Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK Building Eavesdropping Infrastructure

Posted by timothy on from the nothing-sacred-anymore-unless-known dept.

This Sunday Times story about a new office under MI5 scheduled to open later this year with the innocuous name of "Government Technical Assistance Centre" to oversee the content of e-mail sent by and to Britons ought to give pause to anyone interested in online privacy. Though governments will always be several steps behind determined privacy seekers, this bodes ill for anyone who'd prefer to keep the contents of their e-mail even nominally secret. "The security service and the police will still need Home Office permission to search for e-mails and internet traffic, but they can apply for general warrants that would enable them to intercept communications for a company or an organisation," says the article. How comforting.

2 of 185 comments (clear)

  1. Re:Sendmail upgrade? by Syberghost · · Score: 5

    You're both sorely in need of catching up with the program:

    RFC 2246 defines (and has for well over a year now) the protocol, and the latest commercial releases of sendmail implement it.

    So does the Sun Internet Mail Server

    Finally, Weitse Venema's postfix MTA has a freely-available TLS patch that implements SMTP encryption for those of us who don't want to pay for it.

    There's even an RPM available.

    Postfix, BTW, which used to be called vmailer, is the IBM Alphaworks free MTA project that was covered here in /. back in the day.

    As, indeed, was this entire portion of this thread.

    --

  2. Sendmail upgrade? by logicnazi · · Score: 5

    So why doesnt everyone encrypt their emails now?

    It is too difficult and time consuming to gather public keys from all your associates esp. people who don't know about PGP etc..

    Even when you have the public key it is too much hassle to type in your passphrae for routine email making encrypted mail stand out all the more.

    But the truth is we don't need to have passphrase protected emails all the time. Only when we are leery of government search warrants do we need to protect the content at the source/destination. Insteed what is necessery is a encapsulation of the email as it travels the internet. This way it can't be picked up by packet sniffers and it will be impossible to ferret out the real encrypted email.

    To this end I suggest a addition to sendmail. Every time it delivers a message to the recieving computer a one time key (diffie-hellman) is generated so the message text is unreadable as it travels the internet.

    Before we couldn't do this but now with the loosining of laws this is possible...not perfect but better than the status quo

    --

    If you liked this thought maybe you would find my blog nice too: