Why will UK web supersnoop plan cost £1.8bn? That's a secret The Home Office has refused to fully justify the £1.8bn price tag attached to its contentious draft Communications Data Bill, which if passed will massively increase online surveillance of UK citizens. In response to a Freedom of Information request from Zoe O'Connell, who regularly blogs about the bill, the Home Office argued …
"£1.8bn seems a bit low for what they're intending. "
That's the bit they will be paying the ISP's to look after the (probably) Dettica supplied snoop boxes.
The GCHQ bit is *really* secret.
It will be *much* higher
BTW IIRC it's common for Govt IT projects to be 3x their *initial* estimate.
Actually, I think this is at least a bit more honest than a FOIA driven "oops" later. I think that reviewing costs is sensible as the threat keeps changing. However, I totally disagree with the lack of transparency - it is tax money spent on spying on the tax payer and friends so I think clarity would be obligatory. Not in detail (duh), but I think there must be a model by which oversight can be maintained without immediately go public about the details.
Otherwise taxpayers are entirely justified to ask:
"What do they have to hide?" (tm).
And I agree with a previous commentard that the figure seems suspiciously low for a project of that scope - unless part of it was already paid from a less visible source (the one that funded an MI6 building that emerged to be grenade proof springs to mind).
"I think that reviewing costs is sensible as the threat keeps changing. "
Please use capitals: "The Threat" as a minimum, or preferrably The THREAT".
Lets ignore the fact that this won't actually address any real threat to anything. The best you can hope for is to persuade the LEGIONS of TERRORISTS not to communicate in plain text via email, but I think you'll find that they don't anyway.
... and produces so little.
Because the estimates don't deal with the expected cost, but with how much the proposers think they can credibly ask for. Of course once they get that, then the "in for a penny, in for a pound" mentality takes over and the real cost will be 3, 4, 5 ... 50 times the original ask. The more secrecy the project can be held under, the greater the costs can escalate to without anyone poking their noses in.
Actually no.
Defence projects cost so much because they are so buried in bureaucracy and civil servants fighting to keep the skeleton closet closed until they have done their tour on their way to another promotion (inheriting a new closet with skeletons to manage) that not much gets done, and what gets done gets done at massively inflated costs because contract negotiation skills have been bought out of the institute - hence the absence of decent penalty clauses in such contracts. Personally, I think "change control" is the whole aim of contracts - getting it so drastically wrong that it brings lots of lovely extra dosh getting it right.
There is actually no proper way to fight that inbred corruption - the moment you lift up a tip of that carpet you get buried under shit from all the other feeders from the trough, and they fight *dirty*.
This post has been deleted by its author
I actually have time for the Israelis - they are as direct as they come. They are refreshingly free of bullshit and prevarication (caveat: that is, the people I had the pleasure to deal with). I prefer directness about a mile over political correctness and BS.
Who needs hospitals, nurses, doctors, teachers and graduates anyway. A healthy and well-educated population is just such an inconvenience for a government.
Who exactly are they trying to snoop on? It can't be proper criminals as they will have been using private servers, VPNs, proxies etc for years anyway. So I can only assume they just want to look at the @btinternet.com e-mail of the hoi polloi.
Spying is only effective if you don't know you're being spied on. And oh they've now gone and given the game away that they want to build a machine to spy on all electronic communications, doh! So do they really think that crims/terrorists/freedom fighters etc will still use e-mail? Only if they are as thick as they are!
And the rest of us will then start using encryption and VPNs so they'll then have to build an even much more expensive machine to decrypt ever increasingly complex algorithms just so they can find out that we've told the wife we'll be late home for tea and what the latest Jimmy Saville joke is that you've passed on to your friends.
The only winners will be the firms building this all seeing elephant.
Actually, there's a very strong deterrent effect from telling people that every aspect of their lives is being monitored, scrutinised, reviewed and judged. It makes them think twice about stepping out of line and invokes a feeling of fear that keeps them under your thumb, but without the inconvenience of actually having to do anything.
Plus, if you do want to arrest some "troublesome" people, it's dead easy to make an example of them and cite "security" as the reason why you can't reveal the why's and wherefore's of their activities.
Wouldn't turning the UK into an oppressive regime controlling and suppressing every aspect of it's subjects lives in the same way as say Iraq, Libya, Syria, Egypt etc be a little counter productive in that it might force the oppressed citizens of the UK to revolt and try to bring down the dictatorial government?
Perhaps eventually you'll be saved by the good ol US of A invading to "Help" in your struggle by bombing the shit out of you.
