* Posts by Graham Cobb

230 posts • joined 13 May 2009

Page:

Tor onion hardening will be tear-inducing for feds

Graham Cobb

Re: Jacob should fork Tor

Unfortunately it is very hard to make useful security tradeoffs. We all know that there is no perfect security and we are used to the idea of a need to tradeoff between security and cost (how valuable is the item you are trying to secure? No point on spending more money than that on securing it).

What we very often forget about is usability. If you increase security by reducing usability (ease-of-use, performance, etc) then you are reducing the number of people who will use that security. So, your choices here will depend on whether you are aiming at committed, hardcore, tinfoil-hat-wearing security geeks or Facebook-loving grandmothers or where in between.

Some things (like the move to https: instead of http:) have so little impact on usability that they are no-brainers. However, the decisions made by the Tor project, including the controversial ones (like whether or not to enable Javascript in the Browser, whether to support UDP, whether to add background traffic, etc) are really hard as they have considerable impact on usability and hence real-world takeup.

@AC may have preferred different choices. And I think that some Tor developers and researchers are moving towards some changes, as the threat environment and usage has changed. But I think the Tor developers have generally made pretty good choices and I certainly acknowledge that these are hard decisions with no right answers.

@AC can go ahead and fork Tor/TBB with different choices, and then try to build up enough usage to get useful levels of anonymity. But I think the better choice is to work within the Tor environment, discuss potential changes, conduct (or sponsor) research and development and operate (or fund) relays.

Ranting on El Reg is not likely to help (yes, I know I am guilty of it as well!).

0
0
Graham Cobb

Re: don't get it

There are really two ways to break Tor-based anonymity. One is to break the Tor anonymity itself (which seems like it may be possible for nation-state-level players, although it may be expensive and/or they may be reluctant to share the data with other players like law enforcement). The other is to break the anonymity above the Tor level: get the user (or, in this case their browser) to tell you who they are without ever having to break Tor!

It is the latter which is addressed in this article. This is about making the "Tor Browser" (not really anything to do with Tor itself but a browser with Tor access conveniently built in) more secure. Like any other browser, Tor Browser has bugs which could be exploited (and have been) to run code on the user's system. That code can make the system report its real name and IP address to the adversary -- allowing law enforcement to know who has accessed what pages, for example. This article is about helping to make the Tor Browser more secure by making those bugs harder to exploit.

0
0

'Nobody cares about your heart-rate'

Graham Cobb

Re: Rush to judgement much?

I think that a robust on-premise gateway/firewall/IoT manager is a good idea. It would be a good idea even if the devices had decent security (for managing them all, storing historical data, etc). It just must not be:

1) Off-site -- it must always be under the full control of the user

2) Locked-in to the devices -- I should be able to choose my gateway vendor independently of the IoT devices it controls

3) Closed, or patent-protected protocols/interfaces -- I want a wide selection of gateways to choose from. I want to see Apple, Google, Facebook, etc competing for that business (yes, even with their cloud-based data slurping). And I want to see open-source versions as well for those of us who value privacy.

Why can't I find an open initiative to develop this that I could join?

0
0

Snoopers' Charter 'goes too far' says retired Met assistant commish

Graham Cobb

renaming internet connection records as browsing history is a good first step

Yes. And we need to explain how this means everyone has a permanent police tail on them 24 hours day. Adapted from my post almost exactly 2 years ago... http://forums.theregister.co.uk/forum/containing/2225266

Collecting internet connection records is exactly the same as placing a police tail on you: the tail can't hear what you are saying but they track exactly where you go, who else is nearby, who you talk to (and for how long), what posters you stop and read, what shops and other buildings you go into. If the Snooper's Charter was in effect, the tail can even follow you inside the buildings and video everything you do there.

Having a permanent police tail on everyone seems like the clearest example of a police state that I have seen.

1
0

Brexit: More cash for mobile operators or consumers? Pick one

Graham Cobb

Re: Scaremongering

And now my own positive reasons to remain. Please discuss these as well...

