Jump to content
Manx Forums - A Discussion Board & Classifieds for the Isle of Man

David Cameron wants to ban all forms of encrypted communication

HeliX

By HeliX
in International News

Recommended Posts

  • Replies 43
  • Created
  • Last Reply
guzzi Newbie

guzzi

Posted
Posted

Does he want to ban encryption? That wouldn't make sense, as many forms of on-line transaction have to be encrypted so any old Joe can't just intercept the details and abuse them. On Newsnight yesterday it sounded more like they wanted providers of secure services to make the encryption keys available to government, which is slightly different.

Link to comment
Share on other sites
HeliX Grand Master

HeliX

Posted
  • Author
Posted

Does he want to ban encryption? That wouldn't make sense, as many forms of on-line transaction have to be encrypted so any old Joe can't just intercept the details and abuse them. On Newsnight yesterday it sounded more like they wanted providers of secure services to make the encryption keys available to government, which is slightly different.

Well, firstly he wants to get rid of a load of the popular services (WhatsApp, iMessage, Snapchat) by banning them, and then yes he wants to ban end-end encrypted communications - i.e. what you said, he wants to be able to decrypt them in the middle. Which is such a security nightmare that it's not even funny. Shows a massive lack of technical understanding (no big surprise there).

Link to comment
Share on other sites
guzzi Newbie

guzzi

Posted
Posted

 

Does he want to ban encryption? That wouldn't make sense, as many forms of on-line transaction have to be encrypted so any old Joe can't just intercept the details and abuse them. On Newsnight yesterday it sounded more like they wanted providers of secure services to make the encryption keys available to government, which is slightly different.

Well, firstly he wants to get rid of a load of the popular services (WhatsApp, iMessage, Snapchat) by banning them, and then yes he wants to ban end-end encrypted communications - i.e. what you said, he wants to be able to decrypt them in the middle. Which is such a security nightmare that it's not even funny. Shows a massive lack of technical understanding (no big surprise there).

 

 

But, only if his party is re-elected with a parliamentary majority. Which is an important point.

Link to comment
Share on other sites
guzzi Newbie

guzzi

Posted
Posted

"David Cameron has today revealed his intention to ban communication services like Snapchat, WhatsApp and iMessage if they continue to be encrypted from the security services. Snapchat, WhatsApp and Apple's iMessage all encrypt their messages making it impossible for governments to look at them."

 

My emphasis. He is saying that the encryption keys should be available to government. People will be able to vote for the Tory Party's policies or not.

Link to comment
Share on other sites
HeliX Grand Master

HeliX

Posted
  • Author
Posted

"People" in general aren't tech-savvy enough to know why this is a problem. I would be surprised if this issue is what stops Cameron being re-elected. Not to mention that there's no guarantees the other parties won't follow suit, there's been a growing trend in curbing personal privacy in the name of counter-terrorism.

Link to comment
Share on other sites
guzzi Newbie

guzzi

Posted
Posted

I agree that there should be a discussion about this issue, but it is worth getting it clear what is being proposed, which isn't a ban on encryption.

 

The ideal situation is obviously to surveil the terrorists but not the general public. But you have to have some sort of intelligence to determine who the suspected terrorists might be, something of a Catch-22.

 

I don't subscribe to the point of view that fear of terrorism is being trumped up by the powers that be in order to control and censor people, I am entirely convinced that there is a genuine threat and that this threat comes from Islamist extremists ideologically driven to defeat Western democracy. Given that, you really do have to defend yourself, and unfortunately a reduced level of personal privacy in internet communications is something that I am willing to accept, along with queuing for security and taking off my shoes at the airport.

 

I actually think that unless there is some sort of trigger detected, your emails or whatever aren't going to be routinely read. It will be more about metadata, for example who it is you are corresponding with and where, combined with automatic scrutiny for trigger words.

Link to comment
Share on other sites
HeliX Grand Master

HeliX

Posted
  • Author
Posted

I agree that there should be a discussion about this issue, but it is worth getting it clear what is being proposed, which isn't a ban on encryption.

 

The ideal situation is obviously to surveil the terrorists but not the general public. But you have to have some sort of intelligence to determine who the suspected terrorists might be, something of a Catch-22.

 

I don't subscribe to the point of view that fear of terrorism is being trumped up by the powers that be in order to control and censor people, I am entirely convinced that there is a genuine threat and that this threat comes from Islamist extremists ideologically driven to defeat Western democracy. Given that, you really do have to defend yourself, and unfortunately a reduced level of personal privacy in internet communications is something that I am willing to accept, along with queuing for security and taking off my shoes at the airport.

 

I actually think that unless there is some sort of trigger detected, your emails or whatever aren't going to be routinely read. It will be more about metadata, for example who it is you are corresponding with and where, combined with automatic scrutiny for trigger words.

It may as well be considered a ban on encryption, encryption which can be decrypted by a third-party mid-transit is not really encryption at all. And backdoors which let the Government do this are security holes in 100% of cases. If the Government can get in, so can others.

 

There was lots of intelligence on the guys who carried out the French attacks. They were certainly well-known to police. Still couldn't do anything about it.

 

There is certainly a threat of terrorism. But revoking the privacy of an entire country because some people are terrorists is unacceptable. What happened to the presumption of innocence? Not to mention that this simply won't work. Whatever measures the Govt put in place, the terrorists will just find a different way to communicate around them. The only people this hurts are innocents.

 

They probably won't be routinely read, but you can bet your bottom dollar the Government will keep hold of them all, and should they "need" them in future they'll get read. What gets defined as a "need" in this situation, is David Cameron's opinion I suppose.

Link to comment
Share on other sites
guzzi Newbie

guzzi

Posted
Posted

No, a ban on encryption would enable anyone to read your transaction, the provision of the key to government enables government to read your translation. There is a distinction. Others can only get in if they have the encryption key too.

 

I agree about the Paris terrorists, and the same was true of at least one of the 7/7 London bombers. They were failures of human judgement.

 

What, if anything, would you do about the threat?

Link to comment
Share on other sites
HeliX Grand Master

HeliX

Posted
  • Author
Posted

No, a ban on encryption would enable anyone to read your transaction, the provision of the key to government enables government to read your translation. There is a distinction. Others can only get in if they have the encryption key too.

 

I agree about the Paris terrorists, and the same was true of at least one of the 7/7 London bombers. They were failures of human judgement.

 

What, if anything, would you do about the threat?

WhatsApp uses the encryption that TextSecure uses. The keys are only stored locally on your device. Unless you think they're going to send the Government every key from every user, then the only way to give access to the messages is to allow a backdoor. Which is a security vulnerability. Which means anyone else can exploit it too. This is the same of any end-to-end encryption service (which is what DCameron is targeting).

EDIT: Forgot to add, you'd also have to store every session key used... I don't know the specifics of how long each service considers each session, but it'd be a lot of keys.

 

I certainly wouldn't do something that'll have absolutely zero impact on terrorists (as they'll just use a different service) and that ends up with the Government having a load more data on law abiding citizens.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...