Terrorism

What about if you noticed that the door on your local postbox was being left unlocked? Or your neighbour was going through your post?

…or a funny echo on your phone line?

Anyway, just as I’m sure most of the people calling for a ban on encryption are also ardent supporters of Trident, I’ll use your argument against you: you can’t uninvent it.

The fundamental problem is it is difficult to fight against a cause, especially one where its followers believe death is something beneficial to them and expect to die.

As well as a previous declaration that this type of action is haram (albeit as noted before, with no overall leader of the faith it’s always interpretations by scholars / Imams and you easily find another who’ll say it isn’t)

From the BBC website:

“Muslim leaders refuse funeral prayers for attackers
Posted at 7:21
The Muslim Council of Britain, the UK’s largest Muslim umbrella body, has published a letter condemning the recent attacks in London and Manchester and calling on British imams to refuse to perform funeral rites for the perpetrators

More than 130 imams and religious leaders from an array of Muslim denominations signed the letter, agreeing together to refuse to perform the traditional Islamic funeral prayer for the attackers, a ritual the MCB says is “normally performed for every Muslim regardless of their actions”. “

I’ve wondered on this. If religion or faith is strong enough to make people do these things in its name, is this kind of denouncement capable of countering it, that you won’t get your proper funeral and therefore won’t get your trip to paradise either.

It sounds barbaric (it was middle ages after all) but executed criminals were either buried in unconsecrated ground or their bodies sent for dissection by surgeons, with the belief that would punish them for eternity. Is there a modern day equivalent?

@dragon. Waitwhat? What just happened?

The end-to-end encryption thing is a bullshit red-herring. That Facebook and Twitter (to name two) can’t even police the shit that is on their public websites should show how hard it will be to stop people using technology in whatever way they want; for good or bad.

We use encryption to move sensitive data around outside our data centre. Moving a list of users and passwords? Encrypted passwords are stored anyway but then we encrypt any data dumps before they’re transmitted for ANY purpose (i.e. backups in our other DC). If you want to retrieve any data from the DC, you do it over a VPN. Banning all of those things would make YOUR data far less secure as any time we wanted to migrate your email services from one DC to another, we’d have to send your unencrypted password around. Our clients use encryption to store your private data (including credit card data); if that goes then so does your protection there too.

People have absolutely no idea how much of their personal privacy is protected by stuff they seem to think that only terrorists need.

People have absolutely no idea how much of their personal privacy is protected by stuff they seem to think that only terrorists need.

So what?

The Muslim Council of Britain, the UK’s largest Muslim umbrella body

Which apparently represents less than 2% of British Muslims if this poll is accurate

So what?

Encryption is a very useful tool for keeping things like your data secure from hackers, or preventing your banking details and corporate secrets from ending up where they shouldn’t be etc. Preventing your medical records being used to blackmail you etc.
It’s in use all over the place as standard.

It’s also a technology so well put out there that you can’t put it back in the box. If you think you can please let us all know and see how long before somebody laughs you out the room.

Anyway, just as I’m sure most of the people calling for a ban on encryption are also ardent supporters of Trident, I’ll use your argument against you: you can’t uninvent it.

You can sure as hell make unauthorised possession and use illegal though – which gives you a nice easy way to take the baddies out of the loop (Al Capone principle)

You can sure as hell make unauthorised possession and use illegal though – which gives you a nice easy way to take the baddies out of the loop (Al Capone principle)

How?
I can use ST Mag to deliver an encrypted message.

It’s also a technology so well put out there that you can’t put it back in the box. If you think you can please let us all know and see how long before somebody laughs you out the room.

I know exactly what it is however it comes down to trust and the price that people are prepared to pay for increased security. You can laugh at my naivety if you want but I trust that with some judicial oversight the technology to decrypt messages should be available to the security services. (lets not forget that owners of this technology who may be driven by commercial motives could do this) Of course there is a risk that this could be used for the wrong reasons but that risk already exists and I dont have a tinfoil hat.
People fall on each side of this fence.

It’s also a technology so well put out there that you can’t put it back in the box. If you think you can please let us all know and see how long before somebody laughs you out the room.

