back to article Leaked: The UK's secret blueprint with telcos for mass spying on internet, phones – and backdoors

The UK government has secretly drawn up more details of its new bulk surveillance powers – awarding itself the ability to monitor Brits' live communications, and insert encryption backdoors by the backdoor. In its draft technical capability notices paper [PDF], all communications companies – including phone networks and ISPs …

Anonymous Coward

Re: Is it a big deal?

That's the one about not having soldiers camp out in your living room right?

6
0
Anonymous Coward

Am I reading this as encryption can't use your network unless you the ISP can break it?

2
0
Silver badge

Unless UK English words carry rather different meanings than the same (up to spelling) US English words, telecommunications providers may be required to be able to decrypt the encryption they apply or that is applied on their behalf by another party.

The document does not appear to prohibit other use of encryption, or require the providers to be able to decrypt messages not encrypted by or for them.

On its face, this appears to be a regulation governing ordinary wiretapping (and examination of mail, which I did not see mentioned in the article), with the additional requirement that a carrier could not evade warrants or other authorized orders by encrypting the communications or hiring someone else to do so.

0
0
Anonymous Coward

with the additional requirement that a carrier could not evade warrants or other authorized orders by encrypting the communications or hiring someone else to do so.

I think the point here is that warrants aren't mentioned. The carrier is expected to roll over & drop its pants whenever the "authorities" ask. If it needed a warrant signed by a judge first there would be less opposition.

Doesn't make it any less pointless, of course. Just hook up your RPi "Enigma" machine to your email program, and you don't need ISP encryption at all.

2
0
Silver badge
Joke

"Just hook up your RPi "Enigma" machine to your email program"

Weird, I could have sworn there has been a practical attack against that at some point...

1
0
Silver badge

How does the ISP know if the encryption I use is breakable unless they break it first? Which would be a hacking offence since it's done by them and not the government. And how can they block it since I run it on port 80 (or 443 or whatever)?

Here's a non-encrypted message to the UK government - FUCK RIGHT OFF.

39
3
Silver badge

They would know if they were the ones who provided it to you. Which, if you read the article, is the only kind of encryption that's actually covered.

2
0
Anonymous Coward

what will happen, eventually, is all UK internet users will

have to install a certain couple of root certificates.

happened already in another 'free' country.

1
0
Gold badge
Unhappy

"technical capability notices" sounds like a kind of "statutory instrument" to me.

Preferred tool of the Dark Lord Mandelscum.

18
0
Mushroom

Open Rights Group

The doubts about encryption aside, I'm really glad I joined the ORG recently. Please do the same.

15
0
Silver badge

She is working for it

She should really stop shaving her mustache. A small rectangular mustache can do wonders to your look. A set of handlebars and a military headgear look stunning too.

On a more serious note she is pressing all the buttons to advance towards a fascist dictatorship.

Declaring barely won refernda sacred and inviolate by any normal democratic process - exactly like Hitler and the referendum on changing the Weimar republic constitution, quoting straight out of his and Geobels rants just doing s/Jew/European/g. Having her lapdog quote out of the Law for the restoration of the Professional German Civil Service while applying the same regexp. And now trying for a quick war. Nothing to advance a dictatorship like putting the country on a war footing.

33
3
Anonymous Coward

Re: She is working for it

we must vote her out on June 8th

21
3
Anonymous Coward

Re: She is working for it

Make June the end of May.

35
4
Silver badge
Thumb Up

Re: She is working for it

Make June the end of May.

Nice one!

I'm not confident though - it seems that most of our population are turkeys who enjoy Christmas, and are easily spun by media and political hysteria, and don't find the opposition a viable alternative... Where have we seen that recently? :-(

17
1
Silver badge
Unhappy

Re: She is working for it

I've always loved dystopian sci-fi movies; Brazil, Blade Runner, Logan's Run, GATTACA, Cube, V for Vendetta, Dark City etc., a brief bit of escapism to another, strange reality, but now I look around at what's happening on our planet those films don't seem quite so appealing anymore...

21
0

Re: She is working for it

Usually, turkeys have not the leisure to enjoy Christmas, they have been eaten by November...

0
1
Bronze badge

Re: Usually, turkeys have not the leisure to enjoy Christmas, they have been eaten by November...

Only in the US.

