back to article Wraps come off UK super-snooper draft plans

Legislation relating to communications data will be yanked out of the existing Regulation of Investigatory Powers Act (RIPA) and brought under a new regulatory framework if the Home Office's plans to step up the monitoring of internet traffic passes through Parliament. Home Secretary Theresa May unveiled her proposals for the …

COMMENTS

This topic is closed for new posts.

Page:

  1. Anonymous Coward
    Anonymous Coward

    YaY, more pissing money up the wall by the incumbent government

    Good Times

    1. Mark 65

      Especially when the issue is fixed by three letters: V, P, and N. Even the 6pm news item dismissed the plans.

    2. Anonymous Coward
      Anonymous Coward

      Yes; it's nearly as expensive as the two wars that the last lot got us into...

  2. Kevin Fairhurst
    FAIL

    meet the new boss, same as the old boss

    So after saying they were against this kind of thing when in opposition, there is no surprise that the current set of elected officials are all for it now they're the ones in power, even though a number of people will have voted for them simply because of their previous stance...

    Ah well. Was to be expected...

    How long before someone points out that this will be totally ineffective against the kind of things they're trying to legislate for, as all those naughty chaps already use secure VPNs and TOR?

    Guessing the ISPs are rubbing their hands in glee at the thought of all this money coming their way. But if those naughty chaps only ever connect to vpnprovider.com or tor.org there'll be claims that this law has worked as no-one connects to dodgywebsite.ru anymore...

    1. Anonymous Coward
      Anonymous Coward

      Re: meet the new boss, same as the old boss

      All politicians are radicals in opposition then feed us shit when they're in power.

      I'm drawing a massive shite on my next ballot.

      Anon - while it lasts

    2. James Micallef Silver badge
      Thumb Down

      Didn't take long

      To come up with "Aaarrgh, terrorists" and "Will nobody think of the children". Disgusting!!

      The police are NOT fighting crime with a hand tied behind their backs. They are free to get all the information they want IF THEY HAVE A WARRANT FOR IT. No reasonable suspicion = no warrant. I don't believe a word of 'limited access'. Once plod and gov agencies have full access to the raw data, how long is it before checking on a single suspects communications evolves into data-mining software constantly trawling through the whole data warehouse?

    3. Anonymous Coward
      Anonymous Coward

      Re: meet the new boss, same as the old boss

      "So after saying they were against this kind of thing when in opposition, there is no surprise that the current set of elected officials are all for it now they're the ones in power"

      Never seen and episode of Yes, Primeminister? The civil service and the security agencies are the ones pushing for this shite, the MPs are usually on the boards of security, hardware and ISP firms so they go along with it so they can cream off the profit from screwing over the common Joe in the street!

    4. Anonymous Coward
      Anonymous Coward

      Re: meet the new boss, same as the old boss

      As the old saying goes:

      It doesn't matter who you vote for because the Government will always win.

  3. Anonymous Coward
    Anonymous Coward

    This just turned up:

    http://www.opendns.com/technology/dnscrypt/

    1. Skizz
      FAIL

      Doesn't Really Help

      "This just turned up: http://www.opendns.com/technology/dnscrypt/"

      Since the IP address is enough and all the DNS lookup does is turn a string into an IP address and going from IP address to web site is easy. I'd be surprised if the information recorded didn't contain the IP address since that's all the information that's sent when accessing a web-site (you don't send the web-sites name to the web-site you're accessing, you send it a DNS server). So, web-sites with constantly changing IP addresses would defeat this as it would be really hard to go back in time to see what was at a given IP address.

      1. Matthew Glubb
        Boffin

        Re: Doesn't Really Help

        "you don't send the web-sites name to the web-site you're accessing, you send it a DNS server"

        Errr. Most HTTP1.1 clients do:

        http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.23

        It's why you can host multiple domains on a single IP.

      2. Anonymous Coward
        Anonymous Coward

        Re: Doesn't Really Help

        The URL host is used.to.route many shared sites. IP is not enough.

      3. Andrew 60

        Re: Doesn't Really Help

        True, but they propose to record website visited and if a single server is hosting many sites then recording the IP is not enough. You need to record the URL in the GET request..

    2. dephormation.org.uk
      Boffin

      Complete Encryption is Your Friend

      The consultation paper doesn't feature the word 'encrypt' which is a shame.

      Because that is a word the Government are going to hate.

  4. Anonymous Coward
    Anonymous Coward

    They make these numbers up,don't they.

    >£1.8bn over the course of 10 years.

    My head hurts trying to think of how to calculate this but I would guess the cost of the disks for storing all the information required for 12 months, indexed and searchable would eat that figure up easily. Got to be disk as the information has to be available immedaitely so no waiting for a restore from tape allowed. Then there are the cabinets, power supplies, space all to be paid for by you and me. And that space that BT pays x pounds per square metre for will cost UK Gov PLC (aka you and me) 5x pounds psqm.

  5. Anonymous Coward
    Anonymous Coward

    Time to ....

    Have a little script that works during the moments your not using the internet, to visit random sites and send random emails, visit random vpn locations etc...

    If we can't persuade them it's a bad idea at least bleed the budget dry.

    1. Omgwtfbbqtime
      Black Helicopters

      Re: Time to ....

      Needs seedwords for the email- a bit like those godawful spam messages that are full of nonsense text.

      Might I suggest:

      Explos- (ion/ive)

      Terror

      abuse

      weapons

      attack

      nuclear

      anthrax

      Obvious icon is obvious.

    2. Anonymous Coward
      Anonymous Coward

      Re: Time to ....

      You mean like TrackMeNot (it's a Firefox add-on that attempts to pollute Google tracking data by issuing random search requests at random times).

    3. Fred Flintstone Gold badge

      Re: Time to ....

      That will only work if you can do this collectively. Personally, I think this is what is missing from the Tor project: traffic obfuscation (basically doing what you propose, but distributed over a large set of nodes).

    4. Anonymous Coward
      Anonymous Coward

      Re: Time to ....

      National smokescreen. Garbage in garbage out

      1. Omgwtfbbqtime

        Re: Time to .... @terra

        Garbage in Garbage out?

        The government does a good enough job of that already.

  6. Dr. Mouse

    What is an ISP?

    I don't have time to read the doct in full, but what counts as an ISP in this regard?

    For instance would a company, running it's own email services, be required to keep these records and/or pass the info to the govt? What about someone running their own mail server as an individual?

    Although there are obviously privacy concerns in this, I am personally worried that it will end up forcing people, like me, who run their own internet services to keep such records, which would obviously be quite a large task to such individuals.

    1. JimmyPage Silver badge
      FAIL

      Re: What is an ISP?

      just a guess, but I suspect they will deliberately leave the definition of ISP as vague as possible. But you raise a very valid point. How about people (like me) who have been known to run their own email servers ? I had cause to do this for a few months to help out an old employer.

      I would imagine that anyone with anything to hide is already running their own servers anyway. Of course *where* those servers are could be problem. Because if I had anything to hide, I wouldn't be stupid enough to keep my server in the UK. That said, I might keep *a* server in the UK. As part of my project on looking for ET, I regularly fill up 1TB drives with recordings of the background noise of the universe. It looks suspiciously like it's encrypted too. ...

    2. Anthony Cartmell

      Re: What is an ISP?

      Last time I managed to get anything like an answer from the government, my micro-company, which handles email for a few dozen individuals and businesses, would not be classed as an ISP.

      I don't know what proportion of internet email goes via small businesses like mine, versus the large ISPs.

      Another pointless, unenforceable attempt to control the internet (along with that wonderful cookie law that most sites are ignoring, and the sites who've done something are just annoying their visitors!). Logic is proven, again, to be the polar opposite of politics.

  7. Anonymous Coward
    Anonymous Coward

    VPN?

    Surely all you need to do is use a VPN Tunnel to somewhere outside the UK which doesn't log any activity and then they can't track you?

    1. tirk
      Facepalm

      Re: VPN?

      Lucky then that international terrorists, crime bosses and the like will never think of that!

    2. Anonymous Coward
      Anonymous Coward

      Re: VPN?

      Sorry standard VPN=FAIL.

      when you start up your encrypted VPN tunnel the start-up credentials can be very carefully analysed and your session MITM DPI'ed.

      You need an obfuscated VPN client such as the CIA's NetEraser/netCloaker/Gabriel family of communications Apps. NetEraser is a specialized program developed for In-Q-Tel/VirnetX (Central Intelligence Agency) by SAIC around the turn of the millenium.

      there is hope to build a real working obfuscated VPN system like the pro's use, the NetEraser system is based on work by Professor Henning Schulzrinne of Columbia University in the 90's. He studied the SIP and RtTP protocols.

      nearly all the other available internet censorship bypass tools are subverted by weaknesses, backdoors, bugdoors and simple bifurcation of cloned traffic. When the NSA does a job, they do a *great* job! Did I mention that NSA whistleblowers alleged that they just 'bought' telecom engineers in order to facilitate worldwide total information access....

      1. Anonymous Coward
        Anonymous Coward

        Re: VPN?

        There are more than one type of VPN, and I suspect your talking about PPTP (which is pretty crap in terms of real privacy) instead of OpenSSH to a site with a (double checked) certificate that you get warned if it magically changes (and where your DNS queries also go via the VPN...).

        But really, they are not that interested in *you* to make the effort in most case to DPI it and break weak encryption. To bugger this up and waste the £1.8b they plan on pissing away you just need a lot of VPN users and 'trackmetnot' obscuring of the data to make the job of trawling impractically expensive.

        And while most VPN providers will respond to a competent law request in their own country, again that is enough to restore sense by making the gov actually go through proper legal channels to spy on you, a process that is time & cost wasting unless they have very good reason to do so.

        Which is the bit this whole thing lacks.

      2. lotus49
        Thumb Down

        Re: VPN?

        No it's not a fail.

        We are talking about routine storage of communications data by ISPs here not what the security services can do if they really care. I am a Virgin customer. Virgin is not about to start doing man in the middle attacks on my VPN connection and if this stupid law is enacted, I shall indeed be passing all my traffic through a VPN and I shall be safe from snoopers as a result.