Encryption isnt one homogeneous thing that once cracked remains cracked! New encryption techniques are being delivered all the time. The decryption of say Whatsapp or apple messages means access to the techniques that they are using, not some “one off” code! it means access in principle the algorithms are probably changing frequently.

You can laugh at my naivety if you want but I trust that with some judicial oversight the technology to decrypt messages should be available to the security services.

Then I write my own, I create my own encryption key, use a one time pad, do any number of things that the officials don’t know the key for. Windows 10 comes with encryption for the hard drive, which countries security services should have the key? If I buy a copy in the US would MI5 have the key? Would China or Pakistan have the key?
Who gets to intercept and read messages sent across borders? The sender or receiver or both?

Which apparently represents less than 2% of British Muslims if this poll is accurate

Interesting. Encouraging, even. So what ‘body’ represents the view/s of the other 99%? The Guardian? The Mail? The Sun? anti-Muslim Youtube comments? Wait, it’s chewk innit?

Or could it be…that…British Muslims…aren’t … The Actual Borg TM?

People fall on each side of this fence.

People might.
However all the people with even a bit of expertise fall to one side only.
Get rid of secure encryption eg that which is unlikely to broken in less than a few hundred years, and you have undermined a large part of the current economic system.

You can laugh at my naivety if you want but I trust that with some judicial oversight the technology to decrypt messages should be available to the security services.

Bullshit. Encryption with backdoors is inherently weak and requires the agreement of the software creator to build in. Terrorists engaged in attacks like we’ve seen over the last few years are happily trading their lives for a handful of “our” lives so going to jail for not handing over the encryption keys or using prohibited software is hardly going to register. These are not illiterate goatherds attacking us, they have access to a modern skillset and are expert in subverting “harmless” technology for their use so it’s not beyond the realms of chance that they would have their own software engineers creating versions of software that SEEM identical to those that are licensed (in your new world) but that are not.

After 9/11 the NSA/GCHQ etc were all concerned about Al-Qaida using steganography to disseminate info and communicate with their followers. 16 years later, little has changed, just the medium.

Then I write my own, I create my own encryption key, use a one time pad, do any number of things that the officials don’t know the key for. Windows 10 comes with encryption for the hard drive, which countries security services should have the key? If I buy a copy in the US would MI5 have the key? Would China or Pakistan have the key?
Who gets to intercept and read messages sent across borders? The sender or receiver or both?

When you have as many users as Apple or Whatsapp or you become a person of interest then you may get a knock on the door, until that happens I suspect the security services wont be arsed what you do.

However all the people with even a bit of expertise fall to one side only.
Get rid of secure encryption eg that which is unlikely to broken in less than a few hundred years, and you have undermined a large part of the current economic system.

Thats just gibberish

Encryption with backdoors is inherently weak and requires the agreement of the software creator to build in

It has a “backdoor” by definition

These are not illiterate goatherds attacking us, they have access to a modern skillset and are expert in subverting “harmless” technology for their use so it’s not beyond the realms of chance that they would have their own software engineers creating versions of software that SEEM identical to those that are licensed (in your new world) but that are not.

Who is saying they are? I’m certainly not. I think its a stretch to say they have “software engineers” who could develop an encrypted end to end technology of their own. If they could they wouldnt use Whatsapp.

surfer – Member
It has a “backdoor” by definition

Really, how so?

I think its a stretch to say they have “software engineers” who could develop an encrypted end to end technology of their own

Admittedly I went to university to study software engineering but at university one of my peers created an encrypted end-to-end plugin for the messaging software we used. In his first year. The thing is, it doesn’t have to be unbreakable, it just has to be unbreakable for long enough to carry out an attack. PGP is still pretty secure and there are enough forks of it out there that you’d never be able to stop people using it.

The thing is, it doesn’t have to be unbreakable, it just has to be unbreakable for long enough to carry out an attack.

Good point. There is no Silver bullet and any way of combating these threats will be multi pronged. In principle I have no real objection to security services having (strictly controlled) access to all of my data/communications.

. In principle I have no real objection to security services having (strictly controlled) access to all of my data/communications.

Mi5, cia, FBI, fsb, mossad and all the other ones?

Are all of those under UK judicial control?