7
0
Silver badge
Coat

Re: Usually, turkeys have not the leisure to enjoy Christmas, they have been eaten by November...

If I can give a word of advice, I'd suggest if LibDems formed strong opposition to Conservatives on this election, that would be just good enough. You certainly cannot rely on UKIP or Lab to form an opposition, they will first stab each other before position on anything can be formed.

(I'm not voting, not holding the right passport, thank you)

4
0
Silver badge

Law of Unintended Consequences

So, when the rest of the planet chooses not to do business with us because our crypto cannot be trusted, we'll be back to buying stuff with Postal Orders - assuming we can find a Post Office that hasn't been shut down.

Yay for mediocrity.

24
0
MJI
Silver badge

Re: Law of Unintended Consequences

Shut post offices.

last time we had a Labour MP this was his acheivement.

Shutting post offices

2
0
Gold badge
Unhappy

Evil flourishes in darkness

AFIK most "statutory instruments" are instruments of darkness.

8
0
Silver badge

So when will the marketing effort start

A little sarin event in downtown London, possibly involving "barbaric aggression" by ... ummm... "Assad"? No, wait: "Assad aided and abetted by Putin".

6
2
Silver badge

Re: So when will the marketing effort start

No, not that. Since we're desperate for Trump to deign to grant us a huge free trade deal in the hope of stopping our economy going down the toilet the year after next, we have to suck up to the US more than usual. That means Putin is safe until he actually releases that golden shower video, or until Trump goes so far overboard that even the Republicans want him impeached. Right now, it's a lot easier to pick on the little guy with no real friends (you know, just like in school), so the false flag op will arrive courtesy of Kim Jong Un.

4
0

An Act worthy of a government that doesn't trust its own citizens. It is not about keeping people safe. It is about keeping government safe.

26
1

This post has been deleted by a moderator

Silver badge

WTF?

By the way, you forgot to mention bombing Robin Hood airport.... Kids... No commitment these days...

4
0

Re: direct action is all they seem to listen/react to

No. Direct action is how they justify the need to impose this kind of shit.

1
0
MJI
Silver badge

Robin Hood Bombing - Doncaster Sheffield

What is at Doncaster Sheffield Airport?

A bomber!

XH558

2
0
Anonymous Coward

you all should join the ORG

https://www.openrightsgroup.org/

11
0
Anonymous Coward

just joining a online group..

i will just add that just joining a group online doesn't actually *do* anything.

well, apart from maybe moral self licensing or virtue signalling if you then (quite rightfully)

re-post it on social media. We need to GET noticed. keyboard warrioring isn't enough.

1
2
Silver badge

1 in 6,500 real time snooping

comms providers will be required to make bulk surveillance possible by introducing systems that can provide real-time interception of 1 in 10,000 of its customers. Or in other words, the UK government will be able to simultaneously spy on 6,500 folks in Blighty at any given moment.

That makes the assumption that each person only has one Internet connection. For many it is 3: home, work & mobile. So double that number - at least.

1
0
Silver badge

Re: 1 in 6,500 real time snooping

Some dodgy numbers there

If they can intercept 1 in 10 000 ...

10 000 * 6 5000 gives 6 500 0000 users only in UK

Which seems quite small number of people ... although obviously there will be some shared use of landlines so one landline can snoop on multiple folk, but, as Alain said, multiple users of landline can be offset to a reasonable degree by mobile internet usage

From ONS

The internet was used daily or almost daily by 82% of adults (41.8 million) in Great Britain in 2016, compared with 78% (39.3 million) in 2015 and 35% (16.2 million) in 2006.

https://www.ons.gov.uk/peoplepopulationandcommunity/householdcharacteristics/homeinternetandsocialmediausage/bulletins/internetaccesshouseholdsandindividuals/2016

(worth reading a few lines of that just for depressingly high (IMHO) internet Smart TV number)

0
0
Anonymous Coward

Re: 1 in 6,500 real time snooping

"comms providers will be required to make bulk surveillance possible by introducing systems that can provide real-time interception of 1 in 10,000 of its customers. "

That will not be free of cost, so ... if those providers could be required to break out the cost of that on their bills, people might actually notice, and want to do something? </pointless_optimism>

0
0
Anonymous Coward

There is no such thing as unbreakable encryption. The fact that encryption is reversible implies that it is breakable. It can increase the effort and cost but not become unbreakable.