1) The EU provides a brake on our government's fawning give-away of our rights to assist their friends in big business. The Tory government are doing this with TTIP -- they will sign it instantly if we leave the EU but are currently constrained by the EU who are (fortunately for us all) concerned about the ISDS clauses. But Labour are no better: they handed the copyright cartels all they asked for, but that is also somewhat constrained by EU work on copyrights.

2) Remaining, and keeping free movement, will gradually reduce the xenophobia, intolerance and racism that drives the extreme right and tricks some people into supporting them. It will take many more years but it will happen. Note that nowadays even Liverpudlians are allowed to live in London without being attacked :-) Seriously, not only have "No Dogs or Irish" signs disappeared for legal reasons but in fact the casual hate behind them has mostly gone.

10
2
Graham Cobb

Re: Scaremongering

all I have so far asked is for a positive reason to remain. I am still waiting.

No, you are not waiting. The GDP issue was posted earlier and is a positive reason to remain.

You may not agree it is important, or you may not even believe it. But it is certainly a positive reason to remain and has been provided. So, over to you to discuss it...

5
2

UK.gov is about to fling your data at anyone who wants it. How? Why? Shut up, pleb

Graham Cobb

Re: One way for plebs to be heard

I have written to my MP several times. On no occasion have I had a reply I agreed with, and in many cases I received an obviously stock reply. In one case, I sent an email and the assistant tasked with responding accidentally copied me on their email to Conservative Central Office asking for the stock reply :-)

However, I continue to do it on occasion. Not so much because I think my MP will actually read it or even hear my carefully argued points, but because they measure public opinion by weight. Getting lots of letters on a subject does put the wind up ministers (why else did the PM overrule the proposals on the BBC?).

11
0

Curiosity find Mars' icecaps suck up its atmosphere

Graham Cobb

Re: New Orderly World Orders AI …. for Live Operational Virtual Environments ‽

Better to have the ability to haul any potential asteroid-mitigating technology inro orbit, and / or wirk towards a self sustaining extraterrestial colony.

Genuine question: Why?

Of course, I don't want humanity destroyed but I am not that bothered. If it happens, it will make no difference to the universe. Nor will it mean anything to all of us who die.

Also, it is extremely unlikely to happen any time soon. So unlikely that attempting to "assure our survival" is a pointless waste of time. Better to spend the resources on faster scientific progress and being able to do a better, and more efficient job, some time in the future.

1
5

Google open sources Thread in bid to win IoT standards war

Graham Cobb

None of these sound like what consumers want

What we need is an open standard for local (in the home) connectivity, with many competing implementations of the home hub with different features and capabilities. Some might be really simple to use but restrictive, for example provided by Apple and fully integrated with their ecosystem for people who use that. At the other extreme, some might be really geeky: running on OpenWRT and configured by editing text files with vi. In between, there would be some which integrate well with other ecosystems (Samsung, Xbox, etc) and have various levels of controllability, security and privacy.

Within the home, it must be possible to have devices (IoT devices and controllers like phones) talk to each other, without any information passing outside (like using DLNA to control your home media today).

In some cases (for example for remote access when travelling) it may be useful to have internet servers to co-ordinate and secure access -- but those must be able to be chosen independent of the hub manufacturer and selected by the user just as they choose email services today. In the same way as for email, these must also be able to be self- or community- hosted, not just owned by big internet companies.

None of that will stop Apple, Google, Samsung, etc being big players in IoT -- many people will choose their products, just as they choose their phones, TVs, and email services today. But the discerning or privacy-conscious consumer should be free to choose alternatives which match their requirements, lifestyle, language, community norms, etc.

Who is representing consumers (and geeks) in these discussions?

6
0

Brits still not happy about commercial companies using their healthcare data

Graham Cobb

Re: Any room left in that 17%

I would extend Ben's prison sentences and ban from access to data to include anyone attempting any form of de-anonymisation, wherever performed, whether successful or not, for whatever reason (however noble), and whether it would lead to actual identification (name, address, email, etc) or just a description of a unique person.

And whistle-blower protection/reward needs to be explicitly provided for in the law.

With that I would probably be willing. But the opt-out still needs to be there for those who will not accept the remaining risk (which is mainly that even if someone is punished, the leaked information will still have been leaked).

