[Closed] Terrorism

So what?

It's also a technology so well put out there that you can't put it back in the box. If you think you can please let us all know and see how long before somebody laughs you out the room.

Anyway, just as I'm sure most of the people calling for a ban on encryption are also ardent supporters of Trident, I'll use your argument against you: you can't uninvent it.

You can sure as hell make unauthorised possession and use illegal though - which gives you a nice easy way to take the baddies out of the loop (Al Capone principle)

You can sure as hell make unauthorised possession and use illegal though - which gives you a nice easy way to take the baddies out of the loop (Al Capone principle)

It's also a technology so well put out there that you can't put it back in the box. If you think you can please let us all know and see how long before somebody laughs you out the room.

I know exactly what it is however it comes down to trust and the price that people are prepared to pay for increased security. You can laugh at my naivety if you want but I trust that with some judicial oversight the technology to decrypt messages should be available to the security services. (lets not forget that owners of this technology who may be driven by commercial motives could do this) Of course there is a risk that this could be used for the wrong reasons but that risk already exists and I dont have a tinfoil hat.
People fall on each side of this fence.

It's also a technology so well put out there that you can't put it back in the box. If you think you can please let us all know and see how long before somebody laughs you out the room.

Encryption isnt one homogeneous thing that once cracked remains cracked! New encryption techniques are being delivered all the time. The decryption of say Whatsapp or apple messages means access to the techniques that they are using, not some "one off" code! it means access in principle the algorithms are probably changing frequently.

You can laugh at my naivety if you want but I trust that with some judicial oversight the technology to decrypt messages should be available to the security services.

Which apparently represents less than 2% of British Muslims if this poll is accurate

Interesting. Encouraging, even. So what 'body' represents the view/s of the other 99%? The Guardian? The Mail? The Sun? anti-Muslim Youtube comments? Wait, it's chewk innit?

Or could it be...that...British Muslims...aren't ... The Actual Borg TM?

People fall on each side of this fence.

People might.
However all the people with even a bit of expertise fall to one side only.
Get rid of secure encryption eg that which is unlikely to broken in less than a few hundred years, and you have undermined a large part of the current economic system.

You can laugh at my naivety if you want but I trust that with some judicial oversight the technology to decrypt messages should be available to the security services.

Bullshit. Encryption with backdoors is inherently weak and requires the agreement of the software creator to build in. Terrorists engaged in attacks like we've seen over the last few years are happily trading their lives for a handful of "our" lives so going to jail for not handing over the encryption keys or using prohibited software is hardly going to register. These are not illiterate goatherds attacking us, they have access to a modern skillset and are expert in subverting "harmless" technology for their use so it's not beyond the realms of chance that they would have their own software engineers creating versions of software that SEEM identical to those that are licensed (in your new world) but that are not.

After 9/11 the NSA/GCHQ etc were all concerned about Al-Qaida using steganography to disseminate info and communicate with their followers. 16 years later, little has changed, just the medium.

Then I write my own, I create my own encryption key, use a one time pad, do any number of things that the officials don't know the key for. Windows 10 comes with encryption for the hard drive, which countries security services should have the key? If I buy a copy in the US would MI5 have the key? Would China or ****stan have the key?
Who gets to intercept and read messages sent across borders? The sender or receiver or both?

When you have as many users as Apple or Whatsapp or you become a person of interest then you may get a knock on the door, until that happens I suspect the security services wont be arsed what you do.

However all the people with even a bit of expertise fall to one side only.
Get rid of secure encryption eg that which is unlikely to broken in less than a few hundred years, and you have undermined a large part of the current economic system.

Thats just gibberish

Encryption with backdoors is inherently weak and requires the agreement of the software creator to build in

It has a "backdoor" by definition

These are not illiterate goatherds attacking us, they have access to a modern skillset and are expert in subverting "harmless" technology for their use so it's not beyond the realms of chance that they would have their own software engineers creating versions of software that SEEM identical to those that are licensed (in your new world) but that are not.

Who is saying they are? I'm certainly not. I think its a stretch to say they have "software engineers" who could develop an encrypted end to end technology of their own. If they could they wouldnt use Whatsapp.

surfer - Member
It has a "backdoor" by definition

Really, how so?

I think its a stretch to say they have "software engineers" who could develop an encrypted end to end technology of their own

Admittedly I went to university to study software engineering but at university one of my peers created an encrypted end-to-end plugin for the messaging software we used. In his first year. The thing is, it doesn't have to be unbreakable, it just has to be unbreakable for long enough to carry out an attack. PGP is still pretty secure and there are enough forks of it out there that you'd never be able to stop people using it.

The thing is, it doesn't have to be unbreakable, it just has to be unbreakable for long enough to carry out an attack.

Good point. There is no Silver bullet and any way of combating these threats will be multi pronged. In principle I have no real objection to security services having (strictly controlled) access to all of my data/communications.

. In principle I have no real objection to security services having (strictly controlled) access to all of my data/communications.

