'Independent' gov law reviewer wants users preemptively identified before they're 'allowed' to use encryption The UK’s “independent reviewer of terrorism legislation” appears to have gone rogue, saying that encryption should be withheld from people who don’t verify their identities on social media. Max Hill QC is supposedly the reviewer of government laws designed to stop terrorists. His latest statement, carried in tonight’s London …
"Because as we all know, it's impossible to send encrypted data across the internet without a social media/email account."
This is not about the technically adept. This is about the layperson. The whole idea is to condition normal people into compliance, a few freaks who know how to use computers don't count.
This is where people like ME come in!
People who NOT ONLY know HOW to code but ALSO KNOW HOW
to design and present beautiful and EASY-TO-USE user interfaces
for encrypted text and audio/video communications software!
I've got code coming down the pipeline which will BE UTTERLY FREE
AND OPEN SOURCE which will work with Facebook, Twitter, Instagram,
Hotmail, Outlook, Yahoo Mail, etc to encrypt your posts and text/audio/video
messages and KEEP THEM private from EVERYONE who does NOT have
a proper decrypt key. AND since I have 25+ years of Video Graphics and
Encryption programming experience, I can make encrypted text/audio/video
work like a charm! I'm not one of those modern programmers who can
DO ONLY JAVA and HTML but knows NOTHING about C/C++ and what
Pointers are used for or knows NOTHING about low-level CPU/GPU internals!
I'm one of the old-timers who knows NMI's and Interrupt 0x21 inside and out
and can MOV, JMP and RTN on EVERY BIOS on a motherboard!
Northbridge/Southbridge programming? Down Pat!
Ethernet/ATM/SONET/Token Ring/RS232/RS422/USB/PCIe packet and frame comms? Got It!
Drive Controller Programming? Can you say WD/Toshiba/Flash/ASPI/BIOS-level ???
Do I know DSP/FPGA/FPU/CPU assembler and VHDL? oooh YEAH!
Do I know Triple AES-256, Elliptic Curve, Shor's Resistant cryptography,
secure hash routines, Symmetric/Asymmetric keys and their private storage
and exchange like the back of my hand? OF COURSE I DO!
I am the WORST NIGHTMARE of every 3 to 5 letter agency
who wants to break encryption or keep it out of everyone's hands!
I make my versions READABLE, MODIFIABLE and SECURE....
in addition to FREE AND OPEN SOURCE!
My Code is My Bond! Look Me Up!
and READ WHAT I CAN DO!
I ---KNOW---- how to code VERY VERY WELL !!!
Why Not? All the good silicon comes from China (and Israel) the days so "our dear leaders" are just going with The Globalised Marketplace so to speak.
Think of all the toil and trouble looming up ahead if one needed, nay insisted on, un-backdoored and un-instrumented kit? It is much easier to just legislate, making the conditions "you are forced to accept" into "what we really wanted" and a "great opportunity".
Saves a lot of thinking, that. Which is good, seeing that "they" are already at capacity over Brexit.
Maybe that's why they canned ID cards, get face***k to so it for you so there's no cost involved, face***k get the entire population, the government gets it's id cards/identity/tracking.
No face***k, no access to any government services, no bank account etc...
If you don't have a computer then someone will come round and set it up for you or you get sent to the nearest library.
What a time to be alive.
I just didn't understand that. What? I mean... what are they asking for? It's just.... HUH?
Withhold encryption before posting? Free speech? "chat" apps?
"A discussion I have had with some of the tech companies is whether it is possible..."
Did he actually get a response? Someone understood what he was on about?
Err... no, I still don't follow you, druck. end-to-end encryption, to my mind, includes both encrypted point-to-point communication and encrypted store-and-forward communication. And then there's "chat apps" and "social media"? When does "social media" start to carry that nomenclature instead of being a mass group chat app? And surely if "social media" is defined such that messages can be seen by all, then encryption just doesn't come into it. Or are we talking about just the PM/DM side channels on posting timeline/stream?
