back to article 'Govt will not pass laws to ban encryption' – Baroness Shields

The government has "no intention" of introducing legislation to weaken encryption, minister for internet safety and security Baroness Shields told the House of Lords in the wake of the TalkTalk cyber attack debacle. The debate was brought by Liberal Democrat Lord Strasburger, who claimed Cameron "does not seem to get" the need …

  1. Mike Richards

    Not banning encryption doesn't mean the government won't try to ban usable encryption.

    If Cameron and the monsters in the Home Office had their way we'd be lucky to be left with ROT13.

    1. This post has been deleted by its author

      1. VinceH Silver badge

        No - they'd leave us with ROT13, and we'd use double-ROT13 to confuse the buggers.

  2. malle-herbert
    Big Brother

    The first duty of any government...

    Is to make sure we keep the masses under control !

  3. Mr_Pitiful

    Fantastic

    Phew, so the buggers can't make me disclose Pa$$W0rd1 as my key

    I'll sleep safer in my bed tonight!!

    I'm pretty sure they'd never hack it anyway

    1. Mr_Pitiful

      Re: Fantastic

      No, I mean password1, what on earth was I thinking

    2. Timmy B Silver badge

      Re: Fantastic

      Dammit - I'll have to change mine - thought I was the only one clever enough to think of that.

      1. Aqua Marina

        Re: Fantastic

        Phew, at least the password to my luggage is still safe.

        Now, how do I make the jump to ludicrous speed?

    3. Steve Evans

      Re: Fantastic

      "Phew, so the buggers can't make me disclose Pa$$W0rd1 as my key"

      Actually they can, and have been able to since 2000...

      Regulation of Investigatory Powers Act 2000 part III (RIPA 3) gives the UK power to authorities to compel the disclosure of encryption keys or decryption of encrypted data by way of a Section 49 Notice. A suspect instructed to disclose keys can be prevented from telling anyone else about it, outside of their legal representative. Refusal to comply can result in a maximum sentence of two years imprisonment, or five years in cases involving national security[1] or child indecency[2].

      [1] Amended by Terrorism Act 2006 enacted 2006-03-30

      [2] Amended by Policing and Crime Act 2009 enacted 2010-01-25

      1. DrBobMatthews

        Re: Fantastic

        and there hangs the problem and the government,s excuse to use its overarching powers.

        Who determines who or who is not a suspect? Answer the government and its "security" agencies including the Home Office, GCHQ, MI5, MI6, The FCO, and strangely enough the creeps from the CIA who are answerable to nobody.

        If in the future anyone takes issue with the government, the basis of all modern democracies, the government will use one of the oldest pieces of legislation still on the statute book, "The Defence of the Realm Act" This in many parts is similar to the US Patriot Acts 1 & 2. i.e.The power to declare ANY public meeting or demonstration illegal and arrest without warrant any individual or group of individuals that the government considers a threat or a perceived threat.

        Those arrested will be held without access to legal representation and brought before a court held in camera. The presiding judge will be appointed by the Home Secretary and will pass judgement on the evidence of arrest plus any "evidence" gleaned by the security services. A disreputable and morally weak government could and probably would use this absolute power to silence any opposition, discussion or condemnation of its policies.

        An example of totally non democratic control and over arching secrecy, is the Bank of England, and its secretive and shadowy "nominees" It is an offence under the Official Secrets Act to disclose, name or publish the list of "nominees" Why? because then the public would know, who really controls the government and the BOE.

        Once government is no longer trusted by the electorate, it is time to remove the government. Freedom of speech is slowly being eroded, what next, freedom of thought? The diminishing freedoms that we still enjoy were never given freely by the government or its establishment friends, every single freedom had to be fought for.

        1. Anonymous Coward
          Anonymous Coward

          Re: Fantastic

          Fear not about the BoE - we have our best people in charge. The CEO of TalkTalk is a director. From https://en.wikipedia.org/wiki/Dido_Harding "She was appointed as a non-executive director on The Court of The Bank of England in July 2014. "

      2. a53

        Re: Fantastic

        Fairly sure Mr Cameron et al cannot force Tim Cook to do a damn thing. If Apple say 'No back door' and 'we do not have records of our customers encryption keys', I'm inclined to believe them. The backlash would be horrific for trust in the Apple ecosphere.

  4. Timmy B Silver badge

    Oh dear....

    It's not like the current government have done anything they said they wouldn't or not done things they said they would. I don't trust a damn single thing any of them says.

    1. Mr_Pitiful

      It's like

      When a politician opens their mouth, somebody believes they are telling the truth

      As most of us know, it's the opposite.

      1. Anonymous Coward
        Anonymous Coward

        Re: It's like

        If a politician says something and no one hears him, is he still lying?

        1. Dazed and Confused

          Re: It's like

          > If a politician says something and no one hears him, is he still lying?

          Oh goodie, and easy question

          YES

          of course they are still lying.

