The question is do you want serious cyber criminals, and whatever authoritarian government shows up at some point and starts tearing up the already increasingly authoritarian UK rule book (hi America) to have access to all communications? Should they have access to journalist’s sources, and other activists’ communications? Should cyber criminals have access to all financial data?
You don’t get one without the other. Encryption either works or it doesn’t. And you can certainly assume that dedicated nation state actors (who will and do work with people that do not want a liberal open society in countries across the world including the UK) will quickly develop the capability to circumvent any exploitable encryption.
In this case the increasingly authoritarian/data-totalitarian UK government and secret services has been trying to do it in secret. They want their eyes on everything at all times and damn the consequences for an open society. They sure are doing their bit to end the 20th century idea of a free, open, tolerant society I grew up being told existed.
Then again, I watched some sort of parliamentary enquiry more than a decade ago where somebody from gchq nonchalantly admitted they abuse UK citizen’s human right of privacy as a matter of course and everybody in the room just shrugged. It caused no ripple at all in the press. No doubt the likes of gchq face all sorts of threats we the public are not aware of, but they appear to operate with no checks and balances whatsoever, and they are playing right into the hands of extremists who want to see the end of an open society in order that their extreme views become more acceptable.
It must be said that personal privacy is a cornerstone of a civilised society. You either have that or you don’t. For many people, particularly those that pay attention to this stuff, we have already gone too far. There is a lot an individual can do to mitigate the intrusion of US tech corporations, but destroying encryption, in a world where so much can only be done online, affects everybody regardless of personal choices they have made. To try and do it in secret is even worse.
I don’t want end-to-end encryption entirely outlawed. But for the biggest platforms from massive corporations, maybe those corporations could keep their encryption keys stored with high security somewhere, so they can decrypt particular messages if a court warrant is issued.
People who are uneasy about that could go to a more privacy-focused platform like Signal. Some criminals would do that too, but at least something would be done to catch criminals on the popular platforms.
I understand where you are coming from, but the encryption is not secure if somebody else holds your password.
Then there is the other issue of Elon Musk and Donald Trump, or Nigel Farage and Tommy Robinson, or some other entity the likes of Russia, and now America promote, and bang goes journalist’s and activists’ anonymity. It would be great to have it both ways, but it isn’t possible.
Fair points. Also I guess practically big companies like Apple would never allow a situation where their encryption is compromised while encryption on smaller platforms like Signal isn’t. Apple etc would spend billions lobbying so such a situation never happens.
I saw it called “end to end encrypted icloud backup” in the news. I guess it is that, in that it is encrypted at rest on apple’s servers, then between those servers and the end-user’s device. But that is a bit different to what signal does. Signal doesn’t store anything at rest on any servers they own as far as the experts I rely on for information on this (and who signal allow to audit them) say.
It seems to be the case that as long as apple offer any products at all to the UK market, the UK government have the right to ask, in secret, for apple to provide encryption backdoors into their products for all of apple’s customers whatever the nationality. It seems likely that the UK will share this information with five eyes countries’, allowing those countries to circumvent their own legal processes.
It isn’t clear if that has happened or is going to happen but it seems likely that they will, if they can get away with it without it becoming public knowledge. Which has pissed off, for instance, US information security professionals who like iphones whose data now can’t be considered secure.
It might be the case that apple has had to withdraw this particular product from the UK for public relations purposes because somebody whitleblew. But as long as apple wants to sell products in the UK it seems the snoopers charter allows the snoopers to request backdoor access to their products globally.
The Chinese have done the same. People here call them totalitarian for doing so.
I would probably argue that China is a little different to the UK, given that China is a one-party state.
Yeah maybe the UK government shouldn’t be able to spy on Apple messages sent anywhere in the world. But maybe UK agencies like GCHQ should be able to get the messages of specific individuals who threaten the UK, with a court warrant, like how law enforcement has been able to bug the phones of criminals with a court warrant.
I dunno. Maybe I should educate myself more on encryption and how it all works.
Couple of things: I am sure that the likes of GCHQ get the messages of specific individuals who threaten the UK without any court orders right now. This cartoon sums up the limits to encryption’s effectiveness in this sort of context: https://xkcd.com/538/
And it has been red Tory v. blue Tory, one party, since 1994. I assume you disagree on this my second point - I am always happy to agree to disagree.
Regarding encryption, surveillance, and snooper’s intrusion: I was brought up being told the stasi were the bad guys. The stasi would blush at the surveillance foreign corporations and the British government now engage in as a matter of course: it is beyond their wildest dreams.
But spying on all of the public all of the time comes at a cost to society I would rather not pay. It quells dissent in the short and maybe mid term, but that extreme intrusion, ultimately drives otherwise moderate people into the hands of extremists (on every side). The terrorists win when we sacrifice liberty for temporary security (or whatever that quote was).
