Might be useful..

Started changing my mail over to another provider because I was’nt like the total Google domination feeling.

I came across these mail providers:

Tutanota Encrypted Mail
https://tutanota.com/
*code open source.
Based in Germany.

ProtonMail
https://protonmail.com/
NOT Open Source, but based in Switzerland.

I’m using TutaNota at the moment and see quite good.

And then they will ban VPNs….once the golden period of narrowing their search numbers ends.

GCHQ will be watching

You know VPNs carry encrypted traffic, right? Unless they’ve compromised the connection that’s not possible, all they will be able glean is that you have an encrypted stream of data. They wouldn’t even be identify that it’s a VPN connection (though the default port 51 would give that away unless you changed it). That’s the whole point.

And then they will ban VPNs….

That would cripple UK businesses though, the ecomomic cost would be incalculable.

And then they will ban VPNs….once the golden period of narrowing their search numbers ends.

Again, you’re not getting it. You can no longer ban VPNs than you can ban Welsh. It’s encrypted traffic, that is all. PPTP can be blocked because it uses a fixed port (and other technical stuff around encapsulation), but that’s no great loss because it’s insecure anyway. If you were to install OpenVPN and make a connection over port 443 (the same port https:// uses), the traffic would be indistinguishable from someone browsing a secure website.

And then they will ban VPNs….once the golden period of narrowing their search numbers ends.

😆 😆 😆 😆 😆 😆 😆
I cannot stress how much I am laughing!

Cougar, they wont intercept the traffic – and your ISP will be able to tell – via your connection records whether you are connecting to VPNs and conversely the security services.

If youre worried about your local council abusing this law, what do you think your council will think when they ask for the data and get a bunch of vpn adresses? That youre a fine upstanding member of the community?

I think someone doesn’t really know what a VPN is.

using a vpn for everything is going to flag you up nicely to your ISP and the security services

I spend 8 hours a day on VPNs working on remote networks!

Was in Nigeria this am, New York & Chicago this afternoon.

Loads of companies set up their employee laptops so they can only connect to the internet via a VPN back to HQ.

A good reason for running a VPN is that lots of information about your browsing will be held by ISPs – private companies. They can be hacked – see Talk Talk for example – this has identity theft implications.
They may also sell the information… say to a private insurance company (e.g. Virgin Broadband to Virgin Health) to affect your premiums if/when the NHS gets privatised. Never underestimate how many clever people at profit making companies are figuring out ways to analyse your “anonymised” data and “tailor your services” through it.
Things can happen retroactively too. The info is there, just needs the right laws.

Nothing retroactive is going to happen, storing just basic data like the primary web adress for a year is going to cost them millions and millions. Theyve been fighting this for that reason.

Companies like google do though….

they wont intercept the traffic

A third party cannot intercept the traffic in any sort of meaningful manner. Any attempt to capture the data and pass it on (a “man in the middle” attack) will change the security signature, so you’ll know it’s been tampered with. The only way to intercept it is to poison one of the end points. And even if they could they couldn’t do anything with it because it is encrypted.

and your ISP will be able to tell

Your ISP will be able to tell you had an encrypted session to an IP address somewhere. They could employ deep packet inspection to potentially reveal that it is VPN traffic, but there’s ways to prevent that (SSH / SSL tunnelling).

This..

A good reason for running a VPN is that lots of information about your browsing will be held by ISPs – private companies. They can be hacked – see Talk Talk for example – this has identity theft implications.
They may also sell the information… say to a private insurance company (e.g. Virgin Broadband to Virgin Health) to affect your premiums if/when the NHS gets privatised. Never underestimate how many clever people at profit making companies are figuring out ways to analyse your “anonymised” data and “tailor your services” through it.

This legislation is essentially creating a massive single point of failure for private data about every UK citizen. If you don’t think that it is going to be a massive target for identity theft and other hacking you are horribly naive.
Why would identity thieves go to all the trouble of organising large phishing campaigns with success rates in the single % when they can simply get all the data they need to compromise the identity of as many people as they like..?

I would love to know once this is all up and running whether members of the cabinet are subject to this legislation on their personal computer use.?! or whether they are excepted due to ‘national security’..