        If MI6 decides that it's interested in me, they will break into my house and put a key logger/screen logger on my computer or network. There is nothing I can realistically do about that but I don't think MI6 cares about me.

        1. Anonymous Coward
          Anonymous Coward

          Re: VPN?

          I also think that the idiots in power (the polyshitions and the uncivil servants controlled by the lobbyist making money) are in for a big surprise in the amount of VPN traffic that will be transmitted over the coming years.

          Not those who just want their personal privacy, but the vast number of average workers who will more and more be "working from home" and telecommuting. As with all these things the noise will totally smother any useful data, and the avoidance is simple for the real criminals.

          Just about anywhere in the world you can buy pre-paid phones, no Id needed. They are cheap disposable and effectively untraceable and just about every villain will have easy access to these.

          The fact that HMG cannot even stop these people getting phones, drugs and prostitutes while they are IN PRISON, proves just how incompetent the security forces truly are.

          AC: Don't make it too easy for them :^)

  8. Christoph
    Joke

    Trust me!

    I'm from the government. I'm here to help you.

  9. Usually Right or Wrong
    Meh

    I was wondering when...

    "It is a vital tool for the police to catch criminals and to protect children."

    ...the children would come into it. Would love to see the stats of how many children were unprotected before the legislation and how many extra are protected when it comes into force. Probably many are unprotected and then most will be protected, which will prove the legislation's effectiveness in the face of the ever increasing paedophile onslaught.

    Considering the expected increase in data requests, the ISPs would be better off creating a standard API and publishing this, available on request if you can prove that you are a 'public authorities' sort of person. Would save all the hassle of having to hack in and post the data.

    1. dotdavid
      Thumb Up

      Re: I was wondering when...

      I was about to say something along those lines.

      Saying "think of the children" tends to have the opposite effect on me to that intended though, as I think it is so cliched I can't help but wince.

    2. Blane Bramble
      WTF?

      Re: I was wondering when...

      If it was about protecting children, I suspect there are plenty of better ways of spending £1.8 billion.

      1. Anonymous Coward
        Anonymous Coward

        Re: I was wondering when...

        Has no one else noticed the large increase in pedo related stories in the news in the last week or so? I suspected something like this was about to be announced.

  10. Anonymous Coward
    Anonymous Coward

    ooh, I'm so angry I could write a pithy comment on a tech press message board, that'll fix it

  11. xyz Silver badge

    if I was an ISP...

    I'd have all my customers install TOR, then keeping track of where everyone went and what they did would be really easy...."They all went that-a-way, Officer"

  12. Crisp
    Big Brother

    Quote From Article

    "I don’t think we should pass broad laws on a promise from government that they will never abuse them."

    I think Julian Huppert is a bit late...

  13. Anonymous Coward
    Anonymous Coward

    I think we all know who the threat to our civil liberties is here

    Terrorists have won, we're destroying ourselves

  14. Anonymous Coward
    Anonymous Coward

    Open Rights Group

    http://www.openrightsgroup.org/press/releases/snooping-announcement-expected-this-morning

    Doing it right

  15. Anonymous Coward
    Anonymous Coward

    Theyworkforyou.com

    Everyone here already knows it's a bad idea. Write to your MP and tell them so.

  16. Anonymous Coward
    Anonymous Coward

    Browsing through the bill

    I see in that one reason for accessing the collected data is :

    "for the purpose of assessing or collecting any tax, duty, levy or other imposition, contribution or charge payable to a government department,"

    This is in a long list after terrorism, detecting crime and in the interests of public safety.

    Really? You can check my last year of web access because I haven't paid my council tax?

    1. Anonymous Coward
      Anonymous Coward

      Re: Browsing through the bill

      "Really? You can check my last year of web access because I haven't paid my council tax?"

      or that parking fine from last month.

      1. Chris Miller

        Re: Browsing through the bill

        Or because you're suspected of placing the wrong type of material into your recycling bin.

    2. This post has been deleted by its author

  17. This post has been deleted by its author

    1. nexsphil

      Re: Hello Torproject.org

      Unfortunately, if you read it you'll find that the arstechnica article you link states that the Tor Project are more than happy to help unmask people at the behest of "law enforcement agencies", so you best hope you have a better fallback than Tor when your dissent gets labelled "terrorism".

      1. This post has been deleted by its author

      2. This post has been deleted by its author

    2. Anonymous Coward
      Anonymous Coward

      Re: Hello Torproject.org

      ToR is nice, just sometimes, the ToR network will - surprise - share all your data with the bad guys (insert your own definition of bad guy here)

      ToR has a history of 'bugdoors' unique identifying features like a header that says I"M USING TOR - LOOK AT ME

      check the ToR bug list discussion forums and see how successful the repressive nation of IRAN has been at finding ToR using activists, hidden amongst their internet gaming population.

      if you use ToR nested inside some custom obfuscated RtTP steganographic tunnel, as I'm sure the *other bad boys do* then you might have freedom of censorship. until then, you will self censor, under fear of implied threat, whilst society will spiral down to the depths of Hogarth's Gin Lane.

Page:

This topic is closed for new posts.

Other stories you might like