Good luck old beans ;-)
Actually, there's a very strong deterrent effect from telling people that every aspect of their lives is being monitored, scrutinised, reviewed and judged. It makes them think twice about stepping out of line and invokes a feeling of fear that keeps them under your thumb, but without the inconvenience of actually having to do anything.
Yup. People always refer to 1984, but the model they are actually following is from the late 18th century, called the Panopticon. It's basically a mindf*ck to stop you claiming your rights under the Universal Declaration of Human Rights which states you have a right to privacy (actually, it collides with more but I can't be asked to look it up right now).
See https://en.wikipedia.org/wiki/Panopticon
If you're going to spend billions why not just go the whole hog and use the money to develop a special tinfoil hat to be forcibly worn by all "citizens" that reads all your thoughts? and anybody thinking this is a stupid waste of taxpayers money will be erased.
Of course our spymasters will then need to recruit spies who have no brainwaves to read. Perhaps they've been doing this for some time already?
Seems pretty obvious. Labour's idea would have cost £2Bn, so they said we want something 10% cheaper to look good.
Nobody has actually costed anything - the costs will all be reverse engineered to try to hit the 1.8 tag when they start to design/implement (and as usual they will miss the target terribly).
All of which is totally irrelevant as the scheme should not even be allowed to get off the ground - no matter what the cost would be.
Now would be a good time to invest in companies who can offer open source end-to-end encryption products.
encryption isn't a problem if all you are interested in who is talking to who. This is just a replacement for what they already had on the public phone system - which would only tell you who called who when. This upgrade is just to cope with all the new phone systems that use IP for the transport rather than the usual c20 methods. £2bn will buy you that and you'll pretty much get who's emailing who and who's texting who thrown in for free because the underlying transport is all IP.
Anyone who thinks that it'll be able to actually look at (or even want to look at) the content of the messages is either an idiot or maybe just likes to make up wild accusations that have no basis in fact for what ever reason.
"Anyone who thinks that it'll be able to actually look at (or even want to look at) the content of the messages is either an idiot or maybe just likes to make up wild accusations that have no basis in fact for what ever reason."
On the contrary, anyone who thinks that this is going to stop at IP addresses is an idiot. Once you've got access to who's been talking to whom, why stop there when you've got the bottomless pit of the taxpayer's purse at your disposal? Admittedly they can't read everything, but don't you think they are gawping at Google, and wondering what they could do to "protect us" with data mining techniques? And when they find that the "terrorists" aren't there, and the serious crims cover their tracks well, do you think they'll shut it all down?
"Anyone who thinks that it'll be able to actually look at (or even want to look at) the content of the messages is either an idiot or maybe just likes to make up wild accusations that have no basis in fact for what ever reason."
Or is using AC to float a strawman argument.
The Bill lists "communications data"
Which includes source *and* destination addresses for email, mobile phone and landline phones. Email headers etc.
And of course *where* that mobile phone (minimum of nearest tower ID but if it's got lat & long coordinates they'll take that as well) will also be recorded.
"oh dear, this is going to mushroom, like no other gov project has mushroomed before.
But you won't know about it.
The Labor Govt IMP was described as "The *biggest* civilian UK govt IT programme *ever* from its *inception*, not like the NHS IT programme (about £5Bn to start with but ended *up* about what £11Bn? £12Bn?
Thing is, if every person in the UK generated 2mb of data a year that would be about 200 terabytes of data a year. If I set my peerblock to pipe out to a file I'd have several meg of ip addresses in a day...
The data isn't much use if it's compressed as it'll need regular mining and automated tools running over it constantly to spot "potential" threats, do profiling, go fishing, etc. It'll probably need setting up in ways making it more useful so it'll likely be bigger then that 201 terabytes, then you need the software to store, manage, backup, secure and maintain 200 terabytes of yearly data. Lets say it could be compressed a fair amount though, you're still looking at a good number of terabytes on high speed disk.
Anyway... I recon £2billion is more of a yearly budget.
Are they allowed to use this data for political purposes?, getting general data on where people are likely to respond best to campaign spending and how they respond such as keywords and emotional triggers.
Working out how to win 40% of the vote instead of 35% could keep you in power indefinitely, I'm not sure what the political term is for a a government acting like this. Maybe even improve the data mining and end up with a very focused party that only cars about getting enough votes to stay in power with no other aim.
They don't know what the money is for.
Only now are they starting to approach industry to get ideas for how to spy on people. Offering peanuts I might add. Where the bulk of the cash is going to go is very well hidden.
They don't know what they want to do, how to do it or how it will be implemented.
Since the unfreezing with the Soviets, GCHQ had to redefine why it was here. Terrorism! Even better to focus on home-grown as then you dont even need to get up from your desk to save the world.
Cynical, over the top and lazy.