          You can tell when they stop lying, start to go a sort of bluey-grey colour within about 1 minute.

    2. ItsNotMe
      Devil

      Re: Oh dear....

      "It's not like the current government have done anything they said they wouldn't or not done things they said they would."

      Sure glad this sort of thing doesn't happen on the left side of the pond. We have solid, honest, politicians who always hold true to their campaign promises.

      Excuse me a moment...what's that Nurse? Time to take my meds? OK...be right there.

      So as I was saying, too bad that the pols in Blighty aren't as upstanding as they are in the good old US of A.

      1. Anonymous Coward
        Anonymous Coward

        Re: Oh dear....

        "MAD SADDAM ATTACK: 45 MINUTES FROM A CHEMICAL WAR"

        Shit your pants, peon!

        1. Anonymous Coward
          Anonymous Coward

          law enforcement "in extremis" ?

          Is that when they shoot dead Innocent Brazilian Plumbers travelling on the Underground?

          1. Anonymous Coward
            Anonymous Coward

            Re: law enforcement "in extremis" ?

            Yeah, but he MIGHT have been a terrorist contender.

          2. Blofeld's Cat

            Re: law enforcement "in extremis" ?

            "... Innocent Brazilian Plumbers ..."

            Not quite. Jean Charles de Menezes was an innocent Brazilian Electrician.

            His death might have been a terrible mistake by the officers concerned, but the cover-up and misinformation afterwards was absolutely inexcusable.

  5. Michael H.F. Wilkinson Silver badge
    Big Brother

    So how do you distinguish REALLY good encryption from noise?

    now where did that one-time pad go?

    Trotting out the security excuse is getting tiresome. You fundamentally cannot be free without an element of risk being present, just as a democracy cannot function if there is no guarantee of privacy at some level (the election booth at minimum).

    1. Anonymous Coward
      Anonymous Coward

      Re: So how do you distinguish REALLY good encryption from noise?

      What do you think AES in counter mode is? It's a one-time pad emulator for use in the real world.

      1. DropBear Silver badge
        Trollface

        Re: So how do you distinguish REALLY good encryption from noise?

        "What do you think AES in counter mode is?"

        Well, if they're in a good mood they just might allow the AES electronic code book mode...

    2. Anonymous Coward
      Anonymous Coward

      Re: So how do you distinguish REALLY good encryption from noise?

      "[...] just as a democracy cannot function if there is no guarantee of privacy at some level (the election booth at minimum)."

      IIRC the UK cast ballot forms are stored in archives for many years. Each one is numbered and the number was cross-referenced to the voter on the electoral roll.

      1. Anonymous Coward
        Anonymous Coward

        Re: So how do you distinguish REALLY good encryption from noise?

        WRONG

        they are not cross referenced as there are no correlation between the paper and the voter.

        Oh how easy it would be to weed out commie / gay / lesbian / Nazi (insert minority) voters if it was so

        1. cantankerous swineherd

          Re: So how do you distinguish REALLY good encryption from noise?

          keep your eyes open next time you go and vote, they tie ballot paper to elector right in front of you.

        2. Anonymous Coward
          Anonymous Coward

          Re: So how do you distinguish REALLY good encryption from noise?

          "they are not cross referenced as there are no correlation between the paper and the voter."

          This 2011 report is from someone who watched the official disposal of old ballot papers. Several other letters in response appear to validate that correlation. They say that the cross referencing is perfectly possible - and occasionally used in cases of suspected ballot fraud. However the period of archive seems to be shorter than I thought - at only a year and a day. It still presumably provides a window of opportunity that has concerned people from all shades of the political spectrum.

          http://www.theguardian.com/notesandqueries/query/0,,-1051,00.html

        3. John 98

          They are linked but...

          I have worked in a polling station and yes, they are linked. However, it needs a court order (which can only be given if there is reasonable suspicion of fraud) to get the linking paper unsealed and everybody involved is personally responsible if anything naughty comes to light. After that, you are not searching a database, you are trawling through a mound of paper. Obviously there is the "What if Hitler gets in?" issue but, on t'other hand, it does mean there is evidence to lock people up for fraud.

        4. httpss

          Re: So how do you distinguish REALLY good encryption from noise?

          Right actually. Each ballot paper is numbered, the number being entered against your name on the attendance register maintained by the polling station staff. To test their reaction a couple of elections ago, I reached for the ballot paper pile and gently extracted one from the middle of the pile. Oh! the outrage. What was worse than their refusal to allow this simple test to proceed was their total inability to see what I meant when I explained that there is NO annonymous vote in this country since the sixties when the state secret services(or panty-sniffers as they have come to be called) decided that they needed to know who votes communist. No annonymous vote here.

      2. Blofeld's Cat

        Re: So how do you distinguish REALLY good encryption from noise?

