UK Police To Step Up Hacking of Home PCs

toomanyairmiles writes "The Times of London reports that the United Kingdom's Home Office has quietly adopted a new plan to allow police across Britain to routinely hack into people's personal computers without a warrant. The move, which follows a decision by the European Union's council of ministers in Brussels, has angered civil liberties groups and opposition MPs. They described it as a sinister extension of the surveillance state that drives 'a coach and horses' through privacy laws."

Is this....legal?

[Smidge207]

Meh. Just another excuse to snoop on people without justification. If a warrant is issued then at least there is a paper trail leading back to who applied for the warrant any why. If this law goes through then it will be a free-for-all and history has demonstrated very well what happens then.

Also, as far as I'm aware, UK security services have been doing this for some time, this simply makes it legal. Given the majority of the population are not very tech savvy their solution wouldn't need to be that complex, although I imagine its more complex than just a key logger. The only evidence I have for this is talking to people who work in these organizations. The advice to me was get using TOR (although I can never configure it right) so maybe its not too complex, or maybe they were double bluffing me. Who knows? I'm guessing the arrest levels aren't so high because they would have to arrest almost everyone under 30 who's been on a computer. Once they've got the logistics sorted I'm sure they'll happily cart us to the gulag though.

=Smidge=

Re:Is this....legal?

[pete6677]

The U.K. government might as well just announce that their subjects no longer have any rights at all. They have effectively all been removed in practice. To put things in perspective, this country is on the verge of banning kitchen knives to try to reduce violent crime (now that private possession of firearms has been completely outlawed). The saddest part of all is that the subjects of the U.K. support this nonsense by a large margin.

Re:Is this....legal?

[MrPloppy]

Actually the UK is NOT at the verge of banning kitchen knives. A group of Doctors suggested the ban of POINTED kitchen knives. By the way very few people in the UK actually wants fire arms to become legal. http://www.express.co.uk/posts/view/46266/Ban-kitchen-knives-to-save-lives-says-doctor

Re:Is this....legal?

Firstly, you sound like one of those fucking gun-fetishist yanks. "Poor people without guns, that must be why they've no rights". No. The rights come through political machinations and the broad agreement of large groups of people. Change doesn't come because some isolationist nutjobs do or don't have guns.

As an example, the UK government has to respect the UN Universal Declaration of Human Rights and the European Convention on Human Rights. Both these documents have regularly trumped the government in court, and didn't need a single gun pointed at the government's head to get them to comply.

Secondly, private possession of firearms has not been "completely outlawed". There are plenty of people with rifles and shotguns next to their beds; Tony Martin comes to mind. You can even have your precious handgun if you can convince the police you have a "good reason" and they sign off on your license. Good luck.

Re:Is this....legal?

[operagost]

Oh, POINTED kitchen knives. Well, that's much better, isn't it? And physicians are definitely the sort of experts we want making the decisions on kitchen cutlery.

Re:Is this....legal?

[Lord+Kano]

They have effectively all been removed in practice. To put things in perspective, this country is on the verge of banning kitchen knives to try to reduce violent crime (now that private possession of firearms has been completely outlawed).

15 years ago, after their big round of gun bans, we asked if there were to be a rash of stabbings would they try to ban knives. The response was "Don't be ridiculous.", now that there has been a rash of stabbings they are actually going to try to ban knives. When youthful criminals begin to bash each other on the head with Cricket bats, they will register and ban Cricket bats. Then rocks, then sticks, then anything not made of nerf.

It's not a slippery slope anymore, it's a waterslide.

LK

Re:Is this....legal?

[jps25]

So, uh, then I'll just use a screwdriver and have fun stabbing you or I'll just smash your head in with a stone.
Or how about kicking the shit out of you with a pair of Doc Martens?
How about a nice baseball or cricket bat to the head? A shovel will do just fine as well but STOP! Hammertime!
Why don't I just use a scarf to strangle you?
Where do you want to end this crap?
You might enjoy living with mandatory children's cutlery, I don't.