"Where the bulk of the cash is going to go is very well hidden."
You can do what Duncan Campbell did at the New Statesman when he wanted to profile the new (early 80's) MI5 Registry system.
Work out a rough idea of what's needed and who would be *trusted* to supply it. At that time that was ICL
Then study the Computer Weekly staff wanted adds to get a feel for the scale of the operation.
In this case I'd suggest you start with BAe Systems subsidiary Dettica.
Before they start with you of course.
MPs and peers scrutinising the bill have been told Blighty's spy chiefs, who demanded new systems to snoop on internet communications in the UK, are out of touch with how quickly the tech needs to be updated.
It is most probably definitely the case, that governments and spy chiefs in every nation/administration/jurisdiction, will never be ahead and in control of the Great IntelAIgent Game which has tech needs, in all and any sort of ware, from soft to hard, from ethereal cloud to virtual machine, provided by radical means and alternative memes which crash corrupt systems with the simple highlighting of their expensive budgeting which cannot be audited or justified in the interest of national security, for it would reveal who is personally profiting from magically, always readily available slush funds, quantitatively eased into systems to provide pilferers' profits?
ID Card the next generation!
At some point even the clownservatives have to figure out that this scheme only serves one purpose, to line the pockets of the ACPO and consultants.
Any criminal/terrorist/next weeks excuse, is going to circumvent the system, the only people who will have their lives fully monitored by the state will be the honest law abiding citizen. (to be subsequently resold by PC Bent of the Met to NewsCorp!)
A message from an internet cafe to an e-mail account saying "I will visit my new friends on 9.11" could be terrorists co-ordinating their attack, or more likely somebody off to meet new friends. This is useful intel HOW?
"(to be subsequently resold by PC Bent of the Met to NewsCorp!)"
Well a policeman's salary is not what it was!
IIRC the going rate for car license plates was £200.
What will be the price for you "A. Celebrities" phone/landline/email message traffic data for say the 3 months they were seeing someone when their spouse was filming that movie?
Or perhaps just the location of that spouse who had the *audacity* to go into hiding because you had to administer some "tough love" to them and they ended up in the hospital?
Of course those "services" will not be available to the general public.
What data will you collect = that's classified.
How will data be stored = that's classified.
How will data be retrieved = that's classified.
How ill data be backed up = that's classified.
I would do this for £1.5bn - leave the cash behind the tree in the usual place and never contact me again
"pose an unacceptable risk to the ability of the UK to safeguard national security" and "disclosure of this could be used to avoid detection".
So that's 1.8 bil on a system that once finished, relies on security through obscurity, and is expected to have known exploits and be possible to avoid.
Says so in the report so it *must* be true.
And if you think that £180m is unjustified try finding out where those "savings" come from.
*Perhaps* they expect to avoid the cost of another 7/7 event *every* year, but £500m sounds a bit low for *all* the trouble 7/7 caused (although Argentinian electricians are quite to replace I hear).
as a 'terrorist' I think I've spotted an easy and cheap way of getting around all this internet web snooping stuff
Its called "A letter", and what you do is write your message on a piece of paper, fold it up and place it inside another piece of paper with some glue and a stamp, then you give it to royal mail, and they take it to your fellow terrorists.
And if you want to be even safer, then use phrases that only you and your fellow terrorists will understand
eg
"Dear Susan,
The swallows may fly south for the winter"
"Dear Boris
Are you saying coconuts migrate?"
See .. what could possibly go wrong?
Either that, or Batman's listening network...
Kinda creepy, that's for sure. Also love how people are saying they will just use VPNs etc... Great stuff.
Do you really think that, if they really wanted to, they couldn't break most encryption quite easily now? The speed of processors is significant now, especially if you use GPU type processors. Combine in the fact that it is a criminal offence to not hand over your passwords/encryption keys when demanded to do so by the police and they've got a nice little bundle there.
My view on the matter is the same as always - don't say something via the internet that you wouldn't say in public.
Now, where's my tinfoil hat?
Again this is not about "communications content " but communications "data".
Its the URL of *every web page you view
It's the header of every email you send. From/to/subject/when
It's the same for SMS + where you were when you sent *or* received it.
It's your whole phone bill *regardless* of how long the call was.
It's all this in *real* time.
Should you wish to *properly* afraid.
http://www.openrightsgroup.org/ourwork/reports/communications-data-bill%E2%80%93aka-the-snoopers-charter
> Do you really think that, if they really wanted to, they couldn't break most encryption quite easily
Yes. Use a large number of bits, and the numbers get real big...
> it is a criminal offence to not hand over your passwords/encryption keys when demanded to do so
But as soon as they ask for the keys, you know they're watching.
Vic.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