If there is a hole all will get in, sorry to break that to you. These companies work across borders so who gets access to what?

What would the FBI do with my comms data Mike?

surfer

In principle I have no real objection to security services having (strictly controlled) access to all of my data/communications.

You might not. But you have to consider what happens when they have access to all of everyone’s data. Then “they” start to build models to influence public opinion based on that data. To win elections, modify policy, change cultures.

We absolutely need encryption today because without it we are leaving our door unlocked and sending an open invite to millions of thieves. As our lives are increasingly lived online the need for this encryption will only increase.

Anyone figure out what causes terrorism yet? If not, any final offers? Or shall we call it?

But you have to consider what happens when they have access to all of everyone’s data. Then “they” start to build models to influence public opinion based on that data. To win elections, modify policy, change cultures.

That really is “big data” do you realise how much inane trivia they would have to trawl through to build any meaningful model? How many videos of cats they would have to analyse?
As a person who would fall into the “of no interest” category I am unconcerned.

Oh bless… What would the Iranian government want with it? If there is a state approved hole every state will want it. We have policies for not disclosing or discussing certain aspects of technology with some countries – some of which actively want to spy on people.
How about a foreign government snooping on out civil services personal lives? Its not just a hole for the UK government it puts all comms in the public domain.

I would just go back to using Pay as you go 2G phones

What would the Iranian government want with it?

Well that was sort of my question, do you have an answer? What value would my calls, txts and family pics on whatsapp be to the FBI or the Iranian Government?

it would very easy to send messages across forums like this one, with no need for encryption, just a series of commas in the wrong places on chosen key works to issue instructions date.time.locations and a Grammar nazi type response to show it has been acknowledged.

in fact theres’ a few posters on here who I have my suspicion’s about!

Many people do value their privacy for a lot of reasons. You want to put a massive hole in comms platforms in order to catch people who as pointed out will just swap to something else.
It might sound all awesome and ground breaking but it’s not a useful idea. Go look up one time pads…

surfer

That really is “big data” do you realise how much inane trivia they would have to trawl through to build any meaningful model? How many videos of cats they would have to analyse?

They don’t have to trawl. Algorithms would scan the contents of your messages for keywords, bulletpoints, relevant names and other associative words. It’ll also be monitoring your twitter, facebook and youtube habbits to anticipate which way you might vote, what things might get you to vote one way or not another, or discourage you from voting at all, all the while guiding you down certain paths that you are oblivious to being led down.

As a person who would fall into the “of no interest” category I am unconcerned.

This is actually happening already and it’s a real threat to the concept of democracy and more broadly “freedom”. It’s not “your” personal info that is the issue, it’s the potential for massive coercion.

Many people do value their privacy for a lot of reasons

I get that and that and we all have to balance our perceived security against the invasion of our privacy. I can only claim to speak for myself. You made a few sniffy comments in your previous posts but you dont seem to be able to explain why the FBI or Iran would want to view my comms?

If there is a state approved hole every state will want it. We have policies for not disclosing or discussing certain aspects of technology with some countries – some of which actively want to spy on people

Hang on. In one breath you are saying once the genie is out of the box everybody will share the data and in the next breath you are saying this doesnt happen now because of “policies”?

Algorithms would scan the contents of your messages for keywords, bulletpoints, relevant names and other associative words. It’ll also be monitoring your twitter, facebook and youtube habbits to anticipate which way you might vote, what things might get you to vote one way or not another, or discourage you from voting at all, all the while guiding you down certain paths that you are oblivious to being led down.

Yes I get that however the volume of data and the processing power required is huge and that would be diverted from something else. If people are posting political comments on Facebook saying they support UKIP then I dont think you need to investigate every other part of their comms network to find their political leanings! In terms of determining how people vote for example why not just ask them?

Hang on. In one breath you are saying once the genie is out of the box everybody will share the data and in the next breath you are saying this doesnt happen now because of “policies”?

No you put a hole in it and anyone can get in. Why would the UK be the only country with a back door key?

I get that and that and we all have to balance our perceived security against the invasion of our privacy.

What if we tell you it’s a going to be awesome, the government can read what it wants and the rest of us can keep our privacy.