The UK has potentially more surveillance than North Korea, but it's been useless in preventing crime.
And don't give me that shit about saving lives.
The UK doesn't have proper health care and just last week two ambulancemen were arrested for letting a man die because "he was not worth saving" ( http://www.timesonline.co.uk/tol/news/uk/health/article5420921.ece )
There are far more serious issues the UK should deal with than cutlery.

Re:Is this....legal?

[FishWithAHammer]

You will never "prevent" crime. You can make it less appealing at best.

"Knife crime" will turn into "screwdriver crime" if you ban pointed knives.

Or they'll sharpen points on their knives themselves. It's not hard.

Re:Is this....legal?

[BLKMGK]

Maybe you guys might want to figure out why the "young people" are pissed off and do something about it?

Frankly if I'm going to stab someone I think I might choose a good Phillips head screwdriver over a kitchen knife anyway. Knives tend to make good slashing weapons but stabbing might be a little better with something thin and pointed. the screwdriver will certainly raise fewer eyebrows when I am walking away with it and there's no chance of my hand sliding down the hilt to injure myself and leave DNA behind....

BTW, I carry two knives regularly. Handy little things they are and I've yet to feel the urge to plunge one into someone or hijack a plane with them - and yeah I flew with them prior to 9-11. I guess you guys are as much into security theater as our TSA is huh?

Re:Is this....legal?

[Keen+Anthony]

Then those doctors have never prepared a meal more complicated than a microwave dinner. I have several different kinds of knives, and I use them properly. Pointed knives have a useful, necessary function as a proper chef's knife.

What's the criminal punishment in the UK for a teenager who is found carrying a knife, incidentally?

Re:Is this....legal?

[AK+Marc]

Or they'll sharpen points on their knives themselves. It's not hard.

But that's simply not true. There are enough crimes of passion that people would never stop in the middle of to fabricate a weapon. That alone would save lives. I'm not saying it's a worthy justification, but it simply isn't true to say that they'd find another deadly weapon. Yes, they may then just strike with their hands in an attempt to kill, but it is less likely to succeed than a gun or knife.

Re:Is this....legal?

[Max+Threshold]

Funny how the UK is slowly turning into Nazi Germany, while the US turns into the Soviet Union.

Re:Is this....legal?

[cliffski]

so how is that working out in the USA? you guys sure showed your government how you felt when they tried to open guantanomo bay, introduced the patriot act and started an illegal war in the middle east didn't you?

Yeah, that showed em! And to think, they might have got away with all that crap if you guys didn't have your guns...

Re:Is this....legal?

[ultranova]

UK citizens no longer have a leg to stand on in any arguement regarding civil rights if they support this shit.

The way to prevent knife crime is to NOT have mercy on perpetrators. IOW, Death Penalty.

The way to reduce all crime, including knife crime, is to leave behind barbaric bullshit like Death Penalty. Not even the Roman Empire, which it's habit of crucifying criminals or throwing them to lions if they were feeling nice, managed to stop people from being criminals. "No mercy" simply means that the criminals will respond in kind, and make sure to leave no witnesses; it won't make them stop them being criminals, or others from becoming criminals. It will just turn a life of crime into an outright war, with all the collateral damage that implies.

Besides, all rights are dependant on the right to life. If the state has a right to suppress that just to make you feel safer from knife crime, why wouldn't it have the right to suspend any other right to make anyone else feel safer from the criminals/terrorists too ? And, if Death Penalty is an option, how much effort do you think it would take the government to frame a political dissident and have him executed ?

You can't stop knife crime no matter what you do, and getting "though on crime" will simply make the criminals though on you and cause lots of unnecessary grief for no gain. Just like the War on Drugs, or any other similar campaign. It makes for a nice election speech, but is quite a brain-dead policy to actually implement.

Re:Is this....legal?

[Aceticon]

Maybe you guys might want to figure out why the "young people" are pissed off and do something about it?

