UK cyber-spy law takes Snowden's revelations of mass surveillance – and sets them in stone The encryption bothering parts of the UK's Investigatory Powers Bill have left IT security experts flabbergasted. Introducing the draft internet surveillance law in the House of Commons on Wednesday, Home Secretary Theresa May presented it as consolidating and updating existing investigatory powers. She spun it as a break from …
> The UK government wants to promote the use of good crypto to further its established goal of making the UK the best place in the world to do e-commerce. Alongside this, GCHQ and MI5 still want to be able to decrypt communications and identify suspects in terrorist plots, child abuse, and other serious crimes.
So basically the government are saying 'come and do your online business in the UK, we're very secure (but make sure you give us the keys just in case we need to hack you)'
And how long will it be before some careless plod or council official loses a laptop or some such device with a load of snooped data on it?
This post has been deleted by its author
This post has been deleted by its author
"I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.
Our commitment to protecting your privacy comes from a deep respect for our customers. We know that your trust doesn’t come easy. That’s why we have and always will work as hard as we can to earn and keep it."
Imagine how annoyed Theresa May is going to be when he tells her to take a flying fuck at a doughnut.
You seem to be forgetting that US companies that co-operate are imdemnified by the US Govt, can lie to their customers and are protected from being sued by their clients when it turns out they were lying all along. The more a company shouts about it's non-coperation and independance, the more you can assume they are fully co-operative with Govt agencies. Please don't be so naive.
Where they changed their design for iOS so that it is IMPOSSIBLE for them to give up a user's key, since they never have access to it. Previously they kept a copy, so they could be support-friendly if someone forgets the password or the next of kin wants access or whatever and be able to remotely unlock it. That left open the possibility that the government could coerce them via secret laws with secret penalties for the company or its execs, so they protected themselves by changing the design so Apple never has the key. Too bad for forgetful people who forget their password, but it makes things easy for Apple if the NSA comes knocking. "Sorry, we couldn't help you even if we wanted to".
There's another negative effect that if an actual terrorist, pedophile or other Bad Person had some data on their iPhone the government wants to access, with a valid court order and so forth, Apple can't help them and neither can data recovery companies - even if it would be the only means of saving lives. That's too bad for prosecutors and the general public, but the government brought it upon themselves through their actions of thinking they are entitled to ask tech companies for data without a warrant.
Where am I ?
In the Village.
What do you want ?
Information.
Whose side are you on ?
That would be telling. We want information… information… in formation.
You won't get it.
By hook or by crook, we will.
Who are you ?
The new Number Two.
Who is Number One ?
You are Number Six.
I am not a number, I am a free man !
Perhaps it's time to make this old power themes 90 prisoner remix no 1 in protest:
Business as fucking usual. It does make me laugh when they roll out the tired "protect the kids" line though. Why? Well mi5 were filming kids being abused for over a decade at dolphin square and did nothing. Blackmail I think it's called, and remember that dossier that was lost? Or the witness testimony "accidently" deleted.
Mark my words, they won't stop. Not until they have you tagged and tracked from birth to death.
This doesn't try to uninvent incryption as the sub title suggests. It just says that CSPs have to
".. maintain the ability to remove any encryption applied by the CSP to whom the notice relates.." so if TalkTalk encrypt your account details before storing them (which I guess they will soon be doing) they have to decrypt them when GCHQ ask. That's fine, you never knew whether they were encrypted in the first place and you certainly didn't have an expectation that those details were a secret from TalkTalk.
However, if you send an encrypted email then the encryption was applied by you, not the CSP so they don't have any responsibility to decrypt it.
That would be terrible if that were the case, for those of us that run vpns then. Gosh its all deeply upsetting.
Especially the paradox of "we want good strong encryption which is to keep our citizens safe but we must be able to unlock it with a skeleton key".
"However, if you send an encrypted email then the encryption was applied by you, not the CSP so they don't have any responsibility to decrypt it."
When did they repeal the law that said if you refused to provide them with the key you were guilty of an offence with very severe punishments?
