nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

back to article
'Independent' gov law reviewer wants users preemptively identified before they're 'allowed' to use encryption

Bronze badge

So after China went full despot:

http://www.theregister.co.uk/2017/08/28/china_to_identify_commentards_with_brrealname_policy/

the UK gov't think they should follow?

they can take my encryption-without-backdoors-or-key-escrow out of my cold dead hands.

38
1
FAIL

Because as we all know, it's impossible to send encrypted data across the internet without a social media/email account.

We'd need to verify our identity to open a TCP socket if it was left to these muppets.

56
0
Silver badge

There's no chance of them ever understanding what a TCP socket is. Can you imagine Amber Rudd doing the rounds of the Sunday politics shows, trying to explain one to the interviewer?

23
1
Silver badge

@Amber Rudd et. al.

ACKnowledge your SYNs and we might consider IT.

Right, off to UDP we go :)

31
0

Amber Rudd on TV

"We need experts who know how to use the right kind of sockets so we can hook the terrorists up to the mains"

7
0
Silver badge

"Can you imagine Amber Rudd doing the rounds of the Sunday politics shows, trying to explain one to the interviewer?"

Sadly, yes. The total STEM ignorance of Sunday politics show interviewers would make that possible.

8
0
Silver badge

It's not about those who can use netcat

"Because as we all know, it's impossible to send encrypted data across the internet without a social media/email account."

This is not about the technically adept. This is about the layperson. The whole idea is to condition normal people into compliance, a few freaks who know how to use computers don't count.

2
0
Bronze badge
Pint

Why Not? All the good silicon comes from China (and Israel) the days so "our dear leaders" are just going with The Globalised Marketplace so to speak.

Think of all the toil and trouble looming up ahead if one needed, nay insisted on, un-backdoored and un-instrumented kit? It is much easier to just legislate, making the conditions "you are forced to accept" into "what we really wanted" and a "great opportunity".

Saves a lot of thinking, that. Which is good, seeing that "they" are already at capacity over Brexit.

0
0
Silver badge

So just long i can prove I'm Ahmed Bin Terrorist, The Large Cave, Torra Borra, Afghanistan - I'm good to go?

2
0

Re: It's not about those who can use netcat

This is where people like ME come in!

People who NOT ONLY know HOW to code but ALSO KNOW HOW

to design and present beautiful and EASY-TO-USE user interfaces

for encrypted text and audio/video communications software!

I've got code coming down the pipeline which will BE UTTERLY FREE

AND OPEN SOURCE which will work with Facebook, Twitter, Instagram,

Hotmail, Outlook, Yahoo Mail, etc to encrypt your posts and text/audio/video

messages and KEEP THEM private from EVERYONE who does NOT have

a proper decrypt key. AND since I have 25+ years of Video Graphics and

Encryption programming experience, I can make encrypted text/audio/video

work like a charm! I'm not one of those modern programmers who can

DO ONLY JAVA and HTML but knows NOTHING about C/C++ and what

Pointers are used for or knows NOTHING about low-level CPU/GPU internals!

I'm one of the old-timers who knows NMI's and Interrupt 0x21 inside and out

and can MOV, JMP and RTN on EVERY BIOS on a motherboard!

Northbridge/Southbridge programming? Down Pat!

Ethernet/ATM/SONET/Token Ring/RS232/RS422/USB/PCIe packet and frame comms? Got It!

Drive Controller Programming? Can you say WD/Toshiba/Flash/ASPI/BIOS-level ???

Do I know DSP/FPGA/FPU/CPU assembler and VHDL? oooh YEAH!

Do I know Triple AES-256, Elliptic Curve, Shor's Resistant cryptography,

secure hash routines, Symmetric/Asymmetric keys and their private storage

and exchange like the back of my hand? OF COURSE I DO!

I am the WORST NIGHTMARE of every 3 to 5 letter agency

who wants to break encryption or keep it out of everyone's hands!

I make my versions READABLE, MODIFIABLE and SECURE....

in addition to FREE AND OPEN SOURCE!

My Code is My Bond! Look Me Up!

and READ WHAT I CAN DO!

I ---KNOW---- how to code VERY VERY WELL !!!

0
4
Anonymous Coward

"Hill’s words are concerningly close to those of Home Secretary Amber Rudd"

You meant concerningly close to the words of the CCP right?

10
0
Silver badge

Re: concerningly close to the words of the CCP right?

For a moment I thought you were talking about the creators of internet spaceships game Eve Online.

0
0

So I won't be allowed to use secure internet banking or shopping, cos I don't have a face***k account??