Why would the UK be the only country with a back door key?

Well according to you we create a policy?

What if we tell you it’s a going to be awesome, the government can read what it wants and the rest of us can keep our privacy.

Your missing my point (and refusing to answer my question) I dont believe I will keep my privacy I am saying:

A: I am of no interest so no security services will waste scare resources investigating me
B: I “trust” that my “private” information will not be accessed by anyone but professionals who’s aim is to keep us safe.

You may not Trust the security services and I have my concerns but in my view that is a risk I am prepared to take.

I’m 54 and have lived my life happily with end to end encryption for the vast majority of it

You’ve never bought anything online? Never used Internet banking? Never visited any website that starts with https:// like, oh I don’t know, STW’s login page? I don’t believe you.

We have had this argumebt on here before. I was calling fir an wnd to uncrackable encryption 2+ years ago.

I’d have hoped you’d have listened and learned something in those two years but no, it’s like having a discussion with a bunch of grapes.

I think its a stretch to say they have “software engineers” who could develop an encrypted end to end technology of their own.

Here you go. RSA key generation in three lines of Perl.

#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)

Granted it’s not the most readable piece of code in the world, point is that encryption is not difficult or complicated, it’s big numbers and multiplication. Once you’ve worked out how to ban maths, get back to us.

jambalaya – Member

@dissonance

Lets start with what is not licenced, Telegram, WhatsAp, Facebook, email services. Banks can send approved encrypted messages, police, government. It would be a short list

I’m 54 and have lived my life happily with end to end encryption for the vast majority of it

We have had this argumebt on here before. I was calling fir an wnd to uncrackable encryption 2+ years ago. The companies use it to make money and to cover their arses as “we cannot read any messages so cannot be held responsible for the content”

Point 1, You aren’t even trying to hide your fascist tendencies any more?

Point 2, Do you really think what you are asking for is possible? Do you believe the uk has world wide control over the internet? The US doesn’t even have it.

Point 3, I guess you’ll not mind PMing me your password details for your bank and credit cards? Sure, they’ll be available soon enough.

Point 4, Do you really think the “back doors” will only be available to government sources?

Point 5, Are you mental?

A: I am of no interest so no security services will waste scare resources investigating me

Are you sure you are of no interest? What if you set up a business that is competing against a foreign governments pet company. Be a minor disadvantage if they could have a quick look at your emails and trade secrets wouldnt it?
What if you manage to pick up a mildly embarrassing medical condition and the doctor gets hacked?

B: I “trust” that my “private” information will not be accessed by anyone but professionals who’s aim is to keep us safe.

Which is rather foolish.
Wannacry shows the flaws in this.

No your missing what I said, it’s 2 different things.
One we have things in the UK we don’t want to share.
Two why would the rest of the world not want their own back door.

You may not Trust the security services and I have my concerns but in my view that is a risk I am prepared to take.

http://www.heraldsun.com.au/news/law-order/hundreds-of-police-members-caught-abusing-confidential-information-on-operational-intelligence-database/news-story/4b926219e6e5ff4eddf09a5238be42db?sv=8845a8050db999725fdca1f11774cc9c
http://www.sydneycriminallawyers.com.au/blog/police-officers-misuse-private-information-for-personal-gain/
http://www.manchestereveningnews.co.uk/news/greater-manchester-news/police-sacked-jailed-confidential-systems-11603511
http://www.mirror.co.uk/news/uk-news/hundreds-police-sacked-resign-after-3133963
http://www.cbsnews.com/news/police-sometimes-misuse-confidential-work-databases-for-personal-gain-ap/
That is just what we know about from 1 page of google. I do not trust people to not misuse back doors and extra keys.

If the benefit is only perceived why is it worth it? What does it actually do when all the terrorists go somewhere else or old school? Will we get our privacy back?
Nobody has given a solid case for why more intrusive surveillance is needed, or what it will deliver. Like the idea of giving the police lots of guns, what does it do?

Here you go. RSA key generation in three lines of Perl.

Then why are they using Whatsapp?

B: I “trust” that my “private” information will not be accessed by anyone but professionals who’s aim is to keep us safe.

Stick your email address in here.

https://haveibeenpwned.com/