"That means investigation to establish evidence of a crime being committed.
IE Real police work"
It requires only that a suitably senior police officer (Superintendant - or is it Chief inspector, I can't remember) state that it is it is necessary and proportionate to require the key - maybe also evidence that a crime has been (really "may have been") committed. But does any connection between the crime and the decryption need to be established by evidence other that the police officer's opinion? I don't remember seeing any such requirement in any (UK) legislation.
Three words:
One .... Time ... Pad
To explain to the apparently hard of hearing (i.e. those in government): If people REALLY want to encrypt, they can, and NOBODY can even tell it is an encrypted message, not just a load of digitized line noise. Hide the line noise in a cat video and only those who know which one it is, and what pad to use can decrypt. GCHQ knows this, the NSA knows this.
One time pad... Sure, works wonderfully and is the only provably secure crypto system known to man. The problem with it of course, is storing or generating all the damn keys, and making sure they get generated in a provably random way, which is actually a lot harder than it sounds when you need to make a million keys - just the article we're discussing has 8529 characters in it which would require hundreds of keys to encrypt.
@LucreLout the article is much longer than any instructions to sleeper agents would need to be. The problem with one time pad is, as with idiot code, the issue of key distribution. The thing about idiot code though, is that it doesn't even look like cipher text: a message saying that your friend is expecting triplets, but is still hoping for a home birth instead of going to a major hospital such as Reading and that the due date is April 23 may mean that you should attend a given meeting site / drop box at 16:23 on Tuesday and pick up some explosives.
One time pad...
Here we go again with the obligatory OTP rubbish.
Sure, works wonderfully and is the only provably secure crypto system known to man.
"only provably secure crypto system known to man" is either wrong or tautological, depending on how specific your definition of the OTP is. The security proof for OTP rests on the fact that all plaintexts of appropriate length are equally likely for a given ciphertext, if the OTP conditions are met. That's a limited proof; it doesn't account for side channels, traffic analysis, etc.
OTP as traditionally described provides only confidentiality; you can use a bit-flipping attack to change the ciphertext and then the recovered plaintext. You have to add a message integrity mechanism to detect alteration. So the OTP "provably secure" claim doesn't cover attack categories outside confidentiality.
Further, if the definition of OTP you're using isn't sufficiently general, then you aren't including some OTP constructs. For example, most people describe OTP using XOR, but EQV works just as well. And an OTP cryptosystem can be decorated in various ways without violating the OTP confidentiality proof, so your definition has to cover those too if you want that "only provably secure" claim to hold up.
And if you're definition's broad enough to cover all the cases, then it covers anything that has the equally-probable plaintext attribute. And so all you're saying then is "all provably perfectly confidential [which is what you meant by 'secure', a meaningless term in this context] cryptosystems are isomorphic to an OTP". So "only" in the sense of "equivalent to all". And that's not a very interesting observation.
Of course all of this is largely irrelevant because the suggestion to use the OTP as a general cryptosystem is stupid. OTP requires a separate secure channel A that's as large as the secure channel B it provides, in order to distribute its key material. So you've just deferred your secure-communications problem, and created a less-secure channel which is open to attack and weakens the theoretical strength of the OTP.
"Of course all of this is largely irrelevant because the suggestion to use the OTP as a general cryptosystem is stupid. "
I don't think anyone was attempting to claim that OTP should be used as a general encryption system, though. The OP was pointing out that terrorists/paedos/whatever can just use a manual OTP if they want to secure their communications, and so generate an uncrackable code. Thus, it's a mathematical impossibility for the government to achieve the ability to read everything; the genuine threats can simply use unbreakable methods inserted in such a way as to make it impossible to even detect that communication is happening, let alone decode it.
I was think similar but slightly less dastardly. Store all the data in an air-gapped bit barn and when spooks or cops want the data you tell them where it is and explain that someone will meet them there. I'm sure the intention of the proposed bill is that cops/spooks will be able to log in and run a search, but like the DPAs lack of explicitly requiring encryption, this bill doesn't explicitly say how access should be provided, merely that assistance and access should be provided.
