Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tech Firms Seek To Frustrate Internet History Log Law (bbc.com)

Posted by msmash on from the complicated-things dept.

Plans to keep a record of UK citizens' online activities face a challenge from tech firms seeking to offer ways to hide people's browser histories. Internet providers will soon be required to record which services their customers' devices connect to -- including websites and messaging apps. From a report on BBC: The Home Office says it will help combat terrorism, but critics have described it as a "snoopers' charter". Critics of the law have said hackers could get access to the records. "It only takes one bad actor to go in there and get the entire database," said James Blessing, chairman of the Internet Service Providers' Association (Ispa), which represents BT, Sky, Virgin Media, TalkTalk and others. "You can try every conceivable thing in the entire world to [protect it] but somebody will still outsmart you. "Mistakes will happen. It's a question of when. Hopefully it's in tens or maybe a hundred years. But it might be next week."

11 of 85 comments (clear)

  1. Go ahead by Anonymous Coward · · Score: 2, Insightful

    Anybody with half a brain is using VPNs anyway. Go right ahead and inspect all my activity, you will only see me connecting to random servers all around the world exchanging what seems to be random noise. The only people who will be hit negatively by this are facebook-using idiots and other related scum, we've never needed them on our internet anyway. Let them suffer, they don't know how to use it anyway.

    1. Re:Go ahead by Anonymous Coward · · Score: 4, Interesting

      What will happen is eventually, the UK will do two things:

      1: Do like Pakistan and make VPNs illegal, with a long sentence for using one. This is already in place. A judge can ask someone repeatedly for a password, even an ephremeral SSL session key, and for every "no" answer, the defendant gets 4 years.

      2: Do like China and block/interfere with VPN traffic. This is more subtle and easily done, with the blame lying with ISPs.

    2. Re:Go ahead by JustAnotherOldGuy · · Score: 4, Funny

      . . . you will only see me connecting to random servers all around the world exchanging what seems to be random noise.

      Oh yeah, that's not suspicious at all. No sireee, not one bit.

      "Sir, he's connecting to random servers all around the world exchanging what seems to be random noise."

      "Well that seems totally innocent to me. Everyone connects to random servers all around the world and exchanges random noise."

      --
      Just cruising through this digital world at 33 1/3 rpm...
    3. Re:Go ahead by AmiMoJo · · Score: 5, Insightful

      I expect they will try the rubber hose method first. Not literally of course, they will pick someone who uses a VPN, take their equipment away for forensic investigation and maybe throw in some child porn charges for good measure. Make their lives a misery for a few years, then eventually return their equipment wiped and broken.

      It will have to be someone who is innocent, so that people get the message that innocence is no defence if you use a VPN. You will be investigated and your life wrecked, name and face in the newspapers, unemployable and unable to afford legal council.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    4. Re:Go ahead by NotAPK · · Score: 4, Insightful

      And if any of these become legislation in the UK then good luck being competitive economically with the rest of the world. If the UK does follow through on Brexit, and pushes ahead with these ridiculous anti-privacy laws, then the economy will definitely suffer for it in the longer term.

      How do these snooping policies apply to businesses?

      If they make no distinction, then businesses will not tolerate it. Those that can will relocate. Those that can't will suffer for it.

      If they do not apply to businesses, then the workaround is for private individuals to route all their traffic through the workplace, if they have access, or VPS's commissioned as "business grade" services.

      I live in the UK and think this all sucks pretty bad. Time to leave.

    5. Re:Go ahead by fuzzywig · · Score: 3, Interesting

      The government could try banning VPNs, and it would work for about five minutes before practically every company in the UK calls up their MP to point out that VPNs are an essential part of their business. Closely followed by the civil service, the military and the NHS.

    6. Re:Go ahead by Jahta · · Score: 5, Informative

      I expect they will try the rubber hose method first. Not literally of course, they will pick someone who uses a VPN, take their equipment away for forensic investigation and maybe throw in some child porn charges for good measure. Make their lives a misery for a few years, then eventually return their equipment wiped and broken.

      It will have to be someone who is innocent, so that people get the message that innocence is no defence if you use a VPN. You will be investigated and your life wrecked, name and face in the newspapers, unemployable and unable to afford legal council.

      Unlike many other countries, the UK has no written constitution (despite periodic hand-waving about "Magna Carta"). The UK parliament can basically enact any laws they want. In the past, UK citizens could take a case to the European Court on the basis that a particular law contravened the European Convention on Human Rights. However leading Brexiteers, and even the current Prime Minister Theresa May (a notional Remainer), have made it clear that they want to plug that "loophole".

      Makes you proud.

  2. Hackers by Anonymous Coward · · Score: 2, Insightful

    > Critics of the law have said hackers could get access to the records.

    While well-intentioned, this is the totally wrong way to go about it. It's a technical argument to a problem which is political.

    The point is, that in a modern state of Law, law enforcement has *no fucking business* in mass-surveilling people without a probable cause. And just because technology makes that possible these days, still: *no fucking business*

    (And if you are really to discuss technical dangers, the real elephant in the room is: what happens if your state slides into some totalitarian mess? Unrealistic, you say? Watch closely what's happening in Turkey. Watch how easily "state of exception" is implemented in e.g. France because of "terrorists". The "hacker" scenario is really lame).

    1. Re:Hackers by AmiMoJo · · Score: 2

      It's not just law enforcement that will have access to this data. Trading Standards and various other organizations will too. Snooping through someone's emails is a great way to see if they were selling dodgy microwave ovens, much easier than having to actually physically examine one.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  3. Re:this is a uk goverment plan by Joce640k · · Score: 3, Interesting

    "The Home Office says it will help combat terrorism"

    So would a video camera in every room of every house, but there's a reason we don't do that.

    --
    No sig today...
  4. A better way to tackle terrorism by DrXym · · Score: 3, Insightful
    Hack the sites these jihadi fuckwits gather on or set up lots of honeypot sites for that purpose. Stir liberally with agent provocateurs. Then use the ip addresses, user ids and text gathered to profile what hours they're active, who they interact with, what they're up to, what their interests are, where they most likely live and ultimately who they are. Then serve the ISP with a court order and conduct more conventional surveillance.

    Or gather all the ip interactions for the 99.99999% of non terrorist related activity and get swamped with noise.