Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Privacy Encryption Government United Kingdom

Omand Warns of "Ethically Worse" Spying If Unbreakable Encryption Is Allowed 392

Press2ToContinue writes In their attempts to kill off strong encryption once and for all, top officials of the intelligence services are coming out with increasingly hyperbolic statements about why this should be done. Now, a former head of GCHQ, Sir David Omand has said: "One of the results of Snowden is that companies are now heavily encrypting [communications] end to end. Intelligence agencies are not going to give up trying to get the bad guys. They will have to get closer to the bad guys. I predict we will see more close access work." According to The Bureau of Investigative Journalism, which reported his words from a talk he gave earlier this week, by this he meant things like physical observation, bugging rooms, and breaking into phones or computers. "You can say that will be more targeted but in terms of intrusion into personal privacy — collateral intrusion into privacy — we are likely to end up in an ethically worse position than we were before." That's remarkable for its implied threat: if you don't let us ban or backdoor strong encryption, we're going to start breaking into your homes.
This discussion has been archived. No new comments can be posted.

Omand Warns of "Ethically Worse" Spying If Unbreakable Encryption Is Allowed

Comments Filter:
  • by Anonymous Coward on Monday January 26, 2015 @09:33AM (#48904067)

    shame if something was to happen to it.

    • by meta-monkey ( 321000 ) on Monday January 26, 2015 @10:10AM (#48904407) Journal

      Now, boy, we can do this the easy way, or we can do this the hard way.

      • by ultranova ( 717540 ) on Monday January 26, 2015 @11:03AM (#48904927)

        Now, boy, we can do this the easy way, or we can do this the hard way.

        Which is a trap. The only way to defeat evil is to force it to reveal its true face. Intelligence agencies would very much love to have everyone pretend having their mail opened and read is okay; it's when people refuse to go along with the lie when the ugly truth comes out.

        And it will only get uglier from here.

    • by Anonymous Coward on Monday January 26, 2015 @10:21AM (#48904545)

      Let's think about this for a moment. The chief complaint of the Snowden revelations is that it presents a broad swath domestic surveillance that violates everyone's privacy and 4th amendment rights (presumptively). So when we see statements about how the intelligence agencies will start engaging in more close access operations versus blanket monitoring, why do we presume this is a bad thing? Certainly no one thinks that attacks on Charley Hebdo or Sony, or other similar terrorist attacks is good? Why would we think that "less ethical" methods to employ "close access work" would be a bad thing if we can stop terrorist networks from attacking innocent civilians? Where do we strike that balance?

      • ... if we can stop terrorist networks from attacking innocent civilians?

        No one had the intel to stop the French terrorists, right?

    • by Slashjones ( 3879223 ) on Monday January 26, 2015 @10:22AM (#48904561)

      You want privacy? Nope! We'll just try harder to violate your privacy and constitutional rights if you try to protect it. You exist to make our jobs easier. Your rights are null and void when they make our jobs harder. That silly thing called "freedom" is less important than our ability to catch Bad Guys.

    • by marcello_dl ( 667940 ) on Monday January 26, 2015 @10:26AM (#48904607) Homepage Journal

      It's funny because the threat is EXACTLY how I think things should be done.
      You can sure commit crimes shifting bits around, but most such deeds have to reflect IRL at some point. So let the cops follow the bad guys IRL. Strong encryption can't do much when I see what's on your screen. So by all means, spy on suspects instead of bulk-collecting false positives.

      It's also quite ridiculous that international banking can keep doing transactions at the speed of light while the NSA and pals want to access to your data. I'd say follow the money first.

      Bulk spying is not about preventing crime anyway. It's about control, it yields potential weaknesses for each one, regardless of his actual behavior.

      • by TheRaven64 ( 641858 ) on Monday January 26, 2015 @12:39PM (#48906055) Journal
        Right. It doesn't seem like a threat to say 'if you pass this then we'll have to actually do our jobs!' It just makes you wonder what they're doing now instead...
      • by Darinbob ( 1142669 ) on Monday January 26, 2015 @02:48PM (#48907389)

        Doing things the old fashioned way is expensive. That's a good thing. This means the government should stop and think first before bugging someone. They can't bug every single person, especially with a warrant for each, which is why they want the inexpensive solution of tapping into the central phone system. So pay for the tech, send actual technicians into the field, do a lot of undercover work, and the government will start focusing on the important targets.

  • Translation ... (Score:5, Insightful)

    by gstoddart ( 321705 ) on Monday January 26, 2015 @09:34AM (#48904075) Homepage

    We're self entitled assholes, with nor regard for the law, and if we don't get back doors to encryption, we're going to become even more ethically challenged, self entitled assholes with nor regard for the law.

    I sincerely hope one or more of their people get shot breaking into some place and not identifying themselves as agents.

    Fuck, but governments are willing to slide into fascism and tyranny.

    I you can't operate in the law, you should be subject to it ... and tried for criminal activities.

    Papers please, comrade. You have nothing to frar if you have nothing to hide.

    • by mwvdlee ( 775178 )

      This Omand guy should be fired immediately for even mentioning the possibility of a government service using unethical methods.
      A government that is anything less than completely ethical should be no government at all.

    • Wrong translation. It's much simpler.

      "Allow us to break encryption, or we go back to the methods we've been using for decades, if not centuries!" Because that's exactly what they say they have to "start using": methods that have been used for a very long time. Methods that overall worked quite well.

  • Good (Score:5, Insightful)

    by MartinG ( 52587 ) on Monday January 26, 2015 @09:37AM (#48904099) Homepage Journal

    I'd rather see bugging of rooms and physical observation of actual suspects rather than weakening the security and rights for absolutely everyone.

    Besides, it's not like organised criminals will stop using encryption just because it's illegal. (I almost can't believe we're talking about effective encryption being illegal)

    • Re:Good (Score:5, Insightful)

      by Anonymous Coward on Monday January 26, 2015 @09:46AM (#48904169)

      Me too. It's a hell of a lot harder to bug every man, woman, and child in the west than it is to intercept and crawl their communications. Having them have to actually spend time, effort, and money and risk discovery to obtain information makes it far far less likely that they will collect it just because they are able to. It's a check on their power that's sorely needed.

      • Re:Good (Score:5, Insightful)

        by plover ( 150551 ) on Monday January 26, 2015 @10:00AM (#48904309) Homepage Journal

        Me too. It's a hell of a lot harder to bug every man, woman, and child in the west than it is to intercept and crawl their communications. Having them have to actually spend time, effort, and money and risk discovery to obtain information makes it far far less likely that they will collect it just because they are able to. It's a check on their power that's sorely needed.

        I came here for this exact sentiment. Spying has always had a component of risk of exposure, and that is needed to keep spying at a small scale. Drift net sieving of all our communications is the abuse.

      • This is exactly what I came here to say, too. It's easy for someone to sit in their office in DC or wherever and eavesdrop on the entire internet if traffic is unencrypted, so there's an incentive to simply be lazy and collect as much as possible. When they have to physically visit a person's home, office, whatever in order to eavesdrop - this is GOOD. Now there's an incentive to actually *think* and make sure you're doing the right thing before investing the resources needed to eavesdrop.

    • Sssshhhh! Don't tell them we might actually like something they'd do, or they won't do it!

      "Ohhhhh puuuuhleeeeeaze Brer Omand, whutevah you do, don't throw us in that targeted-spying-on-actual-terrorists-instead-of-everybody patch!"

      It broke down at the end there, but you get the idea.

    • by raymorris ( 2726007 ) on Monday January 26, 2015 @10:19AM (#48904509) Journal

      Exactly. "Bugging rooms, and breaking into phones or computers" requires agents to specifically go to a certain location, probably after getting a specific search warrant. That's how policing should be done.

  • by Grog6 ( 85859 ) on Monday January 26, 2015 @09:37AM (#48904101)

    Most of us practice head shots for hours at a time.

    People in the South tend to have guns within reach at all times; what could possibly go wrong? :)

  • Cost/benefit ratio (Score:5, Insightful)

    by OzPeter ( 195038 ) on Monday January 26, 2015 @09:41AM (#48904123)

    Gaining covert physical access to a targets home/phone/computer is going to cost a lot more than just typing some commands into a terminal window. That would mean that ubiquitous surveillance goes out the window, and thus less collateral surveillance.

    In addition it would also mean that covert physical seals could be better used to detect if your privacy has been invaded (Has the dust bunny on the back of my computer moved?), which is actually a step forward compared with electronic invasions.

    I can't see anything wrong with all that (unless of course you take Omand's point of view that you have to watch all of your populace all of the time)

  • by Alkonaut ( 604183 ) on Monday January 26, 2015 @09:42AM (#48904127)
    Targeted surveillance is exactly what *should* be used, because it can self-regulate. There is a cost associated with each target, so there must also be a benefit otherwise it won't be done. So widespread strong crypto sounds perfect: it takes surveillance/intelligence ops back to the physical world where you pay per target and not per system of mass surveillance. And think of all the emissions saved at the datacenters!
    • Re: (Score:2, Informative)

      by Anonymous Coward

      Exactly.

      The argument is essentially "if we can't do blanket surveillance of innocent people and bad guys we'll have to do targeted surveillance of bad guys".

      Seems fair enough to me.

  • by aepervius ( 535155 ) on Monday January 26, 2015 @09:42AM (#48904129)
    Making it worst for 1 or 2 persons or even a hundred (realistically, how many people can you break into home and put a bug) will make it better for the privacy of a few dozen million. Go for it do your worst. Bug the shit out of those few houses. Physically. Like you used to. And like you probably already do as anyway computer communication is only 1 form. Woopy-doo.
  • by FudRucker ( 866063 ) on Monday January 26, 2015 @09:43AM (#48904139)
    open the door not only for government snoops it will also allow criminals to steal identities, steal passwords, steal credit card numbers, and anything else of value, this idea that the government needs to spy on everything sets a bad precedent and is intruding where privacy is really needed the most
  • Not quite (Score:5, Interesting)

    by Dan East ( 318230 ) on Monday January 26, 2015 @09:44AM (#48904147) Journal

    we are likely to end up in an ethically worse position than we were before.

    Actually, no. In order to do the more involved things, "physical observation, bugging rooms, and breaking into phones or computers", they have to get a warrant. This ups the ante and they must present a convincing argument to the judge for the need to surveil the people in question. This increases oversight, expense, and the human resources required. That means less shotgun approach and more focused surveillance only where needed.

    With digital communication they felt entitled to capture any information they wanted, since there wasn't an obvious physical intrusion. Obviously they could not handle this in a responsible manner, and thus our free society is making the necessary adjustments. So that's just too bad for the spies. Sorry.

    • In order to do the more involved things, "physical observation, bugging rooms, and breaking into phones or computers", they have to get a warrant

      How cutely naive!

    • they have to get a warrant.

      Hahaha, how naive you are.

  • still better... (Score:4, Insightful)

    by theonlyholle ( 720311 ) on Monday January 26, 2015 @09:45AM (#48904155) Homepage
    The thing to note, though, regardless of the BS nature of most of these statements, is that physical intrusions like breaking into someone's home and bugging their place of work etc. doesn't scale, so in that sense strong encryption thwarts mass surveillance.
  • by gweihir ( 88907 ) on Monday January 26, 2015 @09:46AM (#48904163)

    It is not those being spied upon, it is those doing the spying. And they will do all these things anyways, regardless of whether people use encryption. In addition, industrial espionage is obviously a large part of the game. The NSA has been propping up some sectors of the US industry for decades.

  • Looks to me, they are going back to good old pre-Internet methods (bugging phones, taking a peak at your computer at your house, etc.). Good old 80's and 90's. Worse case scenario is back-doors or no strong encryption. Going back to less scalable, less practical methods is practically status quo. At any rate, screw them!
  • by silfen ( 3720385 ) on Monday January 26, 2015 @09:51AM (#48904211)

    According to The Bureau of Investigative Journalism, which reported his words from a talk he gave earlier this week, by this he meant things like physical observation, bugging rooms, and breaking into phones or computers. "You can say that will be more targeted but in terms of intrusion into personal privacy — collateral intrusion into privacy — we are likely to end up in an ethically worse position than we were before."

    Well, that's because your sense of ethics is screwed up, not surprising given your line of work. The rest of us actually prefer that it cause you significant trouble to perform espionage and surveillance so that you actually have to target your limited resources to cases that matter, instead of going on fishing expeditions.

    And from a purely practical point of view, banning strong encryption isn't going to help anyway because the only criminals and terrorists you are going to catch from relying on mandated weak encryption are fools. If you don't understand that, you are a fool yourself; if you do understand it, you are just a liar.

