UK government plans publicity blitz against encrypted communications(rollingstone.com) |
UK government plans publicity blitz against encrypted communications(rollingstone.com) |
> Why right-wing extremists’ favorite new platform is so dangerous. Telegram’s lax content moderation and encrypted chats make it a convenient tool for extremists.
https://www.vox.com/recode/22238755/telegram-messaging-socia...
> In collaboration with anti-fascist research group the White Rose Society, the Guardian has tracked McLean’s activity through the rabbit warren of largely unregulated Telegram groups and found that he describes a vastly different version of his intentions.
https://www.theguardian.com/australia-news/2021/mar/26/where...
> Far-right groups move online conversations from social media to chat apps — and out of view of law enforcement
https://www.theguardian.com/uk-news/2021/oct/14/telegram-war...
> White supremacists openly organize racist violence on Telegram, report finds
https://edition.cnn.com/2020/06/26/tech/white-supremacists-t...
> Are Private Messaging Apps the Next Misinformation Hot Spot? Telegram and Signal, the encrypted services that keep conversations confidential, are increasingly popular. Our tech columnists discuss whether this could get ugly.
https://www.nytimes.com/2021/02/03/technology/personaltech/t...
> A report this week found that the messaging app had emerged as a central hub for several conspiracy movements espousing antisemitic tropes and memes, including QAnon, as well as others on the extreme right promoting violence.
https://www.washingtonpost.com/technology/2021/01/15/parler-...
I hear some ultra-right-wing people might be typing their nonsense with their hands. So we should make sure no one has hands, that'll get em.
~ Also, this list of US news vendors' articles against e2ee is kinda evidence that it's not just the UK going on a campaign.
Of course, e2ee everywhere (e2eee? e2e3?) would be all fine and dandy if you didn't have these malicious actors. But we do.
Suppose there are three options:
1. Encryption and no CSAM scanning 2. Encryption and on-device CSAM scanning 3. No encryption
Currently we have 1 (more or less). Legislators are increasingly averse to keeping it that way, and are arguing for 3. Apple proposed 2.
What is the alternative? Is there another option?
The problem is, getting rid of encryption is replacing a bad situation with a disastrous situation. If you ban locks so the government can obtain access to the house of a terrorist, it means anyone now has access to anyone's house.
If this article is to be believed, it really feels like someone just hasn't thought this through. Surely there's tech people whose job is to explain this to politicians.
Are you serious? This isn't high on their agenda at all.
> surely there's tech people whose job is to explain this to politicians
You have a very, very optimistic view of the world. If the government needs to get a consultant, they'll just find one who agrees with them.
Drug dealers might be able to intercept police communications and be long gone. Pedophiles might be able to more easily track down their (next) victims. And terrorist groups tend to invest more and more in hacking units, and weakened defenses for police, off duty soldiers, and civilian targets can't possibly be a good idea.
Finally the big one is state level actors using weaknesses in encryption to attack, impersonate, and undermine politicians; spearphish infrastructure and communications personnel, and just cause all-round havoc.
In short, to paraphrase Franklin: Those who give up essential security to purchase a little security, err... end up with no security at all?
And I didn't say it for any feelings of my own, or for anyone's feelings for that matter.
Ultimately this is about perceived control, the paraphrased saying goes “if you outlaw encryption only outlaws will have encryption”. Legislation won’t reduce the use of encryption by criminals and terrorists, it will however allow the government and law enforcement to say “you have encrypted chat software, that’s illegal, therefore you must be doing something illegal”. However, that wont necessarily translate to prosecution, it’s only the perception that matters.
Pandora’s box may have been opened but governments will always find a way to “control” their citizens, usually through fear.
"Covid: Women on exercise trip 'surrounded by police'" https://www.bbc.com/news/uk-england-derbyshire-55560814
Politics here is starting to look more like mob politics... Our prime minister is actually known to do as little on paper as possible - so when the shit hits the fan, he'll always say "oh I didn't know" or "I didn't remember"...
Hmm, I used to think this, but now? Now I think most people are bad at tech and security. No reason to expect the average criminal would be better.
Of course, trivial for us to make it, or hide it in something that looks unrelated. And I expect serious organised crime to be able to afford a developer with no morals.
But normal crime? It probably will make a difference.
The thing is, most "normal" crime doesn't rely on comms at all - street and domestic violence, burglary, car theft, etc. Fencing stolen items probably could make use of it. It's only really organized crime. And the UK has an increasing problem with organized crime .. from the top, like the unlawful "fast lane" procurement scheme. And the recent business with MI5 identifying an (extremely overt) Chinese agent.
And a surprising amount of terrorist recruitment gets done in the open. As long as you're not planning specific acts it looks like "free speech".
The police and intelligences agencies aren’t intercepting the communications of normal and petty criminals. It’s organised crime and terrorism that matters, they will obviously continue to use it anyway.
I bet cars and homes without microphones and cameras spying on their residents also hampers their efforts to keep children safe - are those next on the chopping block? They're already spying on near every street corner, after all.
Funny how they never say "Technology has given us all this extra surveillance capability, you can reduce our legal powers somewhat to compensate" - it's always "People have some tiny scrap of privacy left - we must eliminate it, or terrorists and pedophiles win!"
This shouldn't really be legal surely in democracies to have campaigns that "appear to be the result of grassroots campaigns and children's charities, while downplaying any Government involvement", when it's a political manipulation campaign paid for, coordinated and organised by the Government themselves. I really hope the counter-campaign mentioned is good (although hard to compete with the already hundreds of thousands of pounds already allocated to this already).
https://www.theguardian.com/uk-news/2022/jan/13/veterans-ask...
So as far as child abuse is concerned, the call appears to be coming from inside the house.
Her response, rather than the horror I was trying to i instil, was “I think we ought to have that here!”
So it does worry me that public support could go the wrong way on this if they spend a lot of time on messaging.
I hope that the high level of mistrust of the government - built up especially through covid - will prevail.
Just ask Prince Andrew.
The queen is officially head of state, but in reality does what she is told by the current party in power (queen's speech is written for her for example).
> “The adult occasionally looks over at the child, knowingly. Intermittently through the day, the ‘privacy glass’ will turn on and the previously transparent glass box will become opaque. Passers by won’t be able to see what’s happening inside. In other words, we create a sense of unease by hiding what the child and adult are doing online when their interaction can’t be seen.”
This is bizarre and confused, sounds like something from Brass Eye/The Day Today.[1] The “privacy glass” doesn’t make you wonder what they’re talking about online, it’s what’s happening in a confined box between a stranger and a child. Before the “privacy” glass is activated, you can’t see what they’re doing on their phones anyway.
Launching a £500K media campaign (with public funds) under the cover up pretense that "UK’s biggest children’s charity and stakeholders have come together to urge social media companies to put children’s safety first" and then swaying people through "'sofa programmes' such as Loose Women and This Morning for broadcast".
If this isn't manufactured consent, I don't know what is. But seeing what happens behind the curtains really makes you wonder: what other "mainstream opinions" were created this way?
This is Hutu vs. Tutsi meets Gobbels level propaganda, and I'm sure it must be very fun to be so righteous, we know how it ends. While mainstream society and discourses are not allowed to reason about the applicability or justness of violence, these official parties appear free to incite and direct it, and notably, to selectively enforce the provisions against it so that it's directed at the right people.
These are dishonest parties working in bad faith using special protection, what are the alternatives? I'm afraid the only thing they will understand is cost.
[1] https://www.dailymail.co.uk/news/article-7901731/Police-chie...
[2] https://www.dailyrecord.co.uk/news/uk-world-news/harrowing-t...
[3] https://mallarduk.com/grooming-gang-survivor-proposes-new-de...
[5] https://www.bbc.co.uk/news/uk-england-south-yorkshire-598283...
