back to article UK web snoop charter: Just how much extra info do spooks need?

MI5 makes the most requests for information on Brits' phone calls and internet activities, according to a panel of MPs and peers scrutinising Home Secretary Theresa May's draft communications surveillance law. The controversial bill calls for much wider spying on online activity. The Home Office, in pushing for these extended …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    I honestly look forward to the snooping bill becoming law.

    Anything that keeps me and my children safe from terrorists and pedophiles is a good thing.

    1. Magister

      Really?

      >>Anything that keeps me and my children safe from terrorists and pedophiles is a good thing<<

      Not sure if if that was a bit tongue in cheek or not; still too early in the morning.

      "I have a magic stone; it keeps me safe from tigers. How do I know that? Because I've never been attacked by a tiger."

      The reality is that most people still cannot accurately define a level of risk for many events; the more common the event, they will underestimate its likelihood, the rarer they will over estimate. You and your children are at greater risk of being struck by lightning than being killed by a terrorist. They are at far greater risk of being killed by you than they are by a stranger (peadophile or not).

      The current obsession with introducing new snooping laws is about one thing only; political power. There are groups of people that want to be able to control certain aspects of everyone's lives, without they themselves being subject to the same kind of scrutiny. Anyone that supports that should be viewed with the utmost suspicion.

    2. frank ly

      How about locking you and your children in a concrete bunker and dropping food in through a hole in the roof twice a day? I can't see any downside to that.

      1. Anonymous Coward
        Anonymous Coward

        The government objects to the concrete. It wants glass.

    3. Semaj
      Trollface

      Wrong Icon

      You wanted this one.

    4. Anonymous Coward
      Anonymous Coward

      Ha Nice one.

      I think the best ones are where it's plausibly that you mean what you say.

      It's just my five cents but my view is that during all the time I grew up, cold war and all that, everyone used to send by snail mail, and or telephone, or telex, and they had all that covered. My guess is that they want the power that they used to have to read stuff.

      Without wanting to raise the ire of those who do care, I don't reckon most people care, because most people don't know just how observable they've been for their whole life. A few techies undoubtedly care, and a load of Guardianistas do, but the average man in the street probably doesn't even realise that there is someone out there with the power to do what they can already do, let alone anything else. Before Sept 11, some newspaper reported that the NSA was capturing and storing, 4 entire library of congresses of info a day. That was 12 years ago, when I was running a pentium 600 Mhz with 8 Gig disk space.

      Today, amongst all the core i7 stuff in the garage, I have a small Intel Next Unit of computing, sitting driving my telly's hdmi port. It has more computing power, at 65W peak, than did the entire country, when I started work. So god knows what the boffins can do now.

      Aside from a one-time lack of security clearance, because of my views on politicians, which would put some of the anarchists posting here to shame, I've never been hurt, murdered etc, to the best of my knowledge either now, or at anytime since the Cuban missile crisis.

      I see little changing, so long as there's a muslim minority, but in a muslim majority, the lack of telecom intercept powers isn't going to make the minority safe

      I personally think the powers are moot, and that we're facing a world war, due to population demographics, in about 20 years, and I believe nothing can stop that. But, obviously MI5 feels it is still containable, and they've got more information than me to hand, so since they haven't done anything to me, I side with them.

      I recognise this will be the opposite of what most people believe, but it's my opinion.

      1. Anonymous Coward
        Big Brother

        Re: Ha Nice one.

        You're brave to write that at all, even as an AC.

        There is no question that what is coming will be down to an imbalance between the haves and the have-nots. We ignore that at our peril.

    5. JetSetJim
      Stop

      Howabout...

      take that £2-5bn of cash (yeah, like it won't go over-budget) and do something to reduce the tendency of youngsters to turn into hoodie-wearing asbos? Perhaps make life in deprived areas a bit nicer instead?

      1. Anonymous Coward
        Anonymous Coward

        Re: Howabout...

        I wonder what £5bn could do for the education system. Hmmmm... Best piss it away on some crackpot corporate bonanza then.

    6. Diskcrash

      Fantastic

      Then you won't have an issue with police randomly grabbing people off the street, stripping them, filling them with drugs and interrogating them to see if they might be up to something since after all they might find someone is a bad person and isn't that worth the effort and if you have nothing to hide then what is a strip search and drug interrogation between friends.

      And while we are on the subject of doing what it takes to protect us since we already have CCTV in the city centres we should put microphones on them all and record all conversations since bad people might be out for a kebab and we need to know what they are up to. This really wouldn't be any different than the government recording all phone calls and running them through word recognition software to find bad guys. And once we have the city centres covered obviously the bad men (and women don't want to be sexist) will move off to other areas so we need to put cameras and microphones in all public transportation and heck why not mandate that all businesses use CCTV with microphones in the work place as it will help not only prevent terrorist attacks and pedo user groups they can find out who has been nicking the office supplies.

