Traktion Posted April 2, 2012 Share Posted April 2, 2012 According to the BBC: don't[/i]ww.bbc.co.uk/news/uk-politics-17580906"]http://www.bbc.co.uk/news/uk-politics-17580906 "Instead internet service providers have had to keep details of users' internet access, email and internet phone calls for 12 months under an EU directive from 2009. Although the content of the calls themselves is not kept, the sender, recipient, time of communication and geographical location does have to be recorded. " (This is what is kept already ) "Internet firms will be required to give intelligence agency GCHQ access to communications in real time under new legislation set to be announced soon." This is what they want added The thing is, those who don't want GCHQ to know this stuff will be using technology and methods which avoid it already. There is nothing to stop 'terrorists' from setting up their own VOIP service and using encrypted tunnels to access it. The same goes for mail servers. They could also use anonymous encrypted network wrappers (such as Tor: https://www.torproject.org/ - developed by the US Navy, but now open source). This is why I doubt they will catch any professional criminals. I'm sure they will catch plenty of regular people over minor infringements, but the real criminals will be way more prepared. Link to comment Share on other sites More sharing options...
corevalue Posted April 2, 2012 Share Posted April 2, 2012 For over ten years, the hardware at the local exchange level has been engineered to be able to forward a copy of ALL data. There's plenty of fibre capacity on the backbone, so I guess they're just rounding off the storage and filtering part. Don't the yanks have their Utah centre planned to open in 2013? NSA Utah centre The fact we have a no-questions extradition policy with the moronicons fills me with a warm, tingly snuggly feeling. Not. Link to comment Share on other sites More sharing options...
Traktion Posted April 2, 2012 Share Posted April 2, 2012 For over ten years, the hardware at the local exchange level has been engineered to be able to forward a copy of ALL data. There's plenty of fibre capacity on the backbone, so I guess they're just rounding off the storage and filtering part. Don't the yanks have their Utah centre planned to open in 2013? NSA Utah centre The fact we have a no-questions extradition policy with the moronicons fills me with a warm, tingly snuggly feeling. Not. If it's encrypted well, they can copy the lot and it will still be useless to them. Link to comment Share on other sites More sharing options...
madpenguin Posted April 2, 2012 Share Posted April 2, 2012 If it's encrypted well, they can copy the lot and it will still be useless to them. Depends on the strength of the encryption, the NSA have got some fairly useful computing power and cryptographic experts, as have GCHQ, bear in mind ciphers like IBM's DES had the length of the key deliberately shortened by the NSA before it was allowed to be released in order it kept most people out but not them, with the increase in computing power since I doubt they need to do that anymore, for the simple encryption we have access to you can buy or download stuff to crack most of it already. Anything based on public key cryptography is believed to still be secure but how would we know?, the spooks are certainly not going to tell us if they have cracked it. Encrypting communication to protect your privacy or finances from competitors or criminal's is fine, when you come up against major governments it's a fairly flimsy defense at best Link to comment Share on other sites More sharing options...
zebbedee Posted April 2, 2012 Share Posted April 2, 2012 They must be barmy the amount of storage they would need would be insane. I use iplayer a lot, so far this month I have downloaded over 1tb which is about normal. In addtion to this I have probably downloaded a further 1tb in games from steam, mods, etc. Where does the government think its going to get the storage. Also the network they need to use is going to have to be gargantuan just to receive all this data. Funnily enough my connection runs virtually 24/7 at 10MB so I guess I'll leapfrog you lot and go straight to the an al questioning techniques. Link to comment Share on other sites More sharing options...