Pm has to sign off on targeting MPs doesnt she? I dont see how they can escape being hoovered up by ISPs though, Id have thought it would be next to impossible to account for all the devices, house moves, elections and changes of who has a seat in Parliament.

Here’s a thing.

With cars you have a registered keeper. Any misdemeanours and the keeper is legally obliged to disclose the driver (in England at any rate). You’ve got a breadcrumb trail.

But IP addresses aren’t linked to an individual person, but a household. Say you’re in a student accommodation with half a dozen people you barely know and a shared PC, and someone downloads kiddie porn or something. Who do you prosecute? There’s no legislation I’m aware of (yet?) that makes the bill payer responsible for identifying users, and how would you go about policing that anyway? “Who was using the computer at 8pm on this date four months ago?” Umm…

I have not been too bothered by this although I resent the intrusion.

However, the more I think about it, the more I dislike it.

No doubt at some point it will be outsourced to a private company, and whatever data they are gathering will get hacked, all in a nice tidy package.

Arent IP addresses often duplicated at any one time anyway? Hence the introduction of ipv6?

No doubt at some point it will be outsourced to a private company, and whatever data they are gathering will get hacked, all in a nice tidy package.

That’s already what will happen, the ISP’s are required to collect and store this information (no idea how ISP’s outside of Virgin/Sky/BT/TalkTalk are supposed to be able to afford the infrastructure) and make it available to the appropriate civil services when asked.
Actually, thinking about this, it’s not unreasonable to see this being the first step towards a state sanctioned national ISP once all the current ISP’s start going out of business because of the massive infrastructure overheads associated with this pointless madness.. I’m sure Mein Fuhrer May will love that.. just run all the internet traffic directly through GCHQ and cut out the middle man.!
Give it a few years and at this rate we are all going to be looking into the quality of the riding in China so we can emigrate to a freer state..

Make no mistake people, this is not a crime prevention measure, it’s about harvesting big data which is worth money..virgin media selling data to virgin health virgin health requesting data from virgin broadband users to weight policies is the tip of the iceberg.

Every man and his dog will have access to mass browsing habits of targeted demographics.

And that’s not even getting started on how safe your data is, ISPs will be golden geese for hackers and botnets, if they are sat on massive amounts of personal data.

Arent IP addresses often duplicated at any one time anyway? Hence the introduction of ipv6?

Not duplicated but shared.. your ISP will generally assign your account an IP (unless you ask for a static one then it may change but in reality rarely does). The internet connected devices within your house are all assigned a local IP address by your router, these are IP addresses that are designated for local traffic and are not used on the wider internet. Once a device requests something from the internet, your router keeps track of it’s internal IP address, sends the request out to the internet using the external address assigned by your ISP and when the data comes back it figures out which device to send it to.. hence you can have 100 devices connected in your home but only a single public IP address (hence the problem with figuring out who was naughty in a house/flat).
Once IPv6 is fully rolled out, everything that connects to the internet will have it’s own PUBLIC IP address so the NAT (network address translation) will be unneccesary and legislation like this will become even more creepy as they’ll be able to record where you were and which device you were using when you accessed whatever they decide is illegal that week.!

And that’s not even getting started on how safe your data is, ISPs will be golden geese for hackers and botnets, if they are sat on massive amounts of personal data.

Exactly, if this goes ahead even close to how the legislation is written ISP’s will all become massive targets and I wouldn’t bet an old sock on the chances of the data staying secured for more than about 24 hours. (I’d have to think seriously about betting on 24 minutes!)

Of course, history has proved that every Internet company stores its data responsibly using irreversible encryption. Er, oh.

In other “who watches the watchers” news, I’ve just remembered about this so I’ll just leave it here:

https://en.wikipedia.org/wiki/Regin_(malware)

Also, this is an interesting read as to what direction ISPs may take:

http://www.revk.uk/2016/11/snoopers-charter-and-a.html

Loads of companies set up their employee laptops so they can only connect to the internet via a VPN back to HQ.

and the civil service itself!

and which device you were using

What if I was using a spoofed MAC address?