        My great-grandfather used to tell the local Tory candidate that he would like to vote for him, but was unfortunately too frail to go the the polling station.

        The Tory candidate would then arrange transport for him, enabling him to get to the polling station - where he would invariably vote for the Liberal candidate,

        1. Anonymous Coward
          Anonymous Coward

          Re: So how do you distinguish REALLY good encryption from noise?

          A friend tells the story of her parents in the garden of their rather grand house on polling day. The Tory "chaser" wanted to know why they hadn't voted - and offered them a lift to the polling station. After much cajoling they accepted the offer. As my friend said - it was a wasted effort as her parents always voted in way that cancelled each other's vote.

          1. cbars

            Re: So how do you distinguish REALLY good encryption from noise?

            It'll only cancel out in a two party system.

            Hey, what if there was a viable third.... never mind

    3. LucreLout Silver badge

      Re: So how do you distinguish REALLY good encryption from noise?

      @Michael H f Wilkinson

      just as a democracy cannot function if there is no guarantee of privacy at some level (the election booth at minimum).

      I was agreeing with you up until somewhere around this point.

      Provided you believe what we currently have IS democracy, and provided you believe it IS working.... well... I'm not sure how you square that with your statement.

      At the last election there was so much "empty can" rattling from Labour supporters in the months before voting, that they actually swayed the polls significantly. Clearly none of these people thought that voting was a private matter.

      There's a great deal of things I'd like to see society regard as private that it doesn't, and it seems Generation X will be the last generation to regard privacy as a good thing - the millenials / Y all seem to want anyone to know anything about them, if only someone would notice they exist. 15 seconds of fame at any price. It's a mystery to me.

      1. Anonymous Coward
        Anonymous Coward

        Re: So how do you distinguish REALLY good encryption from noise?

        "There's a great deal of things I'd like to see society regard as private that it doesn't, and it seems Generation X will be the last generation to regard privacy as a good thing - the millenials / Y all seem to want anyone to know anything about them, if only someone would notice they exist. 15 seconds of fame at any price. It's a mystery to me."

        I object!

        As a Generation Y (Born 1991) - I object that we "all" seem to want anyone to know anything about us..

        I am a very privacy concious person, I do not use any social media services, such as Facebook, Twitter etc. I am also an active supporter of EFF, Access, etc.

        I protest against all spying laws and strongly hate the very idea of national spying including all the CCTV in my country (UK).

        So nope, not all of us want everyone to know who we are. I know several generation X people who are users of Facebook and don't give a darn about their privacy.. but this doesn't mean all G-X people want to use Facebook, just like not all G-Y people want to use Facebook.

        That is all.

        1. LucreLout Silver badge

          Re: So how do you distinguish REALLY good encryption from noise?

          @AC

          I object that we "all" seem to want anyone to know anything about us.

          Noted, and for any offence you have my apology. However, were you from my generation or perhaps the ones before, you would understand the point I'm making. As we're speaking about generations, it is impossible to consider all the edge cases.

          I am a very privacy concious person, I do not use any social media services, such as Facebook, Twitter etc. I am also an active supporter of EFF, Access, etc.

          I hope you'd understand that this makes you an edge case of your generation?

          I know several generation X people who are users of Facebook and don't give a darn about their privacy.. but this doesn't mean all G-X people want to use Facebook, just like not all G-Y people want to use Facebook.

          Yes, there were vacuous, self obsessive, low talent dumbasses of my generation who also sought, and indeed seek, fame at any price. However, when I was young the celebrity news was confined to the showbiz page of the paper, and one or two specialist magazines. The antics of retired footballers children were not considered newsworthy. Famous for being famous wasn't really a thing.

          Fame seeking afflicts your generation in a way that has never previously been considered normal. Publicising everywhere you go, whatever passes for a profound thought in your world view, and auditioning to be one of a bunch of people in a house being watched by other people in theirs.... well, generationally speaking, yours is the only one that regards that behaviour as in anyway normal, typical, or usual. And sadly, it will only get worse.

          If you truly believe what you say, then in addition to my earlier apology for offence, you have my sincere best wishes, because not only are you fighting a losing battle, but when Gen X dies out, you'll probably be fighting it alone!

    4. Anonymous Coward
      Anonymous Coward

      Re: So how do you distinguish REALLY good encryption from noise?

      Confuse the hell out of them - send noise!

      Working in radio astronomy we correlate noise signals from across the world to make images of the sky; noise from each place's receiver does not correlate, but noise from the radio source does. Large chunks of noise is readily available if you de-tune a satellite dish.

  6. Anonymous Coward
    Anonymous Coward

    Kitemark

    90s called; wants it's McAfee "security seals" back.

    1. Anonymous Coward
      Anonymous Coward

      Re: Kitemark

      "Security seals" are the stuff that emerges from a US hunter-killer submarine...

    2. Aqua Marina

      Re: Kitemark

      Up until last week, Ashely Madison had a "Trusted Security Award" seal on it's website. Shows how much use seals are.

