The announced UK Investigatory Powers Bill is said to “force some of the world’s biggest internet companies including Google, Apple and Facebook to hand over encrypted messages from terror suspects”. (The Telegraph »)
To be fair, it should be pointed out that this specific part of the bill is said to be limited to “suspects under investigation”. So it’s not about blanket mass surveillance. But I’m sure that is being covered in other parts of the same bill, said to…
…”address ongoing capability gaps” that are hindering the ability of the security services to fight terrorism and other serious crime. (…)
A Home Office spokesman said the bill was a “landmark piece of legislation to cover the whole investigatory powers landscape in modern communications”.
I guess it’s going to be pretty bad. But back to the encryption issue. Ars Technica points out that…
In the face of these demands, some companies might decide to re-design their systems such that it would be impossible for them to break the encryption even if required to do so by law. This facility is already available from companies offering peer-to-peer encryption. If the UK government goes ahead with this plan, we are likely to see this approach being adopted by more communications providers and messaging apps, which would undermine the effectiveness of the proposed law.
So, the effect of far reaching legislation might actually be that it will be harder for authorities to obtain the information they want. Even in legitimate cases.
In the UK, you can be put in prison if you don’t surrender your encryption key to the authorities. But that isn’t much use when it comes to covert surveillance, is it?
With P2P encryption you can legislate as much as you want. It will not work.
This leaving the UK government with one option: To demand all P2P encryption to – somehow – be corrupted by back doors.
That would be a terrible idea. And if at all possible, it would only work with big, commonly used communication apps and systems. I cannot see how anything other than traditional and time consuming code breaking could be used against open source encryption software in P2P communications.
The only option left for the UK government might be to make such encryption illegal. And trust me, this is an option that will be taken under consideration…
The war on encryption is now entering the madcap phase.
/ HAX
• The Telegraph: Google and Whatsapp will be forced to hand messages to MI5 »
• Ars Technica: New UK law would give government access to encrypted Internet messaging apps »
• Ars Technica: The new war on encryption is based on a lie »
That’s the problem with an elite educated in traditional “public schools” – they don’t understand technology since they haven’t studied science at all. The only skill they have is “leadership”, i.e. telling people to get something done. This worked fine while building and maintaining the Empire. Not so much today.
Correct as always: don’t trust big companies. Use only open source software.
Here’s what will happen: a fake unbreakable P2P encryption (with secret back doors, because it will be presented as an underground “hacker initiative”) will come about and be widely used to circumvent the silly law. After this technology is ubiquitous, like for instance torrents have become, the law will be changed to outlaw that type of encryption, but the law will not be enforced.
A few years later, they will start enforcing the law, and everybody they want to crush for political reasons is now already a criminal.
Anybody capable of harboring independent thought will be afraid to speak publicly.
Everybody will be at the immediate mercy of the whims of the ruling elite, just like it has been throughout most of history. And those whims will mostly consist of harassment, intimidation and humiliation, and sometimes torture and public execution, as a warning to the other plebs.