Spending tax dollars to eliminate privacy for those paying the taxes. Keep poking the bear.
... You realize that that hasn't been the case for ~20 years, right?
Both. Certainly a lot of major players see messaging as an important strategic area, not much needs to be said about that. But remember, for actual secure communications one needs both encryption and authentication, and the latter is a much more challenging problem. Purely as a matter of tech there could be better ways to go about that, but in practice there isn't any great infra for that inter-system, which is both distributed or at least federated and easy/accessible for the overwhelming majority of the population. It's improving in fits and starts but still a mess. A lot of the natural places that might make sense to base authentication off of have insecure foundations with enormous legacy base that'd be hard to change (typical collective action problem), or are very slow moving for other reasons.
Centralized solutions just make authentication much easier, even if at obvious cost and SPOF-risk. Within any given platform the centralized provider can of course guarantee all participants about certain properties of whomever they're dealing with. Governments could perhaps require some sort of industry standardized public-key based interoperability of auth, but even assuming they didn't muck it up goverments themselves (as this article shows) have unfortunate perverse incentives there. Not many have internalized yet that the economic cost of poor authentication and security is very high because it's so distributed. There may be a bit of coming around on that but it's slow. A grim silver lining to all the ransomware attacks for example is that at least they're highly visible and painful, and at last have started to motivate minds a bit. But the addiction of many agencies to old models is strong.
If you're a threat level is the state then there's very little to hide from them.
Citation needed.
I'll leave it to you to estimate how many people live per street corner, on average.
Holy crap, the US has more cameras per capita than China, according to this. The UK is a somewhat distant third.
Though I think a distinction should be drawn between government-operated and commercial surveillance.
1. These arguments appeal to people and making fun of them makes you sound like an ass. If your goal is to just complain to your in-group then I suppose that’s fine, but it won’t convince many people outside.
2. The arguments are true to some extent. CSAM online is a big thing, it’s hard to combat and seems shockingly common. (Though I’ve not worked for a big internet company that is likely to interact with this problem so this is all second hand). We are fortunate to mostly not be exposed to this part of society.
That doesn’t mean that you can’t support e2ee, but it does mean that it’s unfair to dismiss these arguments as a secret ploy to spy on your communications and unrelated to any actual problem.
As is sexual abuse inside private homes. Any child-protection argument that applies to spying online, applies ten times over to spying at home. How many children are raped each year, because you're unwilling to let a few cameras into your house? We pinky swear we'll only use the video feeds to investigate "serious" crimes.
Or something. It sounds profound.
The current British Prime Minister was literally fired from a previous job as a journalist because he can't stop telling lies. It's worth making a distinction from Trump here. Trump wasn't a liar, Trump was a bullshitter. A Liar knows what the truth is, and is trying to convince you of a falsehood, bullshitters have no idea what is true or false, they don't care. In some ways this makes Boris worse - he's deliberately trying to mislead you, which is harder to evade, is his claim that he enjoys making model buses a lie? Probably, but why is he lying about that? There were various theories. With Trump what he's saying has no connection to anything, so, it offers no clues as to the facts but at least you know that.
But like Trump, Boris is very popular with people who don't know much of anything. For them, the results of their support for Boris (everything got worse) are disheartening, but they're unable to join the dots. Who knows why this has happened, it surely can't be Boris' fault, wouldn't he tell us?
Main example that gives me this belief is this: https://youtu.be/wzUDRyciqVM
Where Boris Johnson says “well actually there’s no press here” to a man who responds by turning to and pointing out the press cameras filming both of them having this conversation and saying “What do you mean there is no press here? What are they then?”
It was the current government, well it's previous coalition instantiation that created the nudge unit[0]. A group of behavioural psychologists that use mind tricks to convince people to do as they are told, whether that is to drink less, or stop smoking or to follow COVID rules. A group that has since been spun off as a business to sell coercion as a service, to any two bit dictator, or free democracy that needs it.
