Honestly, it sounds kind of relaxing. Good excuse to get some sunshine.
On a more serious note, I can't help but think David Cameron is employing the technique of attempting something extreme so that he can do something less extreme (but still really bad) later with less oversight. Of course you can't ban strong encryption. His advisers know that, he knows that, _everyone_ knows that.
It will be very interesting to see what actually gets put (or attempted to be put) into law. Right now it's just a whole lot of unrealistic noise.
Yeah I was going to have that as an example in my comment, but even then that seems unrealistic to me. Why wouldn't the big tech companies simply not do that? The UK needs them more than they need the UK, and if you took away the country's access to Facebook for more than an hour you'd have a riot on your hands.
Facebook (et al) already hand over user data to UK and other authorities. There is no need for any MITM certificate and even if there was, these companies would just do it since it makes it easier for them to say to authorities they already have the key to read it without involving Facebook - instant plausible deniability for Facebook to say we don't hand over info to authorities and full access for Governments everywhere.
I'd assume they'd go along with government policy, like they have done in e.g. China. And the government proposed taking down twitter and BBM during the London riots a few years ago.
I'm not so sure. It only takes one browser vendor with a significant interest in the UK (Google would be a good candidate, given that advertisers are very sensitive to legislation) to make the whole exercise useless.
Do you honestly think that could happen? How? Who would co-operate? Which OS or browser vendor would knowingly distribute such a certificate? Not even Microsoft or Apple would co-operate, let alone Mozilla or the Linux distros...
And it's not as if they can do it secretly. If they suddenly started to MITM all TLS traffic in the country by replacing the certs with certs signed by the national root, it would get noticed within minutes, if not seconds. And God only knows how much stuff it would break. And on top of that, they don't even have the capability...
There is 0% chance they would attempt such a thing. And 100% chance that such a thing would fail immediately and fail badly. I don't know why people think there is even a slight risk of them trying such a thing. There isn't.
Who can resist a sufficiently determined state that still enjoys popular support? All he has to do is engineer the support for "security" over the long term.
When resistance is so damn easy, and capitulation so self-destructive, who would co-operate? You could not force a Linux distro or Mozilla to distribute that cert. It could not be done.
[edit] https works based on trust. We trust the browsers and OS vendors to at least try to prevent the CAs from abusing their power. As soon as it becomes obvious that the OS and browser vendors are now letting state actors compromise all traffic, then https is dead in the water and something else will come along. Nobody is going to risk that happening. It would cost too many rich people too much money.
That's very well thought-out. The tinfoiler in me wonders if that's true, though, and if there aren't subtler avenues for circumvention that still target this trust-based system, especially via social engineering.
I had little interest in security before Snowden, so admittedly, I need to lurk moar and keep learning. Thanks for offering another argument I can try to fit against new facts I encounter and helping me continue that process.
S. Korea has a block cipher that no other country uses. Almost all S. Korean internet users install a plugin which allows them to browse the S. Korean internet since all S. Korean internet businesses must use that cipher. The UK could require that all companies that wish to do business in the UK must use the UK's CA. This would incentivize users to install the CA and incentivize vendors to pre-install it.
And S. Korea is the only Korean speak country on the internet. The UK is not the only English speak country. Many people will simply ignore UK sites and just use US ones.
What's to stop companies from additionally encrypting their channels end to end while passing through the backbone? They can decrypt the backbone all they want.
It's pretty clear that the UK government doesn't have the power to ban encryption. This is just a distraction so that we are happy to accept whatever "less bad" proposals they come up with to increase their surveillance powers. I can't help but feel that peoples dislike of Cameron is a pointless distraction too. This is not Cameron. This is government. We will still be having this same discussion in 50 years, unless some miracle technical advancement makes it moot.