      I have no idea who reported them to the ASA for falsely advertising that award. :-O

      http://web.archive.org/web/20151020130928/https://www.ashleymadison.com/

  7. Lee D Silver badge

    Encrypted files?

    No, they are just large files filled with random data that I used when testing out various programs from my copy of Numerical Recipes in C.

    You suspect otherwise? Okay, prove it!

    The problem with "banning" encryption is that it doesn't stop criminals/terrorists, and it's those people that we don't want having encryption, isn't it? And when something is encrypted with any half-decent encryption, it is forensically indistinguishable from anything stored with any other half-decent encryption. So you can't ban certain algorithms, you can't ban certain keylengths (the whole PGP thing proved how pointless this is), and you can't ban the actual software that does this sort of thing in general anyway (published in books, long-held mathematical theory, open-source code, etc.),

    Much better to stop wasting time trying to ban it, and find better ways to monitor suspects and correlate them. Let's be honest, anyone worth their salt and therefore worthy of serious interest is going to be pretty much religious about not using unencrypted or weakly-encrypted channels anyway, no matter the technology involved. Banning encryption just catches the idiots, not stops what it claimed to be the source of the problem - being left in court with files you can't open which you think might hold evidence against clever criminals. who will quite happily go to jail for a year rather than open up those incriminating files for you.

    At least they're not suggesting backdoors in encryption either, I suppose.

    1. elDog Silver badge

      You have 10 fingernails? Fancy losing each one, slowly?

      Most of us, and me most quickly, will divulge the necessary information if the "law" really wants it.

      I also think that whatever the GCHQ or NSA or whatever can do to break existing encryption, there are plenty of smart people who can do add-on/tiered techniques that might fry the cores of their colossi.

    2. DropBear Silver badge

      "At least they're not suggesting backdoors in encryption either, I suppose."

      No, they're basically suggesting compulsory key escrow. Is that really any better...?

  8. Anonymous Coward
    Anonymous Coward

    Secure encryption/passwords

    The systems I work with in a major government org, restrict certain stupid passwords

    i.e you can't use password/Password/idname/secID

    But by default you can use 'wordpass'

    AND guess what everyone I tell makes me set as their password..... Hmmmmm

    The security encryption with stored images, is just as stupid

    I can use any word or words in the above to encrypt min 3 max 16 chars

    Anon just in case you know me!

    1. Bluto Nash
      Joke

      Re: Secure encryption/passwords

      Yeah, apparently you've been setting passwords here as well...

  9. This post has been deleted by its author

  10. Anonymous Coward
    Anonymous Coward

    Where are we getting "banning encryption" from?

    Seriously asking.

    So far all I can find is stuff along the lines of "there should not be a message that we cannot, in extremis, read" - I can't see any specific reference to encryption or any technological solution. People have been having hysterics about "banning Whatsapp/war on crypto", but Cameron's comments could just as easily apply to Part III of RIPA (mandatory key disclosure), or the targeted installation of encryption-circumventing malware (which, thanks to Snowden, we know already happens). If anyone has any quotes that specifically mention encryption I'd be interested to see them.

    1. Captain Hogwash Silver badge

      Re: Where are we getting "banning encryption" from?

      Mandatory key disclosure doesn't guarantee that a message can be read by the authorities. The penalty for non-disclosure might be significantly less onerous than that for any crime revealed to have been committed if the key is disclosed. Guess what people will do under such circumstances.

      Encryption circumventing malware? Maybe.

      1. This post has been deleted by its author

      2. DropBear Silver badge

        Re: Where are we getting "banning encryption" from?

        "Mandatory key disclosure..."

        ...I guess you know you have a really bad day when you find yourself having to pay that one bitcoin just to be able to prove that it really was cryptowall who ate your disk and you're not just playing the idiot card insisting you really can't decrypt it when prompted to...

      3. Yet Another Anonymous coward Silver badge

        Re: Where are we getting "banning encryption" from?

        "The penalty for non-disclosure might be significantly less onerous than that for any crime revealed to have been committed if the key is disclosed. "

        Not that now the penalties for displeasing her majesty's intelligence services include being extraordinarily renditioned to some -istan to be tortured and then chained to a floor to freeze to death.

      4. John Brown (no body) Silver badge
        Facepalm

        Re: Where are we getting "banning encryption" from?

        "The penalty for non-disclosure might be significantly less onerous than that for any crime revealed to have been committed if the key is disclosed. Guess what people will do under such circumstances."

        If "they" really believe that you have something they want decrypting and that you have the key, yes, the worst they can do is bang you up for a year. But there's nothing stopping them from asking you again as you walk out the prison gates, at which point you refuse and commit another crime and get banged up for another year. Ad infinitum.

  11. ratfox Silver badge
    Windows

    "The first duty of any government is to keep our country and our people safe."