0
13
Silver badge

For a sufficiently long key current well known and extensively analyzed algorithms are thought to be secure against "breakable" for period of the order of the expected life of the universe. And the keys are not that long.

Technology and mathematical research could change that, but recent weakening results seem to be in the range of a bit or two here and there, and not overly useful in the context of a 4096 bit key.

There are, however, other means to circumvent encryption.

6
0

Mathematically, encryption can be unbreakable, but in the same way that physics has theoretically ideal constructs.

In the real world though, you use engineering to break encryption - and indeed all the high profile encryption flaws uncovered have not been discovered as mathematical flaws but generally, breaking in by using flaws in which the encryption is implemented. It was true for enigma, it was true for heartbleed, and it's true today.

After all, it's theoretically possible to have a perfect key and a perfect lock. Add in humans and they can be lost, stolen, cloned, misdirected and intercepted during transit, replicas of similar looking locks and keys made to fool users, or rubber-hoses used to acquire said items. These are not mathematical attacks but engineering ones. The public want engineering attacks outlawed, and gummints want to be able to do them, so the easiest way is for gummint to try to outlaw mathematics, "prove" that encryption promotes terrorism and peadophilia and "compromise" on allowing engineering attacks for themselves only when the public have an outcry about it.

4
0
Silver badge

Obligatory XKCD

4
0
Anonymous Coward

'one time pad' anyone ?

2
0

So where is the problem here ?

So are 3rd party VPN providers going to be classified as telecommunication providers/ISP's ?

That's certainly possible, but I don't see how this has much impact in practice. Many 3rd party VPN providers are not UK based, and it's hard to see how the British government could do much except force them to shut down their UK servers if they did not comply. And of course, they would comply - for those servers. But it's utterly irrelevant, since if you are exitting from a UK server, you lose VPN encryption at that point anyway - VPN's do not provide e2e encryption unless you own both 'e's'.

Of course, if VPN connections to overseas VPN servers are going to be forbidden period, that would be.... interesting :).

If *every* company that operates a VPN for corporate purposes is now classified as a telco/ISP, that would be a pandora's box of grief. I just don' t see that happening here.

Are end users going to be forced to install ISP root certificates ( to allow HTTPS MITM attacks ) before they are allowed to use an ISP's services ? I can't see this. That would require touching every endpoint connected to the ISP, it would be a nightmare for the ISP's, and pinning complicates even this.

If neither of these things is true, then I'm struggling to see what the fuss is about on the encryption front. When we talk about e2e, in what sense does 'e' ever refer to the ISP/Telco ? What capability does this proposal give that they don't already have ? All that it appears to do is to give the Government explicit power to demand that ISP's/telcos do certain things *if they can*.

So what we're left with, really, are overlay services like Skype ( but who trusts that anyway ? ) and WhatsApp. And to be pulled in to this, they would need to be classified as telecommunication providers. That's certainly arguable. But I'm completely confident that nefarious persons with more than one brain cell will still be able to communicate securely if they wish to. So as usual, this is a Government scale hammer that might just crack a few peanuts if they're lucky.

5
0

Re: So where is the problem here ?

"Are end users going to be forced to install ISP root certificates ( to allow HTTPS MITM attacks ) before they are allowed to use an ISP's services ? I can't see this. That would require touching every endpoint connected to the ISP, it would be a nightmare for the ISP's, and pinning complicates even this."

Erm, not quite. A nice nudge to Google & MS and hey-presto, your next s/w or OS update contains new certs.

Chrome already overrides machine level certs, as I found out when I was using a CA it opted to distrust (warnings ahoy, even though the root CA was trusted).

Unless you keep tabs on EVERY cert in your machine, with fingerprints, something could merrily install and opt to use one.

Pinning also only works if the apps respect it (or are allowed to)...

I'm sure someone will be along shortly to insert an obvious comment about not using Windows, or Google, or <other large well known app> - but for the masses, it's not going to be that hard to do...

2
0
Silver badge

Re: So where is the problem here ?

The problem here is that we have to spend money going through hoops to stop the government that is meant to *serve us* spying on our daily lives, using our tax money to pay for the ability to do so.