An added bonus would be to store the data in a dark cellar with a broken lightbulb and a Beware of the Leopard sign on the door..
"Take yesterday's logfiles, encrypt them, burn them to a DVD (write verification off), don't label it, swing by your dark cellar, and toss the disc randomly on the pile."
I wasn't thinking we'd be able to swing by the cellar. After all, cellars are much cheaper in Ulan Bator then London right now. We'll just mail the unlabeled disks out there every couple of weeks.
Unfortunately you cannot trust software that you cannot read the source and build a bitwise identical version of. All that it takes is the NSA to give Apple/MicroSoft/... a National Security Letter telling them to insert some malicious code into a program or library/.DLL/.so and they will have to do it and not be allowed to tell anyone.
So people needing security will have to use Open Source software; maybe on a proprietary platform, although it will be easier to validate everything it what you run is Open Source top to bottom.
Most people will not bother, but clever crooks, terrorists, paedophiles will do so - they will have the motivation. So those being spooked will be everyone other than the ones that we are being told that this is supposed to catch.
Stupid or a different agenda ?
Most people will not bother, but clever crooks, terrorists, paedophiles will do so - they will have the motivation
History rather suggests otherwise.
And I suspect that the number of supervillains with the resources and knowledge to vet open-source cryptography implementations, much less the inclination, is very small indeed. Pretty much it appears to be limited to major state actors.
That's not to say I'm in favor of government snooping, but I don't think this particular line of argument carries any weight.
With regard to the para that references RIPA:
"RIPA requires CSPs to provide communications data when served with a notice, to assist in giving effect to interception warrants, and to maintain permanent interception capabilities, including maintaining the ability to remove any encryption applied by the CSP to whom the notice relates."
Am I missing something, but in relation to the web communications data, how can the CSP remove encryption to anything other than it's own websites?
Yeah,
They'll have to, when ordered, redirect your IP connection to one with subverted routing so that Plod/MI5/Local Council Dogdoo Inspector can use spoof HTTPs certs they forced the major CA's to sign for Yahoo/Gmail/Whatever and then conduct MITM attacks against your encrypted traffic.
Probably all have to be automated so they just connect in and run a couple of commands or click a couple of buttons on a GUI. And HomeSec will have no problem signing off a massive fishing "Warrant" to allow whoever unlimited snooping on whomever takes their fancy for "undisclosed reasons"
The "including" line is just to make sure they keep their own private keys around so you can't operate a business that bins the keys when plod comes knocking.
Open Internet Certificate-based encryption is pretty much a joke as it requires you to "trust" CA's , of which there are 1000's , there are basically no legal protections if they screw up, and all of them are subject to being ordered by Govs to hand out whatever certs they are told to.
Some kind of crowd sourced Certificate confirmation system might work, but a) has problems when the companies actually change their certs normally b) are subject to being subverted themselves.
> Open Internet Certificate-based encryption is pretty much a joke as it requires you to "trust" CA's , of which there are 1000's , there are basically no legal protections if they screw up, and all of them are subject to being ordered by Govs to hand out whatever certs they are told to.
You can actually blame the browsers for the current state of affairs, for not supporting things like DANE.
Yes, GCHQ could get (for example) GoDaddy to issue a certificate for my domain without me knowing, but if that cert doesn't match the hash in my DNS it should be rejected. Unfortunately, there's no browser support at the moment so plod don't currently have the extra step of pressuring DNS providers as well.
So because you lot indiscriminately bomb people based purely on SIGINT with no regard for collateral damage* we have to not only put up with the violent reactions of a minority of people feeling wronged at these acts but we also have to give up our freedom and our liberties so you can try, and fail, to stop these radicalised idiots?
I live in a flight path, take the tube every day and travel abroad a lot. Both the rational part of my mind and the emotional part are way more frightened of 'my' government than the terrible 'other' that they are ostensibly trying to protect me from.