Food for thought:
- There is no family culture in England like there is in Mediterranean countries (think the whole "mama" thing in Italy)
- There is no overall, unified set of traditions in England other than "go out and get pissed on Fridays"
- Media continuously pushes the image that happiness comes from buying stuff.
- There is no feeling of social responsibility like there is in Nordic and Germanic countries (for example, in Holland being called anti-social - asociaal - is actually an insult). Around here people are taught it's everybody for themselves and don't mind the others.
- The local heroes that youths aim to emulate are not those of science, culture or law - they're mostly "celebs" whose business is show-business and whose product is being scandalous.
- Parents are not made to take responsibility for the actions of their kids.
- A culture of political correctness, small-powers, centralized command-and-control and common law has taken away or distorted the powers of punishment/reward from socially-important actors such as teachers and social workers.

Re:Is this....legal?

[Archtech]

...young people are killing each other more and more.

Why do you think that is? All this discussion of ways and means of killing one another is very much secondary. The key question is, why do people want to kill one another at all? Human beings are ingenious, and will always find a way to do what they want.

Universal education was supposed to make us all more enlightened, tolerant, and humane. How come the opposite seems to be happening?

Re:Is this....legal?

[locofungus]

Or they'll sharpen points on their knives themselves. It's not hard.

But that's simply not true. There are enough crimes of passion that people would never stop in the middle of to fabricate a weapon. That alone would save lives. I'm not saying it's a worthy justification, but it simply isn't true to say that they'd find another deadly weapon. Yes, they may then just strike with their hands in an attempt to kill, but it is less likely to succeed than a gun or knife.

In the UK the perceived problem is "youths" going out armed with knives. There have been a lot of headlines recently wrt youths being stabbed to death. It's not obvious how much this is the papers blowing up a topical issue and how much is an actual increase in fatal youth on youth violence.

It may be that the decision to use the knife is a spur of the moment "crime of passion" thing, but the decision to carry said knife is certainly premeditated and there's no reason to suppose that adding a point to an otherwise round ended knife wouldn't also be done.

It is an offence in the UK to carry almost all knifes[1] in almost all circumstances in public. There are exceptions, folding pocket knifes (knives that do not lock open) with a blade of less than 3 inches and when you have a legitimate reason (e.g. a chef returning home from work or someone who has just bought a knife and is going home with it) but the law is an absolute offence with statutory defences (i.e. it's presumed you are guilty unless you can assert one of the defenses) so woe betide that chef who forgets and leaves his knives in the boot of the car when he goes into town to do his shopping.

[1] Actually it's any bladed or pointed article or offensive weapon. A child's plastic sword is illegal to carry in public, as is a spare safety pin that, AIUI, the mother of the bride always carries "just in case" (although that might come under traditional or religious dress defence, I'm not sure)

http://www.statutelaw.gov.uk/content.aspx?LegType=All+Legislation&title=Criminal+Justice+Act&Year=1988&searchEnacted=0&extentMatchOnly=0&confersPower=0&blanketAmendment=0&sortAlpha=0&TYPE=QS&PageNumber=1&NavFrom=0&parentActiveTextDocId=2116646&ActiveTextDocId=2116820&filesize=4468

Tim.

Re:Is this....legal?

[locofungus]

Just to follow up - the "plastic sword" thing isn't completely a joke:

http://www.dailymail.co.uk/news/article-1084886/Rambo-student-charged-possessing-inch-plastic-knife-case-dropped.html

Tim.

How??

[4D6963]

Hack into people's PC? How do they do that, and what do they get out of it?

Re:How??

[Spatial]

Click here to win a free iPod!

Re:How??

[arkhan_jg]

Methods mentioned in the article include:
quietly breaking in physically and installing a keylogger, parking up nearby and breaking in via the wireless, or sending a trojan via email.
This gives them email, browsing history, local documents, and presumably other information going forward.
They also have the capability under the RIP act to intercept emails, web-traffic and other 'net use via a tap at the ISP itself.

All of this without any court oversight or warrants. But they'll only do it if a senior police officer believes it's necessary to gather evidence of a crime carrying a sentence greater than 3 years.

Well, that's alright then! as long as a policeman is suspicious of me, that's a perfectly good enough reason to remove all court oversight of police intrusion into my private life!

Jesus.

Re:How??