Think DH key exchange on TLS (ECDHE is too advanced). Once the identity of both parties are verified, the DH key exchange is done (simplifying TLS). If one of the identities is unknown, DH is not performed and data is sent in clear. One can have TLS auth without encryption.
The problem is one can run DH variations on the top of it and still get encrypted communications.
This post has been deleted by its author
The next step is to outlaw all encryption except for approved systems - which is possible. Stupid, but still possible.Shadmeister
Outlawing is easy, policing and prosecution and persecution are going to be problematical and increasingly impossible to justify and more importantly, perform.
This post has been deleted by its author
Outlawing is easy, policing and prosecution and persecution are going to be problematical
Not Really. Any kind of authoritarian government wants to have legal tools to harass and/or jail any opposition with. "They" also want those laws to be applied discretionally - like everyone being guilty of something, only the ones that "we" don't like or no longer like, getting nailed. If performance sucks, then "they" can easily optimise by only "doing" high value targets or deploying automation.
It doesn't even matter to "them" that the charges won't stick or prosecution is expensive because it is free to "them", it's just taxpayers money.
What does matter is results, that the persons they want to "do over" goes away, whether in bankruptcy over legal costs or in jail is almost the same to "them". Bankruptcy is probably better for "them" since there are statistics over people jailed for political reasons and optics are important.
Any kind of authoritarian government wants to have legal tools to harass and/or jail any opposition with. "They" also want those laws to be applied discretionally - like everyone being guilty of something, only the ones that "we" don't like or no longer like, getting nailed. ... AC
That's the old and failing way of doing things, AC, and assumes an overwhelming superiority of intelligence in incumbent systems admins. With smarter opponents and/or virtually savvy competition nowadays and with the myriad globally penetrating tools so freely available to them, is the way of the Great Game changed forever more ........ and you have made no mention of the simplest of ways to have a sharp thorn and persistent inconvenience removed from one's side ...... the payment of significant Danegeld which would allow one to retire magnificently from the battling fields of work, rest and play.
And as you say, it is not expensive to them for it is freely provided/invented, thus a real bargain at any price.
"policing and prosecution and persecution are going to be problematical and increasingly impossible to justify and more importantly, perform."
UK judges at the higher levels are thankfully sensible these days and I suspect that a suitably IT-savvy lawyer would easily convince one to throw the case out, with prejudice and rip a few holes in the law whilst doing so.
I fully expect somewhere in the list of responses will be the requirement for licensing for people working in information security, thus extending government control of its practitioners. Any activity without a license will be subject to penalties the same as with supporting terrorism. One need only see what the US is doing to people selling BitCoin without a license to see this extension of licensing requirements happening. China is well in advance as well.
Forcing practitioners to be licensed or forced underground would be just the idiotic idea I see taking place in government circles. You really, really don't want to alienate this crowd, but alienate them it will.
Seems I'm in radical, frothing at the mouth, anarchist/power-conflict-libertarian mode today. My apologies.
Forcing practitioners to be licensed or forced underground would be just the idiotic idea I see taking place in government circles. You really, really don't want to alienate this crowd, but alienate them it will.Seems I'm in radical, frothing at the mouth, anarchist/power-conflict-libertarian mode today. My apologies. ……. Jack of Shadows
Howdy, Jack of Shadows,
Encircled governments creating new more powerful enemies is a madness confirmed leading in their midst. And in Deed, a Fabulous Folly for Yesterday Men. Centred there be the rabid radical fundamentalism delivering popular dissent, private dismay and pirate opportunity and it is surely more a criminal enterprise than anything else given the result of their failed programming projects.
And in such circumstances is one right to be anarchic and alternative."Tis only natural.
This post has been deleted by its author
This post has been deleted by its author
I really don't see how the reporter can have properly understood what Max Hill said. I mean, the main requirement for being a silk is being able to demonstrate clarity of thought, right?