      The good guys will always have it tougher than the bad guys and that is the way it should be. The good guys do the right thing at the right time and in the right way. You will never overcome the bad guys by being badder than them all you will do is make more bad guys.

      The insidious thing about electronic snooping is that it is so easy and fast to do that it doesn't feel like snooping to the snoopers where as actually getting out and following people and doing investigations into suspects and their activities becomes readily obvious that it is snooping and requires some level of justification other than "just to be safe we thought we would look in his underwear drawers".

      People may not have a right to absolute privacy but the government definitely does not have nor does it need a right to know what its citizens are up to without some control on them.

    7. Anonymous Coward
      Anonymous Coward

      "I honestly look forward to the snooping bill becoming law.

      Anything that keeps me and my children safe from terrorists and pedophiles is a good thing."

      What! I bet you don't filter the internet connections to your kids devices.

      Most of the time you don't even know where they are!

      "People" like you make England sick.

      1. Anonymous Coward
        Anonymous Coward

        <quote=Obviously>"People" like you make England sick.</quote>

        And that isn't 'sick' in a good way either.

        Young-uns take note.

    8. Psyx
      Thumb Down

      "Anything that keeps me and my children safe from terrorists and pedophiles is a good thing."

      How about a curfew at dusk for all members of the population? And a year imprisonment for allowing children under ten to stray more than thirty feet from you outside of school grounds (fine automatically issued when your and your child's mandatory chips are separated by that distance)?

      1. Anonymous Coward
        Anonymous Coward

        How about a curfew at dusk for all members of the population?

        How does that work exactly, there are people who work nights, good luck locking them up... you'd probably provoke the biggest riot ever.

        1. Anonymous Coward
          Anonymous Coward

          I'm an upper class Conservative and proud of it!

          >there are people who work nights

          Those jobs will be abolished.

          What? You're going to starve to death? Not my problem. *smokes a cigar*

          1. Anonymous Сoward
            FAIL

            Re: I'm an upper class Conservative and proud of it!

            >there are people who work nights

            Those jobs will be abolished.

            What? You're going to starve to death? Not my problem. *smokes a cigar*

            With no one to defend your property at night, enjoy extra thefts and what's that? electricity gone out? more's the pity!

    9. Amorous Cowherder
      Happy

      I'll assume this is a joke and bit of wind up? If so, very amusing!

      If not...then you're obviously the sort of brainwashed, Daily Mail reading fuckwit the UK Gov just loves to bits!

    10. Anonymous Coward
      Anonymous Coward

      re: all replies

      If you oppose the bill, then you're clearly for child pornography! :|

      1. Magister
        Mushroom

        Re: re: all replies

        >>If you oppose the bill, then you're clearly for child pornography! <<

        Universal affirmatives can only be partially converted. http://www.youtube.com/watch?v=zrzMhU_4m-g

        Unfortunately, this is exactly the same twisted thought process that has lead to every evil the human race has ever committed and the same logic is still being used today.

      2. Anonymous Coward
        Anonymous Coward

        Re: re: all replies

        @Anonymous Coward 16:36 GMT 06/02/2013

        If you oppose the bill, then you're clearly for child pornography! :|

        If you oppose the bill, then it shows that you want to hang all these politicians up by the balls from the nearest lampost with piano wire.

        FTFY.

  2. Anonymous Coward
    Anonymous Coward

    whilst I completely trust the UK government with all my everything

    the G8/OECD/ITU and ETSI have been talking for years about cross-border snooping, under the aegis of Mutual Legal Assistance Agreements (MLAA's). Once my trusted government knows everything about everyone, they will be required to allow who - dunno, maybe The Netherlands or Russia, Bulgaria or McDonalds, LIVE acess to my PC, my personal correspondence, my communications data, my metadata data. This still doesn't worry me as I implicitly trust all democratically elected governments and all their agents, oh, and the large multinationals based in the USA who will be able to snoop my "real-time connection information" as it happens. I'm entirely innocent of any crime, worldwide, and have been always and who are these EU types anyway, with this strange idea to allow things to be forgotten on the intertubes?

    what could possibly go wrong?

    Heresay (DailyMail) has it that the uberCrim Duggan was 'hard-stopped' purely as a result of his snooped personal correspondence and communications data

    1. Anonymous Coward
      Anonymous Coward

      Re: whilst I completely trust the UK government with all my everything

      " I'm entirely innocent of any crime, "

      Unlikely.

      Friends and neighbours, mostly unwittingly, break laws every day - and therefore, on the balance of probability, there must be laws which I also inadvertantly break.

      Can you even guess at the provisions of the 3000 new criminal laws passed by the NuLabour government alone? Ignorance of the existence of a law is no defence. Many of those laws were badly drafted and cast a very wide net - with prosecutions often based on very subjective judgements by the Police and CPS.

      Since the change that made made every potential offence "arrestable" there has been a tendency to arrest first - and only ask questions after your mobile and PCs have all been confiscated for inspection. The power to search is automatic on arrest - and gets round the inconvenience of having to produce some evidence to a magistrate to get a search warrant.

