Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
BLACK FRIDAY DEAL: Trust the World's Fastest VPN with Your Internet Security & Freedom--A Lifetime Subscription of PureVPN at $48 with coupon code "BFRIDAY20" ×
Encryption Communications Crime Government Privacy United Kingdom Your Rights Online Politics

Cameron Asserts UK Gov't Will Leave No "Safe Space" For Private Communications 260

An anonymous reader writes with the story from Ars Technica that UK prime minister David Cameron "has re-iterated that the UK government does not intend to 'leave a safe space — a new means of communication — for terrorists to communicate with each other.'" That statement came Monday, as a response to Conservative MP David Bellingham, "who asked [Cameron, on the floor of the House of Commons] whether he agreed that the 'time has come for companies such as Google, Facebook and Twitter to accept and understand that their current privacy policies are completely unsustainable?' To which Cameron replied: 'we must look at all the new media being produced and ensure that, in every case, we are able, in extremis and on the signature of a warrant, to get to the bottom of what is going on.'" This sounds like the UK government is declaring a blustery war on encryption, and it might not need too much war: some companies can be persuaded (or would be eager) to cooperate with the government in handing over all kinds of information. However, the bluster part may leave even the fiercest surveillance mostly show: as Ars writer Glyn Moody asks, what about circumstances "where companies can't hand over keys, or where there is no company involved, as with GnuPG, the open source implementation of the OpenPGP encryption system?" Or Tor?
This discussion has been archived. No new comments can be posted.

Cameron Asserts UK Gov't Will Leave No "Safe Space" For Private Communications

Comments Filter:
  • by captaindomon ( 870655 ) on Thursday July 02, 2015 @03:00PM (#50035243)
    Well, at least he included "on the signature of a warrant". That's something that seems to be going away swiftly.
    • by firewrought ( 36952 ) on Thursday July 02, 2015 @03:12PM (#50035321)

      Ha ha, did you think he meant warrants? No, no, no... just like every other effort to chip away at freedom and privacy, it comes dressed in the noblest of promises. But once the necessary powers are secured, the promises can be gradually (if not immediately) infringed upon.

      • Ha ha, did you think he meant warrants?

        He meant warrant. Unfortunately as is often the case with the Tories, they use words differently to how ordinary people do. By warrant he means a ministerial rubber-stamp. For instance Theresa May last year alone "signed" nearly 2,800 warrants, a number that clearly shows zero attempt to investigate their legitimacy and indeed almost certainly means some anonymous flunky is signing them on her behalf.

        • Can warrants be challenged in a court of law?
          • Not unless you include secret courts, in which you will have an impossible time proving that you have standing to sue. If the order to collect information about you is secret and you don't have clearance, good luck trying to prove that anything illegal is happening to you because you cannot access information which proves you're being harmed.

            It's perfect: We obtain a secret order to spy on Bob, who cannot defend himself because he doesn't have clearance to prove that we're secretly spying on him. We'll j

        • meant warrant. Unfortunately as is often the case with the Tories, they use words differently to how ordinary people do. By warrant he means a ministerial rubber-stamp.

          Let's just agree to call it what it is: License.

          The government claims License to any and all communication that occurs within its jurisdiction, and as such has the right to do whatever it wants with said communication. You, as a "citizen" of a given state are owned by the government, and by virtue of being born in said state have given your implicit agreement to the collection of whatever data you may create within the duration of your citizenship. If you for any reason decline to allow such surveillance

      • Indeed, the concept of a warrant has been changed to mean License. That is, the surveillance state has an unlimited license to snoop on anything and everything, warranted by the fact that scary bad guys might possibly maybe do something bad eventually. You have nothing to fear, citizen, because you are not currently exhibiting behavior which matches against whatever specious criteria we currently define as terrorism. However, this license should not be understood to provide defense in the event that your

    • by JaredOfEuropa ( 526365 ) on Thursday July 02, 2015 @03:42PM (#50035497) Journal
      Be careful: even if this means that they will only require data to be handed over if the requesting agency has a signed warrant, the phrase "no safe space" can only mean that private crypto is outlawed, Encrypted email, peer to peer encrypted chat and even encrypted messages in public channels are closed off to everyone except the key holders, closed even to ISPs, the chat service provider or the app builders. In other words, they are safe spaces.

      Requiring a warrant means that the government should have access to our data on reasonable grounds, but only if such data is accessible. I am all for that. But the phrase "no safe space" is a telling one: it means ensuring that our data is accessible in every case, and that goes a whole lot further. If the government has access, then our ISP or the service provider has it, and that means our data is not safe.
      • A Warrant, in modern nomenclature is a License. You were presented with something akin to a EULA upon birth, and by agreeing to being born you agreed to grand an exclusive, unlimited license to the state to do whatever they want to you, whenever they feel like.

        Welcome to Democracy 2.0. Please click Agree to the Constitution 2.0 EULA.

    • by currently_awake ( 1248758 ) on Thursday July 02, 2015 @03:49PM (#50035539)
      Spying on everyone isn't effective if everyone knows about it. They need to publicly back down on the spying, let this blow over, then bring it all back in secret. If they don't do this it means they are not interested in gathering intelligence, but rather in the chilling effect.
      • So I guess Cameron's comment means that they will be putting microphone bugs in every car and every few meters of public space, oh, and all the buildings.

        Hey wait a minute, what is THAT?

    • Come on. We're talking about terrorists using FB, Google and Twitter. Notice something?
    • by AmiMoJo ( 196126 )

      What an unfortunate name though, Cameron. Imagine being named after the act of shoving your tongue up someone's arse and cleaning it out. Possible even worse than that Santorum guy.

  • by surfdaddy ( 930829 ) on Thursday July 02, 2015 @03:06PM (#50035279)
    It's like guns in the US. If they were outlawed then those who don't care about the laws would still use them. Encryption is out there, it is widely available. And the more that governments try to block it the more determined companies and individuals will find more convenient ways to use it. It's a lot of bluster but not very practical. And ultimately (IMHO) the availability of rapid communications does more to help humanity than to hurt it.
    • by mlts ( 1038732 ) on Thursday July 02, 2015 @03:24PM (#50035377)

      It also is going to backfire.

      Take SSL/TLS. Are they going to demand both parties stash the session key, or do their handshaking through a proxy logging each packet? The first time some intruders nail that data store and find out a bunch of banking passwords, the cost of that breach will be incredible. If they alter the SSL/TLS algorithm, will it bring unexpected changes that destroy the algorithm's security, or the code used not implement the changes in a secure fashion?

      As for outlawing it, it -could- be done, but it would require far-reaching internal and external controls, with very sophisticated algorithms to detect unauthorized encryption, and pull that machine from the net. However, this is a cat and mouse game... and ultimately, the bad guys are just going to do like Daesh, and AQ before them... and go back to couriers, dead drops, and burner phones. Yes, it doesn't give as fast results as the Net, but it is a lot tougher to intercept. So, it an be done... but it is doubtful that even the British people would tolerate this much interference in their lives.

      • Yes, it doesn't give as fast results as the Net, but it was a lot tougher to intercept.

        Now that inexpensive, massively interconnectable cameras are available, if there's someone you want to keep an eye on, I'd think surveillance is much easier nowadays.

      • by s.petry ( 762400 )

        Sadly, there will still be a push to outlaw encryption just like there is a push to outlaw guns. Everyone should know the consequences of giving up everything to the Government. Cretins have always been attracted to public offices. Rights for you are expendable as long as their rights are covered. Every government in history has had to be overthrown because of the same damn problems. Too bad we never learn.

        Can the politicians! Order the code red! Don your helmets! E... Dang it, I'm out of ideas for

        • by mlts ( 1038732 )

          I just wonder where the point of pushback is. For example, one reason I see kigurumi becoming popular is because it allows people to interact with each other, except FB and other pictures only have the person's doll masks as photos. Yes, wearing masks and zentai suits can be made illegal, but it only ensures people will push back harder, especially here in the US where prohibition, and the War on Drugs have showed that making something illegal only makes it more popular... basically a long term Streisand

      • by kheldan ( 1460303 ) on Thursday July 02, 2015 @05:59PM (#50036201) Journal
        How do you tell the difference between, say, video data and encrypted data? Or audio data and encrypted data? If you have some encrypted data embedded into an image file (or spread out over many image files) how do you detect that? Yes, I know that's called 'steganography', and it's been around a long time now. Also, if they want a 'backdoor' into all forms of encryption, don't they understand that's a double-edged sword? Or, as you say, people just go back to pre-Internet, pre-digital methods of passing information back and forth. Seems to me like they're just going to spend billions of their taxpayers' money chasing their own tail for little to no benefit.
      • Take SSL/TLS. Are they going to demand both parties stash the session key, or do their handshaking through a proxy logging each packet?

        Probably not. You're thinking like a geek instead of a politician. Politicians don't get their way by understanding technology. They get their way by finding people who do and forcing them to obey their will.

        In this case, what Cameron means by banning encryption is passing laws that say something like, "If your website is used by people in the UK, you must always be able to

    • How does this get modded Insightful? Regulation is never an elimination strategy, it's about overall reduction.
      Just as gun control has proven to reduce gun violence overall, so too will encryption control reduce casual usage amongst non-experts.
      It's the exact same reason you lock your door. Any decent thief can still smash a window and steal your shit, so why do you bother?
  • The Tor that was developed by the US military? That Tor?

    • Re: (Score:2, Insightful)

      by Sowelu ( 713889 )

      Man, Tor has been a joke for years now. It's commonly accepted that it's compromised with dozens of documented or secretive exploits all over its endpoints. It feels like it offers about as much security as putting a password on a zip file: enough to discourage someone who doesn't really care.

      • Source?

        • by AHuxley ( 892839 )
          The ability of the UK to reconcile every network packet in and out of the UK makes any message sent from an UK ip to an UK ip in the UK an easy daily database task.
          The random path around the world does nothing to hide the UK origin and UK destination ip at a service provider level (a persons ~modem like device/residence/cell /phone id).
          • by AmiMoJo ( 196126 )

            Tor does in fact mask such traffic. It randomly merges and splits packets, adding in random padding data too, and small random delays. It is designed to prevent just such packet tracing, even if multiple nodes along the way are compromised.

      • Re: (Score:3, Insightful)

        by Anonymous Coward

        Hello NSA, propaganda still the most effective way to break tor?

        As somebody that almost religiously reads tor papers and news on it, the only thing with some significant issues at this point in time is hidden services, but even that is relatively limited. You are free to argue that every case where somebody using tor got caught because of stupid stuff they did when not using tor or not using tor correctly that its all parallel construction, but there is no proof for it. In none of the cases was it shown tha

      • Re:"Or Tor?" (Score:4, Insightful)

        by AmiMoJo ( 196126 ) <mojo&world3,net> on Thursday July 02, 2015 @05:35PM (#50036083) Homepage Journal

        Tor isn't compromised, it's secure for what it does. Compromised end points are not something it is designed to protect against. It isn't a substitute for HTTPS or checking certificates. It doesn't stop you being an idiot and giving away your location or software on your computer leaking your real IP address. That's not what Tor is.

        Also, passwords on zip files have actually been effective for over a decade now, when AES encryption was added. Zip file encryption is now actually quite good, covering both data and filenames, and using a secure hash to generate the AES key from your password. Essentially it is as strong as the password, and has been since V6.2.

  • Just remove all of the humans's brains and put them in jars. That way, people can't have private chats in a park, or the woods. What is taking the people on this planet so LONG????? You humans need to get safe.

  • by sinij ( 911942 ) on Thursday July 02, 2015 @03:14PM (#50035327)
    New application for CryptoWall in GB. We have encrypted your data on your hard disk and it is illegal in your area, the password to decrypt it is "password". If you do not pay 1 Bit Coin, we will notify the authorities.
  • Yeah cos the clipper chip was a huge success and export grade crypto from the 80's and 90's hasnt caused any problems ever.

    I'll go back to painting steganography with unicorn poo then.... which is about as workable as the proposals we've heard so far.

    --
    One of many brits who'll argue against this

  • by Anonymous Coward on Thursday July 02, 2015 @03:18PM (#50035353)

    Don't let the people have privacy, because there are bad guys that might abuse that privacy to do bad guy stuff. Same argument as "don't let the people have guns because there are bad guys who might use those guns to do bad guy stuff".

  • I look forward to communicating with point-to-point encrypted neutrinos. Try to block those.
  • by sims 2 ( 994794 ) on Thursday July 02, 2015 @03:34PM (#50035439)

    Has every one forgotten Lavabit already? It was only two years ago. http://yro.slashdot.org/story/... [slashdot.org] They found out the hard way. http://it.slashdot.org/story/1... [slashdot.org]

      "Glyn Moody asks, what about circumstances "where companies can't hand over keys, or where there is no company involved, as with GnuPG, the open source implementation of the OpenPGP encryption system?" Or Tor?"

    "Ladar Levison, founder of the encrypted email service Lavabit that shut down last year because of friction with U.S. government data requests, has an article at The Guardian where he explains the whole story. He writes, 'My legal saga started last summer with a knock at the door, behind which stood two federal agents ready to to serve me with a court order requiring the installation of surveillance equipment on my company's network. ... I had no choice but to consent to the installation of their device, which would hand the U.S. government access to all of the messages â" to and from all of my customers â" as they traveled between their email accounts other providers on the Internet. But that wasn't enough. The federal agents then claimed that their court order required me to surrender my company's private encryption keys, and I balked. What they said they needed were customer passwords â" which were sent securely â" so that they could access the plain-text versions of messages from customers using my company's encrypted storage feature. (The government would later claim they only made this demand because of my "noncompliance".) ... What ensued was a flurry of legal proceedings that would last 38 days, ending not only my startup but also destroying, bit by bit, the very principle upon which I founded it â" that we all have a right to personal privacy.'"

  • Just use spam terms in the body and it still can be received but the stupid software says it's not what it is.

    Only non-techies think spies are good at what they do.

    • by AHuxley ( 892839 )
      Yes other governments will just enjoy secure one time pads, distant public radio broadcasts and number stations for all their international staff.
      The result is just another huge investment in contractors as the UK offered in the 1970's, 80, 90's, 00's to track all emerging and long term digital networks.
  • How many people have been killed in Britain by terrorists since the IRA was assimilated? Or how many terroristic threats have been nullified thanks to any measure of government surveillance other than plain old policing? So how is this justified?
    • by AmiMoJo ( 196126 )

      Jean Charles de Menezes died because of botched surveillance. Many others have had their lives ruined, and we are all diminished by giving up your right to privacy. The "cure" is worse than the disease.

  • F-U. Thats why I use linux and encrypt everything myself before it goes to the cloud. I'm not a criminal, but you still ain't going to look at my shit to prove I'm not.

  • by Jim Sadler ( 3430529 ) on Thursday July 02, 2015 @03:52PM (#50035557)
    No government on this planet wants or accepts private communications. In one sense of the term secrecy is in itself a hostile action and not just by nations but by individuals as well. A simple example is Russia. Because we do not know exactly what the Russians are doing at all times we carry a heavy expense burden of trying to be able to defend against any hostile actions by any new imaginable technologies. So secrecy is sort of an act of war. Taken down to the man and wife level any degree of secrecy puts stress on the party who does not know all about the mate. A parent must take precautions and purchase various forms of insurance as it is so well known that teens will keep secrets from their parents. It all boils down to secrecy being a rather overt, hostile act. And it works in both directions. It means nothing to be able to vote when a government is allowed to keep secrets from the public. Should I vote for a man who wants to shrink our military when i am not allowed to know the true strength of our weapons?
    • by dryeo ( 100693 )

      Taken down to the man and wife level any degree of secrecy puts stress on the party who does not know all about the mate.

      So what you are saying is that my relationship with my wife would be improved if I don't keep secret that a certain dress makes her ass look big?

    • by mark-t ( 151149 )

      n one sense of the term secrecy is in itself a hostile action...

      Really?

      Care to tell me what hostile act wearing clothes in public constitutes? Clothes, after all, cover up your body... keep it hidden from view. That's secrecy.

      Wanting to keep something private isn't a hostile act... wanting to know something that somebody was trying to keep private can be, however.

      Your line of reasoning parrots those who would say that if you've done nothing wrong, you have nothing to hide...

      Except that almost eve

  • ... That even *IF* we could, however hypothetically, completely trust the government to not abuse the ability to eavesdrop on private conversations, and that the government had absolutely no security leaks whatsoever....

    Again, I stress that *EVEN IF* absolutely everything was working exactly as such a government intended...

    ... it is unavoidably true that if the government has the ability to break your encryption, however altruistic they may claim their intentions to be, then so can the bad guys... people with less benevolent intentions, who will abuse that information, and cause harm to completely innocent parties.

    This is because laws don't actually *stop* people from breaking them, they only ensure that something that is considered appropriate punishment will follow when people do. Unfortunately, such punishment cannot always negate the effects of the harm that was done while someone broke the law in the first place.

    And again, this is even *IF* their system for eavesdropping on encrypted communications was function as best as they can possibly intend.

    So hey, Mr. Cameron.... I can sincerly appreciate that you might have the very best of intentions, but your goals will deprive entirely innocent people of the ability to even have the most rudimentary protections from people that will use the same abilities that the government has, however illegally, to cause very harm to people who have done nothing wrong except to follow a law that says they are not allowed to take precautions against such means.

  • by LessThanObvious ( 3671949 ) on Thursday July 02, 2015 @04:31PM (#50035747)

    Do the Brits just not want any rights? Why do you tolerate this? At least American politicians still have to pretend to give a damn about basic civil rights while they try to scare us into forgoing them. Communication in the modern world is an unstoppable force. Even prison gangs that live in a tightly controlled environment where they are forbidden from free communications and have little or no technology, find ways to communicate without authorities knowing the contents of their communications. Spying on all communications all the time may sound good in theory strictly from a security standpoint, but the moment the actual bad guys know that is the environment in which they operate, they will find ways to evade that scrutiny. Everyone else should not have to tolerate being constantly observed just so the government can pretend that it offers reasonable assurance that they will get the intelligence they seek from the small number of actual persons of interest.

    • by AmiMoJo ( 196126 ) <mojo&world3,net> on Thursday July 02, 2015 @05:30PM (#50036059) Homepage Journal
      Our democracy is broken. Here are the the numbers of votes each party received, followed by the number of MPs they got:

      Party                        Votes                Seats

      Conservative Party            11,300,303 (36.9%)    330 (50.8%)
      Labour Party                9,344,328 (30.4%)    232 (35.7%)
      UK Independence Party        3,881,129 (12.6%)    1 (0.2%)
      Liberal Democrats            2,415,888 (7.9%)    8 (1.2%)
      Scottish National Party        1,454,436 (4.7%)    56 (8.6%)
      Green Party                1,157,613 (3.8%)    1 (0.2%)

      So as you can see, 3.8 million people voted for UKIP (a bunch of wankers, but still...) but ended up with just one MP and no power at all. The greens got the same number of MPs with juste 1.1 million votes. Only 1.5 million people voted for the SNP and they got 56 seats.

