The coalition government has torn up figures that pegged the cost of plans by the intelligence services to store records of every online communication at £2bn. A Home Office spokesman told The Register that the previous government's estimate of the cost of the Interception Modernisation Programme (IMP) has been abandoned. He …
Great, so the government are going to intercept all my TLS/SSL encrypted communications to gmail servers, so how's that going to help them?
I know the German police have had issues with intercepting Skype communications before as they're end to end encrypted, perhaps Skype have changed their model to become more accommodating to law enforcement, but what is going on?
Hey, maybe if we can't provide our SSL key pairs, despite our insistence that it's not something we ever knew, they'll throw us in jail with the RIP act? :P
isn't normally encrypted, so a sizeale proportion of emails can still be obtained.
Not to mention that Google is known to collaborate with "law enforcement" rather well.
Besides, if you require everyone important to encrypt all the messages they send to you with GPG, the Gov would have a slightly harder time to read them without you knowing they do.
I have the luxury of connecting to my mail server using SMTP or IMAP over an SSL, and I'm aware that my ISP also offers the same for their subscriber mail servers.
Hopefully someone can correct me if I'm wrong - with both parties connecting to their mail server over SSL then surely the only chance of data being intercepted by this project is if the monitoring solutions interface directly with the mail servers?
If the monitoring solutions are deployed to ISPs and only listen to traffic then my hope is that we can continue to have private email correspondence without the need for PGP or similar solutions that are convoluted for end users.
You are wrong, unless both parties use the same mail server the SMTP traffic will pass between the servers and so will be intercepted (probably in the clear unless both servers are running SMTP over SSL a la RFC 2487 which is not that common for ISP run mail servers).
The main point of the SSL is to stop someone stealing your login creds, not to stop the email being intercepted.
Re: Re: SMTP
"... solutions ..."
Oh, I hate that use of the word "solution".
Anyway, as I understand it, SSL only applies between your machine and your mail server. And since it will be ISPs that will host the monitoring equipment and databases, they'd obviously do that monitoring at their end of their connection with you - where else would they do it? Since your SSL connection is with the party that would be spying on you - your ISP on the State's behalf - SSL is useless.
But aren't ISPs already having to keep records of email "communications data"?
We'd have been naive to imagine the cuddly Coalition were ever going to pass up the opportunity to improve government online snooping capabilities. Every 'democratic' government (and its police force) wants 'control' of the online space as much as the not-so-democratic ones. One does have to wonder why, sometimes.
First MInister to fly the 'think of the children' placard in a desperate attempt to justify this gets to go stand in the corner in abject shame. But it's going to happen, you just know it.
why do all governments do it?
Simple - it's the psychology of the people who run for power. By definition, if they want to be an MP, they WANT to have the power over the populace.
Personally, I think that if anyone wants to be an MP, that should automatically ban them from ever running for office because they are demonstrably unfit to hold a position where they can wield their sick dreams of power over others.
So what we need is to make sure that the people who get to hold the reins of power are the ones who do not want that power, because the ones who want that power are exactly the type of people who should in no ways ever be allowed that responsibility! Not an easy thing to get a solution to.
Nearest I've come so far is to just put everyones' NI number into a lottery every 3-5 years, pull out a random hundred (200, 300...?) and let them get on with running the country. Someone objected to this, saying how do you make sure criminals are not included? After giving him an odd look, I reminded him about the number of convictions that the (at the time) present government had between them, and the expenses scandals - a random selection from the population is much less likely to have such a high number of rogues, scoundrels and wasters.
Thoughts, suggestions anyone?
I had a similar idea a few years ago...
I though that cutting the number of MP down to say 60 (should be enough for a PM, misters and advocates/opposition of policy) plus a rolling sort of random jury service of about 300~600 maybe even more.
Make participation optional by registration (add a tick box to the electorial register forms) and pay the volunteer the equivalent of thier current hourly rate for time served.
Little or no need to travel to London (so little need for expenses) with PC's and VPNs. All you would need to do is use the equivalent of video conference calling to engage in debates. Then only the current serving public (who participated in the debates) get to vote on proposed legislation.