      Even if you come out of that process lily white - your arrest will be soft information on the Police databases. It also automatically stops you getting a fast-track visa to the USA.

      Cynical - moi?

  3. My Alter Ego
    Alien

    Self signed certs are the way forward

    Putting my tinfoil hat on, using self signed certs and PGP appears to be the only way to have some privacy anymore. CAs can't be trusted (mainly due to incompetence, not malice). Ironically, the more the security services* push snooping, the sooner everyone starts encrypting all their traffic.

    * Every person who becomes home secretary seems to be turned into a crazed maniac that would put the head of the Stasi to shame. Either there's something in the water in Marsham Street, or [every day] they get told that the next 9/11 * 1000000 is imminent.

    1. Anonymous Coward
      Big Brother

      Re: Self signed certs are the way forward

      "* Every person who becomes home secretary seems to be turned into a crazed maniac that would put the head of the Stasi to shame. Either there's something in the water in Marsham Street, or [every day] they get told that the next 9/11 * 1000000 is imminent."

      They become Home Secretary, Generally, because of links to whomever is PM at the time. Not because they are qualified (Whatever that would mean in the case of HS). Surround them with people who work in an environment of suspicion and intrigue and who are masters at manipulation and what you have, effectively, is a manipulated HS towing the MI5 line.

      I tell you, the inCivil Servants who are the liaisons to the HS must be a seriously shady bunch. Like a cross between Humphrey and Caligula.

      1. Anonymous Coward
        Headmaster

        Re: Self signed certs are the way forward

        "is a manipulated HS towing the MI5 line."

        This spelling seems to be becoming a common misunderstanding of the phrase. It is "toeing the line". Lining up against a mark that someone in authority has established.

        1. Anonymous Coward
          FAIL

          Re: Self signed certs are the way forward

          You are quite right!

          I find my self typing know instead of no sometimes, too. I also used whomever instead of whoever. English fail.

    2. Amorous Cowherder
      Happy

      Re: Self signed certs are the way forward

      "Every person who becomes home secretary seems to be turned into a crazed maniac that would put the head of the Stasi to shame."

      No, they are the sort of empty headed moron who suits the job perfectly because they can be manipulated into the mouthpiece for the civil servant twats who work in the Home Office, who are the sort of "...crazed maniac[s] that would put the head of the Stasi to shame."!

    3. Psyx
      Go

      Re: Self signed certs are the way forward

      "Putting my tinfoil hat on, using self signed certs and PGP appears to be the only way to have some privacy anymore."

      Really? NOT doing so seems a better one, unless you really are discussing something illegal.

      That's the thing: There is SO MUCH traffic around, and the Security Services so busy with other stuff that they really don't have the inclination to look at 'normal' people's mail. They really don't care if you look at pr0n, and discuss AK-47s, given the number of other people who do.

      You either become flagged as a person of interest, or you are of no interest. If you're a person of interest, then you only became so for legitimate reason, or by accident. And not having secure comms means that if you accidentally become a person of interest, you'll soon be 'uncovered' as benign and they'll move on. Whereas constantly using PGP is more likely to raise interest in you than simply using normal communications.

      I'm concerned about my privacy, don't get me wrong. And I don't believe a carte blanche to rifle through every aspect of my life without reason nor judicial approval is something that should come about. But, I'm not about to leap through hoops to disguise conversation and communication which -though it might be 'suspicious' in some way- is not illegal in content nor intent.

      1. Sir Runcible Spoon

        @Psyx

        I get where you are coming from, but there are a lot of ways they can determine my innocence even if I am encrypting everything I do on the net, so I'm afraid that doesn't wash with me.

        It almost seems inevitable that this kind of DPI will get in at some point, given the brainwashing that the sheeple are subjected to (and their willful ignorance) so I think the best way to deal with it is to hit them in the pockets.

        I have a 10Gb limit on my connection, but I hardly ever use it all. Perhaps someone could design a little proggy that uses up all the rest of my bandwidth to create a huge amount of noise. If lots of people did it (i.e. you made it simple to do) then the costs of their storage and processing capacity will go through the roof. Comments?

        1. Psyx
          Go

          Re: @Psyx

          "I get where you are coming from, but there are a lot of ways they can determine my innocence even if I am encrypting everything I do on the net, so I'm afraid that doesn't wash with me."

          They can, but those involve getting off their backsides which is comparatively VERY expensive, which means one of several things to my mind:

          a) It then costs a lot more in terms of man-hours and effort to remove falsely flagged PoI, which then means more expenditure.

          b) A few correctly flagged PoI slip past, due to lack of resources available to investigate.

          c) The Security Services might seek further and more invasive powers to prevent 'a' or 'b'.

          d) The Security Services use existing more invasive powers (active wire-tapping and in-depth investigation et al) which then cross my personal threshold of the level of surveillance I'm willing to tolerate, in order to clear me (and which might lead them to think "Well, seeing as we've gone this far, we might as well justify it on the statistics for nicking him for speeding/littering/insert minor offence here").

