Clueless award of the day goes to
what was this attention-seeker's name again?
A member of the European Parliament wants users' "traffic data", rather than the specific content of online communications, to be logged under expanded EU laws on data storage. This is according to a statement from the European People's Party (EPP) at the European Parliament. Tiziano Motti, an Italian MEP, wants to extend the …
As soon as I saw the headline I knew this idiot would be using societies' current biggest bogeyman - the microscopic number of paedophiles in humanity - to drum up fear and thus credibility for his plan to pry on EVERYONE else.
Personally I've got nothing at all to hide but I still care not one bit from some overpaid, unelected MEP plonker wanting to have my data logged.
most of this sort of tracking is already done. A bit of good, old fashioned police work garnished with a few court orders should get enough information to link person A with activity B if B was done on or via the internet without the aid of something like TOR.
Times, IP addresses, DHCP leases, MAC addresses, security camera footage of net cafes and the like... presumably mobile networking logs DHCP sessions, base station IDs, and IMEI numbers or whatever the nG equivalent of MAC addresses is and so on. What does this guy expect to gain? A magical 'whodunnit' service which prints out the name and address of whoever posted or downloaded some image on the interwebs at the press of a button?
I wonder how well it'll work on non-european systems.
"The odd thing is, most of this sort of tracking is already done. A bit of good, old fashioned police work garnished with a few court orders should get enough information to link person A with activity B if B was done on or via the internet without the aid of something like TOR."
That's the point though. At the moment the authorities have to work to get the stuff, which means they only go to the effort if they think it is worth it. I want them to have to work and get court orders to do this. Then there is less chance of abuse than there is if you can just type someone's name into your screen and get all that persons on-line activity with the click of a mouse.
"unelected" - just because *you* didn't vote for him, doesn't mean he's unelected.
At least in Italy the majority of people bothered to vote (65%). Here in the UK, we barely got 35% turnout and you'd be embarrassed to see which countries got lower (Czech Rep, Lithuania, Romania, Slovakia, Slovenia)
What we get in the UK was an opportunity to express a preference for a PARTY, not an MEP. When one of the MEPs allegedly representing me decided that they wanted out, the relevant party manager APPOINTED their replacement. No need for the tedious nuisance of an election. The MEP's primary accountability is therefore to their party managers, NOT to the electorate.
Compare and contrast with the situation that formerly prevailed in the USSR (15 marks).
What on earth is people's problem with the House of Lords not being elected? The House of Lords has been for the last century, a revising chamber rather than a legislative one. Its role is to look at the politically-motivated, knee-jerk stuff that comes out of the Commons, trim off the worst excesses and try to turn it into something akin to decent, acceptable law. When the two houses strongly disagree, the Commons always prevails. It's not elected, the members who do the work do so because they're genuinely interested in doing it, and it's (mostly) not appointed by whatever shower is currently in power, either. Blair and crowd did their damndest to stack it with enough of their cronies to let them push anything that they wanted, but not withstanding that, it's still a check on the worst excesses of the Commons. As such, it's the LAST body that ought to be looking over its shoulders at what the electors will say in two years time.
@HP Cynic: "Personally I've got nothing at all to hide but..."
Well then, please start by detailing your sex-life her on this comment thread. I'd like you to post pictures and movies of you in action too, since you have nothing to hide. I want to know every and all detail, no exceptions. And, please, attach a log of your activities and communication in minute detail too.
Lets see how much you have "nothing to hide".
What a ludicrous position. Comments on such articles always deteriorate quickly and this is no exception. I also have nothing to hide. That is, nothing I'd hide from a court of law should I ever be in such an unfortunate position. However there's a world of difference between having nothing to hide from the law and posting details of every activity here. I bought my wife a christmas present this morning but if I post details of it hear then she, as a fellow reader, might see the comment which would make christmas that little bit less fun. Moronic.
Anyone supporting this proposal should be aware they have helped tilt the slippery slope just a bit more.
There will be a bureaucracy associated with this and it will need continual feeding with taxpayer funds.
By all means try and find a way to manage down the effects of porn and child/adult abuse but check whether this is the most effective way, first
What is the cost/benefit - and don't cry 'think of the children', because I am. I am looking for a 'better' solution with less negatives!