General elections just vote in the people who can propose legislation, not impliment it against the wishes of the people. But without party whips there would be little chance of realy nuts legislation getting through, and we could probbaly get shot of the lords as well!
...but I will admit, I am surprised to find I am developing a sneaking admiration for the House Of Lords - at least the hereditary peers. Get rid of all the life-peers, sure, as these are just another form of unelected cronyism. However, the hereditary peers, even though the majority (all?) are privileged toffs from very rarified backgrounds, seem to be the only ones in recent decades to try to put any stop to the most egregious of the government schemes. I feel that this may be *because* they have had a privileged upbringing - this may be completely inaccurate as I have no contact with the upper echelons, but my personal opinion is that they are brought up with a sense of responsibility to go with their privileged position, so they also look out "for Queen and Country" and not just their own personal situation.
So while I would really like to see more democratic involvement from the people of this country (although I would be against the self-selection as suggested above, for the reasons I mentioned earlier), I would still favour keeping the Lords as another protective measure.
When is enough finally enough!
These bastards will force this through whatever it takes, whatever it costs, whatever any of us say. They are determined to force their Orwellian plans onto us all.
The question now is what we do about it. This level of state spying cannot go unchallenged. We already have more state spying on us than at any point in history, so they cannot need more, its that they want more and they are utterly determined to get more.
At what point does everyone finally say enough!
They are utterly betraying the principles of this country to create their police state.
Telstra is the problem...
They aren't really betraying any principals, past royalty was forced into accepting better conditions for peons or risk being over thrown.
Wheat and chaff
The answer is in wheat and chaff, and buzzwords.
In the 80's (or 90's) would say "zircon" in the middle of phone calls just to try to waste GCHQ time.
Now's the time to use un-natural grammar constructs to deprecate bombing and terrorism, particularly while discussing those that would disrupt use of your favourite places.
With back-scatter through-the-clothes spying, now is the time to wear t-shirts with emblazoned with lucky metallic knife outlines (to ward off the spirits of subway thugs) - maybe even get paid to wear t-shirts with metallic advertising that directly targets back-scatter operators.
Now's the time to spy back Scientology style - nothing like filming a cop who's confiscating the camera of someone who filmed him confiscating the camera of someone who filmed him bluffing a bit too far in public.
While you do that, be a school governor, a community panel member and volunteer to "do good" on various occasions; even deliver campaign leaflets for a political party.
Then, instead of becoming a pawn, you become a tar-baby. They put you through he mill, and you can jam the mill.
@"Wheat and chaff" and spying back
@"Wheat and chaff"
Unfortunately Wheat and chaff won't work over a period of years. You can randomise some conversations but you can't do it consistently in all conversations over years. Profiling will eventually filter out most of the noise you attempt to add. Also they won't be able to resist extending their profiling into so many more areas and you can't add wheat and chaff to it all.
Anyway something needs to be done. The rich and powerful far more easily lobby, bias and make the laws and they are biasing the laws in their favour. The rest of us can't even be heard, they don't want to listen, as we have no power.
…. UNLESS WE STAND TOGETHER AGAINST THEM. That is the only point society shocks the people with money and power into listening. Then they have to back down or they risk loosing everything they have built up.
@"Now's the time to spy back"
This I do very much agree with. I very much like that idea. We do need to utterly spy on them relentlessly. We need to make them feel relentlessly spied on the way they are making us feel. I am wondering if this is a good way to carry out a country wide passive protest for everyone to take part in, so everyone stands still and photographs any MP they see to relentlessly make them feel spied on at every moment. So for example, if you see them in a cab, (and you are on the pavement) make a point of standing still and photographing them or just hold up your phone to make it look like you are photographing them. See them in a shop stand still and photograph them. Where ever you see them, stand still and photograph them. Row after row of people all suddenly standing still, like a Mexican wave, staring and holding up their phone effectively in defiance as if they are photographing them. It would feel so freaky it would be like the feeling in the film The Body Snatchers as they are made to feel out of place, being watched continuously. These two faced political bastards need to be sent a message that we have had enough. I think everyone making the MPs feel uneasy like this would freak them out, that people have had enough.