The question is do you want serious cyber criminals, and whatever authoritarian government shows up at some point and starts tearing up the already increasingly authoritarian UK rule book (hi America) to have access to all communications? Should they have access to journalist’s sources, and other activists’ communications? Should cyber criminals have access to all financial data?
You don’t get one without the other. Encryption either works or it doesn’t. And you can certainly assume that dedicated nation state actors (who will and do work with people that do not want a liberal open society in countries across the world including the UK) will quickly develop the capability to circumvent any exploitable encryption.
In this case the increasingly authoritarian/data-totalitarian UK government and secret services has been trying to do it in secret. They want their eyes on everything at all times and damn the consequences for an open society. They sure are doing their bit to end the 20th century idea of a free, open, tolerant society I grew up being told existed.
Then again, I watched some sort of parliamentary enquiry more than a decade ago where somebody from gchq nonchalantly admitted they abuse UK citizen’s human right of privacy as a matter of course and everybody in the room just shrugged. It caused no ripple at all in the press. No doubt the likes of gchq face all sorts of threats we the public are not aware of, but they appear to operate with no checks and balances whatsoever, and they are playing right into the hands of extremists who want to see the end of an open society in order that their extreme views become more acceptable.
It must be said that personal privacy is a cornerstone of a civilised society. You either have that or you don’t. For many people, particularly those that pay attention to this stuff, we have already gone too far. There is a lot an individual can do to mitigate the intrusion of US tech corporations, but destroying encryption, in a world where so much can only be done online, affects everybody regardless of personal choices they have made. To try and do it in secret is even worse.
I don’t want end-to-end encryption entirely outlawed. But for the biggest platforms from massive corporations, maybe those corporations could keep their encryption keys stored with high security somewhere, so they can decrypt particular messages if a court warrant is issued.
People who are uneasy about that could go to a more privacy-focused platform like Signal. Some criminals would do that too, but at least something would be done to catch criminals on the popular platforms.
I understand where you are coming from, but the encryption is not secure if somebody else holds your password.
Then there is the other issue of Elon Musk and Donald Trump, or Nigel Farage and Tommy Robinson, or some other entity the likes of Russia, and now America promote, and bang goes journalist’s and activists’ anonymity. It would be great to have it both ways, but it isn’t possible.
Fair points. Also I guess practically big companies like Apple would never allow a situation where their encryption is compromised while encryption on smaller platforms like Signal isn’t. Apple etc would spend billions lobbying so such a situation never happens.
I saw it called “end to end encrypted icloud backup” in the news. I guess it is that, in that it is encrypted at rest on apple’s servers, then between those servers and the end-user’s device. But that is a bit different to what signal does. Signal doesn’t store anything at rest on any servers they own as far as the experts I rely on for information on this (and who signal allow to audit them) say.
It seems to be the case that as long as apple offer any products at all to the UK market, the UK government have the right to ask, in secret, for apple to provide encryption backdoors into their products for all of apple’s customers whatever the nationality. It seems likely that the UK will share this information with five eyes countries’, allowing those countries to circumvent their own legal processes.
It isn’t clear if that has happened or is going to happen but it seems likely that they will, if they can get away with it without it becoming public knowledge. Which has pissed off, for instance, US information security professionals who like iphones whose data now can’t be considered secure.
It might be the case that apple has had to withdraw this particular product from the UK for public relations purposes because somebody whitleblew. But as long as apple wants to sell products in the UK it seems the snoopers charter allows the snoopers to request backdoor access to their products globally.
The Chinese have done the same. People here call them totalitarian for doing so.
I would probably argue that China is a little different to the UK, given that China is a one-party state.
Yeah maybe the UK government shouldn’t be able to spy on Apple messages sent anywhere in the world. But maybe UK agencies like GCHQ should be able to get the messages of specific individuals who threaten the UK, with a court warrant, like how law enforcement has been able to bug the phones of criminals with a court warrant.
I dunno. Maybe I should educate myself more on encryption and how it all works.
Couple of things: I am sure that the likes of GCHQ get the messages of specific individuals who threaten the UK without any court orders right now. This cartoon sums up the limits to encryption’s effectiveness in this sort of context: https://xkcd.com/538/ And it has been red Tory v. blue Tory, one party, since 1994. I assume you disagree on this my second point - I am always happy to agree to disagree.
Regarding encryption, surveillance, and snooper’s intrusion: I was brought up being told the stasi were the bad guys. The stasi would blush at the surveillance foreign corporations and the British government now engage in as a matter of course: it is beyond their wildest dreams.
But spying on all of the public all of the time comes at a cost to society I would rather not pay. It quells dissent in the short and maybe mid term, but that extreme intrusion, ultimately drives otherwise moderate people into the hands of extremists (on every side). The terrorists win when we sacrifice liberty for temporary security (or whatever that quote was).