Are all of those under UK judicial control?

If there is a hole all will get in, sorry to break that to you. These companies work across borders so who gets access to what?

What would the FBI do with my comms data Mike?

surfer

In principle I have no real objection to security services having (strictly controlled) access to all of my data/communications.

You might not. But you have to consider what happens when they have access to all of everyone's data. Then "they" start to build models to influence public opinion based on that data. To win elections, modify policy, change cultures.

We absolutely need encryption today because without it we are leaving our door unlocked and sending an open invite to millions of thieves. As our lives are increasingly lived online the need for this encryption will only increase.

Anyone figure out what causes terrorism yet? If not, any final offers? Or shall we call it?

But you have to consider what happens when they have access to all of everyone's data. Then "they" start to build models to influence public opinion based on that data. To win elections, modify policy, change cultures.

That really is "big data" do you realise how much inane trivia they would have to trawl through to build any meaningful model? How many videos of cats they would have to analyse?
As a person who would fall into the "of no interest" category I am unconcerned.

Oh bless... What would the Iranian government want with it? If there is a state approved hole every state will want it. We have policies for not disclosing or discussing certain aspects of technology with some countries - some of which actively want to spy on people.
How about a foreign government snooping on out civil services personal lives? Its not just a hole for the UK government it puts all comms in the public domain.

I would just go back to using Pay as you go 2G phones

What would the Iranian government want with it?

Well that was sort of my question, do you have an answer? What value would my calls, txts and family pics on whatsapp be to the FBI or the Iranian Government?

it would very easy to send messages across forums like this one, with no need for encryption, just a series of commas in the wrong places on chosen key works to issue instructions date.time.locations and a Grammar nazi type response to show it has been acknowledged.

in fact theres' a few posters on here who I have my suspicion's about!

Many people do value their privacy for a lot of reasons. You want to put a massive hole in comms platforms in order to catch people who as pointed out will just swap to something else.
It might sound all awesome and ground breaking but it's not a useful idea. Go look up one time pads...

surfer

That really is "big data" do you realise how much inane trivia they would have to trawl through to build any meaningful model? How many videos of cats they would have to analyse?

They don't have to trawl. Algorithms would scan the contents of your messages for keywords, bulletpoints, relevant names and other associative words. It'll also be monitoring your twitter, facebook and youtube habbits to anticipate which way you might vote, what things might get you to vote one way or not another, or discourage you from voting at all, all the while guiding you down certain paths that you are oblivious to being led down.

As a person who would fall into the "of no interest" category I am unconcerned.

This is actually happening already and it's a real threat to the concept of democracy and more broadly "freedom". It's not "your" personal info that is the issue, it's the potential for massive coercion.

Many people do value their privacy for a lot of reasons

I get that and that and we all have to balance our perceived security against the invasion of our privacy. I can only claim to speak for myself. You made a few sniffy comments in your previous posts but you dont seem to be able to explain why the FBI or Iran would want to view my comms?

If there is a state approved hole every state will want it. We have policies for not disclosing or discussing certain aspects of technology with some countries - some of which actively want to spy on people

Hang on. In one breath you are saying once the genie is out of the box everybody will share the data and in the next breath you are saying this doesnt happen now because of "policies"?

Algorithms would scan the contents of your messages for keywords, bulletpoints, relevant names and other associative words. It'll also be monitoring your twitter, facebook and youtube habbits to anticipate which way you might vote, what things might get you to vote one way or not another, or discourage you from voting at all, all the while guiding you down certain paths that you are oblivious to being led down.

Yes I get that however the volume of data and the processing power required is huge and that would be diverted from something else. If people are posting political comments on Facebook saying they support UKIP then I dont think you need to investigate every other part of their comms network to find their political leanings! In terms of determining how people vote for example why not just ask them?

Hang on. In one breath you are saying once the genie is out of the box everybody will share the data and in the next breath you are saying this doesnt happen now because of "policies"?

I get that and that and we all have to balance [b]our perceived security[/b] against the invasion of our privacy.

What if we tell you it's a going to be awesome, the government can read what it wants and the rest of us can keep our privacy.

Why would the UK be the only country with a back door key?

Well according to you we create a policy?

What if we tell you it's a going to be awesome, the government can read what it wants [s]and the rest of us can keep our privacy[/s].

Your missing my point (and refusing to answer my question) I dont believe I will keep my privacy I am saying:

A: I am of no interest so no security services will waste scare resources investigating me
B: I "trust" that my "private" information will not be accessed by anyone but professionals who's aim is to keep us safe.

You may not Trust the security services and I have my concerns but in my view that is a risk I am prepared to take.

I'm 54 and have lived my life happily with end to end encryption for the vast majority of it

You've never bought anything online? Never used Internet banking? Never visited any website that starts with https:// like, oh I don't know, STW's login page? I don't believe you.

We have had this argumebt on here before. I was calling fir an wnd to uncrackable encryption 2+ years ago.