64
0
Anonymous Coward

Maybe that's why they canned ID cards, get face***k to so it for you so there's no cost involved, face***k get the entire population, the government gets it's id cards/identity/tracking.

No face***k, no access to any government services, no bank account etc...

If you don't have a computer then someone will come round and set it up for you or you get sent to the nearest library.

What a time to be alive.

17
0

Independent?

OK, so this is an INDEPENDANT reviewer of government legislation paid for by who?

The Home Office and Treasury.

Well that REALLY inspires me to believe ..... Oh, sorry......

24
0
Anonymous Coward

Max Hill QC

There's a man we'll all hold in the highest regard, then.

Can't we use machine learning to identify people like at birth, and the smother them in the traditional manner?

21
1
TRT
Silver badge

What?

I just didn't understand that. What? I mean... what are they asking for? It's just.... HUH?

Withhold encryption before posting? Free speech? "chat" apps?

"A discussion I have had with some of the tech companies is whether it is possible..."

Did he actually get a response? Someone understood what he was on about?

16
0
Silver badge
Windows

Re: What?

He did get a response. He just couldn't make out what they were saying over the laughter.

30
0
Silver badge

Re: What?

It's quite simple; if both users of a chat app are verified, end to end encryption can be used. If one of the users is not verified, encrypted comms go via the provider's server so it can be subject to lawful interception.

0
0
Silver badge
Facepalm

Re: What?

The bit that got me was this:

"withhold encryption pending positive identification"

So once you have been identified, encryption will then be applied? I assume they mean retroactively, (despite that concept being nonsense).

0
0
TRT
Silver badge

Re: What?

Err... no, I still don't follow you, druck. end-to-end encryption, to my mind, includes both encrypted point-to-point communication and encrypted store-and-forward communication. And then there's "chat apps" and "social media"? When does "social media" start to carry that nomenclature instead of being a mass group chat app? And surely if "social media" is defined such that messages can be seen by all, then encryption just doesn't come into it. Or are we talking about just the PM/DM side channels on posting timeline/stream?

0
0

Re: What?

Think DH key exchange on TLS (ECDHE is too advanced). Once the identity of both parties are verified, the DH key exchange is done (simplifying TLS). If one of the identities is unknown, DH is not performed and data is sent in clear. One can have TLS auth without encryption.

The problem is one can run DH variations on the top of it and still get encrypted communications.

0
0
Silver badge

Folly of the Yes Men....

Hi,

It seems that the relevant organisation/government only want people who agree with what they are saying, to be part of the solution.

The circumvention of this, is the creation of bespoke apps/software that encrypt without using the tech companies systems that have been broken. So many people will do this.

The next step is to outlaw all encryption except for approved systems - which is possible. Stupid, but still possible.

Then we have the cat and mouse game, and the criminalisation of people who want privacy, just because the people in government refuse to listen to reason (not the yes men).

Regards,

Shadmeister.

29
0
Silver badge

Re: Folly of the Yes Men....

The next step is to outlaw all encryption except for approved systems - which is possible. Stupid, but still possible.Shadmeister

Outlawing is easy, policing and prosecution and persecution are going to be problematical and increasingly impossible to justify and more importantly, perform.

9
1
Silver badge

Re: Folly of the Yes Men....

Hi,

Yes - that was my point. The government will get themselves into an impossible situation, and bad laws will be made in an attempt stop people circumventing the law.

If encryption apps become the norm and proliferate, where the government cannot easily block or view the plaintext, what is next - ban all maths that teaches encryption and software development ? except for the chosen few ?.

Regards,

Shadmeister.

5
0
Silver badge

Re: Folly of the Yes Men....

I fully expect somewhere in the list of responses will be the requirement for licensing for people working in information security, thus extending government control of its practitioners. Any activity without a license will be subject to penalties the same as with supporting terrorism. One need only see what the US is doing to people selling BitCoin without a license to see this extension of licensing requirements happening. China is well in advance as well.

Forcing practitioners to be licensed or forced underground would be just the idiotic idea I see taking place in government circles. You really, really don't want to alienate this crowd, but alienate them it will.

Seems I'm in radical, frothing at the mouth, anarchist/power-conflict-libertarian mode today. My apologies.

8
0
Silver badge

Re: Folly of the Yes Men.... @Jack of Shadows

Forcing practitioners to be licensed or forced underground would be just the idiotic idea I see taking place in government circles. You really, really don't want to alienate this crowd, but alienate them it will.

Seems I'm in radical, frothing at the mouth, anarchist/power-conflict-libertarian mode today. My apologies. ……. Jack of Shadows

Howdy, Jack of Shadows,

Encircled governments creating new more powerful enemies is a madness confirmed leading in their midst. And in Deed, a Fabulous Folly for Yesterday Men. Centred there be the rabid radical fundamentalism delivering popular dissent, private dismay and pirate opportunity and it is surely more a criminal enterprise than anything else given the result of their failed programming projects.