I think the sane thing to do is assume they are going to ask for legislation to force large companies that do online communication (facebook, whatsapp, twitter, apple, etc) to keep their system potentially and practically back door capable. That is something that would be possible to implement. It is also something with a historical precedent (look into how they responded to the BBM situation after the London riots).
If we don't want that to happen then the smart thing to do would be act as if that is what they are proposing.
If they propose something even worse it isn't like it will have been wasted effort.
It's not really the elected government, it's the security services asking for an expanded remit and being granted one by uncritical politicians and an apathetic media.
Who are the security services employed by? I certainly wouldn't call them private industry!
Did you mean to say it's not elected government officials? Just curious, because I definitely consider a country's intelligence apparatus to be completely and wholly part of its "government", and would be surprised to find someone who didn't.
'The government' refers to something different in the US than in (most of?) Europe.
My American friends were mightily amused and amazed when Belgium spent >500 days without government a couple of years ago, but of course they were interpreting the word in a much more encompassing way than it is done in Belgium. 'The goverment' is really just a couple of dozen people (with perhaps a couple of dozen assistants each).
In France, government only refers to the ministers. Prime minister is chief of the government, meaning only the other ministers. But the president is the "chef d'état", (chief of state), and I guess what you call government, we call it "the state". So, for a French citizen at least, a country's intelligence is not part of the government but part of "the state".
But a Country's intelligence apparatus doesn't 'govern'. I'm not trying to be deliberately argumentative but it seems to me that there is a clear and obvious distinction between a government and the organisations tasked by it to provide intelligence.
The security services have a large amount of operational discretion and privileged access to ministers. They have the ability to present secret "evidence" which cannot be publicly challenged.
Let's not forget that the CIA effectively ran the governments of several Latin American countries, and in the UK Northern Ireland was effectively governed by the police Special Branch.
I'm actually reading the book Brothers by David Talbot right now. It covers the relationship between John and Bobby Kennedy and includes a pretty good section about how in the 50s the Dulles brothers basically dictated foreign policy. There was a lot of friction when JFK came into office because, especially after the Bay of Pigs, he didn't let them get away with things.
The book does veer somewhat into unfounded conspiracy territory, but I think it's an interesting read so far and the author doesn't come across as crazy so much as skeptical.
> There was a lot of friction when JFK came into office because, especially after the Bay of Pigs, he didn't let them get away with things.
And there is the essence of why we want transparency, oversight, restricted privacy etc. I generally feel that if everything the security services did was publically available (at least on level with civilian police) there would be a lot of friction but they would get immersurably better.
I don't see why gorgak's comment got flagged unto death. The Dulles brothers caused the term "banana republic" to be coined by O. Henry because the US government was toppling governments and killing large numbers of people on behalf of United Fruit. It is also generally accepted that the Communism scare they put up was bunk.
The politicians decide what to fund. The police and border forces want more funding but are forced to make endless cuts. I guess spying is something they can ask for that is relatively cheap compared to traditional police work.
There won't be a ban, it will be licensed. Big companies like banks etc will get their licence right away, so your secure banking will be fine. Routers will still have wifi encryption because they'll have a licence.
The licence will be implemented as a fee for a digital certificate that properly authenticates.
So, you're a small startup with an idea for a secure messaging app. want a licence. no problem, its £10M. have you got the money handy?
So, now you can MITM anyone who doesn't carry out any nefarious communication, while anyone who do still happily encrypts their data, possibly with minimal steps taken to conceal what they're doing.
Suggestions like banning strong encryption is a form of ritual abuse. It is meant to get the public used to the idea of pervasive surveillance. That pervasive surveillance will be carried out through a continuation of what existed before the Snowden revelations, which was a successful Straussian confection of fake freedom, carefully managed.
Happily looking forward to being rick-rolled, I click the YouTube link. It fails, telling me the German content mafia doesn't allow YouTube to display the video due to licensing issues.
As far as I remember (and I may be wrong), the specific quote from David Cameron was about banning encryption that can't be backdoored, so that the government can look at things if they need to.