2
0

Knackered Euro server turns Panasonic smart TVs into dumb TVs

Graham Cobb

Off topic: you might want to read the "separated by a common language" blog. Although I don't think she has really addressed this jarring with words which do have the same meanings but where the most frequently used senses are different.

1
0

GCHQ: Crypto's great, we're your mate, don't be like that and hate

Graham Cobb

Re: Goodwill?

They were surprised by the vehemence of my concern and by my proposed solution: massive budget cuts to bring them under proper control and focus their minds on the things that are really important. Needless to say, they did not agree. Not that they were in a position to do anything about it anyway (as far as I know, of course).

2
0
Graham Cobb

Re: Goodwill?

That is what I said to someone I know who works at GCHQ just after the Snowden leaks. GCHQ have, by their actions over the last 20-30 years, voided our trust. They will never again be allowed, by my generation, to have the same power again.

Until those of us who remember their crimes are gone they can beg, whine, scream, threaten or corrupt as much as they like but they will be fighting the population.

The abuse had been going on since the 70s: completely illegal and dis-proportionate abuse of powers to monitor legitimate political parties (including the Labour party!) and trade unions. Later, helping the police to drive towards a police state for anyone who dares to protest (see the John Catt case). Finally their "climate of fear" pushing of a serious but very infrequent crime (terrorism) as if it was a serious threat to life or liberty.

The actual threat to liberty is the abuse of extremely dangerous powers which should be being used maybe once a year, not on the whim of a politician or police officer.

37
0

No tit for tat, or should that be tat for tit ... Women selling stuff on eBay get lower bids

Graham Cobb
Facepalm

Could be a useful study

Next time I bid for something on eBay I will decide how much I am willing to bid and then make sure I only bid on auctions posted by women. If they get lower prices I am less likely to have to go to my top bid! Sounds great to me.

On the other hand, maybe the study is just crap.

2
0

Why Tim Cook is wrong: A privacy advocate's view

Graham Cobb

Re: Not even wrong...

Perhaps you'd be happy flying on a plane knowing no one had bothered to check the luggage because the 200 or so of you on there is less than the daily roadkill so who cares if you die?

Absolutely yes. Without a doubt. Unless the stats had changed so that the risk of flying came near to the other risks -- which would happen after a while, of course, if we stopped checks which are actually useful.

If some check has little impact on the risk numbers (for example, if it is ineffective, like much security theatre) then I have no problem going without it. A few hundred deaths a year won't worry me, until it gets to be comparable with other risks I take every day (like driving to the airport).

2
1

UK to stop children looking at online porn. How?

Graham Cobb

Re: Gubmint knows this will fail, it's just a way to move further along to their ultimate goal...

You would almost think our legislators have shares in the VPN business.

Not the VPN business... the Media business (and not just shares: very lucrative donations, revolving doors and cosy relationships). I assume this is being pushed by Big Media, who are very annoyed at the censorship of films in cinemas, on DVD, and on TV which is bypassed by porn sites.

Of course it helps that it plays well with the authoritarian wing of the Tory party, but there is no money in that so that can't be the real driver.

0
0

Apple must help Feds unlock San Bernardino killer's iPhone – judge

Graham Cobb

...it may be that they're going to be regularly exposed as having given offenders the means of committing their crimes. Now that's not going to look good in the papers.

Why? It doesn't seem to do car companies, electricity companies, or grocery stores any problem that they are used by criminals as well as non-criminals. What makes you think it would be a problem for Apple?

0
0

Gmail growls with more bad message flags to phoil phishers

Graham Cobb

Re: WTF?!!

The reason to have all email using TLS is to make it normal. Pre-Snowden, all email was in the clear and spooks could just sweep up everything by tapping a few links. You could even, easily, see whether the mail was end-to-end encrypted and, even if it was, the addresses of both sender and receiver. At that time, anything which was encrypted was a red flag that this was likely to be worth looking at.

Over time, much email is now TLS encrypted. It cannot be just swept up "just in case it is useful one day". And it is impossible to see which are the interesting messages, which messages are encrypted, and who they are to and from. To make that stronger, even the most boring messages should be encrypted. I am looking forward to being able to turn off all non-TLS email receiving on my personal servers.

