As ministers settle in to their offices this week, the fate of arguably the most significant domestic security policy of the previous government has gone largely undiscussed. The mostly-nebulous £2bn Interception Modernisation Programme (IMP) must be a tempting cut to make, but it would be a brave politician who would take on …
yes, of course they will press ahead with as much surveillance of the general public as they possibly can. duh !!
current UK politics still seeks maximum control over you and everything. wake up people!
RE: of course
Give it a while, that New Labour agenda is a big slimy beast, it's going to take some killing off.
Don't just assume this coalition is just a new New Labour, because they are not. Give them a chance - they are going to need it.
Time for the government types to wizen up that just sitting on massive amounts of data isn't going to help. The best guns you can bring to bear on this kind of problem are information specialists that not only know just what information to get, but can also access it in a useful way. In other words, the archetypical unix bofh with perl, or really anyone else with suitable skills. It doesn't have to be perl, you know. But it does need a fundamental shift in warm body management in government.
What would do is reducing databases from big large projects with fancy interfaces and guarantees to go over budget to much simpler collections of access methods that may or may not have actual datastores behind them. Where have we heard that idea before?
WTF - it takes time!
Come on El Reg - the ConDems have only been in office a few days. Have they announced which ministers will be involved with IT yet? A more important question is do they have, as yet, any policy on this aspect of IT? Just wait and see what happens - all we do know is that much of Labours policy towards IT will be, over the next 12 MONTHS, adjusted or scraped!
The solution is obvious
Draw up a list of easily detectable "crimes"; overfilling your bin, owning a camera, wearing a beard in the vicinity of children or transport infrastructure etc. Then offer the barely literate "educated, educated, educated" NuLabour children fantastic rewards for dobbing these criminals in to the police.
At that point every police station will be run out the back of a paper mill anyway, if someone can call them up with "evidence" of a "crime", that's all they need to fill in the forms, meet their quotas and get home early to beat the wife.
Tinfoil hat, anyone?
"For GCHQ cracking such encryption on a case-by-case basis is everyday work." I seriously doubt that the NSA or GCHQ can crack a correctly implemented modern (AES-based) encryption system using computer power alone. If they have an urgent need to do so, there are other, more prosaic, solutions that are likely to prove more effective.
I personally think that the widely used algorythms are secure, however it's not beyond the realms of possibilty for *GOV to;
1) have sufficent distributed computing power to reduce the problem to the point
where a rainbow table or some variant thereof, might solve it quick/easier then rubber-hose cryptanalysis.
2) have suffiencent funding to employ experts in cryptanalysis on a 24/7 basis just to squeeze a few percent more of some refinement on brute force using the aforementioned computing power.
There are some really quite head scratching side channel attacks, but who know, if anyone has the money or the time to explore every option no matter how bizzare or unlikely it seems, it would be *GOV.
That said, I think brute forcing no matter how smart you make it, is going to struggle on internet scale volumes of traffic, and god know what *useful* info you glean from the junk flying back and forth.
Still if something really really big comes up, it'll leak, scientists engineers, programmers gossip like old women and breaking AES by 5% or whatever would keep you in beer for quite a few rounds.
It'll be interesting to see just how much gets done about BT and Phorm doing unauthorised (and arguably illegal) interception of Internet traffic and forgery of cookies, all for commercial purposes, never mind National Security .
So far it's taken escalation to the European Commission and European Court proceedings.
Time will Tell
Like comments above, I think its a bit early to speculate what might happen with IMP.
Its curious, though, how closely the fortunes of IMP have mirrored Phorm's ebb and flow.
On 2 April 2009, Lord Maclennan of Rogart asked "I wonder whether the Government can give any information about their intention to put communication data, concerning e-mails, telephone communication and the internet, on a large, centralised database. The general expectation about an anticipated Bill has given rise to considerable concern because it is widely recognised that those who access these things can scan people’s life histories with very little advantage accruing to the individuals but much accruing to those who want to advertise".
Advertise? On the basis of communication data? Like Phorm? He must have been misinphormed.
Though I still haven't received anything plausible from the CPS that would explain why no one has been arrested/ prosecuted/ imprisoned for illegally interfering with the communications of 200,000 people, and the organisations that served them.
I hope the fascist mass surveillance nightmare that is IMP does get canned, I don't want to be 'secure' if that means sacrificing my liberty.
Re: Tinfoil Hat
I'll get my coat
Could save a *really* big bag of cash
Not just the rather pitiful £2bn they want to hand to the ISP's. Thinks SANs, server farms, analysts, Oracle or DB2 (SQL Server for the fanbois) licenses.
With the Cons wanting to save £6Bn in the first year this could be *very* tempting *if* it can be proved just how p£*s poor the cost/benefit trade is.
But you can bet that won't be easy.