Obviously I'm completely against that, because once there's a backdoor, it's all too easy to collect by default, instead of only when "needed".
With this clarification though, lots of this tech would still work. Most things based on TLS will continue to work, if every computer has to have a government CA certificate installed to allow MITMs. Hopefully HTTP Public Key Pinning will become more prevalent if this looks likely to happen.
> Most things based on TLS will continue to work, if every computer has to have a government CA certificate installed to allow MITMs.
And the following day, there will ba a Chrome+Firefox extension that highlights when the government CA certificate has been used - so that you know EXACTLY when you are MITMd. Isn't it good?
Would probably look more like auto deny with user override if they choose, with a setting to white list the domain. User should have to opt into their connection being MITMd.
A government CA wouldn't give them anything they want, let alone anything they don't already have. Even if we're naive enough to assume GCHQ don't already have the private keys of half a dozen root CAs, owning a CA just doesn't enable cheap, post-facto, mass surveillance.
> Most things based on TLS will continue to work, if every computer has to have a government CA certificate installed to allow MITMs. Hopefully HTTP Public Key Pinning will become more prevalent if this looks likely to happen.
HPKP is bypassed for locally-installed CA certificates (if you don't want that, set security.cert_pinning.enforcement_level to 2 on Firefox).
Except Cameron wants to backdoor end-to-end encryption like iMessage/Whatsapp, rather than mess with something like SSL. With SSL they can just get a warrant (or you know, don't get a warrant) and look at the server, where everything is in plain text.
One possible way to backdoor it might be mandate that companies keep copies of the encrypted messages, tagged with a device ID. Then to decrypt you need to get the person's phone, which is a clearer analogy to getting a warrant to search someone's house to look for things they have stashed.
I would be very surprised if Apple and Facebook (and Google, with GMail, GTalk, Hangouts, etc) didn't use this golden opportunity to swing their weight about and assert who's really in charge of technology around here, by simply wholesale blocking use of all their communication tools in the UK to comply with the law.
I have a feeling that if they did this, the uproar would be sufficient to have the law reversed by emergency measures.
If they were followed, as they may well be, by a whole host of other essential internet services (Google Search, Wikipedia, Github, etc etc etc) just switching off simultaneously in the UK on the day the law comes into force, that might be sufficient to ensure this sort of dumb shit is never done again. The cost of billions of pounds of lost productivity would probably ensure that.
Quite seriously, if there was any collusion between companies which had operations on UK soil, I'd imagine this could be seen as cartel-like behavior and grounds for legal action within the UK.
Of course, if only the UK was part of the Trans-Pacific Partnership... then Google and Github might be able to take the UK government to private court to protest the law in the first place, and sue for lost profits... wait... what...
Legal action for... refusing to serve the UK market? I don't think any corporation can be forced to provide a service in a country that they decide to withdraw from... can they?
Yes. The person doing the punishing is the one idiot. He's able to get away with it because the 64 million don't understand that he's an idiot. Concerted actions by a good cross-section of large tech companies would be sufficient to bring this fact to the attention of the 64 million.
Temporary, short-term downside to cure a semi-permanent problem seems reasonable.
> One possible way to backdoor it might be mandate that companies keep copies of the encrypted messages, tagged with a device ID. Then to decrypt you need to get the person's phone, which is a clearer analogy to getting a warrant to search someone's house to look for things they have stashed.
That doesn't work if the message has been encrypted on transit with an one-time key, which is discarded after the message has been received. The Axolotl system (used by TextSecure/Signal and AFAIK the new encryption on WhatsApp) does that. Once the message has been received (and thus the corresponding key discarded), any copy of the encrypted message becomes useless.
The current tendency in protocol design is to use ephemeral keys (usually through some Diffie-Hellman variant) whenever possible, since it's more secure.
> With SSL they can just get a warrant (or you know, don't get a warrant) and look at the server, where everything is in plain text.
