I like this guy
He seems to actually know what he's talking about.
So I fully expect uk.gov to try and discredit him and ignore every word he says.
Secure end-to-end encrypted comms is a desirable technology that governments should stop trying to break, especially as there's other information to slurp up on crims, UK politicians were told this week. Blighty's former independent reviewer of terrorism legislation, David Anderson, told the House of Commons Home Affairs …
I do as well but I don't think he understands the why, at some point the government is going to have to be specific about back doors rather than avoiding the simple truth and that is that they don't want this just for the holy trinity of excuses (Crime/Terror/Pedo) but every person and not corporation or banking or other communications they want access to everyone's phone communications. Which to me is extremely sinister as with that amount of information a government either this or in the future could develop a state built on fear and intimidation. I believe what happens now could shape the future either way.
>"So I fully expect uk.gov to try and discredit him and ignore every word he says."
or find him inside a padlocked sports bag in a bath.
Q: is there anyone apart from Metropolitan Police who does not know how to open a locked suitcase / holdall with plastic zip using a biro?
"He seems to actually know what he's talking about."
He's one of the finest legal minds currently alive. And, as a barrister, is very good at appearing convincing!
"So I fully expect uk.gov to try and discredit him and ignore every word he says."
Quite the reverse. He claims, and the evidence backs him up, to be the inspiration for large quantities of the Investigatory Powers Act, including the mass surveillance provisions.
If you doubt it, consider this... The Irish Police (Garda) can snoop on anybody including journalists and their sources (no watchers to watch the watchers etc). Gardai were bugging defendants lawyers for decades wink wink! Its amazing they have time, as they seem preoccupied with fabricating breathalyser tests, and setting up Garda whistleblowers (tainting them as pedos etc)...
The unfortunate reality is that this stuff is hard enough to explain to senior manglement in data rich organisations. Explaining this stuff to a minister? Good lord you'll lose them at the word "metadata".
It's far easier for them to comprehend the digital equivalent of trying to kick in someone's door, and frankly far easier for them to sell it to the Murdoch press.
The Snoopers' Charter already has a definition of "metadata". It's "any data that doesn't reveal the actual content of the communication."
So as things stand, if you encrypt your communication, the whole thing becomes metadata and *must* be recorded, in its entirety, by your ISP.
On another point: I'm fine with governments having the authority to kick down people's doors. (It's not like anyone has ever been able to stop them doing that anyway.) And by analogy, I'm fine with them seizing people's phones and brute-forcing the content out of them. If you have a police force with authority to arrest people, then that pretty much implies authority to investigate their stuff as well.
What I don't want is them surreptitiously sneaking in (to either houses or phones) and snooping thataway. Investigation *without* physical arrest/intrustion - that's what we need to watch out for.
"I'm fine with governments having the authority to kick down people's doors. (It's not like anyone has ever been able to stop them doing that anyway.) And by analogy, I'm fine with them seizing people's phones and brute-forcing the content out of them"
Expanding your analogy, I doubt anyone is comfortable suggesting the authorities have a master key to every door lock in the country just so they can get into criminals homes more quickly, so why would anyone be comfortable with a master key for encryption.
Expanding further, the authorities aren't requesting everyone leave the back door to their house accessible (yes, they need to kick that one down as well), so why should anyone suggest devices have an accessible back door.
Exactly: The scary thing is the constant, realtime collection of every single thing you do, everything you say, and every place you go. History is replete with examples of abusive surveillance systems. Those that argue it won't happen "this time" are being disingenuous.
Either way, they don't need to crack encryption to do that.
The problem is that politicians are used to the idea of "Ask the techie to do something impossible, and we get something that is both possible and not entirely unlike what we wanted".
Having the techie turn round and say "No, that's impossible. Go away and grow a brain" is a novel experience for a politician, and they aren't very good at processing or dealing with the entirely new.
However, all is not lost. All we have to do is carry on explaining that breaking secure encryption is impossible and unnecessary and eventually, the concept that secure encryption is unbreakable becomes part of the accepted operating environment of politicians, and they end up actually arguing for it.
A similar thing has happened in many large organisations: techies managed to beat the concept of "PC insecure unless it has antivirus" into managerial heads so effectively that now even Linux kit has, by fiat of manager, to have completely useless antivirus on it or the manager gets very, very upshet. This is the unfortunate downside of dealing with the hard of thinking: you have to be very careful with the message before you reprogram the bloody dullards!
And he'll be promptly ignored by the shouty power hungry. Pity there's not more like him in both the UK and the US during this race to the bottom. It's a cliché but 1984 is NOT an instruction manual even though that seems to be the reference manual being used by the 5 Eyes.
Read his CV please. He, and his friends, wrote most of the instruction manual being used by the UK security services. Or, more accurately, collated what they were/are doing into one place and brought it into the open.
Now if he is such a smart person (and he does seem to be) then you have to ask whether he's doing this because he's seen stuff that makes it clear these measures are justified, or that he's pushing as far as the political realities allow.
companies might say they have 5,000 people looking at content, they won't say exactly where they are – "in which case they might all be [in Germany] because that's where the fines are”
Germany? Nobody hires 5000 people in Germany to scan internet content. It would cost a fortune; more than the fines.
And this is the internet. Geography and borders are for politicians. India would be my bet.
It has been my experience that most of the Indians I've worked with not only have a better grasp of English than most native-born speakers, they are also keen to learn more - not something I see very often otherwise.
Their main challenge is pacing and emphasis, after 1/2 hour talking to some of my colleagues I feel like I've been listening to machine gun fire :)
But it's not.
It's about warrantless access to data.
all the time
Why you may ask?
We wants it.
Because we can.
And that is all the "reason" any data fetishist has ever needed for this.
"...you can get the location data from the phone company. It's almost as good as having someone on their tail the whole time."
I'm still waiting for the authorities first court request of this data when a body is found is suspicious circumstances. What were all the devices near the location in hours around the pertinent time.
Still another one who wants the censorship route - implying big companies should do more to vet material.
That is always a slippery slope.
In recent history, I was filmed by state actors for anti apartheid demonstrations (protesting against the (then white) South Africa government & their vile treatment of majority black population).
Fast forward many years and Mandela is generally praised by those in power as a (dead) saint (rather than the dangerous terrorist he was painted as by many in power and the media not that long ago
If, back in apartheid era, social media had existed, then doubtless govt would have wanted to prevent positive coverage of Mandela, Biko etc. reaching people in the UK
We are inundated with data haystacks looking for needles, that we are not sure what they are or if they're there.
DDD (Data Directed Descisioning) needs "context" and the greater picture, but more data really does not provide it, it needs wetware (people) on the ground doing interviews making assessments and writing computer understandable reports.
Then there is behavioral economics aspects - the biases, especially "confirmation bias", and while the wetware are prone to this bug, I've not seen the AI industry admit to it in neural networks and machine learning yet. but we have seen hints where self driving vehicles cannot determine if a vehicle is moving when it is traveling at speed or facial recognition can be fooled or distracted.
We are not super-human, nor are our computers super-computer just because they can self teach themselves some narrowly focused game such as Go.
Don't become data fools.
Biting the hand that feeds IT © 1998–2019