In today's world, encryption isn't about protecting YOUR messages, it is about protecting EVERYONE ELSE'S messages.

0
0
Graham Cobb

Re: Value depends depends on implementation

While you are right, anything which names and shames the players who don't use TLS in the hop to/from gmail would be welcome. Use of TLS on that hop doesn't mean that the mail was secure but it, at least contributes to making TLS use not suspicious. When we, eventually, have certificate checking as well (using DANE or something else) then TLS may actually start to make a useful contribution to security.

On my personal mail server I already flag all incoming mail which has not been received using TLS. Unfortunately my emails to the senders to complain are invariably ignored.

0
0

TTIP: A locked room, no internet access, two hours, 300 pages and lots of typos

Graham Cobb

Re: Who knows? Really?

@philthane

So what do we do about it? I have much the same experience -- I tear my hair out over how to get TTIP onto people's awareness. At the moment, if I write to my MP about TTIP, he treats me like a green ink nutter.

Campaign suggestions on a postcard...

3
0

Are Indians too stupid to be trusted with free Internet?

Graham Cobb

Re: Some Way, Some How.

Isn't there some way to support free internet for India's poorest, while not turning them into fodder for the Facebook and Google machines?

To be honest, I am amazed that Zuck hasn't done this. I am certain that he could come up with a subsidy offer that does not require a walled garden, was (at least) financially break-even and which would gather him MASSIVE positive support, and a billion new customers, in the world's largest democracy.

Why not just sponsor (limited speed) internet access, with no site restrictions but with massive advertising and promotion of facebook, and (financially contributing) partner sites. Completely neutral and advertising subsided. The way things work in other markets!

6
0
Graham Cobb

Re: It would be the same anywhere

Demonstrably, they are. Basics is live in 37 countries and has been shut down by the elites in just two.

Many, but by no means all, countries have legislation preventing the sale of physical goods at below-cost prices, to help prevent monopolisation. Just as in this case, whether to make that illegal is a national decision, taking into account their own national circumstances and their national approach to regulation. Does that mean that the poor in Belgium, Canada and South Africa are being treated unfairly?

8
1

Privacy advocates left out of NHS care.data 'oversight' board

Graham Cobb

Re: A note on "anonymous" data

if this could be done well it really would be invaluable for research, which really could bring material benefits to people

So, we need a two pronged approach: good anonymisation (but leaving data useful for research) combined with extremely strong privacy enforcement. There must be strong legal penalties against any deanonymisation attempt (however much it might help the research), starting with prison time for managers who allow it on their watch -- a very effective deterrent against white collar criminals, as the H&S industry has demonstrated. This must specifically criminalise any use of the data in marketing, insurance assessment, discrimination (housing, jobs, etc) or for any purpose other than the approved clinical research (with both criminal and civil penalties).

The third leg of this stool has to be that individuals can still opt-out. If I am paranoid (clinically or otherwise), or I have a lot to lose (in the public eye?), or I just have a different trade-off between my risk and the benefit to society, then I must be able to opt-out of being included in any released data.

Why is this so hard?

3
0

Cops hate encryption but the NSA loves it when you use PGP

Graham Cobb

Re: Ah, Traffic Analysis

But I think I'm right in saying that if that email is sent to a foreign (**) email server via a STARTTLS-ed SMTP session, the spooks probably can't even tell whether it uses PGP or not because the metadata was encrypted in that case too

You are right that TLS encryption of SMTP exists and hides the metadata from easy interception. On the other hand, it has numerous weaknesses, including:

1) In most cases, TLS is set up opportunistically -- most servers do not insist on TLS and will drop back to sending without it if the receiver doesn't (appear to) accept it. Most servers prefer not losing email to link security. My personal servers insist on TLS for submitting mail for sending but are forced to accept incoming mail from anyone (although I do add a header to tell me it arrived without using TLS -- and I sometimes complain to the sender that they should turn it on).

2) In many cases no certificate validation is done, so it is easy to MITM. For example at international gateways.

3) It is not end-to-end, it is link-by-link, so if the receiving system is compromised, or if it can be convinced to forward the message on to another system without using TLS (see 1) then the metadata is exposed.

