Slashdot Mirror
UK Government dropping Key Escrow?
Crazyscot writes "The UK Department of Trade and Industry have released a consultation paper suggesting they are willing to drop their proposals for key escrow. However, the BBC coverage of the story
warns that if no alternative is found within three weeks, the escrow proposals may be revived.
" I think a great alternative would be giving it to Rob and I. Yeah.
That's "Anonymous" with two 'n's, not three.
Thanks.
:)
Nick
-- "It's a sad day for American capitalism when a man can't fly a midget on a kite over Central Park" - Jim Moran
Exactly. Unfortunately, the subjunctive is rather
difficult to detect in English. I like it's more
explicit formations in Spanish, German, etc...
All the super strong crypto in the world won't protect you if a camera is watching over your shoulder recording every keystroke.
Key escrow is a law enforcement fantasy. The nature of the fantasy is, "We'll be able to flip a switch and listen in on anyone in the world!" Quite aside from the Orwellian aspects of this worldview, it simply won't work because the criminals (surprise!) don't play by the rules.
Criminals will continue using strong encryption as before, because the cat is out of the bag. If you outlaw encryption that you can't crack, they'll just start using stegonography, hiding their illegal information inside pictures or even english text (base 4096 English translator, anyone?).
I don't mind if the government reads my email, but only if they delete all the spam while they are at it!
Think of it as a value added service.
Steve
That's precisely what happened.
Um, since the response was overwhelmingly positive (which came as a really profound, mindblowing shock, especially on Slashdot of all places) you're making a funny, right?
and what is that supposed to mean?
so essentially they're dropping a system whereby the government could listen in in favor of finding a different system whereby the government could listen in.
right. whatever. it all comes out to the same thing in the end, anyway..
I agree. I think the infinitive splitting rule is as stupid as the "Don't end a sentence with a preposition" rule. As that swell fellow Winston Churchill said, "This is a rule up with which I will not put!"
I've been using the international version of PGP for years. Yet, I've never been to the United States. Does this tell you anything about how effective banning cryptography/making key escrow compulsory, would be?
Criminals won't need to resort to stenography or anything else - they'll just use whatever the fuck they like. And if they haven't got the technical know-how, they'll hire some wannabe hacker kiddies to do it for them. And if you think that's fantasy, think again - it's already happening.
Personally, I laugh in the face of any government, British, American or anything else, which tries to deny me the right or the ability to do whatever the fuck I like when it comes to computers.
Dodge
Dont be a dumbA55. WHO CARES! He got his point accross. Or do you not have more things to worry about? Tell us!
I should point out that it's its rather than it's. It's only it's when it's short for it is. Its form should be its when its meaning is belonging to it. It's its own worst enemy, grammar.
The rule isn't at all logical, but I hope that my explanation (it's its clarity I'm proud of) clears things up for you.
Better stop there before I get carried away.
chris
I hear you, brother. I really hear you. If it were Mick Jagger I could accept it as being in character, but S&G are supposed to be literate, right?
But it would be imperative that you be proficient in its usage...
:-)
-- "It's a sad day for American capitalism when a man can't fly a midget on a kite over Central Park" - Jim Moran
Then you just hide your encrypted data in non-encypted date. Like every 1017th byte of the 48MB star wars prequel mpeg...
You can read it for yourself: http://www.dti.gov.uk/cii/elec/elec_co m.html
--
Xenu loves you!
This is just plain wrong. It's also idiotic. The criminals won't play by the rules, and they'd have a very nice target to shoot at, this lovely warehouse of all these keys...
sed -e 's/international/US//'
Okay, so it's Friday afternoon and I've been drinking beer and Red Bull w/ vodka...
Sue me.
D.
It's an invasion of privacy, plain and simple. It doesn't matter whether I'm encrypting or compressing 48 megs of plans to assasinate the President or goat porn, if I don't want you to see it, you should be able to make me.
Oh, and becuase I know that big bro is watching, here are some more flag words for the government spiders to catch:
bomb, terrorist, assasination, spy, encryption, communist, socialist, facist, nazi, etc..etc..etc
-davek
6th Street Radio @ddombrowsky
Don't let the illiterate "embrace and extend" English.
That's precisely what happened.
If you live in the UK you can do something about these ridiculously boneheaded proposals (`duh, if we can't think of anything we'll, er, um, we'll just take the stupidest option...') -- register at stand.org.uk and prepare to lobby your MP. If it's good enough for Alan Cox surely it's good enough for you?
--
W.A.S.T.E.
W.A.S.T.E.
Yes I'm shouting. People don't notice after loads of comments otherwise :-)
/those/ days.