I appreciate your comments, you're point of view is spot on - except on one, important point. You do have something to hide. We all do.. it's called your "privacy". Our private life, whether online, in the living room or whereever else is called that for a reason. We expect it, it's a human right recognised by many democratic constitutions as a necessity. We want our private lives private so we can do whatever we please without having the judgement of others impinging on our lifestyles, artistic expression or whatever else we choose to do with the limited time we have on this planet.
My own objection is that a politician of all people is going use the moral highground and say everyone should be watched in case we break the law.. I'm sorry, but does he not realise he's a politician? Does the term pot-kettle-black mean nothing to these people? There's a theory that thieves are the most paranoid about people stealing from them, which tells me a lot about paranoid politicians and the laws they want enacted. I'm thinking a quick gander at the photos he stores on his computer might be a good idea..
"Ghioni said his "precise mechanism" would need the "collaboration" of operating system manufacturers such as Microsoft and Apple to log all activities on their systems, according to the automated translation of the report."
My interpretation of this is system logs that are then uploaded to some central store.
What's next? We all wear pinhole cameras on our coats to monitor what we've been up to?
How soon before Linux becomes outlawed by not following this requirement?
Give me a break.
"I know sod-all about technology, but I am being paid lots of money by the voters, so I have to do something to make it look like I give a damn, and am working"
And call me cynical, but I bet that they would put something in the legislation to make them exempt. After all, they are so much better than the rest of us proles.
As it happens, my traffic is being monitored with my consent (for a small fee) - and if I choose I can bypass it. But that is the point; it is with my consent.
...........politician that is. I have in my lifetime seen more examples of bad, poorly thought out and counter-productive legislation "birthed" by some politico or other than almost any other source of changes to law/public policy (other than the results of the special interest lobbying industry of course). I won't bother to list the potential horrendous consequences of this idiot's proposals, it is obvious from the thread that posters are well aware of the damage that such stupidity could do. There are few more pernicious sources of bad law than a politician with a hard-on for personal publicity and a pathological need to be seen to being do something - anything, however bloody stupid it is.
"Ghioni said his "precise mechanism" would need the "collaboration" of operating system manufacturers such as Microsoft and Apple to log all activities on their systems, according to the automated translation of the report."
And presumably it would also have to make owning an old computer, or owning Linux, illegal? Or force them not to be able to connect to the Internet. Oh, and make reinstalling your operating system illegal. Oh, and proxies.
FAIL for obvious reasons.
Oh it sounds so measured, so reasonable. But it does mean investigating every last one of us to pick off the few bad apples, maybe. IIRC not the first time he's proposed another "think of the children" canard. Soon he'll have earned the "paver of the road to hell" merit badge.
Data retention has already been shown to not significantly help. It does promote taking dragnets to datastores, and that does indeed increase, sometimes lots. To me that indicates it promotes lazyness and facilitates arsecovering in a perverse sort of way.
There's so many better things you could be doing. You could be putting better effort into catching perps in the act, whatever they might be doing --if you need to single out notorious, uncommon and narrow hot buttons for such broad and general measures your arguments aren't very strong--, and for that you only need to be able to legally, with warrant in hand, tap any and all thing they might be using to communicate.
We're not trying to do extensive pro-active pre-suspicion traffic analysis spookery to the populace, are we? Or were you thinking more of lucrative side uses of all those black boxes and easily mislaid keys, don motti?
Ok, let's pretend the solution is technically possible across all potential end systems, and fantasize that the privacy aspect can somehow be handled securely.
Does Tiziano Motti have a disk drive or tape manufacturing company based in his home town? Never mind explaining how the key can be stored by the user; who's storing all that traffic detail, on what, and who bought all that equipment? It might be inexpensive to operate (it wouldn't be really, but theoretically it could be), but what about to buy and install?
If the system were just going to store hashes, then I expect the sites they are worried about would install something to regularly modify their content enough to change the hash values. Somebody will need a permanent record of what the content actually looked like at the time of the download, so he's not just going to back up the internet, he's going to retain regular backup snapshots for months. Or did I miss a detail?