Traktion Posted April 2, 2012 Share Posted April 2, 2012 Depends on the strength of the encryption, the NSA have got some fairly useful computing power and cryptographic experts, bear in mind ciphers like IBM's DES had the length of the key deliberately shortened by the NSA before it was allowed to be released in order it kept most people out but not them, with the increase in computing power since I doubt they need to do that anymore, for the simple encryption we have access to you can buy or download stuff to crack most of it already PGP with a big key and pass phrase will take them an eternity, no matter what hardware they have. As much of the software doing the encryption is open source, there is nothing to stop developers creating custom 'ultra hardened' versions of other encryption protocols either. Ofc, the average Joe isn't going to know about this stuff (yet), so I'm sure there will be all sorts of snooping over taxes, non-compliance with arbitrary legislation and so forth. However, the real criminals are going to be far harder to catch out. This is why I think it's more about controlling the citizens than catching 'terrorists'. The arms race between encrypted and decoding is massively one sided in the favour of the former. Brute force attacks are enormously slow compared to the time taken to encrypt. I found this URL interesting for pass phrase security: http://www.lockdown.co.uk/?pg=combi. A large, distributed super computer would take about 631 billion years to brute force a 20 character single case, letters only password... throw in other characters and cases and this number will look tiny. An 8 char password in lower case, letters only takes about 3.5 minutes, but with more variation, it would take 83 days. I haven't worked out what a 15 or 20 char version of the latter would take, but it would likely take a super computer trillions of years! Food for thought. EDIT: I didn't get your edit until after there, but I doubt they have cracked such things and managed to keep them secret. Millions of minds on the Internet are more than a match for any government, IMO. I could be wrong, but I'm sure their main policy is FUD. Link to comment Share on other sites More sharing options...
corevalue Posted April 2, 2012 Share Posted April 2, 2012 PGP with a big key and pass phrase will take them an eternity, no matter what hardware they have. As much of the software doing the encryption is open source, there is nothing to stop developers creating custom 'ultra hardened' versions of other encryption protocols either. Ofc, the average Joe isn't going to know about this stuff (yet), so I'm sure there will be all sorts of snooping over taxes, non-compliance with arbitrary legislation and so forth. However, the real criminals are going to be far harder to catch out. This is why I think it's more about controlling the citizens than catching 'terrorists'. The arms race between encrypted and decoding is massively one sided in the favour of the former. Brute force attacks are enormously slow compared to the time taken to encrypt. I found this URL interesting for pass phrase security: http://www.lockdown.co.uk/?pg=combi. A large, distributed super computer would take about 631 billion years to brute force a 20 character single case, alpha numeric password... throw in other characters and cases and this number will look tiny. An 8 char password in lower case alpha takes about 3.5 minutes, but with more variation, it would take 83 days. I haven't worked out what a 15 or 20 char version of the latter would take, but it would likely take a super computer trillions of years! Food for thought. EDIT: I didn't get your edit until after there, but I doubt they have cracked such things and managed to keep them secret. Millions of minds on the Internet are more than a match for any government, IMO. I could be wrong, but I'm sure their main policy is FUD. They'll just ask you for the key. You have to be more subtle. Stenography. I don't like the idea of the government snooping around in my personal space on fishing trips. We all know the dire consequences of saying the word "bomb" in an airplane, for example, but these data mining expeditions mean that even quite innocent remarks like "badger" in a email (yes, it's in their dictionary of suspect words) brings you in their envelope of "suspects". You might suddenly find that you can't take that overseas trip you were planning. My solution would be to offer all my emails unencrypted. I'll handwrite them, photograph them, and overlay the text on my favourite holiday snaps and send them as jpg. That almost definitely guarantees that a human will have to be involved in the interception, which means that they would have to concentrate on actual suspects. They're only doing this because it's cheap, so make it expensive. Link to comment Share on other sites More sharing options...
Take Me Back To London! Posted April 2, 2012 Share Posted April 2, 2012 Just a simple question but no doubt so simple to answer; is it illegal to send encrypted information? So there would be a market for encryption software that you would need to use a password to enable you to read emails etc. I think certain Governments have been conflicted with RIM in the past because their messaging system has been secure enough to withstand the hackers. You could have some sort of updated solid state Enigma machine with electonic memory and once sychronised with another unique encoder/decoder machine, every single letter would have its own unique code which would never repeat and would be impossible for a third party to decipher. Link to comment Share on other sites More sharing options...