    • by Pembers ( 250842 )

      If you ban strong encryption or make its use impractical, then anyone using it, pretty much by definition, must be using it to hide something illegal. That gives the spooks a good idea as to who they should be investigating, even if they can't crack the encryption. And if they can crack the encryption, preventing law-abiding citizens from using it drastically cuts the number of messages they have to crunch through in order to find something useful.

      (I'm not saying I think strong encryption should be banned,

  • See this finger? Spin on it.

  • by MitchDev ( 2526834 ) on Monday January 26, 2015 @09:57AM (#48904263)

    Long past time to dismantle the government and rebuilt it from the ground up.
    They've forgotten they are to serve us, NOT the other way around.

  • by jellomizer ( 103300 ) on Monday January 26, 2015 @09:59AM (#48904295)

    So can the other guys.
    Including the bad guys who we are encrypting to protect our data from.
    While there is a slew of people who fears big brother. But for the most part we do are best to block petty criminal. Who can take our data, spread it across the crimeosphere, for profit. While we become a victim, with a reducing credit score, and losing decades of good will you accumulated in your life.
    To think the US is the only source that can do this, is actually quite hubristic. There are other countries with large data centers, there are companies with the power to do so as well. If you wait 2 or 3 years then the power will be able for the average person to crack.

    But let just say Google had a hole where the bad guys got in and were able to use fraction of it power to crack weak encryption they could get a lot of damage done before they found out.

    Strong encryption isn't about stopping the feds, it is about stopping the petty crook.

  • encryption, strong encryption particularly, is employed explicitly to deter and invalidate government transgression against ones property and person without serious legal recourse. If the existence of strong encryption, that is encryption you cannot defeat, becomes a factor in determining the application of a warrant then the glove is off. The state no longer cares who is guilty or innocent, as speech itself in the course of the first amendment has been deemed suspect in all cases. The FISA courts could
  • by fuzzyfuzzyfungus ( 1223518 ) on Monday January 26, 2015 @10:07AM (#48904365) Journal
    As much as I'm deeply displeased that the attitude would be 'give us what we want or we'll take it, Stasi-style'; I'd see a situation where the spooks are forced to resort to physical intrusion as a vast improvement.

    Implicit in the GCHQ flack's 'threat' is the idea that totally invisible 'no touch' surveillance is somehow better and nicer. In the sense that it has better PR, and is easier to maintain (and on a massive scale) without public outcry or logistically overwhelming amounts of black-bag work, this is true. In terms of the relationship between the clandestine agencies and even the pretense of democratic government, though, I'd say that it's exactly the opposite.

    If team spook has the advantage of technology for scale and efficiency, and is capable of invisibly watching more or less everything without any visible signs of having done so, you have about as imbalanced a situation as one could reasonably imagine. A perfect panopticon; but so subtle that you sound like some sort of schizo nutjob for suggesting that it is happening. If they actually have to break and bug, this will mean more physical intrusion; but it also creates a de-facto limit on how broadly they can pursue fishing expeditions, and how reasonably they can make the assumption that they will never be caught.

    If what he says about more encryption is true; bring it on.
  • by guibaby ( 192136 ) on Monday January 26, 2015 @10:08AM (#48904387)

    The more difficult something is and the smaller scope something covers, the smaller the cost- benefit. Spying on everyone through technological back door - very low cost, questionable benefit. Physically spying on someone you actually suspect of doing something - very high cost, hopefully high reward. This cost is what keeps the government in its place.

  • That way we can have people watching you from inside your house.
  • by carlhaagen ( 1021273 ) on Monday January 26, 2015 @10:15AM (#48904453)
    He has a point, but if encryption is made breakable, everyone will break it, not just the "watchers".
  • If we cannot break your encryption, we can always break your knees.
  • by kheldan ( 1460303 ) on Monday January 26, 2015 @10:21AM (#48904549) Journal

    ..collateral intrusion into privacy â" we are likely to end up in an ethically worse position than we were before

    Translation: Give away your privacy to us, now, or we'll TAKE IT FROM YOU.

    Memo to 'Intellgence community': GO FUCK YOURSELVES, ASSHOLES.

    Enough is enough. This shit has to stop, now. We are free citizens of our respective countries (..well, OK, some are more free than others, some aren't very free at all. One problem at a time); we are not inmates in a prison, which is exactly how they want to treat everyone: Monitored and guarded 24/7/365, and all communications monitored and inspected. FUCK THAT SHIT!

