Cameron Asserts UK Gov't Will Leave No "Safe Space" For Private Communications

An anonymous reader writes with the story from Ars Technica that UK prime minister David Cameron "has re-iterated that the UK government does not intend to 'leave a safe space — a new means of communication — for terrorists to communicate with each other.'" That statement came Monday, as a response to Conservative MP David Bellingham, "who asked [Cameron, on the floor of the House of Commons] whether he agreed that the 'time has come for companies such as Google, Facebook and Twitter to accept and understand that their current privacy policies are completely unsustainable?' To which Cameron replied: 'we must look at all the new media being produced and ensure that, in every case, we are able, in extremis and on the signature of a warrant, to get to the bottom of what is going on.'" This sounds like the UK government is declaring a blustery war on encryption, and it might not need too much war: some companies can be persuaded (or would be eager) to cooperate with the government in handing over all kinds of information. However, the bluster part may leave even the fiercest surveillance mostly show: as Ars writer Glyn Moody asks, what about circumstances "where companies can't hand over keys, or where there is no company involved, as with GnuPG, the open source implementation of the OpenPGP encryption system?" Or Tor?

Re:At least he included warrants

[firewrought]

Ha ha, did you think he meant warrants? No, no, no... just like every other effort to chip away at freedom and privacy, it comes dressed in the noblest of promises. But once the necessary powers are secured, the promises can be gradually (if not immediately) infringed upon.

Re:You know it's not going to work

[mlts]

It also is going to backfire.

Take SSL/TLS. Are they going to demand both parties stash the session key, or do their handshaking through a proxy logging each packet? The first time some intruders nail that data store and find out a bunch of banking passwords, the cost of that breach will be incredible. If they alter the SSL/TLS algorithm, will it bring unexpected changes that destroy the algorithm's security, or the code used not implement the changes in a secure fashion?

As for outlawing it, it -could- be done, but it would require far-reaching internal and external controls, with very sophisticated algorithms to detect unauthorized encryption, and pull that machine from the net. However, this is a cat and mouse game... and ultimately, the bad guys are just going to do like Daesh, and AQ before them... and go back to couriers, dead drops, and burner phones. Yes, it doesn't give as fast results as the Net, but it is a lot tougher to intercept. So, it an be done... but it is doubtful that even the British people would tolerate this much interference in their lives.

What do you mean what about circumstances?

[sims+2]

Has every one forgotten Lavabit already? It was only two years ago. http://yro.slashdot.org/story/... They found out the hard way. http://it.slashdot.org/story/1...

  "Glyn Moody asks, what about circumstances "where companies can't hand over keys, or where there is no company involved, as with GnuPG, the open source implementation of the OpenPGP encryption system?" Or Tor?"

"Ladar Levison, founder of the encrypted email service Lavabit that shut down last year because of friction with U.S. government data requests, has an article at The Guardian where he explains the whole story. He writes, 'My legal saga started last summer with a knock at the door, behind which stood two federal agents ready to to serve me with a court order requiring the installation of surveillance equipment on my company's network. ... I had no choice but to consent to the installation of their device, which would hand the U.S. government access to all of the messages â" to and from all of my customers â" as they traveled between their email accounts other providers on the Internet. But that wasn't enough. The federal agents then claimed that their court order required me to surrender my company's private encryption keys, and I balked. What they said they needed were customer passwords â" which were sent securely â" so that they could access the plain-text versions of messages from customers using my company's encrypted storage feature. (The government would later claim they only made this demand because of my "noncompliance".) ... What ensued was a flurry of legal proceedings that would last 38 days, ending not only my startup but also destroying, bit by bit, the very principle upon which I founded it â" that we all have a right to personal privacy.'"

Re:David Cameron is actually a genuine idiot

[Dutch+Gun]

Fascism uses the power of the state to oppress its citizens.

Capitalism uses the power of the state to ensure its corporations can oppress its citizens.

Communism uses the power of the state to oppress its citizens and ensure its economy remains in shambles.

Socialism grants significant power to the state with the expectation that it will use that power for good, and then its citizens are shocked and outraged when the government uses that power to oppress its citizens.