Slashdot Mirror

← Back to Stories (view on slashdot.org)

Snoopers' Charter Could Mean Trouble For UK Users of Encryption-Capable Apps

Posted by timothy on from the for-the-likes-of-you dept.

An anonymous reader writes with a story at IB Times that speculates instant messaging apps which enable encrypted communications (including Snapchat, Facebook Messenger and iMessage) could be banned in the UK under the so-called Snooper's Charter now under consideration. The extent of the powers that the government would claim under the legislation is not yet clear, but as the linked article says, it "would allow security services like the Government Communications Headquarters, or GCHQ, and MI5, or Military Intelligence Section 5, to access instant messages sent between people to and from the country," and evidently "would give the government right to ban instant messaging apps that use end-to-end encryption." That might sound outlandish, but reflects a popular and politically safe sentiment: "'In our country, do we want to allow a means of communication between people which we cannot read? My answer to that question is: "No, we must not,"' [Prime Minister] Cameron said earlier this year following the Charlie Hebdo shooting in Paris."

22 of 174 comments (clear)

  1. The Charlie H killers were roommates by sandbagger · · Score: 4, Insightful

    They planned their horrific act over a kitchen table. They had no need for instant messengers, e-mails of Skype to talk from one end of the apartment to another.

    --
    ---- The above post was generated by the Turing Institute. Maybe.
    1. Re:The Charlie H killers were roommates by s0litaire · · Score: 4, Funny

      Never underestimate the laziness of a person with a smartphone!

      --
      Laters Sol "Have you found the secrets of the universe? Asked Zebade "I'm sure I left them here somewhere"
    2. Re:The Charlie H killers were roommates by sumdumass · · Score: 3, Insightful

      They also have no way of distinguishing codes used in furthering their goesl. For instance we could nickname components of a bomb recipe the same as foods. "I'm having a party, what can you bring that we can put on the grill" could be a code for lets bomb something, got any explosives. And the response "nothing but i have plenty of eggs and bacon if I can stay over" could mean I'm in- no explosives but lors of ammo and guns. Someone else could chime in with "i need to stay over too and i have plenty of beer and some beef for the BBQ" could mean I'm in and have these components of explosives.

      And all that can be determined over the kitchen table or in another country or whatever in advance. No amount of listening in will catch that before something happened and would be a shaky guess only pointing to a connection between people after the fact.

    3. Re:The Charlie H killers were roommates by SuricouRaven · · Score: 2

      A long-established military practice. It's known as an 'idiot code,' and was vital for secure (or secure-enough) battlefield radio communications before encryption technology became practical for field use.

    4. Re:The Charlie H killers were roommates by amiga3D · · Score: 3, Insightful

      See, we must have cameras and recorders in all homes to insure our safety. Freedom is just another word for less safe.

    5. Re:The Charlie H killers were roommates by BlueStrat · · Score: 4, Interesting

      "'In our country, do we want to allow a means of communication between people which we cannot read? My answer to that question is: "No, we must not,"' [Prime Minister] Cameron said earlier this year following the Charlie Hebdo shooting in Paris."

      Cameron is asking the wrong (or a misleading) question.

      The choices are communications you (GCHQ/MI5/etc) may not be able to decrypt, or communications that anyone may be able decrypt.

      There is no 'secret sauce' method of making communications secure against common threats while simultaneously making them insecure to the government.

      If the government can read the communications, so can any other interested party including, terrorists, foreign intelligence agencies, rival/foreign businesses, journalists, etc etc.

      Including Cameron's own political enemies.

      He may not like it if he gets what he's advocating for.

      Strat

      --
      Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
    6. Re:The Charlie H killers were roommates by FrozenGeek · · Score: 2

      Time to ban kitchen tables.

      --
      linquendum tondere
    7. Re:The Charlie H killers were roommates by Xest · · Score: 2

      "The choices are communications you (GCHQ/MI5/etc) may not be able to decrypt, or communications that anyone may be able decrypt."

      Actually I think that's exactly what he was gunning for, having followed the original announcements and speech. This Australian IBTimes article seems to be putting a completely different interpretation on what was said at the time.

      At the time, Cameron was talking about increasing funding and tools for the security services, as such, it seemed pretty clear he was talking about bolstering the ability of the security services to crack encryption be it through making it easier to perform MITM attacks, or by simply increasing funding for crypto research aimed at breaking common encryption.

      Cameron is a prick, there's no doubt about that, but he isn't stupid. Even he knows a ban on certain applications would never work.

      I don't even know why the IBTimes has come up with this theory now, 2 months after the queens speech. It seems like a classic case of sensationalism for hits. The timing is about 2 months too late, and the content seems to be entirely speculation with no evidence.

      The communications bill is bad news for sure, but every time I see nonsense that distracts from what's really contained like this I'm becoming more and more concerned that stories like this may well be getting thrown out there to distract from the bad things it actually contains. I think they figure if they get the internet riled up arguing over something the bill doesn't and will not contain, then there'll be no debate over the problematic things it does contain which can then pass without debate because no fuss was made about them. If nothing else they can claim the bill is now fine because they climbed down over things the internet was arguing about even though those things were never really drafted to be in there in the first place.

      If this did make it into the bill, sure, argue about it, but there's no evidence of anything like this right now, there is however evidence of things that should be argued for that aren't there - like the enforcement of the fundamental principle that police and security services should not be able to access private data without warrant.

  2. The end of on-line banking and shopping by paul_metcalfe · · Score: 5, Insightful

    I guess if I can't encrypt communications between myself and my bank, because the government can't see that I'm not talking about terrorist plans, I should stop on-line banking altogether, and just go back to paper, as it's more secure that way.