  • Good. (Score:5, Interesting)

    by GameboyRMH ( 1153867 ) <gameboyrmhNO@SPAMgmail.com> on Monday January 26, 2015 @10:23AM (#48904577) Journal

    This is excellent. Tapping all the world's communications is cheap and easy (especially when any person or company can be strong-armed), bugging individuals is expensive and difficult. They'll have to restrict this activity to those who they strongly suspect, rather than spying on the communications of all known sentient beings in the universe and then seeing what sticks. Less widespread privacy invasion, more effective surveillance instead of growing the haystack. Sounds like a win/win to me.

  • Lies (Score:5, Interesting)

    by Roodvlees ( 2742853 ) on Monday January 26, 2015 @10:26AM (#48904605)
    Who still believes these lies?
    It's not about getting to the 'bad' guys, hasn't been for a long time.
    It's about power for the government.
    Terrorists/pedophiles are not stupid, they write their own encryption software and are not going to get caught allowing secret services to prevent them by their activities on social media.
  • Moral compass (Score:2, Insightful)

    by xplora1a ( 3822573 )

    "You can say that will be more targeted but in terms of intrusion into personal privacy - collateral intrusion into privacy - we are likely to end up in an ethically worse position than we were before."

    That these people think that it is less of an invasion to sweep up all of your electronic conversations than to bug your home, is a measure of how distorted the debate is. The real reason that they would prefer to tap electronically is that much lower cost and lower chance of discovery. It is arguably a big

  • So, in other words, they'll have to do real police work if they can't tap everyone's phone without a warrant. Boo Hoo.
  • "Baby..." (Score:4, Insightful)

    by Chris Mattern ( 191822 ) on Monday January 26, 2015 @10:37AM (#48904731)

    "...why you always gotta make me hit you?"

  • by cant_get_a_good_nick ( 172131 ) on Monday January 26, 2015 @10:55AM (#48904877)

    The Constitution put in barriers to policing. It's a filter, making it cost a bit if you want to go after someone. This doesn't totally eliminate the threat of tyranny, but it slows it down quite a bit.

    So, this clown is saying "hey, if you don't let us do this low effort illegal spying, we're gonna do high effort illegal spying". Even if he's right, this is still good news to me. You need to put shoes on the ground to go after folks. I can't do a blanket surveillance on everyone, no more LOVEINT [wikipedia.org] illegal spying just because you can. I think this is better than even stronger laws. I can ignore the laws of man, but harder to ignore the laws of economics.

  • by spaceyhackerlady ( 462530 ) on Monday January 26, 2015 @11:40AM (#48905353)

    There is strong encryption, and there is unbreakable encryption. They are not necessarily the same thing.

    Strong encryption is theoretically breakable, but it is not computationally feasible to do so. What is computationally feasible changes with time. Look at how key-length standards for RSA have changed, for example.

    One-time pad encryption, on the other hand, is not breakable. It doesn't matter how much computer power you throw at it: if you don't have the key, you can't read the message.

    ...laura

  • by Steve B ( 42864 ) on Monday January 26, 2015 @12:05PM (#48905681)

    "Direct access" methods (tailing people, planting surveillance devices, etc) do not scale anywhere near as easily as network surveillance -- each "direct access" target requires a significant fixed cost in resources and manpower. This imposes discipline on the snoops and forces them to pick and choose actual suspects instead of trying to scoop up everything.

  • by ikhider ( 2837593 ) on Monday January 26, 2015 @12:08PM (#48905709)
    The UK, among other European states have a long history of colonialism. The US of A has also developed a strong taste for colonialism and mass resource theft. Were these states to disengage the act of "bringing democracy" to other places via drones, aircraft carriers, warplanes, tanks and troops, and instead send teachers, doctors, and engineers then we would not be in the mess we are now. We have hundreds of years of colonialism to show us why it does not work very well. Had the states spent the vast war budget on sustainable energy research, we would not be on the "oil drip" and melting the icecaps and searing lungs. Moreover, a lot of these 'ethnics' that certain European states object to would stay in their own lands as opposed to emigrate en masse to flee war and poverty. Work out why there is this so-called terrorism and generally there is some long, bitter history of colonialist misadventures behind it that made a minority elite wealthy. If you clip the trouble at its source rather than stifle its symptoms, you would be more successful.

You scratch my tape, and I'll scratch yours.

Working...