Does anyone else remember when the way we proved the west was better than the east was because they spied on their citizens and we got outraged if our government wanted to know which books we took out the library?
* Never mind the wedding, we must bomb whomever is holding that mobile phone, it dialled to a suspected terrorist at least twice.
Indeed but:
> Does anyone else remember when the way we proved the west was better than the east was because they spied on their citizens and we got outraged if our government wanted to know which books we took out the library?
That was probably just a case of ignorance is bliss.
End to end encryption merely means that the data is encrypted in transit. Obviously it has to be encrypted and decrypted on either end. And it is being encrypted and decrypted by the application that does the transmission. So it's trivial for the app maker to add a feature that silently siphons off your precious keys to a third party.
The spooks could probably just ask Google and Apple, since of course the OS is also in a good position to grab and publish any keys. But I'm sure they're doing that already and are just covering all their bases.
that's why foss at least *helps* provide some defence. And Apple and Google don't control the 3rd party stuff, though I imagine they could be hostile if they wanted....
In git (a source code repository tool) there is "bisect" a feature that allows you to track bugs.
It also helps to look for malicious code...(assuming you have that worry).
In fact, reading the gitmagic pages (in this Debian box) , git uses SHA-1.
Perhaps corrupting the source, is the next front?
P.
You try getting FOSS on your iPhone - Apple will not allow it. I wonder: if enough people get seriously concerned about this will this impact on iPhone sales ? It is not just a matter of Apple releasing bits of source - but people need to be able to independently compile and install to be sure - this breaks their apple store walled garden model.
One way to do this is use the Diffie-Hellman protocol, which allows two people to create a shared secret known only to them using prime-number maths. No one in between the pair can figure out the secret, which can be used as a key to encrypt and decrypt data. There's nothing communications providers can hand over when the g-men come knocking except useless scrambled bits.
Nobody, that is, except Bruce Schneier!
You'd almost think that these guys aren't paying attention to recent notable IT security lapses. Like the U.S. government Office of Personnel Management keeping millions of personnel and security clearance records in unencrypted databases--and that getting hacked and stolen. Or Sony Pictures having a list of IT user/admin accounts on an unencrypted spreadsheet kept on their network--and that getting hacked and facilitating widespread penetration of the rest of the network.
Maybe that's what the public "hey we want you guys to give us a backdoor" statement was for. They don't really expect American companies to roll over and give them backdoor access (especially Apple, who went out of their way to make it so they don't have the user's keys so they can't give them up no matter what)
What they expect/hope is that the paranoid people who have something to hide will shy away from using WhatsApp and iMessage fearing that maybe they've given the government backdoors, and use some little "under the radar" app as the article says. Such apps made by individual developers or small teams are far more likely to have implementation errors that allow GCHQ to break the encryption. It isn't easy to get it right, but Facebook and Apple can afford to pay for the expertise that at least lets them avoid all the known issues (if there are attacks that only the NSA/GCHQ know about, not much anyone can do...) The little companies will slip up, and make it easy for GCHQ to snoop the people who matter the most from their perspective - the extra paranoid ones who believe they have something to hide.
Because they won't be called that?
Oi diff-hatted gangstas, what is a backdoor for John, is a main entrance for Jack (-: Same stuff whenever one mistakingly supposes that he does run his own body. What a non-enlightened naivety... one's eyes are just watching back of the owner of a human body's site... hands, legs, everything - is just a h3xadecimal neuro-quantum bioset constructed to serve and to protect a beautiful mind that prepares the paths for its slaves, which are the bodies, in a false pride calling itself people who servie him well without their own informed consent. Billions of minds blinded by what they "see" "in front" of them and, joined for a good Red&Black luck. Truly a Front.
A Stellar Supreme Suprematic SuperMateIQ constellation of Intelligence Brinks that bring enlightenment to a very few of... one can say chosen, but there is always a choice between Black and Red on a single surface.
Said above pulls no strings, hides no catches, calls no names. God bless us.
55 73
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