          "so I think the best way to deal with it is to hit them in the pockets... create a huge amount of noise. If lots of people did it (i.e. you made it simple to do) then the costs of their storage and processing capacity will go through the roof. "

          Which both hits *us* in the pockets as taxpayers, opens the door for even *more* powers, and allows actual problems to slip through the net, as outlined. Ultimately 'their' money is 'ours'.

          I'm 100% in favour of reasonable privacy, I don't want a chip in my car, national ID cards, cameras on every corner et al and I take measures to protect my privacy where appropriate, but I -personally- am unwilling to take active 'protest' measures to deliberately waste the time or resources of the Security Services who - for all the negative press - do an awful lot to prevent terrorism, don't have enough budget, and are working with our best interests in mind (rather than just to try and find things to nick us for, or to read our every email exchange for kicks).

          In short, I see active protest by way of hampering the Security Services as harmful to my own interests. Plus: I'm not keen on wasting bandwidth anyway (I hate .sig files!), nor paying for my PC to constantly run in order to do so.

      2. Anonymous Coward
        Anonymous Coward

        @ Psyx

        Actually, your reasoning is flawed. If people bother to encrypt only illegal stuff, then that makes an excellent case for encryption itself to be illegal.

        All traffic must be encrypted in order to make the system effective.

        1. Psyx
          Go

          Re: @ Psyx

          "Actually, your reasoning is flawed. If people bother to encrypt only illegal stuff, then that makes an excellent case for encryption itself to be illegal. All traffic must be encrypted in order to make the system effective."

          It only makes a case for it if the encryption can't be cracked, to be fair. And even if it does make a case for it, it doesn't follow that such a law would ever fly, especially given that business interests are not going to want all their traffic unencrypted so the Chinese can get to it! There is no viable way that the UK gov could ban all unencrypted internet traffic.

          If I wanted to discuss something illegal, the way for it to work would to not be on the radar in the first place, and use either idiot code, one-time pads, or unorthodox communications channels. That's what the real bad guys are going to be using anyway. A ban on cryptography isn't going to be enforced, because it isn't going to target the correct targets.

      3. Anonymous Coward
        Anonymous Coward

        Re: Self signed certs are the way forward

        "And not having secure comms means that if you accidentally become a person of interest, you'll soon be 'uncovered' as benign and they'll move on."

        You are making an assumption that the person doing the analysis is in a "reasonable" state of mind.

        If an automated package flags something - then the person doing the analysis is already primed towards a "guilty" decision. Depending on that person's diligence it may then be passed upwards "just in case" - as they want to protect themselves against a mistake. At each level the "guilty" assumption will be increased.

        Then it reaches a level where people are so sensitised - that they can see what they are looking for in anything and anywhere. If their career prospects depend on getting results - then they are even more likely to chase any figment of their imagination.

        Once resources have been expended on a wild goose chase then there is a tendency to play "double or quits" - in the hope that they will find something to justify the work. This may involve "widening the net" to trawl associates of the apparently innocent person.

        It is commonly said that the Police Mind will maintain that someone is "so clean that they must be guilty". The Press Statement in controversial cases often says "not enough evidence to charge" - when what they mean is "We couldn't find anything, even irrelevant, against them - but we'll get them next time".

        It's all just predictable human nature. Badly trained engineers do the same thing when chasing bugs under pressure.

        Paranoid - moi?

        1. Psyx
          Go

          Re: Self signed certs are the way forward

          "You are making an assumption that the person doing the analysis is in a "reasonable" state of mind."

          That's because they are, generally. I guess the problem with the security services being so secretive is that we inherently don't trust them, and don't hear about their success ratio. Mistakes happen, but people who make a crap-ton of mistakes in either direction don't get trusted to make any more decisions.

          Plus of course, if my 'innocent' traffic is unencrypted and unambiguous, then even after automatic flagging, a mere cursory glance would see the flag removed. I want that process - that of clearing my name in event of error - to be easy enough that it has no impact on my life.

          "If an automated package flags something - then the person doing the analysis is already primed towards a "guilty" decision... If their career prospects depend on getting results - then they are even more likely to chase any figment of their imagination."

          Remember also that their career prospects of not wasting enormous amounts of time and money by flagging false positives! The Security Services have limited time and money, and an analyst who chases their tale is unreliable and thus less valuable. I don't know about you, but the tenth time I had to go in front of the judiciary for a warrant, or break into someone's home to have a physical nose around and turned up nothing on the say-so of an over-eager SIGINT analyst, I'd be wanting to put my foot up their backside!

          "It is commonly said that the Police Mind..."

          Security Services != Police, remember. Intelligence (in the sense of mass surveillance) is more about removing the chaff from the wheat than it is picking a suspect and nailing something to them. It's quite a different outlook, and there will be far more negatives to remove than positives to find. If anything -especially when presented with a heavy work-load- it's more likely to miss something than to be 'over-enthusiastic' with flagging suspects.