4) There are some attempts to help with problems 1 & 2 by setting up information that says "my mail server always wants to see TLS -- if you try to connect to me and don't get TLS then don't send" and "my certificate looks like this -- if you don't see that certificate don't send". But it is hard to do and fragile and, in practice, no one implements it (search for DANE TLS for more info).

1
0
Graham Cobb

Re: Light things up?

Sadly, statistically few people will use it, because so few people understand the need for privacy all the time, not just some of the time.

More importantly, the problem is that so few people understand that it is nothing to do with your need for privacy: by using all the available privacy tools all the time you are protecting the people who do need privacy and who are important to you. That may be journalists, campaigners, battered wives, or even politicians.

1
0

Five reasons why the Google tax deal is imploding

Graham Cobb

Re: Think about it...

Eh? Tax isn't about taxing some piece of money, it is about taxing transactions. Otherwise, every time the government printed a pound it could only tax it once!

Of course we paid tax when we earn't the money, then paid tax when we spent it, then the company needs to pay tax when they earn it and should also pay tax when they spend it (in fact, companies do not -- mostly they pay tax only on profits, apart from employers NI and some transaction costs, but certainly not on revenues). And the shareholders and employees get taxed when they receive it, and round we go again. That is how tax works.

1
0

GCHQ spies quashed this phone encryption because it was too good against snoopers

Graham Cobb

Re: Lawful interception gateway

Yes, but the days of LI are over. I have several end-to-end encrypted and uncrackable communications systems on my PC today (PGP email, Bitmessage, pgpphone, Tor, ...), and that is without installing any of the apps the terrorists are apparently writing for themselves!

GCHQ has some really, really smart people. We need their out-of-touch bosses (and the never-in-touch politicians) to let those smart people work on risk management in the new reality. Let them work on the problems of how you do targetted SIGINT to protect us, without LI.

All LI provides now is a way to intercept law-abiding people. Only dictatorships need that.

0
0

Facebook Messenger: All your numbers are belong to us

Graham Cobb

Re: Dear Bill, that report is NOT free..

No thanks. Why should I lie? I just choose not to do business with people under terms that are not acceptable to me. When possible I tell them that that is why I am not doing business with them.

We should all do more of that: lying about date of birth, email address, phone number, etc just makes it appear that collecting such data is acceptable.

0
0

UK universities unveil £28m hub for Internet of Things

Graham Cobb

I wish they would add "social policies" to their list of critical issues. I am all for creating technical standards, and certainly in favour of sorting out privacy and security, but I think a really important issue about IoT is to get it out of the hands of major corporations and into the hands of open-source developers, community projects, peer-to-peer services and garage-based entrepreneurs.

That would help with many of the issues such as privacy and ethics and would really allow British innovation to flourish. The UK has nothing to gain by buying into the perverse definition of IoT as something done by big cloud providers: Google, Amazon, Samsung, LG, etc are not British companies.

I would quite like an intelligent thermostat. However, I have no interest in buying one which sends any data outside my home, nor in paying for it as a service or with advertising. Sell me a box to replace the box which is my current thermostat, but which I can configure to receive weather forecasts and can control remotely. That is the sort of IoT which would be worth paying for.

0
0

Library web filtering removes info access for vulnerable, says shushing collective

Graham Cobb

But the mobile phone companies' block lists are even worse!

https://www.blocked.org.uk/

0
0

LogMeIn adds emergency break-in feature to LastPass

Graham Cobb

PwSafe

Personally I use a PwSafe format file and various different PwSafe-compatible programs to access it on different devices (Password Gorilla on my main desktop). The file is automatically synced to a location in the web so I can easily access it from elsewhere when needed.

0
0
Graham Cobb

Does anyone need it? After all, apparently the whole advertisement has been reproduced as an article by a formerly reputable, interesting and independent IT news site.

0
0

Are you the keymaster? Alternatives in a LogMeIn/LastPass universe

Graham Cobb

PwSafe

I am quite surprised that no one mentions the Gran'daddy of them all: PwSafe. It uses a local database (which you sync yourself) and has been around a long time. It is open, and free, so there are many different clients available which can read and write the PwSafe database format.