[sleeponthemic]

Click here to win a free iPod!

Bummer, I didn't win. I guess the winner actually gets a link.

Re:How??

[JamesRose]

I believe they crawl in through the tubes.

Re:How??

[QuantumG]

meh, court oversight doesn't do anything anyway. The courts are happy to rubber stamp any search warrant where there is reasonable expectation that evidence might be found. And if the police find nothing? Oh, there's no oversight on that. Around 1998 I had police knock on my door and seize my computers because they had obtained a warrant on the grounds that I had spoken online with someone who had hacked into a national ISP via a corporate phone conference line, running up their bills. The police had reason to believe that they might find evidence of his crime on my computers. As such, I was required to suffer the inconvenience of having my hardware forfeit for months while they investigated. In the end they found nothing and, after much harassing on my part, eventually returned the hardware. No apology, no oversight.

Re:How??

[notseamus]

More like: Click here to win a free Zune

It's the government, and they're terribly out of touch you know...

In other news, the Tories are now the party of the left in the UK.

Re:How??

[Allicorn]

[tinfoil-hat]The annual free tax utility software CDs from the Revenue[/tinfoil-hat]

Re:How??

[cusco]

As one of the participants at DefCon said a couple of years ago when discussing the FBI's 'Magic Lantern' software, "If they want to arrest you they don't even need any evidence any more. They can just dump some kiddie porn in your browser cache and kick in the door. Good luck proving it wasn't you that put it there."

Re:How??

[JackieBrown]

As long as they are quiet when they physically break in, I'm ok with it.

Invasion of privacy is one thing, but loud noise I will not tolerate.

Re:How??

[cjb658]

Damn, our spy program was foiled by Microsoft DRM!

Re:How??

[timeOday]

This then triggers the installation of "legalized" spyware which tracks the user's communications and browsing habits.

I think all the above posts in this vein are wrong. The question isn't whether there are technical means for computers to be compromised en masse - botnets proved that already. The entire question is: which means will the government be willing to use. If the govt perpetrated mass infections of computers, it would certainly be detected, very likely to cause outrage, and easily remedied by anybody who really cared. So I predict they will remain more targeted in their attacks. The whole key to unregulated powers is to use them against a small minority so the majority don't get upset and start getting regulations passed. (Of course, that minority might not be criminals - they might be political opponents etc).

sigh

[wizardforce]

so it seems that 1984 only got the year wrong after all. unfortunately the fear and paranoia in the public's mind is only going to fuel more of this ridiculous nonsense.

Re:sigh

[arkhan_jg]

Bear in mind, when the RIP act first came into force, only the police and security services had rights under it to perform such things as covert suveillance, and retrieve your email and phone records without a warrant. Now those powers have been devolved to all sorts of bodies, including local councils - which has led to a council covertly following a 4 year old to see if she actually lived in the cachement area of a local school (and so was eligable to attend), and another getting email and phone records to investigate a case of illegal rubbish dumping - all without warrants.

How long before local government and other civic bodies have the right to send me a trojan via email, or break into my wireless to investigate an accusation of some petty civil offence without a warrant?

Re:sigh

[digitig]

1984 didn't even get the year wrong; it was a deliberate reversal of the last two digits of 1948, the year of the book's publication, and within the limits of the technology available it was all going on then.

The real question

[moniker127]

When your government is hacking you, is it illegal to lock them out?

Re:The real question

[wizardforce]

from their point of view it is, in the US and presumably the UK the constitution would say otherwise but since when do any of them bother following their constitutions? They can get away with this nonsense because not enough people are fighting it and too many people think "well only terrorists and other criminals should be afraid." The thing to keep in mind is that once you can justify unconstitutional acts against criminals there isn't too much standing between that position and "lets violate everyone's civil rights."

Re:The real question

[arkhan_jg]

Under the RIP act, no. 2 years in jail for refusing to hand your encryption keys over upon demand, as long as the police have a reasonable suspicion that you have them. If you're accused of child-porn or terrorism offences, it goes up to 5 years for refusing to hand over your keys.