This is the same government that deployed it's army information warriors against its own people during COVID [1]. The unit is known as 77 brigade and explains its mission as "modern warfare using non-lethal engagement and legitimate non-military levers as a means to adapt behaviours of the opposing forces and adversaries" [2].
The UK has never had more than a thin veneer of freedom, it's always been an aristocracy lording it over the rest of us. They should just do away with the pretence.
[0] https://www.instituteforgovernment.org.uk/explainers/nudge-u...
[1] https://ukdefencejournal.org.uk/77-brigade-is-countering-cov...
[2] https://www.army.mod.uk/who-we-are/formations-divisions-brig...
We have the same unaddressed issues as America does on race, but also with class. Social mobility was just a way of introducing crippling brain drain into working class communities - something which led to them being effectively criminalised as an underclass through ASBOs and the like.
(For the alternative to social mobility, the old line: "rise with your class, not above it")
Your [1] link asserts, right at the very top, "It is important to note that this isn’t being directed at British citizens or at UK organisations, the effort is being directed at sources outside of the country."
The legal conflation you're actually homing in on is we conflate technical terminals with their human users. We've been doing it for years, and it shows no sign of slowing down.
that's not true, try submitting an app to apple store, and you will get hit with a lot of Encryption Export Regulations prompts.
please see https://developer.apple.com/documentation/security/complying...
>When you submit your app to TestFlight or the App Store, you upload your app to a server in the United States. If you distribute your app outside the U.S. or Canada, your app is subject to U.S. export laws, regardless of where your legal entity is based. If your app uses, accesses, contains, implements, or incorporates encryption, this is considered an export of encryption software, which means your app is subject to U.S. export compliance requirements, as well as the import compliance requirements of the countries where you distribute your app.
https://www.engadget.com/fbi-encrypted-chat-app-anom-crimina...
I’m not sure why criminals use these botique services rather than sticking with the major ones.
You will find this article is also biased, unfortunately in your current timeline finding unbiased sources is becoming harder everyday
[0] https://www.thenational.scot/news/17858200.vile-abuse-snp-mp...
OTOH, many email providers do include the sender's IP, so it doesn't seem like a deal-breaker.
You realize that hidden services don't require exit nodes?
Just think about it in this manner. If you have a house and you set up cameras that monitor every square inch of the house, does it matter if there is one person in the house (high camera per occupant) or many people in the house (low camera per occupant)? Obviously not. The US is also one of the least population dense developed nations.
Not that we shouldn't be worried about surveillance, but let's use good metrics.
Approximate Populations, per wikipedia, for reference:
London: 9 million
Beijing: 21 million
NYC: 9 million
Snowden showed otherwise - they're spying on everyone's conversations, criminal or not.
If they do have this capability it is only every going to be used for large scale organised crime, terrorism and state security.
https://en.wikipedia.org/wiki/Investigatory_Powers_Act_2016#...
Don’t forget political opposition / dissidents, and analysis to see what they can get away with in terms of public opinion.
I have, however, heard that apps like Signal has become more common among politicians, but using it for official business is still illegal.
Is it really enforacble? What are the sanctions for breaking the law?
What if someone says it's a national secuirty matter?
Scenario nr 1: You are a misiter and you are discussing possible scenarios about a given event (let say something like an abortion). Should pulbic have full access to it?
Scenario nr 2: You are a minister and you are negotiating a new factory in your country. Foregin corporation wants to keep it secret before the deal is reached. How can you communicate?
If politians would be given a device from the deep state to handle all communication then they would have to use is exculsivly, you are givin the deep state an enormous power.
Foreign corporation wants to do X but X is banned in country.
We don't accept that for minimum wages, discrimination laws, pollution laws, etc. Why should communication laws be any different?
The law is available in Norwegian here, if you want to run it trough a machine translation service and have a look: https://www.regjeringen.no/no/dokumenter/nou-2003-30/id38285...
https://www.theguardian.com/commentisfree/2021/feb/08/queen-...
Not that a formal one makes much difference when the people who interpret it start doing mental gymnastics.