I have used PwSafe (both with the original client and several other clients) for a long time. What do these other (local, not cloud) apps do that PwSafe clients don't? Which of them are open source?

5
0

Sneaky Microsoft renamed its data slurper before sticking it back in Windows 10

Graham Cobb

Anyone got a VM config guide for isolating Windows?

I am a Linux and open source guy. All my personal machine are Linux (although my employer supplies a Win 7 system for work).

One day I will retire, and I acknowledge that I may need a Windows system occasionally. In fact, I acknowledge the unfortunate fact that Outlook is a great PIM -- and much better than any of the free alternatives (including Kdepim and Evolution). I will probably decide that I find Outlook sufficiently useful to be willing to pay Microsoft for a licence for it and for the OS to run it on. I don't begrudge them their licence fee but I don't want to find, after the fact, that MS have been snooping on me because I hadn't heard about some new privacy violating service they have installed.

So, does anyone maintain a script to configure a Linux VM that can be used to run Windows in a limited environment, with the network config for the VM set up to go through a firewall blocking anything but a few whitelisted sites? I know it isn't rocket science but it seems like others must have done this already.

4
0

Brits learning from the Continent? Authority, digi gov wheezes and the Autumn Statement

Graham Cobb

Distrust

I think the mistrust is based on much more serious abuses than those you mention. It is things like: using the police to infiltrate political campaign groups and unions (since the 1970's and probably before), trying to replace the rule of law with arbitrary power for politicians (statements like "It would be totally irresponsible of government to allow the legal system to dictate to us on matters as important as terrorism", and "For too long, we have been a passively tolerant society, saying to our citizens 'as long as you obey the law, we will leave you alone'"), stop-and-search, giving private companies their own police (CoLP), etc.

11
0

Who's right on crypto: An American prosecutor or a Lebanese coder?

Graham Cobb

The answer is proper resourcing of the police

The reason the politicians want this is because they are busy trying to save money by cutting numbers of police. Their wet dream is reducing police "investigation" to remote, back-office research (and then maybe outsource it to the lowest bidder?). So, they want everything available electronically -- and what better source than the phone everyone carries with them?

If terrorism is becoming more of a real threat (it was great while it was just a justification for repressive actions -- such as raising the "threat level" just before important parliamentary votes!) then it is going to be really hard to keep cutting police jobs. That is what is motivating these outbursts.

What we need, is proper funding of the police, combined with good management that will prioritise putting actual officers on the street for important investigations (including a reasonable number of small investigations such as burglary). Get rid of the culture of cutting police numbers, fund the police appropriately, and appoint good managers as senior policemen.

3
0
Graham Cobb

Re: Is a compromise possible?

Alternatively, you could set up a second encryption gate where the fuzz have the other key, but the interface to this second gate is only accessible physically.

But which fuzz? If I am a UK citizen, in the UK, I am subject to UK laws. Why should US or Chinese or Saudi Arabian or Indian or Russian fuzz be able to access my data (particularly if it is important to the economic wellbeing or security of the UK)? It isn't possible to have a system where law enforcement access can be permitted for some countries and not others. It is either physically possible to legally compel access or it isn't -- and not all legal systems are, in reality, equal.

If no compromise is found, the powers that will be will just stomp all over device-end encryption with their jack-boots to the point where even owning a device capable of running an app on it that performs that function could become a crime.

No, they won't. Major IT countries (including the US and Western Europe) won't because (as described in the article) it will sign the death warrants for their economically important major IT companies (users will go elsewhere). Other countries, with a less developed IT industry may try it but they will find massive bypassing of the rules.

10
0

Yes, GCHQ is hiring 1,900 staffers. It's not a snap decision

Graham Cobb

Re: Values? Country?

Freedom, liberty, individual rights, individual responsibility, democracy, the rule of law.

It used to be. When I was a small child we lived in East Anglia, with many USAF and RAF bases around. I had worked out that we must be targets for Russian nukes. This worried me a lot -- I even used to draw up designs for a nuclear shelter we could build in our garden. The reaction of my parents wasn't to tell me not to worry: it was to tell me why we were standing up against the Communists. It was because you couldn't walk outside in those countries without papers and you could be stopped by the police for no reason.