Re:The real question

[CodeBuster]

Has it occured to anyone else that with all of the surveillance and tracking going on in the UK that they might simply make certain crimes, like say identity theft, more attractive without really reducing the overall amount of crime or catching those who are actually responsible?

Re:The real question

[arkhan_jg]

Identity theft has risen sharply in the UK in recent years, as it has globally. A specific example include people cloning or stealing car number plates so they can drive in the London congestion charge zone without paying, and somebody else gets the fines.

Government advice? Spend a significant sum replacing our number plates with ones that break if they're removed, or pay credit-insurance in case our financial details are stolen.

I'm sure it's occured to the government that people are starting to use identity theft more to avoid detection. They just use that as an excuse to pass ever-more draconian laws allowing them to dig into your private-life ever deeper without warrants; in case, you know, you're a terrorist.

Re:The real question

[thrillseeker]

better curry

Re:The real question

[jc42]

Has it occured to anyone else that with all of the surveillance and tracking going on in the UK that they might simply make certain crimes, like say identity theft, more attractive without really reducing the overall amount of crime or catching those who are actually responsible?

Well, my first thought was that it's only a matter of time until they learn that part of the rise in identity theft is because some of the cops are setting up profitable businesses on the side, subletting their access to citizens' computers to the identity thieves.

Have there been any cases like this in the UK yet? I'd expect that they are happening now, but the information may not be public yet.

Re:Linux anyone?

[moniker127]

Feh. I'm in the UK and using windows. I dont think I really have anything to w

+1 Methodology

[TACD]

Police might also send an e-mail to a suspect's computer. The message would include an attachment that contained a virus or "malware".

Really? The recommended methodology of the police is the same as that used by opportunistic criminals to steal credit card information, that the police warn about?

C'mon, it's just impossible to satirize this kind of thing. It's not fair.

They Cannot Have it Both Ways

[CodeBuster]

It is not possible to allow the "good guys" only to have access to secure operating systems and security technologies such as encryption while simultaneously locking the "bad guys" out. The British government will have to decide what is more important, providing secure online banking, shopping, and other electronic services as part of operating in a modern economy OR hobbling the information economy with restrictions to catch a few more low-level or careless "bad guys" at the expense of even more loss of privacy for millions of ordinary British citizens and substantial encumbrance of legitimate economic activity involving computers, the Internet, and other "sensitive" technologies. If it is easy for the police to "hack in" then it is easy for the spammers, terrorists, or anyone else to "hack in" as well. The British reaction always seems to be, "We ought to have a law against that!" instead of simply acceptating that bad things will sometimes happen despite the best laid plans or intentions and moving on with "acceptable risks" in an open society.

I will /make/ it legal.

[The+Master+Control+P]

Just get her to sign the treaty.

Re:won't help

[Tubal-Cain]

Every couple minutes, just in case. Why do you ask?

Re:Calm down, people...!

[digitig]

It's only a newspaper story. It's confused as to whether the Home Office are operating this power or talking about it.

Just so. What's particularly suspicious is that although they have a quote from Liberty about this, there doesn't seem to be anything about it on Liberty's website -- this should be front-page news for them. In fact, the last thing Liberty has on the subject is this from last year, in which the European Court of Human Rights ruled that RIP was a violation of human rights and that the UK was obliged to add more transparency and accountability.

V for Vendetta

[Weaselmancer]

"But again, truth be told, if you're looking for the guilty you need only look into a mirror."

I used to think V for Vendetta was fiction. It's starting to look like a documentary.

Re:Good reason to use Linux

[SScorpio]

Truecrypt will allow full encryption for either a Windows or Linux system. However, even if you have full drive encryption, once your computer is hacked and accessible while running data can extracted from it.

Didn't the UK also have a semi resent law about being forced to hand over passwords as well? If so encryption won't protect you much, as long as whatever you are hiding is worth spending the five year penalty in jail.

Re:Good reason to use Linux

[BLKMGK]

If I break into your machine and am accessing it at your user level or at a higher level I will be looking at the same contents YOU are looking at - which is to say unencrypted unless you have lots of stuff you leave locked up and never use (lol). Encryption is GREAT when someone kicks in the door and runs off with a system that's sitting there turned off. It's less great when they get in while you're using it via network or physical means - you know grabbing your ass and shoving you away from the keyboard.