The whole “the queen is just this beloved and powerless figurehead” is propaganda.
She used "Queen's consent" to make sure she is the only person in Scotland who is exempted from a law designed to cut carbon emissions.
Some politicians would try to engage on the issues, but a ten minute debate in a hospital corridor isn't going to make the highlight news even if your well-rehearsed answers work, and it might not even get reported in rolling news if there's man falling into a vat of blancmange or something that gets laughs. "Boris doesn't know the cameras are there" works.
And sure enough, it worked on you as intended and you've taken away the message Boris wanted you thinking about. Boris doesn't want your respect, Boris wants power and has since childhood.
Much more recently Boris hid in a (walk-in) fridge. Ha ha ha. But wait, why did he hide in a fridge? Well that's funny and it made the news and is still used in memes, whereas "Boris refuses to answer important questions" looks a bit like maybe we shouldn't have him as leader, doesn't it...
You’re saying he wanted me to take away the message that he’s pathologically dishonest? Because that also looks a bit like maybe he shouldn’t be allowed to lead a country, or even his dog around for a walk without the supervision of someone more responsible.
Alex Johnson was scholarship boy at Eton and writing books about Shakespeare is his hobby. He is very well capable of comprehending abstract concepts and manipulating their perception to his benefit. He publicly portrays himself as "Boris the bumbling fool" but unlike Trump does not act like that in private. The fact that he is unethical and lazy does not mean he is stupid, and it is a dangerous assumption to make.
Shall we pretend that the family that has ruled Britain for 1200 years has no political power? Har har.
Every country in Europe that still regressively clings to a monarchy (and there are a lot of them) goes out of its way to pretend - because it's so comically backwards - that their monarchy is only a figurehead / ceremonial and has no real role. In fact they're all back up dictatorships waiting in the wings if there's ever enough political chaos to prompt the people to turn to that, and that happens every time historically.
[1] https://allthatsinteresting.com/lineage-british-royal-family
I think if they tried to exercise major operational control in government, it would trigger revolutions, formal republics, etc.
Reality is usually a bit more nuanced than the formal rules on paper. We have all kinds of laws on the books that don't really apply. Likewise with many of the supposed powers of these monarchies. Without exercise, exercising them makes them legal in the same way killing a home intruder is legal. Legality doesn't mean exercising it won't be bloody, won't have cost, won't have risk, etc...legality one way or another doesn't matter that much.
Try a bit over 100. The House of Windsor ascended to the throne of the United Kingdom in the misty past of … 1901. Even if we disregard royal houses and look at just successions then you run into some awkward situations pretty early, including a nice run of kings born in Hanover and speaking primarily German.
A lot of royalist propaganda is an attempt to tie relatively short lived dynasties into some mythical long lived chain of succession, mostly to reinforce the idea that they rule by right rather than by force or accident of history. In reality royal houses are regularly discarded when they become too inept, too inbred, or (in England’s case) too Catholic for the people to tolerate.
Just because the 1901 successor to the monarchy (Ed 7) was the son of a reigning queen (Vicky) rather than the son of a king does not make him unrelated to the previous dynasty. Agnatic primogeniture is just as much a bronze age concept as a particular family lording it over everyone by the gods' grace...
That's like saying the Church of England still has significant political power. it still has the ability to take tithes, although they are mostly optional.
The present royal family only really dates back to victoria, I mean sure they are tangentially related to the german/dutch/scots/danish that ruled before, but its not that strong.
The monarchy is constitutional technical debt. Technically the queen can refuse to sign laws, and dissolve parliament, but as the constitution is basically "because we said so" it'll be the last thing the queen does.
The queen has "influence", but not political power.
Yes, they have no political power except the 26 unelected, unaccountable bishops they have in the House of Lords, where every law must pass through.
The monarchy no longer has that power. It was removed a decade ago.
https://en.m.wikipedia.org/wiki/Fixed-term_Parliaments_Act_2...
There’s a very peculiar differentiation to make.