      4. John Smith 19 Gold badge
        Unhappy

        Re: Self signed certs are the way forward

        "I'm concerned about my privacy, don't get me wrong. And I don't believe a carte blanche to rifle through every aspect of my life without reason nor judicial approval is something that should come about. "

        That's rather odd.

        Because that is exactly the goal of this legislation and the system it will enable.

        You appear to be of the "But they'll only use it to spy on the "bad" people."

        Just like RIPA only being used for the usual suspects (paedophiles/terrorists/terroristpaeds/paedoterrorists/

        1. Psyx

          Re: Self signed certs are the way forward

          "You appear to be of the "But they'll only use it to spy on the "bad" people." "

          No: They'll use a machine to automatically rifle through my communications (just as has been happening to all our international calls and emails for *years* already, so the horses has bolted if that's your fear), and it'll find nothing and move on. I can't stop that, and it's way too late to. Or do you dispute that activity is already performed?

  4. Crisp

    Who wants to sign my public key?

    It's ok, it's just for verifying that messages are actually from me.

  5. Ken Hagan Gold badge

    Arms Race

    The spooks *really* ought to think this one through.

    Right now, the majority of communications are unencrypted and as long as the majority of people do not believe there is regular or extensive snooping, they won't be bothered to seek out encrypted alternatives. Therefore, the stupid crooks will use the same unencrypted media as the rest of us, and get caught.

    The smart crooks will bother to use a secure alternative (such as meeting fact to face) but the smart crooks will *always* bother.

    If the general public get concerned about privacy then encrypted communications will become the norm and suddenly the spooks will lose access to all the stupid crooks. Net result, society pays a fortune for snooping infrastructure that doesn't work because society also pays for the technology to bypass it.

    Oh, and the press demonstrating what *could* be done with existing technology has not done us any favours either. Indeed, the NotW may have done more long-term damage to MI5's capabilities than any other single organisation in the last few decades, by persuading the general public that we are all potential targets of some nosey parker or other.

    1. Anonymous Coward
      Anonymous Coward

      Re: Arms Race

      Once a significant number of people encrypt their traffic - then it will also make it harder to target encrypted data that "might" be worth spending the effort breaking. Where do you hide a tree? In a forest.

    2. Psyx
      Stop

      Re: Arms Race

      "Indeed, the NotW may have done more long-term damage to MI5's capabilities than any other single organisation in the last few decades"

      I'd be quite angry if I genuinely believed that making our population change their default password and access rights on voicemail did ANY damage to Five's long-term intelligence gathering capabilities!

  6. ACx

    So what? Virgin Media is sold to the yanks, which means they now have access to all our data. VM users, you are now liable to US law and extradition.

    1. Anonymous Coward
      Anonymous Coward

      It doesn't work that way.

      But the US have a nice contract with the EU over data sharing anyway..

  7. plrndl

    Empire Building

    No-one will ever close the gap between what data can be transmitted and what can be used by The Goodies to catch The Baddies. I could happily invent 5 new means of communicating data an hour if someone was prepared to pay me enough to keep me interested in the task.

    This is merely a superficially plausible idea for money grabbing & empire building by cops and civil servants (bigger empire=bigger salary & status).

    What is really needed is better analysis of readily available data, not more data.

  8. Wayland Sothcott 1
    Facepalm

    Keeping the terrorists on the back foot

    My mind boggles at all the secret stuff that's going on just to keep the sun coming up each morning. It looks like terrorists may learn to encrypt their data like others are already doing. If they figure that out before MI5 are able to snoop into it then we are all doomed, doomed I tell ye.

  9. M7S

    Value for money

    You can be sure that if the police have to pay all that extra money for information for use vs. terrorists & serious criminals that after a period of time a "business case" will be made for using the data that they already have to deal more effectively with lesser offences. And then it will be passed or "sold" to other authorities for dealing with de-criminialised or civil offences and we'll be back to the local councils using really intrusive methods (RIPA III style) to catch you for something that's perhaps anti-social but not really that serious.

    Don't get me wrong, I think that there should be investigative powers for bodies that enforce, and that these should be regulated, but I fear that the ratchet generally goes too far and generally the wrong way.

  10. Anonymous Coward
    Anonymous Coward

    "Nevertheless, we believe that the decline of available communications data will begin shortly to have a serious impact on the intelligence and security Agencies."

    Yet the nosey bastard’s charter is used by local councils more than MI5! Total abuse of power.

    Of course it's not the government that annoys me most, it's the British citizens whom have NO CLUE (about anything) about what is going on and really don't give a shit.

    Honestly, I'm surrounded by IDIOTS! Idiots whose lack of caring (for their kids, never mind each other) means MY rights are eroded.

  11. Amorous Cowherder
    Alert

    Bog off!

    " GIve 'em and inch and the barstards will demand 2 more miles. "!

    Get stuffed, you have enough already!