Crypto isn't the magic wand to fix this....

Written vs. "Un-Written" Constitutions

[DesScorp]

The U.K. government might as well just announce that their subjects no longer have any rights at all. They have effectively all been removed in practice.

This is where a unified, written Constitution comes in handy. Yeah, those can be abused as well... the Right wing points to courts basically ignoring the 10th Amendment for decades, and the Left Wing points to a number of Bush wartime programs. But the fact is, it's still much easier to plead your case in courts when you have your Constitution on paper, in clear written form, instead of a collection of traditions and court cases.

Want to complain that the US government is doing illegal searches and seizures? At least you have a 4th Amendment to point to and say "you're violating this law". In a country with an un-written Constitution, even if there's a court precedent on the issue, without a written Constitution, the government can simply decree a thing, and it's so, until they're booted out of office.

Re:Good reason to use Linux

[YttriumOxide]

I know you were joking, but I have a story that is likely similar (not Linux though...).

Quite some years ago, I was running an Amiga as my main system (relatively high end Amiga 4000, not some toy games thing). I was talking to a guy on IRC and he was bragging about putting a bomb on a plane. This was well before 2001, so the world wasn't in the grips of "OMG terrorists!", but it still seemed like a fairly big deal to me. Now, from my perspective, I was pretty sure the guy was just talking out his arse, but I wasn't really 100% sure, so for safety's sake, I didn't really want to just leave it.

At this point, let me elaborate that I was in fact a teenager, and also not particularly "worldly wise". It was at this point, I made somewhat of a mistake. I had access to a few servers I really shouldn't have, and decided that since I didn't want to get involved in the process of a police investigation (there's nothing more I could tell them other than what the guy said on IRC), I sent an email "anonymously" through a badly configured mail server (forging my own headers using telnet as my SMTP client) and informed the police and the airport in question about what the guy had said.

Two days later, the police arrived at my door (um, yeh, I'd sent the email "anonymously", but hadn't taken any steps to obscure my IP address, so all they needed to do was call the owner of the mail server, followed by my ISP). They had a search warrant stating they could seize any computer related equipment in my house, and stated it was issued "under suspicion of Attempted Murder and Breach of the Telecommunications Act" (no I'm not kidding... it really did say "Attempted Murder").

They took all my computers and related equipment (right down to a stack of old SCSI drives I had in my sock drawer). I spent a couple of MONTHS without them. I got a nice write-up in the local paper, but that wasn't much consolation. After two months, I made a complaint to the Police Complaints Authority stating that it really was ridiculous for the police to have my stuff for so long (their ongoing excuse was that they sent it to another city for analysis). I finally got it back about two weeks after that, only to find that they'd ripped the HDD out of my A4000 and erased it. I can only assume they stuck it in a PC, saw that it was "not formatted" and tried to "recover" the data from it.

They made no statements about whether my HDD had been "helpful" in their investigation or not, and I heard no further from them after that (including no further comments about the "suspicion of attempted murder"!). The best I could get from them was a weak apology about my data loss, as being a private individual (and unemployed at that), there was no protection for my data under the law (if I'd been a company, I probably could've sued, but a private individual's data was (may still be?) essentially considered worthless in the eyes of the law).

For reference: the country this happened in was New Zealand - normally a pretty nice place, but don't expect small town cops, or even the "computer analysis team" to have ANY idea what they're doing or admit that this is the case (actually, I would HOPE this has changed over the years, but I wouldn't bet on it).

The moral of the story...

[denzacar]

http://www.youtube.com/watch?v=i8z7NC5sgik

http://www.youtube.com/watch?v=08fZQWjDVKE

Re:Good reason to use Linux

[teabag_46]

The RIPA act http://security.homeoffice.gov.uk/ripa/ makes it an offence to NOT disclose passwords when required, by the law enforcement agencies of this country. Non disclosure is punishable by up two years imprisonment!