back to article Good Lord: Former UK spy boss backs crypto

A former boss at UK domestic spy arm MI5 has cautioned against a crackdown on encrypted messaging apps. Lord Evans, who retired in 2013, told BBC Radio 4’s Today programme (link here) that he did not support encryption restrictions despite acknowledging cryptography had been an obstacle in investigating terrorist cases, saying …

Give that man a cookie

The smart money is on the former head of MI5 rather than Amber Fudd.

It's utterly disgraceful that this is newsworthy (and under debate) in a 1st world country.

59
0
Silver badge

Re: Give that man a cookie

Exactly!

"Both perspectives stand in contrast with UK Home Secretary Amber Rudd’s criticism of mobile messaging services which offer end-to-end encryption"

Which is more of a spotlight on how dumb she is compared to the folk who were in charge of the very aspects of intelligence gathering she is spouting upon for the benefit of tabloid readers who might be foolish enough to vote for her.

37
1
Silver badge

Re: Give that man a cookie

... tabloid readers who might be foolish enough to vote for her.

Hopefully there are not too many of them. Her majority in the GE was 346, which in itself is a strong comment on a senior minister. And which should rule her out of any leadership contest when support for the Maybot ends - the Tories would surely not take a risk on having a leader with such a thin majority,

24
1
Silver badge

Re: Give that man a cookie

the Tories would surely not take a risk on having a leader with such a thin majority,

I'm sure the Rees-Mogg wing of the party would be happy to revive the old tradition of having a party leader promoted to the Lords if their rotten borough should fail to do the right thing.

14
0
Joke

Re: Give that man a cookie

"Tories would surely not take a risk on having a leader with such a thin majority,"

lol

12
0
Thumb Up

Re: Give that man a cookie

A persistent cookie or one of those super flash ones?

12
0
Silver badge

Re: Give that man a cookie

the Tories would surely not take a risk on having a leader with such a thin majority

What leads you to that conclusion? The Parliamentary Conservative party has decades of world class experience in selecting the least likeable, least capable leaders from short lists that weren't burgeoning with talent in the first place.

Ignoring the various political and apolitical leanings of my fellow commentards, imagine you wanted a good, Conservative prime minister (insert your own tired, snarky New Statesman joke here), who would you select to replace May? The woman's an unpopular failure, but look at the shower of piss that are on the Tory front bench?

19
0
Silver badge

Re: Give that man a cookie

Lizards. Lizards are the answer.

15
0
Silver badge

Re: Give that man a cookie

"A persistent cookie or one of those super flash ones?"

Can't get flash cookies if you don't use flash :-)

4
0
Silver badge

Re: Give that man a cookie

Our slogan shall be "A rotten candidate for a rotten borough!"

2
0
Silver badge

Re: Give that man a cookie

" ... party leader promoted to the Lords if their rotten borough should fail to do the right thing."

Precisely the opposite: Alec Douglas-Home

0
0
Anonymous Coward

Interesting wording.

Whilst understandably there is a very acute concern about counter-terrorism, it is not the only national security threat that we face.

He said counter-terrorism, not terrorism in that statement. So he obviously believes the counter-terrorism agencies are a threat to national security.

14
0

Re: Interesting wording.

Yes, and this 'Celtic interconnect' is probably going to be ~700MW bidirectional for power, but seems likely to have a lot of data capacity too. Being planned/built rather quickly, according to an Italian newspaper , where I found the jpg. I wonder which counterterrorism interference agencies the data is supposed to bypass?

http://www.corriere.it/methode_image/2017/08/10/Esteri/Foto%20Esteri%20-%20Trattate/cavo%20online-kAI-U43350856924056GWH-1224x916@Corriere-Web-Sezioni.jpg?v=20170810220553

1
0
Silver badge

I would expect a spook or ex-spook to say "We aren't going after encryption"...

Whether they are or not...

6
0
Silver badge

Re: I would expect a spook or ex-spook to say "We aren't going after encryption"...

He's not saying "we aren't going after encryption", he's saying "encryption is not a bad thing".

3
0
Silver badge
Unhappy

Won't make any difference.

We have had a series of gubbermints with a track record of ignoring any criticism, especially when it comes from the most advanced experts in the field under discussion.