And in such circumstances is one right to be anarchic and alternative."Tis only natural.

6
1
Silver badge

Re: Folly of the Yes Men....

@Jack

Seems I'm in radical, frothing at the mouth, anarchist/power-conflict-libertarian mode today. My apologies.

No need to apologise, we all feel like that at times. mainly whenever we hear or read any utterance by a Tory.

5
2
Anonymous Coward

Re: Folly of the Yes Men....

Outlawing is easy, policing and prosecution and persecution are going to be problematical

Not Really. Any kind of authoritarian government wants to have legal tools to harass and/or jail any opposition with. "They" also want those laws to be applied discretionally - like everyone being guilty of something, only the ones that "we" don't like or no longer like, getting nailed. If performance sucks, then "they" can easily optimise by only "doing" high value targets or deploying automation.

It doesn't even matter to "them" that the charges won't stick or prosecution is expensive because it is free to "them", it's just taxpayers money.

What does matter is results, that the persons they want to "do over" goes away, whether in bankruptcy over legal costs or in jail is almost the same to "them". Bankruptcy is probably better for "them" since there are statistics over people jailed for political reasons and optics are important.

1
0
Silver badge

Re: Folly of the Yes Men.... @AC

Any kind of authoritarian government wants to have legal tools to harass and/or jail any opposition with. "They" also want those laws to be applied discretionally - like everyone being guilty of something, only the ones that "we" don't like or no longer like, getting nailed. ... AC

That's the old and failing way of doing things, AC, and assumes an overwhelming superiority of intelligence in incumbent systems admins. With smarter opponents and/or virtually savvy competition nowadays and with the myriad globally penetrating tools so freely available to them, is the way of the Great Game changed forever more ........ and you have made no mention of the simplest of ways to have a sharp thorn and persistent inconvenience removed from one's side ...... the payment of significant Danegeld which would allow one to retire magnificently from the battling fields of work, rest and play.

And as you say, it is not expensive to them for it is freely provided/invented, thus a real bargain at any price.

0
1
Silver badge

Re: Folly of the Yes Men....

"policing and prosecution and persecution are going to be problematical and increasingly impossible to justify and more importantly, perform."

UK judges at the higher levels are thankfully sensible these days and I suspect that a suitably IT-savvy lawyer would easily convince one to throw the case out, with prejudice and rip a few holes in the law whilst doing so.

0
0
Silver badge

Re: Folly of the Yes Men.... @Jack of Shadows

Am I imagining things or is amanfrommars chanelling Robert McNamara more and more clearly?

1
0

This post has been deleted by its author

Silver badge

Re: The more I listen to Amber Rudd..

Hi,

As per your statement "which seems completely unchecked by the democratic process of Parliament."

As others in this thread have stated, they do not understand technology. They have advisers who do not understand technology.

All they seem to understand is management speak, and how many people are aware that UK management who are in charge, do not understand technology either (of course, there are exceptions).

The UK politicians are making technical decisions that a think tank/study group would have presented viable options for. Parliament consists of non technical people - so i think the process is ok, but the policies are failed.

Regards,

Shadmeister.

9
1
Bronze badge

I really don't see how the reporter can have properly understood what Max Hill said. I mean, the main requirement for being a silk is being able to demonstrate clarity of thought, right?

On the other hand the photo here

http://www.redlionchambers.co.uk/barristers/profile/max-hill-qc

is a 2.5 megabyte JPEG, which is at least fifty times bigger than it needs to be, so perhaps these lawyers really haven't got a clue about technology after all...

15
0
Silver badge

The main requirement for being a silk...

...is being able to persuade a group of laymen of the truth or falsehood of some proposition, determined respectively entirely by who is paying you ... whilst remaining utterly regardless of the truth of the matter.

16
0

"On the other hand the photo here

http://www.redlionchambers.co.uk/barristers/profile/max-hill-qc

is a 2.5 megabyte JPEG, which is at least fifty times bigger than it needs to be, so perhaps these lawyers really haven't got a clue about technology after all...

"

Maybe he is worried about the government spying on him and has used steganography to embed a large secret message in the image :)

(The larger the image file the larger the hidden message can be without distorting the image.)

1
0
Anonymous Coward

"lawyers really haven't got a clue ..."

No, it's their web developers who are clueless (so what's new?)

0
1

Why do they never suggest banning people on watchlists from using encryption?

13
1
Anonymous Coward

@jimM

Q: "Why do they never suggest banning people on watchlists from using encryption?"