    "Those who would give up essential liberty…"

  12. knarf

    This old chestnut

    This has been attempted before and it is a rather silly idea. I remember they even restricted to 128bit for a while.

    In the 1990s they even band books on "hacking" so no one could protect or test their own networks.

  13. Anonymous Coward
    Anonymous Coward

    I want to ban encryption

    I never said I wanted to ban encryption, I want to ban back doors in encryption

    If you provide end to end encryption you need to be able to decrypt it.

    Hurry up and start drowning talk talk before ever talking about technology again.

  14. Camilla Smythe

    Buh-Duh...

    She said: "The Prime Minister did not advocate banning encryption; he expressed concern that many companies are building end-to-end encrypted applications and services and not retaining the keys.

    She added that companies that provide end-to-end encrypted applications, such as Whatsapp, which is apparently used by the terror group calling itself Islamic State, must be subject to decryption and that information handed over to law enforcement "in extremis".

    Excuse me Mr and Ms complete and utter fucking stupid fucking dimbulbs.

    As a member of '$OurDeity Against $YourDeity and Your Spawn, The Only True Path' me and my colleagues regularly use our Linux things to generate TLS and PGP key pairs so we can exchange tasty recipes securely over the Internet and via e-mail.

    You may ask "in extremis", has that got something to do with being at the point of orgasm?, for our 'secret' ones but expect to get a face-full of Bolognese Flan up your respective fannies in response.

    1. Elmer Phud

      Re: Buh-Duh...

      If you are encrypting then you must be a terrorist.

      Isn't that how it works?

      PGP the new 'black'?

      1. Camilla Smythe

        Re: Buh-Duh...

        Next thing you know they will be banning something because they are not very good at it. Obviously broken Boris Bikes and cycling in general is safe but you have to wonder about November 11th..

        https://regmedia.co.uk/2015/10/28/david_cameron_pmq_smut_filter_law.jpg?x=648&y=348&crop=1

        Note to Dave..

        See that subversive Boris? Ay? Ay? Behind You!

        He's got his poppy on upside down and is after your job. Don't try to see if he floats. Burn the bastard now... Tis the season.

    2. I&I

      Re: Buh-Duh...

      Mrs. Craddock would turn in her grave...

  15. Crisp Silver badge

    So there's no intention to weaken encryption or provide back doors

    Except that Baroness Shields says in the next breath "that companies that provide end-to-end encrypted applications [...] must be subject to decryption and that information handed over to law enforcement "in extremis"." blatantly contradicting herself.

    The trouble is, any mechanism that enables the government to ask for decryption "in extremis" means that there's a mechanism there to be exploited by other people that might want to see my data.

    1. Ken 16 Silver badge
      Trollface

      Re: So there's no intention to weaken encryption or provide back doors

      They only mean the British Government must be able to decrypt it, they don't want other governments to be able to read it.

  16. SVV Silver badge

    Just how clueless are these people?

    "many companies are building end-to-end encrypted applications and services and not retaining the keys"

    Please stop trying to sound like you know what you're talking about by making truly idiotic statements like this, or at least ask someone to give you a basic explanation of certificates and public/private keys, otherwise those of us who are responsible for implementing this stuff in the real world might just point out that you are talking absolute drivel and obviously don't understand it and therefore cannot be trusted to pass sensible legislation that won't compromise the security of UK online businesses.

    1. elDog Silver badge

      Re: Just how clueless are these people?

      A pretty face in front of a useless brain?

  17. Anonymous Coward
    Anonymous Coward

    hIwDwNHp0AQefw0BBACguI1+f/zw/AjBuMBfnxLpBZbRnj2dGuDHBrnRJaBCnrbF

    oZNEeCSJ02d+Z8w7Xe2b1QQ+W0LIk2lH0FGs1Yni1y5aFKkAYhfRFk0CpCUvgHKY

    PtvCpf5/GqufoJn3Zc91dWhy7G2MK3N0MA/OIllaHfOsWN4wvuazk2HtLOv8s8k9

    a1esXakV8Nrg/6IL3hFvYmIOzEm7gKbA6MivmFYbYrl+72uofau0tfuJKLnY3U+E

    5OELwDxvlb1/IEemYA==

    =w5PY

    1. wolfetone Silver badge

      That's the longest way of saying "password01" i've ever seen.

      1. Mark 85 Silver badge

        I must have used the wrong key then... I got "Hello World".

  18. Eclectic Man

    Encryption Keys

    Whist we have a professor for the public understanding of science already, surely it is time for a chair for Political understanding of science (and possibly, being controversial here, religious understanding of science too).

    Our noble and ignoble leaders seem to have very little grasp of basic science and rational thought quite often.

    (Don't mind me I'll just talk amongst myself.)

    1. Someone Else Silver badge
      Coat

      @ Eclectic Man -- Re: Encryption Keys

      Our noble and ignoble leaders seem to have very little grasp of basic science and rational thought quite often.