Game_Over Posted April 2, 2012 Share Posted April 2, 2012 PGP with a big key and pass phrase will take them an eternity, no matter what hardware they have. As much of the software doing the encryption is open source, there is nothing to stop developers creating custom 'ultra hardened' versions of other encryption protocols either. Ofc, the average Joe isn't going to know about this stuff (yet), so I'm sure there will be all sorts of snooping over taxes, non-compliance with arbitrary legislation and so forth. However, the real criminals are going to be far harder to catch out. This is why I think it's more about controlling the citizens than catching 'terrorists'. The arms race between encrypted and decoding is massively one sided in the favour of the former. Brute force attacks are enormously slow compared to the time taken to encrypt. I found this URL interesting for pass phrase security: http://www.lockdown.co.uk/?pg=combi. A large, distributed super computer would take about 631 billion years to brute force a 20 character single case, letters only password... throw in other characters and cases and this number will look tiny. An 8 char password in lower case, letters only takes about 3.5 minutes, but with more variation, it would take 83 days. I haven't worked out what a 15 or 20 char version of the latter would take, but it would likely take a super computer trillions of years! Food for thought. EDIT: I didn't get your edit until after there, but I doubt they have cracked such things and managed to keep them secret. Millions of minds on the Internet are more than a match for any government, IMO. I could be wrong, but I'm sure their main policy is FUD. That's what the Germans thought about the enigma code Link to comment Share on other sites More sharing options...
Asheron Posted April 2, 2012 Share Posted April 2, 2012 They have been doing this for over 10 years already. Link to comment Share on other sites More sharing options...
Traktion Posted April 2, 2012 Share Posted April 2, 2012 That's what the Germans thought about the enigma code Who would have thought it? Our resident uber statist spreading rumours that the all powerful state has it all cracked already! I'm sure it is possible, but I find it incredibly unlikely, considering the global exposure which such open source routines have been exposed to. Link to comment Share on other sites More sharing options...
madpenguin Posted April 2, 2012 Share Posted April 2, 2012 Who would have thought it? Our resident uber statist spreading rumours that the all powerful state has it all cracked already! I'm sure it is possible, but I find it incredibly unlikely, considering the global exposure which such open source routines have been exposed to. Open source works both ways, GCHQ and certainly the NSA have a lot of very clever people working for them and there's nothing to say they may have found a weakness they aren't letting on about, and it only protects a message in transit, once you decrypt it's either plain text, or they give the old "give us the pass phrase or go to Jail" ploy, in the case of ssh it only uses public key to connect after which it usually switches to a weaker but faster cipher like 3DES To think anything uncrackable usually leads to disappointment, and quantum computers are coming: http://www.newscientist.com/article/mg19526216.700 http://www.newscientist.com/blog/technology/2007/09/how-quantum-computer-factorises-numbers.html GCHQ has already announced official deals with Universities to "protect the UK" from digital attacks, I'm sure the NSA has been doing this with the likes of MIT for decades, who knows what little boxes they have sitting in their datacentres? (bearing in mind the New Scientist blog was published 2007) Link to comment Share on other sites More sharing options...
Traktion Posted April 2, 2012 Share Posted April 2, 2012 Open source works both ways, GCHQ and certainly the NSA have a lot of very clever people working for them and there's nothing to say they may have found a weakness they aren't letting on about, and it only protects a message in transit, once you decrypt it's either plain text, or they give the old "give us the pass phrase or go to Jail" ploy, in the case of ssh it only uses public key to connect after which it usually switches to a weaker but faster cipher like 3DES To think anything uncrackable usually leads to disappointment, and quantum computers are coming: http://www.newscientist.com/article/mg19526216.700 http://www.newscientist.com/blog/technology/2007/09/how-quantum-computer-factorises-numbers.html GCHQ has already announced official deals with Universities to "protect the UK" from digital attacks, I'm sure the NSA has been doing this with the likes of MIT for decades, who knows what little boxes they have sitting in their datacentres? (bearing in mind the New Scientist blog was published 2007) There are encryption routines which aren't easily broken by quantum computers too. I'm sure anything is possible, but forgive me if I'm sceptical. Link to comment Share on other sites More sharing options...
Take Me Back To London! Posted April 2, 2012 Share Posted April 2, 2012 To think anything uncrackable usually leads to disappointment, and quantum computers are coming: If you have a code that never repeats, between 2 code machines that are programmed with the code sequence and sychronised together, then no amount of computer power or back room boffins will be able to crack it. Link to comment Share on other sites More sharing options...
Georgia O'Keeffe Posted April 2, 2012 Share Posted April 2, 2012 If you have a code that never repeats, between 2 code machines that are linked and sychronised together, then no amount of computer power or back room boffins will be able to crack it. +1 it was pretty much proved in the scrolls "Deception Point" and its NASAs fault, in conjunction with Prof Snape Link to comment Share on other sites More sharing options...