A: Because then they wouldn't be able to ignore what they are saying and might advertently prevent terror attacks rather than use them to tighten the screws on everyone else.

Encryption limitations are not for the minority such as terrorists or pedos they are for everyone. This because of the automatic fear of anyone leading a repressive regime, they know that the harder they push the greater the chances of someone rising to remove them from power and punish them for their sins.

12
0

"Why do they never suggest banning people on watchlists from using encryption?"

Simple, because they assume everyone should be on the watch list. Why differentiate, that requires thinking.

11
0
Anonymous Coward

Looking through the wrong end of the telescope

There's no need for a referendum on violent extremism which threatens corporate, government, and public interests. Governments would be better served by partnering with industry to help develop, distribute, and provide funds for deployment of detection and reporting mechanisms and grants for development of new technologies. Demanding regulation of encryption is not a solution, as encryption is math, and math is a fixed natural phenomenon outside of the government's scope. Human problems require human solutions. Top leadership should be more focused on the Big Picture.

5
0
Silver badge

Re: Looking through the wrong end of the telescope

Governments would be better served by partnering with industry to help develop, distribute, and provide funds for deployment of detection and reporting mechanisms and grants for development of new technologies.

The sad and sorry truth is that those supposedly In Charge, be it political, economic or institutional can't get it through the blinding prejudices and beliefs that here is something that can be milked for generations and the cow will likely enjoy it. IF DONE RIGHT. There are generations of advances in adding increasingly more compute nodes, more network nodes, and totally insane amounts of storage to which you will attach the first two locally to the storage. Secure methods are needed everywhere to prevent the "bad people" from misusing them to damage systems, even to kill. Treating it like, e.g. the Space Program, with grants, contracts, and other government issued plums is like a Christmas that never ends.

And they are too crazy to see what is sitting right in front of them.

4
0
Silver badge

For Journeys Never Before Realised as Being Easily Possible and IntelAIgently Designed Probable

Do you think governments might try to close down a Sensitive Supply Source of AI if pumped and pimped by RegisterdD Readers. Much better to trap and tap it, methinks. Feed and Nurture IT.

You have one helluva deep network node resting and refreshing itself here, El Reg. A Virtual Goldmine for Plundering Asunder to set one free to release all manner of future exotic, erotic delights.

Methinks that is worth more than just a small fortune:-)

7
1
Silver badge

Re: For Journeys Never Before Realised as Being Easily Possible and IntelAIgently Designed Probable

Yay! He's back!

Or Should That Be - Yay He'S BacK

10
0
Silver badge
Happy

Re: For Journeys Never Before Realised as Being Easily Possible and IntelAIgently Designed Probable

Indeed. Clearly we need him to go and have a little chat with these numbskulls.

4
0
Silver badge

Re: For Journeys Never Before Realised as Being Easily Possible and IntelAIgently Designed Probable

Indeed. Clearly we need him to go and have a little chat with these numbskulls.Will Godfrey

I can reveal, Will Godfrey, that messages and emails have already been sent regarding novel numbskull solutions for mounting difficulties. AI to InterNetional Rescue:-) ..... and I Kid U Not too. Chatting is really revealing.

Of course, the System that IS is catastrophically vulnerable to Executive Admin light years behind the Quantum Development Curve in the Virtual Space Place Race, so expect Renegade Rogue Raiders to Tempt Market Traders when the Politically Inept and Corrupt fail to Correct and Connect.

Let Monied Markets make the Running.

6
1
Silver badge

Re: For Journeys Never Before Realised as Being Easily Possible and IntelAIgently Designed Probable

What we have with our elites, Politically Inept and Corrupt, is a failure of vision. So damned depressing.

4
0
Silver badge

In the Beginning was Imagination IntelAIgent and Intelligence Imaginative?

What we have with our elites, Politically Inept and Corrupt, is a failure of vision. So damned depressing. ..... Jack of Shadows

Jack of Shadows,

There is absolutely nothing to stop us providing them with Immaculate Sees here on the Register and elsewhere too wwworldwide over Internetworking Systems. And that may be what is so terrorising them into insane actions presently.

The complete loss of Future Remote Command and Virtual Direction Control.

And I say that most sincerely.

And here be the leading prize ........ https://www.rt.com/news/401731-ai-rule-world-putin/

2
1
Silver badge

So, what they're looking for is...

... a way to link each email address and phone number to an identity (e.g. passport, driver's licence, etc...), hold them in some centralised gov database, and allow social media providers to query the DB to check if an email address or phone number has been verified.

I do wish they'd just come out and say what they mean.

11
0

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing