Real people don't need end-to-end encryption says UK Home Secretary(uk.businessinsider.com) |
Real people don't need end-to-end encryption says UK Home Secretary(uk.businessinsider.com) |
So the terrorists will setup a chat system that look like payments.
In the mean-time, the UK government will use our chat to identify harmless political dissidents, groom them online and then fail to incite them to violence. Given previous performance, they will meet some of their targets, get a few pregnant and then get sued 20 years later when someone reports on how idiotic the police and spies really can be while everyone sane scratches their heads about the targeted pro-solar-power "terrorists", who happened to piss off Lord McOil who had a quiet chat with his Eton buddy in GCHQ which got them classified as dangerous.
After 5 years, Boris, our new PM, will decide to give government departments access to find benefit cheats and illegal immigrants. The system they'll build will cost more than they recoup and will be a drop in the bucket compared to what they could have recovered if they had spent 1/10th of that money chasing rich tax dodgers.
A couple of years later, they will give councils access to the whole country's chat to try and catch some fly-tippers.
In this time, the civil servants will actually use the system to stalk ex-girlfriends, random crushes and celebrities or spy on wives and husbands.
Eventually, some civil servant will accidentally leave a hyper-storage-cube on the bus containing the last 5 years of everyone's chat and it'll turn up on 4chan.
The resulting misery and damage will be justified by the government because they once caught a "terrorist" who was standing in the street screaming "Allah is great" and stabbed a policeman. In reality he was a normal guy who had suffered from Bipolar Disorder but the NHS couldn't afford to treat him and classified him low risk, so ended up having a breakdown.
https://www.theguardian.com/uk/2012/jan/20/undercover-police...
Amber Rudd's "experts" couldn't prevent a simple brute force attack on her own parliament that would have easily been mitigated with 2FA (https://www.theregister.co.uk/2017/06/26/parliament_email_ha...)
lol what a terrible argument.
> suggesting that E2E encryption hinders usability
> points to the massive number of WhatsApp as proof
They aren't either OK or not OK. The overwhelming majority of WhatsApp users simply don't know. They don't even think about it. In fact, the average user doesn't even know that WhatsApp is owned by Facebook, or even that it used to be a paid subscription
And she's alarmingly right in that regard.
i.e. backdoors. Trust us, we are the government!
But I don't expect you to understand your own responsibilities so let's just wait until Vladimir Putin hacks into any server containing your private information. Then UK politicians will understand.
https://en.wikipedia.org/wiki/Murder_of_Milly_Dowler#Voicema...
It will simply destroy the privacy of ordinary people who set up a dinner or buy a birthday present for their kids
"Real people" just use ROT13...
http://www.independent.co.uk/News/uk/home-news/london-attack...
That is a huge oversimplification.
Terrorists do harm because they see a political value in harming others. For proof, look no further than the domestic terrorists who have bombed abortion clinics and shot doctors who worked there, or who have threatened to do same. All while being backed by religious organizations, who are just as culpable for the results.
Sure, these people might not be called terrorists, because the FBI has to abide by laws of free speech, etc., but they are just as much a terrorist as any person looking to wage jihad.
----
See this article for the FBI's explanation of not calling a terrorist a terrorist: http://www.huffingtonpost.com/entry/fbi-terrorism-label_us_5...
How does the saying go? "The dark night of fascism is always descending in the United States and yet lands only in Europe"
https://www.eff.org/deeplinks/2015/04/remembering-case-estab...
Forced to choose between the agencies and big business who do you think the legislators will choose? Sure they can side with the agencies but if business isn't on-board with that checks will get written and there will be new legislators.
I hope the agencies force the choice. It gives the legislators a chance to do all the things they should have done after Hoover left.
Staggering double speak from Orwell's own land. Who would have thought.
Question: Is a terrorist more a threat to civilization or these closet totalitarians crawling out of the woodwork?
The cat is out of the bag. End to end encryption that is very easy for the average user to use exists. There's no going back. These terrorists that they are so worried about are going to use it (if they have any common sense), even if it is outlawed somehow. Making it illegal or extremely difficult to use is the same as gun control - the criminals are still going to break the law because their end goal is a crime far worse and if they are willing to commit that crime then they are surely willing to commit the lesser crime of not getting a license for a weapon or possibly using end-to-end encryption.
In the US we supposedly have the 4th amendment to protect against this NSA spying criminality. The 4th amendment protects against both search and seizure. The giant dragnet they use to sweep up all communications over private channels is supposed to be a crime without a warrant. And when done in bulk it should be easily considered a mass, rank violation of the 4th amendment. For example, in the case of your cell phone, you agree to allow a private business to forward your data and communications. They theoretically can access it all, including your GPS because of the cell tower triangulation. That should be understood as necessary to providing the base service. But your agreement is only with the telecom provider, not the government. The government just decided to stick it's head in and declare itself to have a national security interest in the data of not just you, but everyone in the entire nation, and demanded access to it all.
What's worse is that these programs have not been proven to actually stop terrorists: https://theintercept.com/2015/11/17/u-s-mass-surveillance-ha... http://www.nbcnews.com/news/other/nsa-program-stopped-no-ter...
In fact, based on my memory, every instance of a thwarted attack has been the FBI actually communicating directly with alleged terrorists using undercover agents. This is how actual investigative work has historically been done. They followed up on tips, evidence, etc. and followed the leads and performed a real investigation and followed the proper warrant protocols. And doing it "the hard way" has yielded them more terrorists in handcuffs than the NSA.
The results are so abysmal for the PRISM program and it's siblings, that it begs the question whether or not stopping terrorists is even the real purpose. Personally, I have never thought it was the main goal. Sure, they might catch some, but I think the real purpose is to make sure no one poses a political threat. If anyone starts to get out of line or cause too many problems, they can just rifle through all their data they have on you and find something to use against you. How many people are clean enough to escape that? Ever, even once, downloaded an illegal mp3? Ever watch a movie on an illegal, streaming tube site or use torrents? Ever cheated, even a little on your taxes? Ever cheated on your spouse? Have a porn fetish that others may find unsavory? In the closet? Are you fully in compliance with every housing regulation? Have permits for every little thing that legally requires a permit? Have any secrets that aren't illegal but may be embarrassing? Done anything that isn't illegal but people would look upon with disdain? It might just be used against you.
It smells unconstitutional to me because it is an attack on individual sovereignty and the right to privacy. I would love to hear an expert or two give their opinion on the matter.
> 1. Everyone has the right to respect for his private and family life, his home and his correspondence.
> 2. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.
[Note the exceptions, which are (by design) wide enough to drive a bus through]
An Act of Parliament restricting end-to-end encryption for the expressed purposes of preventing crime and preventing terrorist atrocities would fairly clearly be constitutional, I think. Even if it was ruled incompatible with the ECHR, the courts have no power to overturn primary legislation - just to punt it back to Parliament with a declaration of incompatibility.
If a minister tried to do it without Parliament under the royal prerogative or secondary legislation, I think the chance of it being overturned as unlawful are somewhat higher.
I'm a political scientist, not a lawyer, mind.
So you're saying that watching most hentai is borderline illegal in the UK? That's crazy.
Even for the most battle-hardened politician near the end of their career, this issue is a minefield.
The idea that the UK parliament would abolish courts doesn't really need addressing, it's so absurd. I take it you're also aware that we regularly (some would say too regularly) democratically elect parliament? That's usually consider a check if not a balance.
The problem isn't the lack of a UK constitution or any of the other specious arguments. The problem is that a large number of people, very probably the majority, either agree with this idea or simply don't care. At the very least they don't care enough to make it an important issue in a general election and we've just had a couple.
I do remember Big Business complained about HTTPS use, coz it blocked them "hoovering"/vacuuming up customer info. (excuse the pun)
Also, the Govt has liaison people with some of the Big Corps. Not to mention big corps give big checks to both sides, as routine, there is no financial hurt on the Pol Parties ever sadly. ATT for instance gets paid millions to give up the data.
Update: I just read Amber Rudd (UK Pol goon) created the "Global Internet Forum to Counter Terrorism with Facebook, Microsoft, Twitter and YouTube (Google/Alphabet, Inc.) and asked them to remove end-to-end encryption from their products "
So perhaps "people don't care" isn't sufficient and a mistake on my part, though I have spoken to people who say that they are "not concerned" about the topic, despite being rather liberal in terms of freedom of expression otherwise.
Well, it works for China, so I don't see why it wouldn't elsewhere.
As a techie, I'd like to believe that there are limits to what can be passed as law, but the history shows that it is not so. Just because something is technically impossible doesn't mean it can't be required by law, with all the consequences for not complying. It's uterly futile to go against the people in power with technology or even science alone. The best you can hope for is for you and me, personally, avoiding problems. For a time.