25
1
Silver badge

Re: Won't make any difference.

You guys are lucky. At least you have the commendable laws of mathematics. We don't get them here.

6
0
Silver badge

Gosh, you mean that things have advantages as well as disadvantages? And that sometimes the former outweigh the latter?

Amazing what a university education can teach you.

It would be easier for police to gain entry to drug dens if doors were outlawed, but equally there are way more reasons to want a door than not.

There are way more reasons to insist that encryption is secure - from banking to personal privacy to just sheer cybersecurity of services as basic as DNSSEC and HTTPS. And that pretty much outweighs the one terrorist a decade who got caught on something completely different but might have encrypted something that might be a little bit helpful, possibly, maybe.

20
0

We have to be careful that we oppose the right things. The government have stopped talking about banning encryption -- they have changed to talking about a modern form of key escrow (without using those words). They want to get rid of (maybe even ban) end-to-end encryption, where the users control their own keys, and have keys controlled by someone else (not the government, oh no, we aren't interested in your keys, oh dear me, we just want your service provider to have the keys, in your own interests, so that you can recover them if you need them, or something).

But (i) I actually trust Amazon even less than I trust the government (believe it or not), and (ii) if the UK government can put legal and other pressure on the service provider to decrypt my data then so can any other government in the whole world. Do you trust all of Trump, Putin, Kim Jong-un, Maduro and May?

We need to make sure that the discussion isn't about banning encryption -- that is what the government would like us to be talking about because they can then just say "we aren't going to ban encryption". It is about key escrow.

10
0
Devil

Re: Encryption

Have you tried to run an Old legacy PowerPC running Mac OS 9.2 on the internet lately?

It doesnt connect or go online, due to the huge Crypto update...

Sweet work! Outstanding! didnt impact the end users at all.. Grumble.. Mumble..

Mac OS Network Assitant informing you that the desktop is pre-loaded with remote access features!

Trust Apple!

They at one time made a sweet open-firmware machine, they called it "Quicksilver"

2
0
Silver badge

Re: Encryption

You're complaining about a system that's nearly 20 years old no longer working anymore? Next you'll tell me you have problems browsing the modern web with the version of IE installed on your Windows 98 PC...

1
0
Anonymous Coward

Exports

This is the same chap who pointed out at a conference I attended recently that the UK is a net exporter of terrorists and imposing stricter border controls is only going to keep them in!

22
0
Silver badge

Re: Exports

the UK is a net exporter of terrorists

Another triumph of our beloved government: "British terrorists are the finest in the world! We'll sign trade deals with every failed state on the planet just as soon as we leave the EU."

7
0
Silver badge

'Counter-terrorism not the only national security threat we face'

No, but we do get to label the most severe threats as "MPs", although currently we have an issue where the elected bring in a hoard of un-elected (either as advisors, secretaries, policy beneficiaries, etc) and we have no, or little, influence over this.

9
0
Anonymous Coward

so we are happy with not breaking encryption but breaking the tool used to encrypt?

They both have the same outcome in the end.

8
0
Bronze badge

hmmm... almost if we break encryption though, we know its done can have a good guess why and so does every bugger else, break the tool and it might be possible to keep quiet on exactly how it was done...

no guarantees of course and yeah, your showing its possible so someone else'll do it eventually...

4
0
Silver badge

Typical ex-"anything"

If he was still in the job he wouldn't be saying it, he would be saying whatever ridiculous thing the current incumbent is saying.

It's just like ex Home Secretaries saying "Hey, this cannabis lark should just be legalized, really".

5
0
Silver badge

Re: Typical ex-"anything"

I think the current head of MI5 is saying nothing because (1) it is part of the job, and (2) because its not good to upset your paymasters even if they are complete morons.

7
0
Silver badge

Re: Typical ex-"anything"

Mandy Rice Davies applies - realistically, MI5 doesn't care what the government says, it's got work to do and it does it. I'd be all for encryption if I had a work around, and I'd be totally flabbergasted if MI% doesn't have the ability to get around the "problem" of "encryption".

0
0
Silver badge

Re: Typical ex-"anything"

> I'd be totally flabbergasted if MI% doesn't have the ability to get around the "problem" of "encryption".