Its easy to do, it could act like a symbol of defiance at the MPs and millions of people could easily do it at MPs without getting into trouble. Imagine how freaky it would look if everyone on the street stood still and done this symbol of defiance back at the MPs. The more people who done this symbol of defiance the more people who would also stand and join in with a symbol of defiance. It would only take some people with the guts to be the first to stand and do it at the MPs and tell others why they were doing it.
They need to be sent a message we have had enough of their attitudes against us, treating us like the enemy to be spied on.
But listen to us..."UNLESS WE STAND TOGETHER AGAINST THEM". These c*nts work for us. They seem to have forgotten that a long, long time ago.
...same as the old boss.
Oi, el Reg - where's that V for Vendetta icon?
"The coalition government has torn up figures.."
Don't you just wish they'd tear up the plans instead? I thought they were trying to save money...
Intelligence services to store records of every online communication
Great! This may eventually lead to the The Mother of All Wikileaks!!!
.....and the first thing I would do, is see what David Cameron and Nick Clegg have been up to.
@moonface: "eventually lead to the The Mother of All Wikileaks"
Dream on, moonface, they won't allow you to see their data, which will be most likely made legally exempt from spying at all, so no attempt to store their data, so no data to leak.
Meanwhile the rest of us will end up having every word we say automatically transcribed and added to our on going ever growing profile. (Don't forget the fact they can backup a vast amount of the Internet at archive.org so our government could easily backup vast amounts of our data (which they then sell/leak to businesses for their profit). Plus as time moves on, they will get ever better profiling methods to go over this data in ever more detail. Plus they will not really delete all this data. They will have excuses to keep data built into their laws and they will abuse these excuses to target ever more groups data).
They really do rule us, but sadly our ruling classes are increasingly going back to their old ways of treating us literally like their surfs to control as they like. In effect, we must live in servitude to serve them, our ruling masters, to make them richer. Oh we get to play the meaningless democracy game, every so many years, to make one choice, so we get to choose which group of arrogant people we allow into power every so many years, but that's just a game for them. The one's thrown out of power go into corporate businesses, so they can continue their greedy power games in the business world, helped by their friends still in politics.
Its been this way with businesses and politics for centuries but they are getting worse over time and now they have ever more technology to spy and identify who to punish for their own gain, like never before. Even worse its so one sided and that asymmetry is getting increasingly worse over time. For example they get to lie to us as they twist the new laws to suit them and they get to spend billions of our money to build ever more spying systems against us all as this news shows. We can't do that and they know it, so they really are getting increasingly more powerful against us over time. :(
If that isn't bad enough, try leaking their data in the future and they will know who done it. This is the end of all anonymity, exactly as they want it, as it allows them to then eventually punish anyone speaking out or leaking data against them. :(
I have been told that rather that run IMP as a project (which would make it an appealing target for cost cutting Ministers), they have established a 'Department' instead.
The Home Office have yet to explain their corrupt relationship with BT/Phorm, which involved near identical technology being used for behavioural advertising. And they refuse to explain the circumstances surrounding the recent TalkTalk/Huawei affair (Huawei being a commercial partner to Phorm, TalkTalk being a former Phorm partner).
In both instances, the Police have refused to intervene.
Death by terrorism in the UK (around 6 people a year on average) is as improbable a threat as the risk posed by lightning strikes. Meanwhile 100,000 people a year die from smoking related causes. Around 3,500 are killed by road traffic accidents. And around 4,000 die in domestic accidents.
So spending billions on mass communications data gathering is madness, and completely disproportionate to the scale of the risk we face.
Which makes me suspect the reason for gathering such data has nothing at all to do with terrorism at all. And much more to do with ongoing Home Office corruption, and illegal behavioural advertising.
Evidence that this is IMP?
So, assuming that this is the same person in the Home Office that I spoke to yesterday, it seems that a statement that they're producing a consultation and that this is not the resurrection of the Interception Modernisation Programme has somehow been twisted into ripping up the £2bn price tag? Of course there is no price tag, they haven't decided what they're doing yet.