We all remember
Let's daub the web black again. Not against UK Escrow, not against US Escrow. But to remind people not to forget our privacy - that the legislative threats continue.
Maybe FSF and EFF could get together on this one, so that free software got a bit of publicity in the bargain.
Or maybe someone else has an idea.
It is the police and customs that want key escrow, not GCHQ. If GCHQ want your private key, they just send the g-men round to take it off your hard drive- either physically or electronically.
Put it this way, if GCHQ wanted your private key, a) they wouldn't need a law to be passed to do get it and b) you'd never know.
Remember, you don't need A-levels or a degree to join the police, but you do to join GCHQ.
Living near Cheltenham I hear this *so* often from people who work at GCHQ. They're tired of being represented as wanting key escrow. It's crap. They have enough Men In Black, enough survellience kit and enough processing power to hack *anything*. Police and customs are the fuckwits.
The best way to crack a secret code is to be there at the time and place of encryption/decryption, not to intercept it half way through. Jeez, get a life, amateurs...
Andrew Oakley - www.aoakley.com
Believe it or not, that's the way it is. Think of it like this:
"They should give it to me"
vs.
"They should give it to I"
When you add Rob, it stays the same otherwise.
Stand is a good thing, and (thus far) my participation has placed no severe demands on my time. I urge UK readers to join it.
http://www.stand.org.uk/
Chris
Law enforcement always wants more authority for intrusion into individuals' lives and will always argue that this is the only way of protecting us against universal evil. Reminds me of an episode in Russia a couple of years ago, when the Ministry of Internal Affairs tried to push a bill that would allow any policemen to enter any premises anytime and confiscate anything he/she might think is related to criminal activity. I hoped that the West is allowing more freedom :(
-- hopeless in Russia
== I use Linux because reboots are for hardware upgrades. You use Windoze because guy on tv told you to.
Great idea :-) And let's up the number of bits while we're at it... Hopefully they'd accept electronic submissions, in which case we'd just write a small program to sequentially register all possible key combinations :-) Bet they'd get severe bandwidth problems really fast...
what a groovy post.
the ones who think they know grammar will flame you because they'll think you're wrong.
the ones who think they don't know grammar will flame you because they'll think you're right.
everybody else will flame you because they think posting about grammar is stupid.
brilliant.
if you notice the top-level responses, there seems to be one of each kind.
While I'd like to question your prerequisites (buying an island and proclaiming it independent), there is a lot to be done about alternative law.
In a hypothetical world (say, a computer game), you can establish any laws you like and try them out theoretically. Want to legalize murder? Try it out in cyberspace where nobody is actually hurt. Does law enforcement regularly intervene in theatre plays to catch people playing thiefs and hooligans? Hardly.
In the same fashion, you can establish fictious laws about information processing, transfer some information from the real world into cyberspace, process it according to the laws in the game, and transfer the result back out into the real world. Now, who could claim a crime has been committed?
All you need is software and a little imagination. No islands.
Does anyone have any good techniques for recognizing encrypted data? I've done a little bit of poking, and it seems to me that there's no reliable way to distinguish between encrypted and compressed data. However, I have hope that their might be some theorem that any compressed data must carry a certain amount of redundancy to be uncompressed -- like enough information to initialize the dictionary, etc.
My
Use the idle cycles of all government computers to crack everyone's encryption by using a "distributed" client or something. Then the criminals won't be able to opt out by ignoring the law like they already are.
Or just rely on traditional intelligence, which seems to work well enough most of the time.
Obviously they'll charge you for key submissions, to cover the cost of providing this useful feature to their 'customers'.
I'm sorry, I hate split infinitives.
They may be proper, but I still consider them poor form.
"That is a rule with which I shall not put up" is the proper form of Churchill's basterdization, and not what he proposes. Though it is amazing how prevelant split infinitives and ending sentences with prepositions has become.
In Liberty, Rene
I want to know who these criminals are so dangerous that it is worth implementing an extremely expensive key recovery system, but too stupid to get around the law by using stenography, or spoofing an account and using strong crypto anyway, or any of a number of other obvious ways around these silly laws.
As if that would be possible. The bad guys would just increase their key length until it would be impractical, and make subtle changes to the algorithms used, so the government would spend ages trying to figure out how it was modified.
This is supposed to be ironic, isn't it?
Yeah. I like that last quote. Good for a sig as well.
In a report yesterday on a leak of today's offical report, I saw something about instead requiring ISPs to log all traffic, keeping everything for a week (that could be terabytes of data), and also alert the government if they detect encrypted traffic. Is there any news of that, or was that part of what was rejected?