I don't think many people think we stand for those values any more.

35
3

UK's super-cyber-snoop shopping list: Internet data, bulk spying, covert equipment tapping

Graham Cobb

Re: Security Theatre and/or Snooping

In the end, all it will do is weaken the security of the normal person. The real targets will still encrypt in such a way as to deny the police/security services access.

And the first sentence will make the second MUCH, MUCH easier!

Because of the "war on ordinary plebs" nature of this bill, there will be a much larger market for easy-to-use real security. Many ordinary people will be looking for a way to be secure. And those products will then be much more common and much more used by the "real targets".

If terrorists (etc) are the real targets of this bill, it would be MUCH better to reduce mass surveillance to the extent that ordinary people do not feel any need to protect their day-to-day activities. It would not weaken the surveillance of targets but it would increase their complacency and the likelihood that some of them (particularly the new, inexperienced or those on the fringes of the cell) would not bother with real encryption.

But, that would only be the cases if they were the real targets. They are obvously not. The real targets are normal people, protesters, campaigners, activists, journalists, whistle-blowers, etc. And providing a way to further cut police numbers and costs by replacing real police work with computerised fishing expeditions.

10
0

In-a-spin Home Sec: 'We won't be rifling through people's web history'

Graham Cobb

Bitmessage

Well, at least this means that Bitmessage will get some of the TLC it needs. Plenty of UK-based coders will become interested in helping improve and test it.

0
0

Hi, um, hello, US tech giants. Mind, um, mind adding backdoors to that crypto? – UK govt

Graham Cobb

Re: Are they that stupid, or who are they really after ?

I think the real main driver is that this is a way to reduce the cost of policing -- in order to make more cuts. I think it is driven entirely by the same thinking as the tax credits cuts, not by any goals about security.

Being able to read all (ordinary peoples, and small time crooks) messages obviously makes policing much easier (and remotable -- no need for anyone to knock on doors and talk to people). Making policing easier obviously saves money, but at the cost of moving us significantly towards a police state. Having police capabilities and resources limited, and prioritised to serious crime, is crucial to the underlying social contract that means the public generally approve of and support the police. Giving the police completely new powers like this breaks that social contract and risks a serious backlash against the police.

3
0
Graham Cobb

Bitmessage

Programs like bitmessage already exist. It is open, distributed, non-commercial. There are no key managers to put any pressure on. All communications are encrypted with keys known only to the two endpoints. Even traffic analysis is pretty hard, and message contents appear to be secure.

Bitmessage may or may not be any good. It appears to be secure, but has never really been seriously reviewed or tested. But even if it isn't, someone else can, and will, create something better.

This is security theatre at its worst. This will have NO effect on the serious criminals being used to justify it. All it would do is make it easy to monitor ordinary people, and small time crooks.

Personally, I have become convinced that all the Investigatory Powers Bill is really about is reducing the cost of routine police investigations so that the government can cut the police even more heavily.

4
0

KeePass looter: Password plunderer rinses pwned sysadmins

Graham Cobb

Still better than a password-protected MS Office document!

This is a good wake-up call to those of us who use password managers. The password manager is only as secure as the system it runs on.

So, when deciding whether to use a web-based or local password manager you have to assess whether your machine or the web company is more likely to be compromised. It is a hard call: the web company have a lot more resources available to protect things, but is a MUCH more valuable target so is under lots of threats; I am careful on my machines but some of them are likely to have significant zero-day vulnerabilities (such as phones).

It is certainly a reminder to make sure you separate information into separate databases as much as possible, possibly on different systems/services. Certainly keep really critical passwords (personal bank account, maybe domain administrator account) either in your head or, at least, in small databases, so it is less likely you have opened them before you discover the machine/service has been compromised.

0
0

E-mail crypto is as usable as it ever was, say boffins

Graham Cobb

Need the FSA to raise the bar

Every year, my financial advisor asks me to send them a list of my accounts (bank, ISAs, shares, etc) that they do not control directly, with the balances. Every year I ask them if they can handle PGP encrypted mail yet. Every year they say "What?". So, I print the spreadsheet, put the sheet of paper in an envelope, stick the flap down and post it.