    I sure as hell won't be giving any sites my credit card details if I can't encrypt them. No crypto, or easily defeated crypto means that ANYONE, not just the "good guys" can read my traffic.

    --
    Always read at -1, don't let others decide what you should and should not read.
    1. Re:The end of on-line banking and shopping by Anonymous Coward · · Score: 3, Insightful

      Someone ought to let manufacturers and vendors know that people will refuse to buy products shipped with holes in them.

      Considering the number of international partners that the U.K. has in ALEC, it's not the citizens communications that most need to be exposed.

    2. Re:The end of on-line banking and shopping by Anonymous+Brave+Guy · · Score: 2

      The point is that it doesn't matter. Either communications are secure, or they are known to be vulnerable. If they are known to be vulnerable, every trader and financial service on-line is now vulnerable to the resulting lawsuits, every professional identity thief and fraudster is going to have a party with UK citizens' data, and the UK on-line economy will collapse as a result.

      The one thing I find reassuring is that actually going ahead with plans as absurd as the way the Snoopers' Charter is being described would be so catastrophically, obviously, disastrously damaging that even significant parts of Cameron's own party are likely to vote against it and block the legislation. And since he really can't afford that fight so early in the new administration and with such a narrow majority and with other even more controversial issues like Europe in the game as well, I think it will turn out that his carefully crafted comments were just misinterpreted and of course he was never really suggesting something so foolish at all, honest.

      --
      If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
    3. Re:The end of on-line banking and shopping by Anonymous+Brave+Guy · · Score: 2

      I don't know how UK politics works but here in Canada, going against the party line is a good way to get yourself backbenched.

      That depends a lot on the circumstances here.

      The Conservatives have a handful of very high-profile MPs, including at least one former leadership contender, who have consistently stood by their principles on this sort of issue. All of them would almost certainly rebel again this time.

      On top of that, the Conservative government has a wafer-thin majority, and there are plenty of back-benchers who would not be sorry to see the Cabinet members given a bit of a bloody nose at this early stage in the new administration. It would remind them that they can't take the support of hundreds of other MPs for granted just because they had the same colour on the ballot paper last election, and the ethical and practical aspects of this particular issue would give them some cover politically if this was how they chose to make their point.

      --
      If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
  3. Lets turn this around... by Anonymous Coward · · Score: 4, Interesting

    Since governments have historically killed more people than any group (terrorist or not), shouldn't the law be that governments shouldn't be allowed to hide any communications from the people?

    Exposing all the cases where government employees are "feathering their own nests" would be a nice side benefit.

  4. They have no intent to ban Whatsapp and others ... by whoever57 · · Score: 5, Interesting

    They know that a ban on Whatsapp would be immensely unpopular and would make millions of people realize how stupid their drive against encryption is.

    Instead, their intent is to force Whatsapp and others to voluntarily hand over the communications of their users, much like Blackberry (reportedly) agreed to do for countries with regressive regimes.

    --
    The real "Libtards" are the Libertarians!
  5. What about medical records? by currently_awake · · Score: 4, Insightful

    If you are on vacation and you need to visit the hospital, they will likely want to talk with your doctor (in another country, using an incompatible medical records system). How are they going to manage that without violating government rules on transmition of medical records?

  6. Access by MrKaos · · Score: 2, Insightful

    Get an interception warrant. The government has access to enough legal vehicles for dealing with people obstructing justice and it's not as if there isn't a case for encryption already. It is illegal to open mail that is not addressed to you. The difference is that where an envelope reminds the holder to respect another persons privacy, encryption enforces a persons right to privacy.

    Governments are not too happy with things that put peoples rights firmly with the people who own the government in the first place.

    --
    My ism, it's full of beliefs.
  7. Not a Call for Insurrection at all! by Anna+Merikin · · Score: 5, Insightful

    (D)o we want to allow a means of communication between people which we cannot read? My answer to that question is: "No, we must not,"

    Just ten or twenty years ago a sitting politician saying this in a "democracy" and expecting to keep his job would be unthinkable.

    1. Re:Not a Call for Insurrection at all! by Lunix+Nutcase · · Score: 2

      Just ten or twenty years ago a sitting politician saying this in a "democracy" and expecting to keep his job would be unthinkable.

      Oh really? CALEA is 21 years old in the US and yet neither Bill Clinton nor anyone in Congress lost their jobs over it.

  8. What kind of phone does Cameron use? by Anonymous Coward · · Score: 5, Insightful

    In our country, do we want to allow a means of communication between politicians which we the citizens cannot read? My answer to that question is: No, we must not.

    1. Re:What kind of phone does Cameron use? by MacDork · · Score: 3, Insightful

      That's what I would ask him. "No secret messages? Then how do you feel about Manning leaking your secret messages then? And Snowden? You must be in favor of a full pardon for those guys, yes? How do you plan to explain the shutdown and/or hacking of every Internet web server in your entire country, because you've outlawed SSH? Also, were you born with brain damage or did you acquire that at some later point in life?" :)

  9. Call it what it is by whoever57 · · Score: 3, Insightful

    What the government want is the "Great Firewall of the UK". That's what we should call it, instead of the "Snooper's Charter".

    --
    The real "Libtards" are the Libertarians!
  10. Re:Wow by amiga3D · · Score: 2

    The reason people with a clue don't use this kind of method is that it's inefficient. Instead of collecting everything and sifting through it they concentrate on potential problems. That way they can intercept threats before they cause damage. With mass collection of everything they can't possibly know what they're looking for until after an event. Once damage has been done they go to their database and find what happened. Great for forensics but shitty for protection.