Rubber hoses spring to mind for the most urgent cases.

1
0
Silver badge

Re: Typical ex-"anything"

"(2) because its not good to upset your paymasters even if they are complete morons."

As far as I'm concerned siding with your bosses when you know they are wrong, especially when there is something serious at stake, is just plain wrong. If you're as ignorant as your paymasters that's one thing, but to know something is wrong but do it anyway - well, it just doesn't get much wronger.

Principles: a guiding sense of the requirements and obligations of *right* conduct.

By it's very definition, to act otherwise is to be *wrong*.

0
0
Angel

Re: Counter-terrorism not the only national security threat we face

Correct, the threat of Global nuclear war, by enflaming situations by deploying aircraft carriers equiped with toma-hawk cruise missles and nuclear war heads wouldnt be seen as an act of aggression.

Pfft, the North Koreans already have "Nuclear" capabilities - they've had them for some time.

Satellite images show you the Flower patern Nuclear Silo's... the US President is trying to inflame N.Korea and divert attention off his own pitiful mounting "Debt" problems.

Going to "War with North Korea" will be Donald Trump's final un-doing!

2
1
Angel

Re: Counter-terrorism not the only national security threat we face

Correct, the threat of Global nuclear war, by enflaming situations by deploying aircraft carriers equiped with toma-hawk cruise missles and nuclear war heads wouldnt be seen as an act of aggression.

Pfft, the North Koreans already have "Nuclear" capabilities they've had them for some time.

Satelitte images show you the Flower patern Nuclear Silo's... the US President is trying to inflame N.Korea and divert attention off his mounting Debt problems!

0
1
Silver badge

Write it down and ignore it!

0
0
Silver badge
WTF?

Britain: A Bunch of Sheep-like Mice. What happened to the Bulldog?

There was a time, not long ago, when the utterances of a Rudd would have created a furor over the suggestion that the government, of any stripe, was entitled to access any communications or peer into any computer to strip a citizen naked, metaphorically speaking, as if it were treating citizens as serfs not entitled to secrets.

Privacy is a right and the UK signed up to this UN Treaty but they totally ignore it.

The only privacy between people these days can be effected by two people, lieing in a field of grass, hands cupped around their mouths whispering to each other.

Britain is effectively a police state. And yet few cry foul and call the government to task. It's what WW2 was all about. And the sheep-like MPs swallow the whole deal and carry on collecting bribes, etc.

The encryption genie is out of the bottle and neither RUDD nor MAY will ever get it back in. They can put as many back doors in as they like, but will that stop encrypted communications? NO! Smart people use add-on devices, not subject to communications back doors, to encrypt messages.

I live in an 'authoritarian' society, by choice, yet I have more freedom than the average Brit. No one tracks my number plates, no one does facial recognition, there is no blanket coverage CCTV, and my InterNet rights and access, bar a few anti-government fruit cake web sites in California, is wide open. Access to BitTorrent, porn and other dubious sites is completely unfettered.

The only time I know someone has accessed my cell system information is when an acquaintance in the Internal Police (sounds so ominous) sends me a SMS message that usually says: "See you are in HCM - How about dinner".

The UK, US and Australian governments use 'terrorism' as an excuse for any trampling on rights - time that voters stood up and challenged MPs on their lackadaisical ways or vote them out.(What we need is a modern day Guy Fawkes to complete the job)

Terrorists don't need high-tech anything, that is why they are largely unaffected by the billions of any currency wasted on them. I can transmit almost any amount of money from the UK to many destinations in the world without leaving any trace. I do it regularly - and more quickly and more economically than any bank can.

So much for security!

P.S. I hold a UK passport, so I am entitled to comment on MPs.

7
0

Re: Britain: A Bunch of Sheep-like Mice. What happened to the Bulldog?

(What we need is a modern day Guy Fawkes to complete the job)

What, you want someone to blow up the HoP?

1
0
Silver badge

Re: Britain: A Bunch of Sheep-like Mice. What happened to the Bulldog?

No, he wants someone to fail to blow up the HoP.

