Also, I'd probably start with stego, because stego is cooler, and I care about cool more than I care about useful >_>

cphite
Posts: 1302
Joined: Wed Mar 30, 2011 5:27 pm UTC

Re: British Prime Minister wants to ban encryption.

Postby cphite » Thu Jan 15, 2015 5:06 pm UTC

elasto wrote:
cphite wrote:Basically what he's saying is that unless services like SnapChat, Facebook, WhatsApp and the like provide some sort of backdoor means of allowing the government to snoop, he wants to basically ban those services.

Can you point to another article that says that? Because this one definitely doesn't.


From the article:

That was the message delivered on Monday by Prime Minister David Cameron, who said he would pursue banning encrypted messaging services if Britain’s intelligence services were not given access to the communications.

“Are we going to allow a means of communications which it simply isn’t possible to read?” Mr. Cameron said at an event on Monday, in reference to services like WhatsApp, Snapchat and other encrypted online applications. “My answer to that question is: ‘No, we must not.’ ”


I don't know how you read that; I read it as him saying that he would pursue banning services that don't "give access" to the government - ie. allow them to bypass their encryption.

I don't think that any law abiding country should seek to mandate that people to allow their privacy to be violated. I don't believe that my communications to my friends and family (or to anyone, really) are any of my governments business, or that it's at all reasonable for them to expect to be given any sort of back door means of obtaining it. If they have suspicions about something, they can get a warrant and do their own fucking legwork to get the information they think they need.


Are you reacting to the (misleading) title of this thread or the Prime Minister's statements? Because I see nothing in the article saying he wants warrantless access to the contents of anyone's communications.


I was speaking more generally. I don't believe it's appropriate for the government to have the ability, much less the authority, to bypass encryption on private communications. If they have a specific need to spy on a group or individual, and can adequately explain that need to a judge, then they can take whatever steps they need to take - but that should not include any sort of ability to bypass encryption in a general sense.

For two reasons.... One, because back doors will eventually be found and exploited by the wrong people; and two, because it creates the potential for government abuse of information. I believe that the dangers - both in terms of data security and potential abuse - outweigh any actual gains.

Firstly, because there is little reason to believe (and even less evidence to support) the notion that having this sort of back door access is actually useful in preventing anything. Secondly, because putting back doors into things makes them less secure; which is the main reason the tech industry has revolted every time this sort of thing comes up. Back doors lead to exploits.

Mostly, I just don't believe in surrendering liberty in exchange for security; especially when said security is dubious at best.


Once again: Can we make sure we're getting upset about the right thing here - because if your assumptions are true then I agree with everything you say - but I see nothing to suggest they are.


It seems to me, based on his own words, that Cameron is suggesting that the government be granted some means of bypassing encryption on communications services; and that those services that refuse ought not be allowed to operate. That is what I am objecting to.


Return to “News & Articles”

Who is online

Users browsing this forum: No registered users and 24 guests