Actually, as far as it goes, this idea a bit too bland for our lot. All it means is an unimaginably big log. They'll want to spice it up a bit, pinpointing addresses and such so that the trace filters in use become just as unwieldy as the logs they produce or, at the very least, are a technically impossible to implement (e.g. DEA)
Unless you're a pedo. In which case, don't, because doubtless before too long we'll all have to have a police-controlled implant in our brains monitoring our thoughts, lest we think bad things about anyone under 18. Or anyone who looks like they're under 18. Or cartoons of anyone who looks like they're under 18. Or cartoons of tigers that look like they're under 18.
The further notion that the benevolent and entirely trustworthy authorities of the eminently democratic and in no way illiberal, statist and authoritarian EU might perhaps decide later to use this tech to identify people who, say, don't agree with them, and make them 'disappear' in the middle of the night, is ridiculous.
Would be to monitor all politicians expenses and income.
Once we have that in-place, and we can see Mr Motti isn't being paid large sums of money by storage manufacturers then I might believe his intentions are good.
It's still a stupid idea, but following this approach we will have cleaner politicians and know Mr Motti has good intentions.
How on earth can anyone who claims to be part of something called the "European People's Party" possibly thing this massive breach of privacy is a good idea?
Other than the fact, anything that is recorded can be hacked, and of course Civil servents will probably have access to the data at will for "Convenience".
I trust the "Authorities" with details of my online activities about as much as i trust any other Hackers.
Even if it were a practical proposition, this would be way, way more expensive than Mr Ghioni is saying.
And of course, it wouldn't solve any serious problems - just put a final nail in the coffin for our freedoms - the scope for abuse is tremendous.
I expect such idiocy from politicians, but I'm surprised that someone who professes to be a computer expert would encourage it. Is there an Italian word for 'ethical'?
***"Ghioni said his "precise mechanism" would need the "collaboration" of operating system manufacturers such as Microsoft and Apple"***
And that's the rub, isn't it?
The only way this can *ever* work is if the operating system intercepts the data *before* it is encrypted, sent via a secure VPN, or otherwise obfuscated.
And that will require the cooperation of, not just Microsoft and Apple, but of all of the Linux distro providers, game console manufacturers (Sony, Nintendo), smartphone OS providers (Blackberry, Google), Internet TV, set-top box, blu-ray, etc manufacturers, and so on.
It ain't going to happen, and still won't account for legacy systems (or would the "authorities" intend to prevent all all non Mottified boxes from connecting?)
The bottom line is that if person A wants to communicate with Site/Person B over the Internet without anyone else being able to read/view the content of that communication, they are *always* going to be able to.
This kind of bollocks just gives the "authorities" a nice, cosy (but false) sense of security.
The problem with this idea of logging every detail of Internet traffic is that it centralises power in the hands of the authorities. The risk then is that this information is abused by those in power. While i laud the efforts to crack down on child pornography - I believe that the tools and powers that state bodies have today are sufficient in order to crack down on the perpetrators.
How often have we heard the term " in the interests of State security" - - we have seen abuses take place under such pretexts in the Middle East following the uprisings there. So i would err on side of capturing less information; on less surveillance by the state; and rely on the benefits arising out of the network effect of mobile and Internet networks. These have been proven time and time again and the Arab spring is the most recent and most dramatic reminder of that.
This is typical of their mindset. They want to do anything and everything that is possible to intrude and micromanage out lives. The only reason they want to do this is because they can do it. They would love to record every thought in our minds; after all if we were innocent we would have not thoughts to hide.
Erm... no... the problem is the amount of data they would collect would be too cumbersome to process and pretty meaningless without context.
How many nodes, how many proxies, does your connection go through? How many IP addresses get attached to your packets? How many layers need to be unwrapped if this detailed logging takes place just to find out you clicked a link that some hacker had hijacked to send you off to some dodgy pron site? Then consider just how many records would be stored for a single day. How many spiders out there trawling through the internet looking for key pages, how many links off each page to other sites, and how many people using AV that scans such links thereby generating a record.