      Yes, that is by design.

      But not "intelligent" design, surely...

  19. Supa

    Nope!

    I can't think of anything more terrifying than David Cameron in my backdoor!

    1. Fraggle850

      Re: Nope!

      Call me Dave in your back door carrying a pigs head?

  20. Pen-y-gors Silver badge

    Politicians, eh...

    Remember that every time a politician speaks, a fairy dies.

    1. adnim Silver badge

      Re: Politicians, eh...

      Remember that every time a politician speaks, a fairy the truth dies.

  21. batfastad

    Diff

    "absolutely confirm that there is no intention in forthcoming legislation either to weaken encryption or provide back doors."

    If we must have monolithic parties, they should provide diffs of any changes to legislation they wish to enact as part of their manifesto. When a party is then elected, only those changes can be committed to legislation. At least the people get a say on the laws that they will have to live under and can in effect veto any significant changes.

    It will put an end to Govs coming in and doing whatever the fsck they want once elected, usually defending their actions with "well you elected us".

    Or something like that... I haven't worked out the details.

  22. Anonymous Coward
    Anonymous Coward

    Oh FFS (again)

    Everyday, a good sleeper terrorist goes past a shop (or a house, or a field) on his way to work. Or play. Or prayer.

    Every day, there is something he can see without breaking pace.

    One day, that something is no longer there. The next day it is.

    Jihad is on !!!!!!!!!!!

    Meanwhile MI<x> are farting around trying to decrypt hours of white noise (or modern music, it's all the same).

    In other ideas, I worked out how to use BitCoin as an untraceable ransom payment.

  23. Quids
    Holmes

    Can GCHQ crack all forms of encryption...

    Or is the Government going to fine TalkTalk for not encrypting customer data?

  24. Amorous Cowherder

    Ooooh-kaaaaay....

    So Cameron wants the keys easily available so they can be obtained, put on USB sticks by utter div government types and left in trains, taxis, pubs, clubs....

  25. Anonymous Coward
    Anonymous Coward

    I'm a bit mystified about what Cameron was originally proposing.

    So, if I use strong encryption in Internet traffic or on my disk drives, they're seriously proposing to throw me in jail? Seriously? Is that what this guy had in mind?

    1. Graham Cobb

      UK CISA?

      So, if I use strong encryption in Internet traffic or on my disk drives, they're seriously proposing to throw me in jail?

      No. They never were serious about that (although they said it to bring a few more out-of-touch, harumphing, something-must-be-done types on board before the election).

      What they are serious about is "forcing" the big app players to co-operate. But they have (at last) realised that openly forcing them (like writing a law that says they have to) is likely to fail spectacularly (pushback from ordinary people, house of lords, foreign internet firms, UK internet firms, ECHR, etc).

      So, expect to see a UK CISA just as soon as the fuss about the US version has died down.

      1. Anonymous Coward
        Anonymous Coward

        Re: UK CISA?

        "So, expect to see UK CISA just as soon as the fuss about the US version has died down."

        The reason why clowns like Bliar & Hameron don't have any rational arguments to back up their policies is that the policies they are pushing aren't their policies in the first place. There is a very well established pattern of UK governments passing laws on behalf of the US Government, I'd guess this is just another instance of that.

        Making encryption redundant/useless would make it easier for GCHQ to spy on US citizens on behalf of the US Gov. The US Feds get to claim they aren't spying on their citizens, GCHQ can carry on recording & cracking everyone's private communications, and the UK voters can piss off because the British PM isn't actually working for them anyway.

    2. Anonymous Coward
      Devil

      I'm a bit mystified about what Cameron was originally proposing.

      So is he. The difference is, one of you can see there's a technological problem.

  26. Anonymous Coward
    Anonymous Coward

    No one planned to ban encryption

    As long as authorities can decrypt everything, there is no problem. Few people have a legitimate need for encryption so it's a lot of noise over nothing.

    1. The_Idiot

      Re: No one planned to ban encryption

      "Few people have a legitimate need for encryption"

      Er - because someone (or something) made you the sole and authoritative source for the definitions of both 'legitimate' and 'need'?

      Oh - and because 'because I wanted to/ felt like it' is not supposed to be acceptable in your definition of a free society?

      Or, perhaps, because the existence of a 'free society' is less important/ desirable to you than the one you'd prefer to be in place (or perhaps already have elements of in place)?

      Never mind me. I'm just an idiot...

    2. Alister Silver badge

      Re: No one planned to ban encryption

      Few people have a legitimate need for encryption so it's a lot of noise over nothing.

      A-Huh. So only a few people use credit cards, or have confidential data? So you'd be quite happy for anyone to be able to access all your bank details and personal information?

      1. steogede

        Re: No one planned to ban encryption

        Is it really necessary to point out that the AC was being sarcastic? Two replies seem to suggest that it is.