      The system is rigged so that power is always held by either Labour or the Conservatives. No-one else can get a look in, even if like UKIP they manage to gain quite and impressive amount of support. 12.6% of the vote, 0.2% of the seats. See how it works?

      So at election time the choice is basically Labour or the Tories. The Tories will sell our freedom off with glee, and Labour aren't much better. But no-one cares about that come election time. Since the system is designed to avoid hung parliaments and any kind of power sharing it tends to produce totalitarian governments who rip away our rights and freedoms (human rights are being flushed away as we speak).
      • Very interesting. It doesn't leave you in much better shape than the US two party strangle hold. They all place so much value on predictability and control. If there were no parties and each man or woman had to stand on their own with no party line talking points and an empty canvas on which to hang their own ideas it would just be too complex for the rich and powerful to exert their rightful level of control. It would be much too dangerous to let the people choose anyone they like to represent them, easier

      • All those figures say is that birds of a feather flock together. Tory voters tend to live near each other and because the UK has a political system designed a long time ago for resolving local issues, not surprisingly it doesn't translate votes to seats directly at the national level. As local politics becomes less and less relevant, of course, people feel this system no longer works well for them.

        However, as you note, it would not have mattered if Labour had won, or any other party. There are NO parties in

  • Because some people are criminals and terrorists, we now have no choice but to treat everyone as if they're criminals and terrorists, therefore no one will be allowed to have any ability to have any sort of private communications.

    I don't give a damn what he said about 'warrants', either, that's just a piece of paper after all.

  • That man has obviously no idea how the series of tubes work.

  • by fnj ( 64210 ) on Thursday July 02, 2015 @05:03PM (#50035935)

    You can't stop people from communicating with each other sub rosa. You can make it awful tough for them if they use a cipher (SSL). A cipher is pretty obvious, and you can use force to compel them to give up the key if they don't destroy it first. And you can immediately see if the key works. So they don't use a cipher. They use a code. "The oranges are falling from the tree in Grant Park". That could mean "attack against Fort Sumter the third week of August". Or it could mean "The pigs discovered cell number 377". Or it could equally well mean "I left three joints of marijuana for you at the agreed place". Want to know what it means? The target can tell you it's not written down anywhere, and he's not telling you. Hell, street slang is a code that is not written down.

    Or they can just go into the woods and whisper to each other. They can send runners. Carrier pigeons.

    • by AHuxley ( 892839 )
      The UK has the option to revert to the 1950's and have massive numbers of expensive undercover, informant, police, special forces teams in every community per village, town, city.
      Find, follow, attract, use front groups (peace, human rights, anti war) and attract interested people in and give them safe busy work 'issues' over decades.
      Anyone with any state connection would have understood network tracking since about the 1970's know to avoid any of the new hardware of software methods.
      The other issue the U
  • Soon to be the official SI unit describing the minimum distance between two blunders.

  • How long will it take for UK's porn filter [theguardian.com] will by UK's porn AND encryption tools filter. My guess is not long.

  • There is no way the can target just terrorists, so this has bulk data collection of everyone in the UK written all over it.
    Normally I think Cameron is OK but on this point he's making himself look like a complete fool and is clearly a dangerous enemy of fundamental human rights.
    If nothing else he needs some basic lessons in information theory for even implying that its always possible to decrypt messages. Its not even possible to always know when some data just contains an encrypted message.

  • Sometimes I wonder if the US and the UK are in a race to see who can hit bottom first.

    There is so much absurdity at the decision making levels that we're in danger of creating a singularity. Once it reaches sufficient density levels, we're all pretty much f*cked. :|

  • All right, then. Try it. Let's see what happens.

    In particular, I'm interested to see what will happen to TLS-encrypted streams between Europe and the US, most of which pass through London.

"Kill the Wabbit, Kill the Wabbit, Kill the Wabbit!" -- Looney Tunes, "What's Opera Doc?" (1957, Chuck Jones)

Working...