How many millions of rows of data will be generated, which would need indexing to search properly, and those indexes will quickly become fragmented, slowing down queries. And what do you search for? How do you know what is illegal activity and what is genuine, legitimate traffic, and how do you know which IP addresses belong to which subnet so you can filter for the correct data.
Dinosaurs would look on this and laugh, and we should, too, as the system gets so swamped with data that it becomes impossible to analyse.
MEPs tend to be clueless, but they all seek publicity. That is what this is: Nothing more, nothing less, and is a total waste of our money.
Another half baked through from a power / control freak politician attempting to manifest itself. Hell, half baked is probably an exaggeration and an insult to all reasonable half baked plans.
Freedom. A word that used to be in use but has since been removed from the dictionary as its continuing inclusion was considered subversive.
"Politician claims data records will help ID paedos and predators"
They're absolutely correct, much in the same way my handy lump hammer here will do a great job of cracking open a nut. Will probably turn out to be quite expensive though as I'd need to keep replacing the dining room table after each nut...
Exactly what I was thinking.
Funny isn't it that these people always ignore the elephant in the room - that most child abuse (sexual and otherwise) is done (or at least allowed) by the parents (male AND female) so have never seriously suggested that all parents should be monitored in such an invasive way.
>> my handy lump hammer here will do a great job of cracking open a nut... I'd need to keep replacing the dining room table after each nut...
A lump hammer (used with a chopping board) can be quite a careful tool for cracking nuts. A better analogy might be a pneumatic drill/jackhammer.
Ignoring the MASSIVE invasion of privacy and the civil liberties issues for a moment.
If every system that connected to the Internet uploaded everything it was doing to a central syslog server, how much data would be collected, would have to be 1000's of petabytes per day, which would cause massive network congestion as it tried to cope with all this extra load and the impossibly large data centre required to store this information.
It would be so much that processing it in any meaningful way would become impossible.
The database will get created under the cloak of the usual "Horsemen of the Appocolypse"
C. Drug Dealers
D. Money Launders
E. Migrants/Benefit Fraud (dependant on the current poltical spin in your country)
F. Anything else that sounds scary and might get votes
And the month after it is passed, the prime ministers press sectary will be using it to dig for dirt on the civil servant that had the cheek to point out the politician was lying, and the dodgy dossier was just an excuse to take the county to war.
The year after it is passed, the police will be regulaly using it as "a matter of routine investigation", for shoplifting investigations (just like the oyster card data)
18 months after it is passed, the most frequent users will probably be ex-NOTW staff, via brown paper enevelopes stuffed with cash given to members of the met.
This add in was to fill up Googles user tracking with spurious information. It used to send random queries behind the scenes whenever Firefox was open.
Could someone devise something that would generate spurious traffic for filling up the thought polices storage units? The real police can carry on catching paedos the same way they do now - by doing real police work. The politically inspired infringements on our freedom (that have nothing to do with capturing nasty people) will be so full of harmless cruft that they can do little harm.
The whole Europe thing annoys me when it does this. I can’t see from a technical perspective how this would be feasible with any reasonable level of funding, nor do I see how it would be superior to actual police work. Invoking the bogeyman of paedophilia is a really cheap trick.
Personally I think the MEPs should start with a bit of transparency over their doings, comings and goings. As I recall the accounts for the EU bodies have not been signed off, due to potential fraud, for many, many years. The last chap that tried to map MEP attendance versus travel claims for them (and spouses) was jailed for his trouble. Indeed, a look here - http://bit.ly/rdnnsx (sub required) - shows the high probability of mis-statement in Member State returns. Off on a rant, but a few years ago we did some work for the EU. When we added up the area Italy claimed subsidies for Olive Groves, it was more than the entire surface area of Italy. We found a guy claiming for 300 head of cattle. Fine, but he lived in a flat overlooking St Mark’s Square. That’s small beer, and not Thinking of the Children, but each Euro wasted is a Euro that could be used to relieve child poverty, improve policing, education, healthcare or a hundred and one things more appropriate for dealing with crime than recording the internet on Yottabytes of storage.
I’m off for a pint to calm down.