I hope I was just misreading it.
Thanks!
/. folk know that there is much more to it than that, and they know that it is important to code (markup..) neatly and correctly.
Grammar posts only work if they are high up on the list. Grammar posts are also very important.
I hear people complaining that HTML is being degraded by things like MS Frontpage, and they get all upset about it. MS people foolishly say "But hey, it shows up OK in the browser, so who cares if it is correct". Wise
The same is true of the English language. Yes, if you are ungrammatical, 99.8% of the time everyone will know what you mean. But bit by bit, the more subtle forms of expression degrade and become unuseable because people aren't used to parsing them. Slowly, English becomes less useful.
The good news is that new grammatical structures can and do get created to replace the degrading ones. However, that's not an _excuse_ to be lax about grammer. If you don't like subjunctives don't use them - but check to see if you have something better to replace them with...
-----
It's true.
Don't let Microsoft "embrace and extend" HTML/open standards... :-)
This is not really a grammar rule.
Who the flup are these criminals who transmit 'top secret criminal data' via the internet and make sure everything is zillion bit encrypted?
I just don't see it being a major problem. If criminals do have electronic data to transmit, just offer some down and outs some cash to swallow condom covered bits...
I can spell! I might develop Internet systems daytime (and night of course) but my degree is in English.
Yeah. That's why I dig that vibe.
I've been watching the RC5-64 project at www.distributed.net for quite a while. I wonder what the Feds would do if we ALL sent in every possible key that we might use for the key bank? Gee, I've got 68,719,476,736 keys I would like to register with you. I think it might, infact, get the point across that even if you had the keys, if people want something private they'd just use a diffrent key. This seems to be an inverse of the refund day - we can have a key submission day. I imagine we'd get more press.
To go boldly where no man has gone before... J
Geez, that is combo I will have to try Saturday night. How is the drunk?
Being as they are a government agency, someone has already paid or will pay for it no matter what. The point is to flood them with keys so its grossly impracticle to keep the keys... If it costs me $20 to make a point about my or your privicy - as vague as that concept is at this point, I'm willing to do it. 'Cides this is the UK Government - I'll send them keys from the US and they can bill me. *chuckle*
As much as the spice girls?
I'd use it any way I damn well please, thank you very much.
:)
hey, some of us who read slashdot were english teachers in their previous lives.
That's the sort of thing they'll be looking for.
Yes, they're fuckwits.
And yeah, it'll be REAL practical to log weeks' worth of traffic when cable modems start hitting the UK 3-5 years from now. The storage overhead'll be in the petabyte range.
...I wish I were"
This song grates on my ears every time I hear it.
You sound like one of the Microsoft fans at work asking why the hell I use Linux. "Windows works fine for me!" And I say to them, as to you: Okay. That's cool. It's a free country, and you're not required to give a shit about doing things the way that I believe to be "right".
Some people care about OS's; some people care about language; I happen to care about both.
Three weeks to show an alternative? That's not exactly a lot. Her Majesty's Government has been thinking and stumbling and pondering about this plan for about five years now. This is obviously a half hearted attempt to pacify some of the media. In three weeks' time nothing deemed viable will have been submitted and hey key escrow goes ahead. But we'll have had our chance.
Odd that policy has changed due to "industrial concerns" about the "electronic commerce", ie the economy, not due to problems with the individual who presumably doesn't mind telling everyone he knows just how often he picks his nose. Those that do object to this, must be emailing their partners in crime details of the next shipment of high-explosive cocaine. Otherwise they wouldn't have anything to hide, would they? We're not all like that.
Even the moderate anarchist would have a hard time because he has encrypted his email. Let's suppose he was caught alledgedly shoplifting an easter egg - police would investigate and discover that he's been encrypting emails. This gets mentioned in court as proof of his bad character and he goes to prison for twenty years.
I don't particularly care what sort of solution industry finds for itself. I just want to go about my business of being a pinko-hippie liberal communist/generic anarchist and bring down the evil institutions of Microsoft and capitalism without being spied upon by HM goverment and Sainsbury's for the so-called benefit of my more conventional neighbours.
The best way to confuse spies is to flood them with useless information - yes that's right, send your dog an email every five minutes, put in some naughty words there like sex, drugs and rock'n'roll and watch their automators go beserk. Of course the real message would be in World War I type code: "Send three n fourpence, we're going for a dance" might really mean "Send reinforcements - we're going to advance"
Damn all this makes me want to buy a small(er) island, proclaim it as a my own nation and make everything legal that's fun and everything fun that's legal. Anyone join me?
---
To learn more about paranoids, just follow them around.
Hahahahahaaaaaa...