Imagine a public corporation that wants to build a factory, but wants to keep to secret for now, cause they don't want the competition to know or affect the share price.
And in the context of a crime investigation, all those private cameras will have their recordings looked at by the police - though I concede "spying" is too harsh a word for that.
This might happen in a parallel universe where the police were well resourced and competent. In reality, they rarely bother to access CCTV footage. It's not a particularly quick and easy process.
https://www.standard.co.uk/news/crime/met-police-fail-to-sol...
>Can't really believe anyone on HN is standing up for 24 hour surveillance with cameras.
As explained in the guidelines, there's a broad range of opinion on HN. However, I wouldn't say I'm 'standing up for' it. I'm fairly ambivalent about CCTV. I don't think it makes a large amount of difference, either positively or negatively. I do, however, think it's important to be accurate about how (un)sophisticated and (in)effective the surveillance apparatus actually is.
https://www.theguardian.com/uk-news/2021/feb/07/revealed-que...
"A series of government memos unearthed in the National Archives reveal that Elizabeth Windsor’s private lawyer put pressure on ministers to alter proposed legislation to prevent her shareholdings from being disclosed to the public."
Not to mention the lobbying Charles undertook, which took years to uncover, again because of his privileges as part of the royal family:
https://www.theguardian.com/uk-news/2014/jun/29/prince-charl...
""I would explain that our policy was not to expand grammar schools, and he didn't like that," said Blunkett, who held the post from 1997 to 2001. "He was very keen that we should go back to a different era where youngsters had what he would have seen as the opportunity to escape from their background, whereas I wanted to change their background."
Call it influence or power, fundamentally it is rich people getting to exert pressure on the legislative and executive that none of us get to exert.
https://www.popehat.com/2014/07/15/warrants-bulwark-of-liber...
First of all, information regarding the US is obviously irrelevant in the context of UK surveillance. Why even bring it up?
Second, every time you reply, you keep broadening out the terms of the discussion further and further, rather than addressing any of the specific factual claims in my posts. I have not taken any strong stance for or against surveillance in general. I'm only concerned to address inaccurate claims about the extent of CCTV surveillance in the UK.
The police can easily get warrants to look at lots of things that might be relevant to solving a crime. Maybe that is a problem. If so, that's an issue that's only tangentially related to CCTV surveillance in the UK.
All I am doing is correcting the claim that the police in the UK can force private individuals to hand over CCTV footage without a warrant. If you have a problem with warrants per se, then that's probably a discussion to be had elsewhere.
Barring evidence otherwise, I believe it's reasonable to conclude the situation in the UK is similar, or at minimum, that we don't know that warrants in the UK are an adequate protection. Unfortunately I don't know of information about this that is specific to the UK.
> you keep broadening out the terms of the discussion further and further, rather than addressing any of the specific factual claims in my posts.
I apologize. I did and do concede that referring to the proliferation of mostly (mostly) private CCTV in the UK as "government spying" is incorrect. I did not address the other claims you made because I agree with or believe them or think they're likely true and didn't bother investigating (such as a warrant requirement to take private CCTV footage, and that the police rarely bother to request CCTV footage). I see how that can create a frustrating feeling of getting nowhere.
But while I don't dispute the latter two facts (in fact I think we agree on all factual issues so far), I disagree with the implication that this diminishes the surveillance state, or that the problem is limited to how warrants are issued.
While the police/government may only rarely request CCTV footage, the possibility is there, which is enough to establish chilling effects, especially for groups that may fear selective enforcement, where more resources are expended to suppress them than what is afforded to regular crime.
This is how the US government defended their illegal bulk surveillance PRISM program - that while they collected data on everyone, they had strict (so they say) limits on who humans working there looked at, and that only what humans look at counts as a "search".
And while I do have a problem with how liberally warrants are granted, that would not be such an issue if there was less data for the warrants to request in the first place. Recent history has shown that once the infrastructure for surveillance is built, purely legal means are rarely effective in restricting its use.