        1. The_Idiot

          Re: No one planned to ban encryption

          In my personal view - yes. Because there is the chance that someone (or some number of someone-s) may take the comment at face value, and use it to justify the comment's apparent point.

          I would rather, and again this is only a personal view, make a potentially unnecessary comment about such a point than keep silent - and wake one day to find it has somehow migrated into Truth.

          Of course, I'm an Idiot...

        2. Anonymous Coward
          Anonymous Coward

          @steogede - Re: No one planned to ban encryption

          Serious Dumb-Fuckery or Trollery, yes. Sarcasm? - nope didn't detect any there at all.

          Would have responded myself, but The_Idiot seems to have it covered.

    3. Mark 85 Silver badge

      @AC -- Re: No one planned to ban encryption

      Nice troll.... I won't upvote or downvote.. just laugh a bit.

  27. Anonymous Coward
    Anonymous Coward

    I can confirm that there is no intention to do that

    I don't believe you and I don't trust you.

  28. John Savard Silver badge

    Obfuscation?

    "The Prime Minister did not advocate banning encryption; he expressed concern that many companies are building end-to-end encrypted applications and services and not retaining the keys."

    Ah.

    We will not ban encryption.

    We will not require encrypted communication applications to include a copy of the key they use encrypted with a key that the GCHQ can read with every message.

    But we will require that the company who sold you the encrypted communication application either generate all the keys, and keep copies of them, so we can come around and ask for them.

    There's a difference? Well, in the first two cases, the government can read everything; in the third case, they'd actually have to get a court order or something, and even in the case of the intelligence services, it would be awkward to read everything. Unless they tapped the lines of the software company.

    1. Chozo

      Re: Unless they tapped the lines of the software company.

      Close, but IMHO you are thinking to small.

      For many years GCHQ eavesdropped on all communications between the UK and Ireland by simply intercepting the BT microwave backbone at Capenhurst. No physical connection, no warrants, just a tower in a convenient location listening to the chattering in the ether. Now that was fifteen years ago, technology has moved on, high-gain antennas have gotten smaller and if I were paranoid it may explain the existence of some unlisted cell-phone towers.

  29. Wolfclaw

    So dodgy Dave is u-turning again or is that he is an I.T illiterate moron and just can't help lying ?

    1. DrBobMatthews

      Wolfclaw, the evidence that Cameron is lying again is irrefutable. Yes he probably is illiterate regarding I.T. most 3rd rate recycled failed PR people are. More to the point he is dangerous and many of his neocon friends in the UK and across the pond in the land of the not so free love him. UK Patriot Act anyone?

  30. Cynic_999 Silver badge

    Even if encryption were banned, it would simply result in an upsurge in the use of steganography. You could hide a heck of a lot of data in a 2 hour HD movie with no noticeable degradation to the movie. Which would mean that not only could the government not decrypt the data, but they would not know who was using encryption in the first place.

    1. Anonymous Coward
      Anonymous Coward

      Of course if steganography is being used properly ...

      we'd never know

    2. Yet Another Anonymous coward Silver badge

      The same bill that required you to hand over your password also applied to steganography. The wording was something like "any document that contained a hidden or secret message" so if you had a copy of anything by James Joyce or pretty much any religous book in the house you were in trouble.

      It's a bit tough to get 5years if you can't explain Paradise Lost

  31. Chris G Silver badge

    Maybe

    "The government has "no intention" of introducing legislation to weaken encryption"

    If they are not introducing legislation, perhaps they have found some old legislation that can be reinterpreted to do the same job.

    It's not like there isn't a crapload of existing freedom limiting legislation already on the books, there is a high probability that something could be massaged a little, then it only needs one suitable judge to set a precedent .

  32. nilfs2
    Devil

    Great idea!!

    Let's ban locks, padlocks and alarm systems as well, that way the government spooks can access all our houses and businesses as well to check for terrorists, after all, we have nothing to hide.

    1. Yet Another Anonymous coward Silver badge

      Re: Great idea!!

      No you just require all locks to be opened by a special master key that only The Security Administration have, and just hope that all their 100,000 employees are perfectly honest and that nobody ever loses a key

  33. Your alien overlord - fear me

    Davey boy also promised not to cut tax credits. Promises pre-election are mirror images post-election.

  34. Anonymous Coward
    Anonymous Coward

    Here's how I think it's going to go,

    We don't want to ban encryption, companies can use it as long as they keep the keys so we can use them to decrypt whatever we need to in extremis (i.e. if we don't like someone or they disagree with us) and of course we won't use these keys to spy on everything everyone does in case someone talks about the coming pedoterrorarmagedon that we are protecting everyone from.

    However we don't see why the general populace needs encryption or to keep their own keys so that needs to stop.

    Here's what I don't understand and maybe someone on here with more intelligence than me (probably a hell of a lot) can explain it to me?