  12. Glostermeteor

    I already do encrypt all my internet traffic. I travel a lot to the far and middle east and have to use encrypted VPNs to ensure my data is not snooped on by dictatorial regimes or hackers. No government should have access to my personal data, whether it is the Chinese, Iranian or British governments doing the snooping it makes absolutely no difference to me. Encrypted VPNs were created and their use encouraged by the west to get round the various filtering measures put in place by horrid regimes, now they are being used against snooping western governments. Pot, Kettle Black.......

  13. batfastad
    Stop

    Money

    Call me crazy but I'd prefer my money was spent on trying to ensuring that future generations are healthier and better educated. It's a disgrace to think that any human thinks spending money on data snooping is more important than that. Let alone a whole government full of them.

    £3bn? Can I haz reefund?

    "Politicians are not born, they are excreted"

    - Marcus Tullius Cicero

  14. JaitcH
    FAIL

    the intelligence and security Agencies are able, to some extent, to work around the problem

    Guess what, MM (Mad May) has just had her dream eclipsed. This technologically brainless MP is about to discover as from late this week or early next week Silent Circle is offering the ability to transmit up to 60-megabyte files, encrypted at point of transmission to point of reception with no intermediate decrypting.

    This means she is SOOL in using her eavesdropping toy and she can't even order backdoors be installed, unless she sends a Chippy around to each and every smartphone loaded with Silent Circle.

    You can pack a lot of Bin Laden videos, or EID construction manuals in a 60-meg file. Same with kiddie-porn or any other material Plod might want to get their hands on. Drug dealers would welcome it - all completely out of reach of the DEA.

    That MP's are questioning MM's is very good, they know the game ministers play to pad budgets.

    How is 'continuity of custody' going to be proved or if the data has not been tampered with if it is held by telephone companies, internet service providers and others for data storage?

    Or, once again, are the protections supposedly offered those accused of offences in Britain going to be compromised yet again such as 4 years or your password, give us the story now or loss credibility, etc.

    Given the sorry state of financial affairs, the UK can not afford to indulge this hapless female's wet dreams - she should resign.

  15. Jon Green
    Mushroom

    Usual story: persecute the innocent; overlook the threat

    It amazes me that anyone actually falls for this line. True terrorists already use high-grade encryption - not just conventional public/private key, but one-time pads and the like. The only useful information that can be derived, without actually hacking their computers directly, is traffic analysis - and if they're using onion routing, even that is largely broken unless the security services have end-to-end coverage of the route. Yes, slips occasionally happen, and these can yield useful intel, but they're not usually committed by the kingpins.

    On the other hand, these measures would be excellent for spying on the ordinary, non-terrorist, population /en masse/. Sad to say, Orwell got it right. We're all in the Big Brother house now.

    1. Psyx
      Stop

      Re: Usual story: persecute the innocent; overlook the threat

      "without actually hacking their computers directly"

      Which is of course the easiest option, in many ways. If you have an existing lead, then don't sit back and just packet sniff, but get a few bits of spyware on-board, or sit outside the house with TEMPEST gear!

      "On the other hand, these measures would be excellent for spying on the ordinary, non-terrorist, population /en masse/. Sad to say, Orwell got it right. We're all in the Big Brother house now."

      Not really, because it requires both a way and a will. It would enable a way, but there is neither a will to do so, nor budget, nor infrastructure. It's like having a 'stop and search' law, and no police on the street.

      Our police 'patrol' physically and not electronically. That is: We do not have a police force that just picks people at random and goes through their communications and hard-drives. Something has to lead them there first, at which point they require judicial permission to really go wild on it.

      Granted, our Security Services do trawl, but they've been doing so for decades, and are not interested in 'mundane' criminal activity. So there's no real change there.

      Don't get me wrong, though: If the Police were going to start just sifting through everyone's SMS looking for mentions of things like "bunking off school" or "got any whacky bacci for sale, Mr. Dealer" on the off-chance, and using that as something to trigger an investigation, I'd be right next to you on the protest march, chap.

      1. Jon Green
        Unhappy

        Re: Usual story: persecute the innocent; overlook the threat

        The thing is, we're not talking about the Police here. We're talking about MI5 - and they _do_ have both the will and the way to trawl.

        1. Psyx
          Happy

          Re: Usual story: persecute the innocent; overlook the threat

          "The thing is, we're not talking about the Police here. We're talking about MI5 - and they _do_ have both the will and the way to trawl."

          No we're not: We're talking about GCHQ if you're referring to wide-scale SIGINT operations.

          But that aside - as I stated - although they *already* have both the will and the way, they aren't a 'police' force as such, and are not 'on patrol' looking for regular criminal activity. I suspect that they get a thousand intercepts a day about drug deals and the like, but it's not their remit to deal with them.*

          Security Services are not the same, nor looking for the same things, with the same goals, as the Police.

          *If you examine the alleged ECHELON 'strike list' and are happy to believe it, you'll notice that there is no overlap with what it is flagging and 'normal' crime: http://www.theregister.co.uk/2001/05/31/what_are_those_words/

      2. John Smith 19 Gold badge
        Unhappy

        Re: Usual story: persecute the innocent; overlook the threat

        "We do not have a police force that just picks people at random and goes through their communications and hard-drives."

