Slashdot Mirror

← Back to Stories (view on slashdot.org)

Internet Firms To Be Banned From Offering Unbreakable Encryption Under New UK Laws (telegraph.co.uk)

Posted by samzenpus on from the let-us-in dept.

Retron writes: Despite statements from the minister for internet safety and security Baroness Shields last week that the UK government would not require software developers to build backdoors into their products, the Telegraph is reporting that the UK Government is going to ban companies from offering 'unbreakable' encryption, effectively requiring a backdoor in products from the likes of Google and Apple. The reasons given are that they don't want the likes of terrorists and paedophiles to communicate in places the Police can't reach. A Home Office spokesman said: “The Government is clear we need to find a way to work with industry as technology develops to ensure that, with clear oversight and a robust legal framework, the police and intelligence agencies can access the content of communications of terrorists and criminals in order to resolve police investigations and prevent criminal acts."

15 of 418 comments (clear)

  1. Who will oversee this? by houghi · · Score: 4, Insightful

    I am sure the ones to oversee this is the Ministry of Truth.

    --
    Don't fight for your country, if your country does not fight for you.
  2. Tools of oppression by Anonymous Coward · · Score: 5, Insightful

    Replace "terrorists, paedophiles and criminals" with "people" and you get what this is really about: People must not be allowed a “safe space” online. Nobody wants that, except the rich elite in their mad power grab towards global tyranny.

  3. Bullshit by Anonymous Coward · · Score: 5, Insightful

    Everyone should be aware that the majority of paedophile rings that have been busted were found to be passing material amongst themselves by sending encrypted DVDs (and originally VHS tapes and photographs etc.) using services such as USPS/Royal Mail signed for etc. Physical mail can't be interfered with without a court order, is secure, cheap and reliable. I would imagine terrorists do much the same.

    This is plain and simply the gubberment desperately trying to keep all windows of the Panopticon open. Clueless old 19th century minds trying to legislate against the future and maintain their failed baboon style pyramid hierarchy.

    It will be a total failure.

  4. Insecure WiFi for everyone! by UberVegeta · · Score: 5, Insightful

    There was a Slashdot poll a few years ago, asking the question "What percentage of your traffic is encrypted?"

    The answer that stuck in my mind was from a guy who said, "all of it. My WiFi has WPA2."

    --
    I knew I needed to stop reading Slashdot and finish my PhD when I started to miss articles by Bennett Haselton.
  5. No unbreakable Encryption by Anonymous Coward · · Score: 5, Insightful

    So basically, no encryption at all, since if it's breakable by one person it's breakable by anyone.

  6. How little they understand by Anonymous Coward · · Score: 5, Insightful

    Encryption is only one way mathematical difficulty can be harnessed. There are others. Encryption is great for making large amounts of data unreadable in a way which is independent of the data. But procedures can be learned by rote, and executed in a human brain before deciding whether and how to interact with a machine. By compromising encryption, the government will stimulate criminals to both probe the detection network with false information, and to develop methods of using whatever legal encrypted communication exists so that messages go unnoticed. If two people agree a convention, such as using two spaces rather than one in a tweet, padding a 130 char tweet to 140, and have a mentally computable way of indicating whether the content has special meaning, and a dictionary of codewords, we are back where we were before the second world war, with cryptic crossword techniques being used. One shot conventions [ consider if I say that when I send messages on Twitter if you append 'FluffyBunny', md5sum the result, and then treat specially if the first three hex digits are 3f4, whilst trivially breakable if you know the scheme, and who will transmit with it, if you don't, brute force will swamp you with false positives, and what if this convention is only used once between people ]. Just as antibiotic use has bred superbugs, this action by the UK government has the potential to set off an evolutionary arms race, where many terrorists will be caught, but those who are not will have by chance have developed means of secrecy beyond the security services. Passing laws declaring the existence of unicorns, or banning gravity from acting, are foolish. We have, in digital technology, an enviroment which we as humans must adapt to, not try to adapt it to us. Laws like this do the latter, but such attempts will eventually succumb to the problems of computational inefficiency.