Obviously you can't intercept signals from someone using outlawed encryption, a one time pad or no direct messages. I'm not sure the stated goal (stop evil terrorists) is the real goal though - reading almost all communications and selective leaks is just such a useful tool for things like subverting democracy, throwing elections and controlling politicians.
Maybe someone out there needs to air her dirty laundry secrets that she's projecting on the rest of the population?
Would you? Couldn't you have a list of servers stored in localstorage, and bake the initial list in a bunch of seed copies?
Alternatively, use pastebin or imgur or something like that for your "central store" to pull from initially, then store everything in localstorage after.
So you have the choice of either getting thrown in jail or to give up the keys.
The requirements for getting you to hand over your keys are a bit stricter than "they ask for them". The long and complex law is here: http://www.legislation.gov.uk/ukpga/2000/23/contents
The RIPA sentences for failure to handover passwords is either 2 years or 5 years. It's 5 years for child indecency cases, but the relevant laws are listed in subsection 7, and it doesn't include The Coroners and Justice Act of April 2009. (And that only applied to England, Wales, and NI. It doesn't apply to Scotland.)
It's not clear that most hentai is made illegal by the C&JA2009. See below.
http://www.legislation.gov.uk/ukpga/2000/23/part/III
(7)Those provisions are—
(a)section 1 of the Protection of Children Act 1978 (showing or taking etc an indecent photograph of a child: England and Wales);
(b)Article 3 of the Protection of Children (Northern Ireland) Order 1978 (S.I. 1978/1047 (N.I. 17)) (corresponding offence for Northern Ireland);
(c)section 52 or 52A of the Civic Government (Scotland) Act 1982 (showing or taking etc or possessing an indecent photograph of a child: Scotland);
(d)section 160 of the Criminal Justice Act 1988 (possessing an indecent photograph of a child: England and Wales);
(e)Article 15 of the Criminal Justice (Evidence, Etc.) (Northern Ireland) Order 1988 (S.I. 1988/1847 (N.I. 17)) (corresponding offence for Northern Ireland).]
I don't think RIPA mentions the Coroners and Justice Act, so I don't think they can force you to reveal passwords for those images. But maybe I'm missing some changes?http://www.legislation.gov.uk/ukpga/2009/25/part/2/chapter/2
(2)A prohibited image is an image which—
(a)is pornographic,
(b)falls within subsection (6), and
(c)is grossly offensive, disgusting or otherwise of an obscene character.
I'd suggest it could be argued lots of hentai fails (c). (5)“Child”, subject to subsection (6), means a person under the age of 18.
(6)Where an image shows a person the image is to be treated as an image of a child if—
(a)the impression conveyed by the image is that the person shown is a child, or
(b)the predominant impression conveyed is that the person shown is a child despite the fact that some of the physical characteristics shown are not those of a child.> I'd suggest it could be argued lots of hentai fails (c).
I'm not so sure. Perhaps images that don't display any act of sex taking place, and just nudity or even swimsuit (e.g ecchi) would qualify, but most hentai does display acts of sex taking place. Either way, might the subject, being a "child" hold sway on whether it is considered "disgusting" or not? I'd think it would.
>the predominant impression conveyed is that the person shown is a child despite the fact that some of the physical characteristics shown are not those of a child.
Yes, this is the part that I was talking about when I talked about breast size and antennae.
Either way I am wholly opposed to such a law, and I think the arguments used to support it are weak.
It's reverse hill climbing via million slippery slopes.
The people who wrote the US Constitution and its Bill of Rights survived a time when the most powerful army in the world was marching through their backyards. I have no doubt they had that in mind when they were writing freedoms into law.
I think the larger problem is that the British people either don't care about - or don't understand the implications of - losing encryption. Either they don't believe their privacy will be affected or they don't imagine that they have anything to hide from the 3rd parties, be it the authorities, corporations, or criminals.
I suppose one could argue that the British constitution is working correctly as it is malleable enough to flex with attitudes, but we also know that the attitudes of politicians are diverging quite substantially from the people they claim to represent.
I also wonder if the constitution itself has become increasingly weak and irrelevant, and if it has, is that because the Monarchy, whose sole purpose is to live and breath the constitution, have become increasingly weak and irrelevant.
A withholding of assent could bring a constitutional crisis, but it's possible [1].
As with much else in the constitution, the 'on the advice of her ministers' is normally (binding) convention rather than statute.