The real issue comes in the form of:
Regulations trading security for freedom,
Giving the government an easier method to monitor its citizens under the guise of some hot topic,
There are already methods available to elude any type of monitoring system aimed at targeting packets' // frames' payload. (128-bit point-to-point encryption // TOR // Multi-point proxy // VPN would like to say Hi)
The next step after a monitoring system is in place:
--Any device or monitoring system can be abused by any corrupt official (as we've seen, there are many of those)
--Tied with the previous possibility, censorship ensues due to the availability of the monitoring system.
Granted, the "Next Step" is all hypothetical, but the logic is solid.
@"Details of all internet traffic should be logged"
If they want that, then I want all details of all government meetings logged and recorded. Lets see how our so called government representatives like being watched the way they want to watch all of us.
The two faced MP/bastards in power fear the Internet, as they know we can talk behind their backs. We can share and learn what our two faced leaders are really doing and as a result, we can see when they lie to us. That means we can see when our so called government representatives are not representing us.
Basically they don't want us to learn the truth about them, because if we learn the truth we learn how often they use lies to control us.
Everything else they say is lies & FUD to get what they want. They want control over the Internet because they want control over us. They look at the so called Arab Spring and fear it. Just as centuries ago the whole of Europe looked at the French Revolution and feared it could happen to them as well.
The irony is this same control freak pattern of behaviour was played out in England over 200 years ago (and for generations before that). The "upper crust" as they were known despised the working class learning how to read and write, because they knew if the working classes could read, then they could learn the truth. The Aristocracy & Landed gentry wanted to keep the people down and they done that by keeping them ignorant of the lies used to control and manipulate them.
Its the same pattern throughout history simply because a minority group of society (in every country) ruthlessly (and desperately) fight to have power over other people and as part of their endless need for power, they (almost by definition) seek to keep other people down so they have power and as a result, they keep people blind to the truth behind the lies which they use to manipulative people with.
Our present generation of two faced bastards in power are the same, only this generation in power fear the Internet just as their kind centuries ago feared books.
After the media's reporting of the Jo Yates case yesterday, I think more will be added to the list of groups they would want to ID with this database.
After the media's 'hard on' for what the murder was looking at before the murder (even though ruled inadmissible). I can see a range of non child porn being added to the list of things that they would want to be looking through your history for. Also if you have searched for prostitutes as the media seemed to equate that as well, or seeing any naked pictures of someone who looks like a murder victim. And they wonder why it was all ruled inadmissible. I think the admissible search history of him searching for body decomposition times and the difference between manslaughter and murder was a lot more telling.
The media reporting on this aspect of the case was shameful. I think the best part of all the reporting was the BBC who had on their rolling bar at the bottom, 'Vincent Tabak found guilty of murdering Jo Yates after watching internet porn.'
Well, our corporate overlords haven't got the ability to jail us for 30 years, confiscate our money, force us to perpetually announce ourselves as disgusting filth if we're convicted of bizarrely arbitrary crimes, and execute us.
That said, our corporate overlords -do- force packaged cable tv plans on us, so perhaps it evens out.
I know it's in fashion to do the whole tape-money-over-your-mouth thing (In order to get a huge megacorp to show how huge megacorps muzzle everyone) but when it comes down to it, the government has something nooooooobody else does: Big goddamn guns. Corporations have influence insamuch as their influence alters monetary and regulatory issues. Important? Yes. Absolutely. As important as deciding reproductive rights, free speech on an -all-encompassing- level, deciding what citizens are allowed to do or not? No.
Corporate and governmental issues interact closely, but they're not locked together. North Korea keeps a rather tight reign on the corporate overlords, and hat hasn't helped the citizens. There are countries that have free political societies, regulated economies, and are still miserable.
I don't happen to believe that fairness -or- capitalism can exist in a laissez-faire system; Goldman Sachs is an excellent example of pure capitalism destroying the market it makes.
Unfortunately, terms like 'corporate overlord' hurt the credibility of everyone else in favor of sane regulation.
Hell, if the Occupy movement keeps going down the road it has been, with arrests and things burning and yelling and tent cities, the independent electorate will have such a bad taste in their mouths that, even if they agree with the need for more regulation, they'll vote Republican anyway.