0
0
Anonymous Coward

Re: Britain: A Bunch of Sheep-like Mice. What happened to the Bulldog?

"Britain is effectively a police state." It's not and is never likely to be.

What we do have is a growing move in the direction of a bureaucratic dictatorship, which is much more dangerous.

A police state is a visible phenomenon that controls by systematically breaking down social cohesion via intimidation and reliance on informers (e.g. "1984" and the late East Germany).

A bureaucratic dictatorship is a hidden phenomenon that acts in ostensibly benign ways to undermine the independence of individuals by the gradual accumulation of measures that are publicly declared and appear in isolation to be entirely reasonable.

But it's not a new problem:

"I believe there are more instances of the abridgement of freedom of the people by gradual and silent encroachments by those in power than by violent and sudden usurpations. ... The means of defense against foreign danger historically have become the instruments of tyranny at home..If tyranny and oppression come to this land, it will be under the guise of fighting a foreign enemy."*

* James Madison, President of the United States 1809-1817

1
0
Silver badge

Good News, But

While encryption is one element of protecting computer systems and their data from hackers, it is only a small element of the problem. As long as operating systems and their applications are rife with exploits, this threat will not be a very compelling reason for governments to forego encryption backdoors.

Obviously, therefore, the government will need to task the GCHQ with writing a secure version of BSD which will replace Windows on the nation's computers! And hopefully without an encryption backdoor...

2
0
Devil

Re: Security

All these three letter and four letter agencies have destroyed the security of there own platforms in ways that have never been seen before and probably will never be seen again.

You fell into bed with a load of advertising networks, that simply wanted to make a fast buck and to hell with security and privacy right?

Don't tell me there are no back-doors in open source and open standards, you put them in there and now your whining because the general public realise it all boils down to helping large corperate banks with there Tax evasion and it all boils down to Money and helping the 1% at the top get away with pure criminality and things hidden inside the C source compiler that makes the government scream.

Word's like the "communist" parties wire-tap and thanks largely to there efforts the huge dump they've taken into the so called Open Source World with there "Spatial Offset Divergence" which means trillions in dollars in fixing and cleaning up the mistake of miscreants, but dont worry the Law is in place and knows exactly how to deal with these people, in foreign countries "Spies" are shot and so they bloody well should be!

0
2
Silver badge

Re: Security

"Don't tell me there are no back-doors in open source and open standards"

Can you give us a few examples. If you're right it shouldn't be difficult as it's all out there in the open. If you find them the maintainers will quickly close them.

6
0

Apple

What did you do to the security of Apple - which at one time produced open firmware because they had nothing to hide- suddenly using Intel Chips with Microcode closed source firmware? The apple security KeyChain now pre-loaded with RSA Certificates for the Bank of America - You worthless Tax evading - Bastards!

2
1
Silver badge
Trollface

In response, a Government spokemans said today:

LOOK

LOOK OVER HERE

MAGIC SHINY THINGS

TERRORISTS!!

LOOK

6
0

Re: In response, a Government spokemans said today

Apple added 2012 ---> Spear Heading

It's like someone stepped into the open source scene at apple, laid out a huge chocolate fudge dragon for the whole world to see and then said... No the GCC compiler doesnt have any back-doors, just lots and lots of extra C++ and even more obfuscation oh and dont mind these Certificates from VISA, MASTERCARD and American Express.. You can trust the Bank!

0
1
Silver badge

Encryption is only a delay tactic

Anything that is sent though the net could be recorded, stored and played back in decrypted form in due course. So anyone using encryption for nefarious purposes needs to be looking over their shoulders for the day when their messages are cracked.

Simply stated the net is not a safe medium for messages to be transmitted that need forever to be kept secret because any node can be used as an intercept. Multiple layers of encryption might arguably extend that delay (but if using some common mode might also reduce it).

So in a way this whole discussion is focussing on the wrong element in the chain.

1
0
Silver badge
FAIL

Freudian slip?

'Counter-terrorism not the only national security threat we face'

If CT is a national security threat, they're doing it wrong...

0
0

Totally agree with Hannigan

"the best and most practical solution would be for security services to "target the people who are abusing" encryption systems and go after the devices themselves – ie, the smartphone or laptops they are using."

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017