That doesn't work if the server is outside their jurisdiction.
Your first point: Yep, totally right. I think there's two levels though, the first being that my messages are free from dragnet style surveillance, the second being that my messages are totally secure. Making them get a warrant and get my actual device to decrypt my messages is a damn sight better than having unfettered access to clear text.
Second point: Not sure about that, can't I just serve a warrant on Facebook UK to give me the data? If they say "Sorry, we can't get it because America", I imagine the police will say "What? Give it up or go to prison". Similarly, if Google/Apple allow banned apps in their app store, just bring a suit against their UK tentacles.
> Similarly, if Google/Apple allow banned apps in their app store, just bring a suit against their UK tentacles.
The app doesn't have to be in their app store: on Android, it's a simple checkbox to be able to install an app from outside the app store. One can also enable developer mode and install it as if it were a self-developed app.
That was my second paragraph - and to be clear, they don't want to ban it, they want to backdoor it.
My idea was that rather than ban it outright and make it like most other internet traffic (decrypted on a server), they could mandate some kind of cacheing of the _encrypted_ data on the server. Then, once they'd lawfully executed a warrant to grab the suspects phone, they can decrypt at their leisure. Apps using per-message keys will probably be a no-no.
Myself - I live in the UK - I hope Apple, Google and Facebook all say a big "fuck you" and cut this country off from their services, but I have a feeling the 'compromise' is going to be something like the paragraph above.
I'll be very surprised if Apple compromises on this issue. I'll be similarly surprised if Google accepts that kind of compromise. Few things would surprise me about what Facebook is willing to do, but I think this would shock me if fb was willing to go for what you are talking about.
The world is run by technology companies now. Not governments. Governments haven't caught on to this yet, at least officially.
But the bottom line about law is that the law is whatever Google, Apple, Facebook, Microsoft, and Amazon says it is.
That's not the most comforting thought in the world, but that's how it is. And it's sort of okay for now because all of those companies are currently run by idealists. God help us when they are not.
For right now though, there isn't a chance in hell that Cameron's ideas will have any traction. He's just saying things that will win him some support from a certain segment of the population.
Why do we still have politicians trying to pass laws in technology if they don't understand it at all? Really we need to change how laws affecting technology are approved or something. It's always the same thing, some politician is passing some law affecting technology in what seems like the most absurd approach.
I agree, but if it hasn't happened for women's issues, it won't happen for technology either. From the point of view of those in charge, it makes sense to have politicians be as dumb as possible. That reduces the chances of any moral conflicts or other unpleasant issues that might arise to stop the idiocy they're about to commit.
We've spent the last year running twitter campaigns, but the people that matter (voters, well tory voters) don't do social media.
This means that you need to write a letter. Yes a real letter, not a fucking email. Write a letter to your MP, then a local Lord.
Then you need to write to your boss, tell them that the cost of business will go through the roof (if you're able to do business. )
Then start looking at jobs abroad. Because no doubt there will be a twitter campaign, meaning that nobody actually bothers to engage in how the democratic process actually works.
I'm a very happy customer of mythic-beasts. They do insist on sftp/ssh/tls &c for all connections which is probably wise.
I hope this gets the idea across to influential civilians (i.e. non-techs). Humour can work quite well in the UK. The HGTTG references may be lost on the younger ones though.
> Youtube fails to load with a secure connection error.
YouTube still refuses to use anything more recent than RC4 encryption, so, if Cameron would ban all secure encryption, YouTube would probably still work.
Check the actual connection for the video server, until a few months ago, that was still RC4. They only changed to 128-bit AES-GCM with ECDSA after Firefox started blocking RC4 encryption.
Thanks, I didn't know that. And honestly I'm not sure how to even check if this is the case--it's not possible through the browser UI, unless I'm missing something in the developer console?