  7. Re:So, no one time pad by AHuxley · · Score: 3, Insightful

    Ban entering or exiting the UK with paper, pens, maths books with crypto chapters on one time pads and big books.
    Any holiday or sabbaticals could be cover for a face to face meeting to set up a one time pad system with near unlimited key material.
    Years of messages could get total privacy after just one rendezvous.

    --
    Domestic spying is now "Benign Information Gathering"
  8. Pathetic Government by Going_Digital · · Score: 3, Insightful

    The British government is filled with luddites. So those of us who have legitimate use for encryption have to put up with insecure tools while terrorists just use some software they get from their terrorist friends. Clueless government.

    1. Re:Pathetic Government by AmiMoJo · · Score: 4, Insightful

      Everyone has a legitimate use for encryption. Everyone has a right to privacy. It's a human right. The ECHR says so, and the UK wrote most of it.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  9. Terrorists and paedophiles by Flavianoep · · Score: 3, Insightful

    Why do no politician even think that a backdoor may be used by a terrorist or a paedophile? A paedophile may take advantage of any vulnerability on an underage person's connected device, and those politicians want to ensure there be at least one? The same can be said about a terrorist getting info about British nationals which may pose threats their security and to the country's as well. Criminals use backdoors too.

    --
    Linux is for people who don't mind RTFM.
  10. Re:Sigh by monkeyzoo · · Score: 4, Insightful

    A Home Office spokesman said: “The Government is clear we need to find a way to work with industry as technology develops to ensure that, with clear oversight and a robust legal framework, the police and intelligence agencies can access the content of communications of terrorists and criminals in order to resolve police investigations and prevent criminal acts."

    And the result will actually ensure that,... with clear oversight and a robust legal framework, the terrorists and criminals can access the content of communications of police and intelligence agencies in order to obstruct police investigations and commit criminal acts."

    Lame, technologically ignorant legislators writing laws about technology and security are going to become a real scourge!

  11. Re:Sigh by Jason+Levine · · Score: 3, Insightful

    Don't worry. They'll just make it against the law for any hackers to take advantage of the police back doors thus solving the problem forever.

    "But..."

    FOREVER!!!!

    --
    My sci-fi novel, Ghost Thief, is now available from Amazon.com.
  12. Re:Sigh by Jason+Levine · · Score: 3, Insightful

    I actually like this argument. Sort of turns the "copyright is still a limited time even if it's 120 years long" argument on its head. If waiting 20 years to crack a phone's encryption makes the encryption "unbreakable" then why is a 120 year long copyright "limited"?

    --
    My sci-fi novel, Ghost Thief, is now available from Amazon.com.
  13. Capitalist indoctrination makes them blind by johanw · · Score: 4, Insightful

    They mention only companies, assuming power over them if they sell products in the UK. The capitalist status quo. So open source software or free software developed outside the UK can just ignore that law. Blocking services might be an option (Signal / TextSecure) or not (SMSSecure, pgp/GnuPG).

  14. Re:Sigh by Anonymous Coward · · Score: 2, Insightful

    And don't think for a second that this is about terrorists and paedophiles. There are enough crypto products for them to choose from already.

    It is relatively trivial to write and share unbreakable crypto with pre-shared one time keys/pads which are generated by good random generators. Key/pad distribution is difficult, but if we are talking about small groups of people then in-person key/pad exchange is realistic, so you can establish networks of people with essentially unbreakable 2-way encryption.

    Anyone with even the slightest awareness of crypto would know that.

    Also it is trivial to write and share unbreakable crypto that masquerades as people transferring a bunch of selfies to one another, so the arguments about making it easier to spot the terrorists because only they will be using crypto are false.

    Anyone sufficiently motivated and of above average intelligence can and will use unbreakable crypto to avoid discovery.

    Becoming reliant on monitoring of communications to generate investigatory leads will keep the police in steady supply of hapless would-be criminals which looks great on paper, but when it comes to the real insidious threats it is going to take real investigations following the evidence and not just trolling online communications.

    I think the greatest concern here is that the police, intelligence services, their bosses and the public get lulled into a false sense that they are effective because the real criminals and real terrorists are throwing easy wins their way as a means of diversion and distraction.