        But that's the point. With this they don't snoop "randomly"

        They snoop everybody permanently

        You appear to have great faith in the British police forceservice.

        History demonstrates that it takes a very small amount of potential guilt (especially in high profile cases) for the idea of "objectivity" or policing based on actual evidence to go right out the window.

        1. Psyx
          Pint

          Re: Usual story: persecute the innocent; overlook the threat

          "They snoop everybody permanently" - Yup, they already do though. The new regulation won't really change much for non-targeted communication intercepts by GCHQ, as far as I understand it. The horse bolted decades years ago on that one, sadly.

          Assuming you mean 'GCHQ' when you say 'they' of course, John. Remember that the State is not a single entity with shared responsibilities. MI5, GCHQ and the police forces are all very different things. GCHQ don't go running to tell the police when they see an email that says "I had to drive at 100mph all the way to get to work today!"

          "You appear to have great faith in the British police forceservice."

          No, I don't. Not really. I have more faith in them than the judiciary, though. I know that if I'm lippy to a policeman if I get pulled over, he'll find *something* to nick me for, and they're powerless to deal effectively with the criminal under-classes. I would not like the Police to be able to bulk trawl communications data on a whim. After all: We're all guilty of something.

          I feel that there is an important difference between SIGINT trawled and electronically parsed for anti-terrorism/espionage reasons (as is already in place) and it being trawled by regular law enforcement, in order to issue speeding tickets et al.

          Whereas I have little faith in the Police, I *do* have considerably more faith in the Security Services. That's a very different thing. I know that I'm not ever likely to be fitted up for terrorism, and I know they have a good record at preventing terrorism.

          As I say: Police != Security Services.

      3. Vic

        Re: Usual story: persecute the innocent; overlook the threat

        > We do not have a police force that just picks people at random

        No, not at random. They look at things like skin colour first...

        You have an idealised view of what a Police Force ought to be. There are numerous examples of the actual Bobbies not entirely living up to that view. And thus your argument fails, because the people who will be doing the job are capricious and frequently opinionated.

        Vic.

        1. Psyx
          Holmes

          Re: Usual story: persecute the innocent; overlook the threat

          "You have an idealised view of what a Police Force ought to be."

          Surely everyone's view of what a police force *ought* to be is idealised? That's the point of envisaging what it *ought* to be, Vic.

          I'm pretty damned sure that the Police do not currently arrest people on the basis of random SIGINT trawls. So it's a moot point, and the argument still stands. Unless you are proposing that the new legislation will lead to armies of Police intelligence analysts sitting there going through flagged SMS messages, cross-checking to see if they're from *insert target of police officer's bias here*, and then sending the boys around to arrest them, and then the CPS being willing and legally able to convict based on that? That's pretty paranoid, and it's a move which would require masses of further legislation and a complete overhaul of our police and the CPS. And can you imagine the media coverage the first time someone gets nicked for speeding based on a 'confession' made in an email?

          One cannot refuse any compromise in life based on it always being the thin end of a wedge.

          1. Vic

            Re: Usual story: persecute the innocent; overlook the threat

            > That's pretty paranoid

            No, it's the result of spending quite a bit of my adult life drinking with CID.

            Prejudice is already a big part of how the Police works. Institutionalising it isn't going to help anyone.

            Vic.

            1. Psyx
              Stop

              Re: Usual story: persecute the innocent; overlook the threat

              "No, it's the result of spending quite a bit of my adult life drinking with CID."

              I'm not sure how the CID you drink with being bigots relates to the idea that the police will totally restructure, start data-trawling and prosecuting based on it, and that all the legislation to support such activities and the budget will sail through government. It doesn't matter if the CID are all fascists of the highest order, because the changes that would happen to enable your nightmare situation don't lay purely in their hands.

      4. Anonymous Coward
        Anonymous Coward

        Re: Usual story: persecute the innocent; overlook the threat

        "Something has to lead them there first, at which point they require judicial permission to really go wild on it."

        Yes - the Intelligence Services analyse rather than investigate and in that respect are probably fairly trustworthy.

        It appears to be the Police's various "anti" squads who are less discriminating. A lot (majority?) of the anti-terrorist raids since 9/11 appear to have come away either empty handed, failed in court, or claimed a "success" with some infringement, possibly very minor, of an unrelated offence. That is also probably true of the other high profile campaigns.

        Unfortunately it appears that nothing more than a malicious anonymous phone call is needed to plant suspicion in the Police's minds. Phrase the accusation to suit the target's lifestyle - and "J'accuse" does the rest. It worked for mid-20th century totalitarian states - as well as "The Terror".

        As Cardinal Richilieu is purported to have said "If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him."

  16. Colin Millar
    Coat

    Due diligence

    The Home Office has a double headed coin for that

  17. Jay Holmes

    Gaining access to the data isnt my main problem with this, its the storage afterwards that I have a problem with.

    If something I say or do is flagged in any shape form or way. The following happens

    It gets pinged by some automated system to an analyst,

    Analyst (overworked and underpaid trust me) can't make a decision either way,

    Pinged up to senior analyst who decides they need more information

    A discrete info sweep is done on me, no probs as I have done nothing wrong.

    Analyst realises that there is nothing further required, closes file deletes all information they received about me.

    Now since I am in the forces I have no problems with this, same as I have no issues with ID cards Ive been carrying one around with me since I was 17. Its the data retention I have issues with as we all know how good government agencies (and the forces) are at keeping data secure. (big tip dont let people leave the bloody building with it!!!)

    I dont have a problem with CCTV either if it is used in the right place for the right thing, and they use cameras that can actually identify people as opposed to the usual shitty screen grabs that you see pushed on crimewatch.

    The security services in this country are extremely good at their job, not a lot slips through their net. They are hampered by the government ministers who are trying to build their little empires.

  18. Jon Green
    Megaphone

    Let's consider a little scenario.

    The Police decide that, in order to achieve effective law enforcement, they need legislation requiring everyone to provide a set of current keys and alarm codes for their home to their local Police station, and powers to use those keys at any time to enter anyone's house without a warrant or reasonable cause.

    Would you be comfortable with that?

    Because equivalent powers are being requested by MI5 for your communications.

    1. NukEvil
      Stop

      Re: Let's consider a little scenario.

      The police already have a "key" they can use to gain access to your domicile at any time--it's called a door ram, and it can open pretty much any door available to civilians. They can also call your security monitoring agency and get them to remotely disable your alarm system if the need arises.

      Because equivalent powers are already being used by MI5, FBI, CIA, whatever acronym you want to use, for your communications.

      1. Jon Green
        Stop

        Re: Let's consider a little scenario.

        @NukEvil - yes, but before they can use that "key", at the moment they have to have a justifiable reason in law, and consent granted by suitably senior authorities - and it's a bit obvious that entry's been effected.

        In the scenario I suggest, they could enter at any time, without any due process (i.e. "fishing expeditions"), with or without the knowledge or presence of the occupants, and look at anything they liked. Unfettered snooping for fun and profit. _That's_ what's being sought with comms.

        1. Anonymous Coward
          Anonymous Coward

          Re: Let's consider a little scenario.

          "at the moment they have to have a justifiable reason in law, and consent granted by suitably senior authorities"

          The justifiable reason is "reasonable suspicion". If they get a warrant to arrest on that then they can knock the door down if they want. A good blanket one is "conspiracy to...".

          In practice it is a flimsy process that can be used against any innocent person for a "fishing expedition". The cover up is then to drop strong hints about "mysterious leaks to the press" if the person complains officially.

    2. John Smith 19 Gold badge
      Unhappy

      Re: Let's consider a little scenario.

      "Because equivalent powers are being requested by MI5 for your communications."

      Actually the situation is somewhat worse than that.

      They want to station a policeman in your home 24/7/365.

      They won't say anything or help you in any way of course (like stopping a real burglar for example)l.

      They'll just note down every web page and email address you enter and the subject headings of any email sent. (Does anyone know what the status of entered data like logins and passwords is?)

      And any landline or mobile calls you make and how long you make them for and where you are (as they will follow you everywhere you go).

      1. Anonymous Coward
        Anonymous Coward

        Re: Let's consider a little scenario.

        Quote (Does anyone know what the status of entered data like logins and passwords is?)

        Sorry, ALL DATA IS CAPTURED: In particular passwords are needed to be snooped as humans are absolutely crap at thinking/innovating in password-space. There have already been successful identifications and cross-matches made because throwaway email "goodbyeKitty@yahoo" used more or less the same password-stem as "happyBiscuit@gmail.hk"

        There is no differentiation in capturing header or actual communications data, all data is taken. The DPI boxes do have the capability to be digital signature driven - i.e. capturing only when triggered by a passing stream that matches their ginormous signature list. Who provides the signatures?

        One commentard suggested filling up their home data pipe with random stuff, there's actually no downside to this and it is not currently illegal!

  19. John Smith 19 Gold badge
    Gimp

    Oh dear. It was "Buttle, not Tuttle."

    (<- specimen attached) But the sort of data fetishists behind this sock puppetHome Secretary don't care about a little collateral damage.

  20. Anonymous Coward
    Anonymous Coward

    Stupid thing is, it will just force the crims back underground and meeting in seedy backstreet areas - much like they used to before the Internet came into being. So ultimately it's the innocent people that will lose out.

    And with all this ubiquitous computing malarkey, it won't be long before the Thought Police will be after us..

    Anon, because of Thought Police.. now where's my tin hat.

  21. teebie
    Thumb Down

    CCDP

    Are they *really* giving it a name one letter away from CCCP?

This topic is closed for new posts.

Other stories you might like