I'd have hoped you'd have listened and learned something in those two years but no, it's like having a discussion with a bunch of grapes.

I think its a stretch to say they have "software engineers" who could develop an encrypted end to end technology of their own.

Here you go. RSA key generation in three lines of Perl.

[code]#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)[/code]

Granted it's not the most readable piece of code in the world, point is that encryption is not difficult or complicated, it's big numbers and multiplication. Once you've worked out how to ban maths, get back to us.

jambalaya - Member
@dissonance

Lets start with what is not licenced, Telegram, WhatsAp, Facebook, email services. Banks can send approved encrypted messages, police, government. It would be a short list

I'm 54 and have lived my life happily with end to end encryption for the vast majority of it

We have had this argumebt on here before. I was calling fir an wnd to uncrackable encryption 2+ years ago. The companies use it to make money and to cover their arses as "we cannot read any messages so cannot be held responsible for the content"

Point 1, You aren't even trying to hide your fascist tendencies any more?

Point 2, Do you really think what you are asking for is possible? Do you believe the uk has world wide control over the internet? The US doesn't even have it.

Point 3, I guess you'll not mind PMing me your password details for your bank and credit cards? Sure, they'll be available soon enough.

Point 4, Do you really think the "back doors" will only be available to government sources?

Point 5, Are you mental?

A: I am of no interest so no security services will waste scare resources investigating me

B: I "trust" that my "private" information will not be accessed by anyone but professionals who's aim is to keep us safe.

No your missing what I said, it's 2 different things.
One we have things in the UK we don't want to share.
Two why would the rest of the world not want their own back door.

You may not Trust the security services and I have my concerns but in my view that is a risk I am prepared to take.

If the benefit is only perceived why is it worth it? What does it actually do when all the terrorists go somewhere else or old school? Will we get our privacy back?
Nobody has given a solid case for why more intrusive surveillance is needed, or what it will deliver. Like the idea of giving the police lots of guns, what does it do?

Here you go. RSA key generation in three lines of Perl.

Then why are they using Whatsapp?

B: I "trust" that my "private" information will not be accessed by anyone but professionals who's aim is to keep us safe.

Stick your email address in here.

https://haveibeenpwned.com/

Which is rather foolish

Its not foolish. Its a choice.

Stick your email address in here.

Why?

Why?

No reason... <whistles>

surfer - Member

Then why are they using Whatsapp?

mostly the same reasons why i use whatsapp...

the point (which you missed*), is that encryption isn't hard. you can't really force Whatsapp to build in a backdoor.

(*whoooosh! doesn't really cover it)

surfer

Yes I get that however the volume of data and the processing power required is huge and that would be diverted from something else. If people are posting political comments on Facebook saying they support UKIP then I dont think you need to investigate every other part of their comms network to find their political leanings! In terms of determining how people vote for example why not just ask them?

I feel like you are looking at this from the wrong perspective. It's not about knowing the political allegiances of people who have declared their political allegiances, it's about coercing people who haven't made up their minds.

Example - Trump's campaign claims to have directly targeted black male voters in certain swing states, not to get them to vote Trump, but to character assassinate Clinton and demotivate them from voting. This was done using Facebook data targeting people based on their personality types using tailored websites for specific types. Facebook won't reveal who was targeted, or what material was sent to them, and Trump's campaign won't reveal it.

Previously politicians could make broad arguments on TV or radio. They could lie but their lies were public, and subject to public scrutiny or analysis. Now we are in a era where politicians can craft a lie designed to appeal just to you, something that they already know concerns you, or will work on you, and there is no moderation as to whether it's true or false. And what's more you can't even tell who targeted you with this information, you don't know anything about them, nor do you know what they know about you.

Are you sure you are of no interest? What if you set up a business that is competing against a foreign governments pet company. Be a minor disadvantage if they could have a quick look at your emails and trade secrets wouldnt it?

Do you really think Email is secure now?

What if you manage to pick up a mildly embarrassing medical condition and the doctor gets hacked?

Ooh yes thats secure.

Like the idea of giving the police lots of guns, what does it do?

Make Ninfan types tumescent

Then why are they using Whatsapp?

Because they can. And if they couldn't, they'd use something else. And if there was nothing else commercially available, they'd undoubtedly create something. This is the point:

It's.
Not.
Difficult.

Take any open source IM like, say, Telegram (and there are loads of others) and you've got the code right there. If we were to ban encryption tomorrow, how do you then block people who just use the current version rather than the newly hamstrung one? You can't for all practical puposes, the genie is not only out of the bottle but has necked half a bottle of Jack and is dancing naked on the tables.

surfer - Member

Here you go. RSA key generation in three lines of Perl.

Then why are they using Whatsapp?

Stick your email address in here.

Why?

Its not foolish. Its a choice.

It's a choice to be foolish.

Why?

To find out how secure your data is with those people you trust.

Do you really think Email is secure now?

https://switch.egress.com/ui/learn/

(Or PGP, GPG, ProtonMail, a supporting cast of thousands...)

Next question?