2
0
Bronze badge
Big Brother

It's game over for democracy

It quite frankly puzzles me that with the surveillance capability available to the state security apparatus, there hasn't been an decrease in the availability of illicit drugs, black-market arms sales and the vast sums of money made from such trade. Which begs the question as to the real purpose of such legislation. Which if I have to spell it out for you is this. This is really about suppressing political dissent within the population.

The politicians won't oppose this, they can't, the spooks have the photos. I mean the spooks even have IMSI catchers installed around the parliament building and the MPs phones and emails are recorded and not a whisper of this from the MPs or the so-called free press. What we have here is what was once described as corporatism, that is the total union of the corporations and the state, what's that word, it's on the tip of my tongue, anyone.

19
1
Anonymous Coward

Re: It's game over for democracy

[...] what's that word, it's on the tip of my tongue, anyone."

The one beginning with "F"? That usually incorporates a professed strong religious ideology too ...oh..

1
0
Silver badge
Big Brother

Re: It's game over for democracy

"Which begs the question as to the real purpose of such legislation."

Think about this:

Who is the surveillance supposed to cover in the UK, why is this even remotely necessary? Is it because of the naughty UK natives?, if not who?

The national socialists?

The members of the Red Brigades?

Members of the IRA?

Members of ETA?

The Bolsheviks?

The FARC?

The Khmer Rouge?

The members of GRAPO?

I wonder who could be so problematic as to grant the government the power to spy over everybody.

The funny bit is that these who the legislation try to address were brought in by a political decision which could be easily reversed if the politicians had any honesty.

But instead you and me have to now see our freedom eroded.

This will be used to spy on political adversaries, and anyone critical of (((the system)))

This is a massive slippery slope.

2
1

Power only respects power and the power of the state dwarfs that of your personal power as one of the unwashed masses. If you think this is bad wait until you have a camera inside your house by law. You think I'm joking don't you?

6
1
Anonymous Coward

'..wait until you have a camera inside your house by law. You think I'm joking don't you?'

I think you've missed the point about the way the surveillance state in the UK has been implemented, forcing things like this 'by law' tends to generate a 'bolshie' reaction amongst the 'great unwashed'...softly, softly catchee monkey and all that.. besides, it'd cost the state money to implement, money they'd rather spend on important things like Chablis and the suchlike...

Far better to get the 'great unwashed' to buy the shackles of the surveillance state themselves, the smart TVs, Xboxen with Kinects, mobile phones with multiple cameras, microphones and GPS so 'They' know where 'we' are, the internet connected 'Home Security Systems', the 'Smart Meters', the IoT BS..etc. etc, once they've purchased all that stuff, we, the state, can hack/intercept all their traffic rather nicely at the ISP/Backbone level.

The way things are going, I think I'll be looking for a nice cave somewhere in the Cape Wrath area real soon..

11
1

Re: get the 'great unwashed' to buy the shackles of the surveillance state

Exactly this!

Technician, we want you to build a component

For each of our workers, to be with them always,

At all time watch closely, so we can keep track of

Their actions, their interests, their morals, their time out.

Some musak to maim them, some fear to contain them.

Policy will judge them, brute forces degrade them.

Practical behaviour, the cleanser, the saviour.

A private vocation has no sense of nation.

The maintenance of power can be so fulfilling,

Just as long as all the slaves are willing.

- Twelfth Night, We Are Sane, 1982

2
1
Anonymous Coward

"Far better to get the 'great unwashed' to buy the shackles of the surveillance state themselves, the smart TVs, Xboxen with Kinects, mobile phones with multiple cameras, microphones and GPS so 'They' know where 'we' are, the internet connected 'Home Security Systems', the 'Smart Meters', the IoT BS..etc. etc, once they've purchased all that stuff, we, the state, can hack/intercept all their traffic rather nicely at the ISP/Backbone level"

You and everyone up voting you clearly have no idea what you are talking about.I must ask you do you own a smart TVs, Xboxen with Kinects, mobile phones with multiple cameras, microphones and GPS?

1
7
Anonymous Coward

Unlikely they will put camera inside your house by law.

0
0
Unhappy

Why would they? They know we're bloody stupid enough to want new toys like webcams and Skype on mobile phones. We buy into things like Alexa and Siri, talking to boxes that transmit our every thought back to the master servers. They won't have to make it law because the next generation are already practically brainwashed into sharing every single thought and deed online.

1
1

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017