How does that sound - trade some main street theater and feel-good self-righteousness for President Cain? The corporate overlords will owe the 99% a debt of gratitude, certainly.
They stick their heads up and say "DONT VOTE FOR ME OR MY PARTY. WE WEAR TINFOIL FASHION AND WE ARE A JOKE. AVOID! AVOID!"
The process of attrition will eventually wipe these idiots from the board. Good riddance.
Oh and parting shot - the technology soon wont let you do any logging whether you want to or not Mr Big Brother moron sir.
Any form of communication should automatically carry a basic assumption of privacy. New methods of communication should by default have the same rights of non interference as old ones, rather than the current trend of making a special case for anything done on the interwebs.
Otherwise, you may as well give the government(s) authority to open your mail and tap your phone without warrants and/or probable cause/reasonable suspicion. I'm pretty sure that sort of thing does happen anyhow but still...
Like Mr "Nothing to hide", I have no dirty secrets but it doesn't mean I want each and every bit of my private life open to the public.
Finally, I have two small children who I love dearly and will do my utmost to protect. That does not, however, include the erosion of yet more privacy for the sake of chasing yet another spectre.
If it requires intervention from the operating system to help, all that will happen - pretty much like always - those who take the less well travelled route will be free to carry on as they would normally, and those who stick to the mainstream get shafted.
Consider DRM: those who buy it legitimately (the mainstream) get to have the joys and woes of DRM, while those who obtain modified copies have no such limitations. Or DVDs, with their 'do not copy this DVD' trailer, which has been removed on copies, again the mainstream and legitimate consumer is penalised by having their experience eroded while those who are the targets of such skirt round the limitations.
It might increase market share of Linux on the desktop though... maybe that's not inherently a bad thing.
I would love to see how this fits with privacy laws and more interestingly how quickly the civil libertarians will react. It won't work because even with the best will in the world someone will hack it and 'adjust' the data to make sure there is a swathe or incriminating evidence to condemn the entirety of the European parliament. Maybe the Chinese will do it as a way to get control in that arena, or more than they already have!?
Sorry, does he realise just how many people use the internet? And just how many different connections are made when looking at one site? From image servers to ad servers the amount of data would be ridiculous.
And if he wants it implemented on the OS level it would take about 20 minutes to figure out a way to prevent the data hitting the main servers, and an hour to implement, while everyone who is legit would be burdened with connections slowed by every single interaction being logged to some rubbish central server. Never mind that a live disk would come out within a few days with an OS that just decided not to bother.
And what about secure communications, say between government agencies and informants, do you really want a complete log of the route between them?
Seriously, you would expect a bit more intelligence about things from a technical writer, maybe not the MEP.
Ok, let's think about this.
Number of people using the internet in the UK: 51,442,100 (from http://www.internetworldstats.com/eu/uk.htm).
Working out how much traffic each of those people use is tricky, so I'm going to pick an entirely arbitrary 10GB per month.
So, that would lead to the UK generating around 500PB of data a month, of course, de-dupe would put a dent in that (how many people are just watching Eastenders on iPlayer?), so lets scale down to 'just' 100PB per month.
I have no idea what the cost per GB for enterprise storage would be, but Amazon charge $0.055 per GB per month at the high end, so one month of the UK's data usage might cost $2.5 million to store for one month. Although of course it's increasing by 100PB every month, so the bill for a rolling 12 months of data would be something like £20 million per month.
Of course, this is before we even start to think about having to build the data centres, and provide them with power or providing any way of finding 'suspicious activity' in a data set that large.
So, I'm going to put a guesstimate of logging all of the UK's data traffic at being somewhere north of quarter of a billion quid a year.
To my mind, the kids aren't worth that. (even assuming that such a system would stop child abuse which is highly unlikely).
I know one group of people who will be rubbing their corporate hands in glee at this kind of concept. The storage manufacturers.
you must store details of all internet traffic.
just how much is that going to require? how many TB of data / hour.
then watch the MPs try to exclude themselves from the auditing and tracking process of course.
Biting the hand that feeds IT © 1998–2019