Of course they can't expect to effectively police the ban if it's put into law. But they don't have to. Everybody will encrypt anyway and that's fine, because once they want somebody put away, they will be able to simply by saying "that person broke the Snooper's Charter by using SSH".
It's not about banning encryption, it's about having a convenient law to put tech-savvy people away.
The rhetoric of "not allowing a safe space for terrorists to communicate" is complete bullshit.
Terrorists can communicate using a book cipher or pick from any of a huge number of other options. The kind of terrorists we should actually be concerned about (competent ones) will already use extra measures such as this in conjunction with strong encryption.
This is totalitarianism.
"For too long, we have been a passively tolerant society, saying to our citizens: as long as you obey the law, we will leave you alone." - David Cameron.
One-time pad encryption, implemented correctly, cannot be broken or backdoored.
There is the matter of key exchange of course, but that is as old as the use of covert communications itself.
Anyone who cares enough about their communication remaining secret will find a way of exchanging keys for which any attempt at interception by a government entity is entirely impractical.
What's to stop people from using strong encryption on their own, illegally, end to end? It's not like this is the first time the government has inserted itself in between people's legitimate communications and intercepted them with no recourse. If you assume that that is the default state of being (and except for a few small governments, it is), then you realize that the short periods of time where people could communicate freely and privately using networks outside of private in-person meetings have been lapses in government surveillance more than anything else and minor moments of relief for those who want to communicate privately. Governments will spy. That is a given. They will try to remove privacy. That is a given. Regardless of any laws and especially when it's as simple and undetectable as making some database queries.
I'm not defending any government's actions to remove privacy and spy on its people. Quite the contrary, once one has accepted that as inevitable, it's easier to move on. The need for human privacy is also, IMO, a fact. Some may dispute that, yet there are true, the only other option then becomes to go around the law. An unjust law must be broken. And it will. The worse the government gets, the more it will be broken.
I don't see why people in the UK and elsewhere couldn't get copies of software that still had strong encryption despite the idiotic laws. After all, it's just as easy to click one link as another. Will the UK be monitoring traffic for actual binaries and source code? Will the arrest people that use encryption they can't break? Will they arrest people for sending garbage data that looks like encrypted data but isn't and therefore can't decrypt? As the government gets more totalitarian, I think we will see even regular people training themselves in encryption and its proper uses. It's inevitable as people have more and more to lose. Once life, limb, and property are at stake, people either become competent or become victims, and people are generally a lot more competent than they appear when high stakes are on the line.
Of course, UK companies will be hurt. They won't be able to do a lot of business internationally. UK citizens will have their information stolen in massive data breaches. Bank accounts and identities will be compromised. Many accounts that are not with UK companies will be compromised because of password reuse. Cameron doesn't have to ban ALL strong encryption. Whatever systems he bans it in, will be compromised. That's inevitable. At the same time, the people don't have to put up with it. Stop online banking with banks that don't use strong encryption. Request paper bills. Clog up phone lines. Pay in cash if possible. These are all things a regular person could do in the event that strong encryption is banned that if done by even a small percentage will increase costs quite a bit. It may not get the law reversed, but it might get companies on the side of people if they have to cut paper bills again at a 10-100x cost over electronic ones, for example.
tl;dr: Governments will spy and people will use strong encryption regardless of the law as privacy is a human right and oftentimes necessary to survival. Businesses and convenience will suffer greatly.
It's very easy to make people stop doing this by making it illegal. It might sound obvious but I find that this aspect is often overlooked when tech people talk about these issues. You cannot work around the law. At least not in the long run. This is and must be a political battle.
On a more serious note, I can't help but think David Cameron is employing the technique of attempting something extreme so that he can do something less extreme (but still really bad) later with less oversight. Of course you can't ban strong encryption. His advisers know that, he knows that, _everyone_ knows that.
It will be very interesting to see what actually gets put (or attempted to be put) into law. Right now it's just a whole lot of unrealistic noise.