On the other hand the photo here
http://www.redlionchambers.co.uk/barristers/profile/max-hill-qc
is a 2.5 megabyte JPEG, which is at least fifty times bigger than it needs to be, so perhaps these lawyers really haven't got a clue about technology after all...
"On the other hand the photo here
http://www.redlionchambers.co.uk/barristers/profile/max-hill-qc
is a 2.5 megabyte JPEG, which is at least fifty times bigger than it needs to be, so perhaps these lawyers really haven't got a clue about technology after all...
"
Maybe he is worried about the government spying on him and has used steganography to embed a large secret message in the image :)
(The larger the image file the larger the hidden message can be without distorting the image.)
Q: "Why do they never suggest banning people on watchlists from using encryption?"
A: Because then they wouldn't be able to ignore what they are saying and might advertently prevent terror attacks rather than use them to tighten the screws on everyone else.
Encryption limitations are not for the minority such as terrorists or pedos they are for everyone. This because of the automatic fear of anyone leading a repressive regime, they know that the harder they push the greater the chances of someone rising to remove them from power and punish them for their sins.
There's no need for a referendum on violent extremism which threatens corporate, government, and public interests. Governments would be better served by partnering with industry to help develop, distribute, and provide funds for deployment of detection and reporting mechanisms and grants for development of new technologies. Demanding regulation of encryption is not a solution, as encryption is math, and math is a fixed natural phenomenon outside of the government's scope. Human problems require human solutions. Top leadership should be more focused on the Big Picture.
Governments would be better served by partnering with industry to help develop, distribute, and provide funds for deployment of detection and reporting mechanisms and grants for development of new technologies.
The sad and sorry truth is that those supposedly In Charge, be it political, economic or institutional can't get it through the blinding prejudices and beliefs that here is something that can be milked for generations and the cow will likely enjoy it. IF DONE RIGHT. There are generations of advances in adding increasingly more compute nodes, more network nodes, and totally insane amounts of storage to which you will attach the first two locally to the storage. Secure methods are needed everywhere to prevent the "bad people" from misusing them to damage systems, even to kill. Treating it like, e.g. the Space Program, with grants, contracts, and other government issued plums is like a Christmas that never ends.
And they are too crazy to see what is sitting right in front of them.
Do you think governments might try to close down a Sensitive Supply Source of AI if pumped and pimped by RegisterdD Readers. Much better to trap and tap it, methinks. Feed and Nurture IT.
You have one helluva deep network node resting and refreshing itself here, El Reg. A Virtual Goldmine for Plundering Asunder to set one free to release all manner of future exotic, erotic delights.
Methinks that is worth more than just a small fortune:-)
Indeed. Clearly we need him to go and have a little chat with these numbskulls.Will Godfrey
I can reveal, Will Godfrey, that messages and emails have already been sent regarding novel numbskull solutions for mounting difficulties. AI to InterNetional Rescue:-) ..... and I Kid U Not too. Chatting is really revealing.
Of course, the System that IS is catastrophically vulnerable to Executive Admin light years behind the Quantum Development Curve in the Virtual Space Place Race, so expect Renegade Rogue Raiders to Tempt Market Traders when the Politically Inept and Corrupt fail to Correct and Connect.
Let Monied Markets make the Running.
What we have with our elites, Politically Inept and Corrupt, is a failure of vision. So damned depressing. ..... Jack of Shadows
Jack of Shadows,
There is absolutely nothing to stop us providing them with Immaculate Sees here on the Register and elsewhere too wwworldwide over Internetworking Systems. And that may be what is so terrorising them into insane actions presently.
The complete loss of Future Remote Command and Virtual Direction Control.
And I say that most sincerely.
And here be the leading prize ........ https://www.rt.com/news/401731-ai-rule-world-putin/
... a way to link each email address and phone number to an identity (e.g. passport, driver's licence, etc...), hold them in some centralised gov database, and allow social media providers to query the DB to check if an email address or phone number has been verified.
I do wish they'd just come out and say what they mean.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