It is long past time that the Financial Services Authority imposed a rule that all IFAs must be able to handle encrypted mail and must use it. If that rule existed then there would very soon be a lot of suppliers making packages for the IFAs and for their customers. Quite quickly they would become easy to use, and use would spread out from there.

Of course, the packages would not provide military level security and key management: they would be designed to provide commercial level security. But it would be a good step forward to normalise use of encrypted mail for commercial communications (order confirmations from Amazon, for example). I am sure Google would generate a key for every Gmail account and run their own keyserver to make those available, for example.

Then the geeks (like us El Reg readers) could choose to use much-harder-to-use almost-military-grade software BUT STILL BE ABLE TO COMMUNICATE WITH THEIR LESS SECURITY-CONCERNED FRIENDS!

2
0

Top cops demand access to the UK's entire web browsing history

Graham Cobb

A tail on everyone, all the time

Five years ago, [a suspect] could have physically walked into a bank and carried out a transaction. We could have put a surveillance team on that but now, most of it is done online. We just want to know about the visit.

So, 5 years ago you could have tailed 1 or 2 people per county at once. It cost you a lot of money and resources, required approval from a very senior level, and was reserved for major criminals.

You now want to use advanced technology to be able to automatically tail everyone (including children, and investigative journalists) in the whole country all the time? Without any suspicion they are doing anything wrong?

A police tail on everyone, 24 hours a day. I can't think of a better definition of a police state.

14
0

Fuming Google tears Symantec a new one over rogue SSL certs

Graham Cobb

Better system is still complex

A small step towards abolishing the whole, "trusted certificate authority", system altogether, and moving towards some better.

While I realise that Google is doing everyone a favour in this case, I hesitate to replace the current (seriously broken) "trusted certificate authority" system with a "trusted by Google" system.

Things like "Certificate Transparency" seem to be a good step forward, particularly if multiple big players (including some based in Russia and China) join in.

8
0

UK ministers, not judges, to sign off on Brit spies' surveillance

Graham Cobb

Re: I'm not sure.

Parliament is either sovereign or it isn't.

I understand your concern (even though I don't share it). I am no expert, however my understanding is that Parliament is still sovereign. I believe Parliament can repeal the Human Rights Act, and abrogate any treaties it likes, any time it likes. At which point, the judiciary will no longer be testing legislation against human rights.

Of course, the fallout would be immense. It would involve leaving not just the EU but probably much of the civilised world. Judges might resign. It is also possible that the Queen would consider refusing to allow it, prompting a constitutional crisis. But, if I understand correctly, Parliament is still sovereign. Parliament has chosen to hamstring itself, and it could, in principle, choose to cut those strings.

If there are concerns over the sovereignty of Parliament, the answer most definitely is not to hand powers to Theresa May instead!

5
0
Graham Cobb

Sorry, Theresa, you are as subject to the law as I am

It would be totally irresponsible of government to allow the legal system to dictate to us on matters as important as terrorism.

WHAT?!!!!

That is what the legal system is FOR! It dictates to all of us on the basis of the law!

We can all disagree with a law, and try to get it changed. Government ministers are in a particularly powerful position to do so. However, unless and until they have changed it, they must follow the law -- that is what all the recent celebrations of Magna Carta were about: the sovereign must be subject to the law.

Just because you don't like the Human Rights Act, and don't like the concepts that every warrant must be (i) necessary, and (ii) proportionate, that does not give you the power to bypass the law.

It is totally irresponsible of government to try to bypass the legal system on matters as important as terrorism.

26
0

That great sucking sound? It's data going into the public cloud

Graham Cobb

Encryption?

Genuine question... do these cloud storage gateways handle encryption? So, that the local cache/copies are unencrypted, for fast access by the applications, but the cloud stores encrypted objects (with only the data owner having the keys)?

It seems like that may be an effective fix for "safe harbour" for some classes of use (those where the data export is just for storage purposes, not for processing). I am an active campaigner for privacy but even I think there is little problem storing data in the US if it is strongly encrypted.

0
0

Page:

Forums