    What exactly is the problem with encryption?

    The way I see it,

    A. It keeps my details and data safe whether I have it or a company has it.

    B. It stops that script kiddie that has dropped a wifi pineapple from doing lots of damage (though personally I never use "Free Wi-Fi" unless I'm also using my own built secure VPN)

    C. They talk like encryption is an internet only thing? After Snowden do they really think IS state are using Whatsapp? Are we supposed to think they are really that stupid?

    Also aren't keys on their own a bit useless? I thought that was proved years ago that you had to have an extra level of cycling of keys.

  35. cyrus
    Stop

    "Our people"

    Sounds a bit possessive to me. Are we the government's people or is the government the people's. Some one needs to get that part right before going any farther.

    1. Anonymous Coward
      Anonymous Coward

      Re: "Our people"

      "The time to guard against corruption and tyranny is before they

      shall have gotten hold of us. It is better to keep the wolf out of

      the fold, than to trust to drawing his teeth and talons after he

      shall have entered." --Thomas Jefferson: Notes on Virginia, 1782.

      I think I need to do more research on Thomas Jefferson Airplane or maybe those hippies had it right, My head hurts just thinking about the potential misinformation from the ministry of information either that or the LSD (not mine, theirs of course)

      "Lethargy is the forerunner of death to the public liberty."

      --Thomas Jefferson to William Stephens Smith, 1787.

      1. Pascal Monett Silver badge

        Very happy to see all those Thomas Jefferson quotes and I feel that they should be repeated often.

        I also think that, were he to be alive today, he would be actively preparing the next revolution.

  36. allthecoolshortnamesweretaken

    Just a little bit of history repeating?

    Sounds a lot like "Niemand hat die Absicht, eine Mauer zu errichten." to me.

    Berlin 1961 (A Freudian slip if ever there was one)

    Propellerheads - History Repeating

  37. Anonymous Coward
    Anonymous Coward

    Lordy!

    I see the problem.

    There's a house filled with inbred sock-eaters making decisions.

    Unlike the elected House of Commons, most members of the House of Lords are appointed. The membership of the House of Lords is made up of Lords Spiritual and Lords Temporal. The Lords Spiritual are 26 bishops in the established Church of England. Of the Lords Temporal, the majority are life peers who are appointed by the monarch on the advice of the Prime Minister, or on the advice of the House of Lords Appointments Commission. However, they also include some hereditary peers. Membership was once an entitlement of all hereditary peers, other than those in the peerage of Ireland, but under the House of Lords Act 1999, the right to membership was restricted to 92 hereditary peers. Very few of these are female since most hereditary peerages can only be inherited by men.

  38. Anonymous Coward
    Anonymous Coward

    Baroness Shields

    Of course she is.

    Now a comment from Baroness Handout on the Welfare bill.....

  39. Eponymous Cowherd

    UK Government in "you can't ban mathematics" shocker

    Because that is all encryption is, maths. Banning encryption isn't like banning guns, where most people don't have the ability or resources to make one and requires physical transport to redistribute.

    An encryption algorithm is just maths. Any maths undergraduate is quite capable of rolling their own and making it available to anyone who needs it.

  40. Anonymous Coward
    Anonymous Coward

    Hicksters

    Breaking news: Government decides not to act like pig ignorant red-necks.

    "We are technologically literate and understand the concerns about undermining encryption" claimed one minister in an email sent from his ZX81.

  41. Anonymous Coward
    Anonymous Coward

    The wrong question

    Shields replied: "I can confirm that there is no intention to do that; that is correct."

    The trouble is, that statement can be true at the time it is made, but be superseded by policy change the next nanosecond. So the question as stated is pointless.

    The sort of question I'd prefer is something like Does Mr Cameron now understand that his previous demands on encryption were impractical and that weakening encrytion in the way proposed would be contrary to the best interests of the British people and, indeed, of British business?

  42. channel extended
    Linux

    two passwords

    My Kali system has two passwords for use, one that works and the nukem password. Guess which one I will give up?

  43. Anonymous Coward
    Anonymous Coward

    It seems that they still do not understand that "we will not introduce backdoors" and "we must not allow a means of communication where it simply isn't possible to [intercept]" are mutually exclusive

  44. kmac499

    Anonymity Privacy and Secrecy

    In all the chatter about encryption I think we miss the reasons why it's used.

    One of the attractions of BitCoin et al is the ability to conduct transactions anonymously. I'd quite like to conduct chunks of my life anonymously.

    In addition there are things that I need to keep Private, such as banking pins, access codes etc.

    And finally I may have some things I wish to keep Secret, (Dont ask otherwise I may be forced to kill. you.)

  45. Anonymous Coward
    Anonymous Coward

    Ban whispering, too

    ...because your hijacked smartphone wont be able to pick up what you say.

    you know terrorists whisper, too. Tgey probably eat, sleep and breath. All banned.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019