Re: Evidence that this is IMP?
The proposals are to be brought forward under terms of "maintaining capability" on communications data. This is exactly the same language used by the previous government in relation to IMP.
The same group of officials, the Communications Capabilities Directorate, are drawing up the consultation. Their forthcoming proposals may yet not be officially called the "Interception Modernisation Programme", but since the Home Office says the aims are the same and the same people are responsible, I think its fair to use the same name until they come up with a new one.
There was a price tag, and now the Home Office says there isn't. That is significant.
So it's not IMP then?
When I spoke to them, they said the aims were different - specifically, that they were broader. Key phrases like "We've learnt a lot over the last 5 years", "we're consulting on what is actually possible" and "looking at how we can better analyse existing data".
I'm dead against anything even vaguely like the IMP, I'm just confused where all this hysteria about something we killed last year under the last government has come from.
Shouldnt this be called the Goverment Interception Modernisation Programme?
Or would that just be hitting a sore spot?
Been done. So you can imagine what the report introducing their latest snooping plan would be called?
You are all correct
It seems it really is the civil service that run the country.
All the politicians do is sign one of the several proposals put before them?
First rule of public sector IT procurement:
Whatever the final cost, the contractors quote will have been for about 1/20th of it...
The Securotards want it
So the Securotards will get it. Othewise ACPO/CEOP and their media mouthpices will kick up a stink about being hindered from doing their jobs and that we're soft on paedos/terrorists/immigrants. And no government of whatever colour can argue against that.
Two points: Encryption needed; swamped with data
Those desirous of maintaining their privacy have been put on notice that the need to increase communications vigilance and security provisions is key.
The good thing is that with all this comms 'garbage' being collected the security people will be overwhelmed in their searches. It is happening already in the US will some very obvious screwups.
The e-secure border by Boeing is a flop, and funding is being withdrawn, and is being replicated across the security spectrum. The US is essentially bankrupt and eventually the lack of liquidity will catch up with the monster that is 'homeland security'.
The UK finances are in bad shape, too, and security budgets will reflect reality eventually - regardless of the self-serving tasks that GCHQ and their spook friends in Whitehall keep on trotting out.
The senior civil servants who have the colosall hardon for your personal data have been working hard
No doubt they will be patting themselves on the back.
Perhaps it's time they had their own pack of cards?
Where's Inspector Finch, when you need him...?
The fix is easy
But people have long forgotten it. Those "in power" should work for people. When they don't do their job, people should stand up together and remove them.
How very animal farm...
end the storage of internet and email records... without good reason
I utterly supported the first part of this statement and voted against labour specifically on the grounds of privacy and digital rights. Now that the coalition are in they've appended a neat little caveat to their manifesto aims.
You wouldn't bother decrypting traffic from Gmail etc
You wouldn't bother decrypting traffic from Gmail etc
You would go to Google and ask them for logs of who came from x IP at y time, x and y coming from the intercepted data. You then have the user name and get a warrant for copies of the emails.
Simples. Never assume encryption provides complete protection unless only you posess the private key to the data.
Also, encrypted traffic between two points that cannot be investigated (ie between two PCs) is still chatter, and shows that those users communicate (if the two PCs are in the UK and Pakistan, you can be quite sure that there will be interest in the data). You can tell a lot from traffic without seeing what was actually sent.
They can (and do) do that now, and that's a different thing - they need to get a court order, which means showing reasonable grounds etc.
The mas surveillance of the entire online populations activities is very, very, different.
Must be my memory is going or GCHQ has changed the price tag...
But I remember the price tag being £12B when the Labour were still throwing the money around. Not only that, but the people who quoted that actually admitted that they didn't have a clue how much it would cost or even if it could be done at all!
I think the spooks have re-submitted a much lower quote, thinking that the original was now a sure way to get the whole pork-barrel cut.
- Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
- Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
- Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
- Feast your PUNY eyes on highest resolution phone display EVER
- AMD demos 'Berlin' Opteron, world's first heterogeneous system architecture server chip