Game_Over Posted April 2, 2012 Share Posted April 2, 2012 Who would have thought it? Our resident uber statist spreading rumours that the all powerful state has it all cracked already! I'm sure it is possible, but I find it incredibly unlikely, considering the global exposure which such open source routines have been exposed to. The internet is not going to destroy the state And wishing things were otherwise isn't going to change the inevitable trajectory of 5000 years of history Link to comment Share on other sites More sharing options...
cica Posted April 2, 2012 Share Posted April 2, 2012 If you have a code that never repeats, between 2 code machines that are programmed with the code sequence and sychronised together, then no amount of computer power or back room boffins will be able to crack it. ...and one time pads have a fantastic ability for plausible deniability. Link to comment Share on other sites More sharing options...
DaleRHP Posted April 2, 2012 Share Posted April 2, 2012 Free speech was a great idea. Until we all actually got it. Link to comment Share on other sites More sharing options...
interestrateripoff Posted April 2, 2012 Share Posted April 2, 2012 You could have some sort of updated solid state Enigma machine with electonic memory and once sychronised with another unique encoder/decoder machine, every single letter would have its own unique code which would never repeat and would be impossible for a third party to decipher. Watched a docu on them cracking the enigma, one code was broken because they sent the same message twice using the same settings. This allowed them a way in. Link to comment Share on other sites More sharing options...
Take Me Back To London! Posted April 2, 2012 Share Posted April 2, 2012 Watched a docu on them cracking the enigma, one code was broken because they sent the same message twice using the same settings. This allowed them a way in. If I recall correctly, the settings were changed daily. One weakness was that every message ended with "heil adolf hitler", so that helped greatly in breaking down the daily code transmissions. However, with an upgraded Enigma Premium Pro machine that would not be a problem. Link to comment Share on other sites More sharing options...
Nuggets Mahoney Posted April 2, 2012 Share Posted April 2, 2012 There are encryption routines which aren't easily broken by quantum computers too. I'm sure anything is possible, but forgive me if I'm sceptical. Interesting as the nuts and bolts of code making and code breaking may be, this is all neither here nor there imho. I'd suggest that state agencies have been crawling all over ordinary people's correspondence and copying what they like since the year dot. So, the key question for me about this latest news is why is the state bothering to announce it? My suggested answer is that it is to remind us serfs who's boss and to challenge us to do something about it. We won't. So it'll be chocks away for whatever the next encroachment on the to do list may be. Link to comment Share on other sites More sharing options...
Ulfar Posted April 2, 2012 Share Posted April 2, 2012 One way to bring down the system would be to randomly, continually downloading and sending masses of emails. Those who want to hide for criminal or terrorist reasons are already doing it, they have no need to worry about any of these measures. The state are using this as a threat against the people, don't step out of line as we are watching you. Terrorists who need to communicate with each other don't need to do it on the web and they aren't stupid either. One option would be for one member of a cell to install a wireless router, pass the password and encryption key to other cell members either physically or via the post. An encryption key can be something quite innocent looking, such as a set of mp3 files. They can then park or drive through that routers range and pick up any messages without ever being on the net. Another is to use wireless routers to set up your own private network within an area. Two ideas that took two minutes to think up. On this point demonstrators will also get much more switched on if this legislation is used against them. Link to comment Share on other sites More sharing options...
zebbedee Posted April 2, 2012 Share Posted April 2, 2012 If you have a code that never repeats, between 2 code machines that are programmed with the code sequence and sychronised together, then no amount of computer power or back room boffins will be able to crack it. One time pad, unbreakable without the pad, and if they have that your **** is in a sling. Link to comment Share on other sites More sharing options...
The XYY Man Posted April 2, 2012 Share Posted April 2, 2012 "Allo, allo, this is Nighthawk, are you receiving me....?. "Allo, allo. Captain Hook is waiting for Peter Pan in Never-neverland". YXX Link to comment Share on other sites More sharing options...
Traktion Posted April 2, 2012 Share Posted April 2, 2012 Interesting as the nuts and bolts of code making and code breaking may be, this is all neither here nor there imho. I'd suggest that state agencies have been crawling all over ordinary people's correspondence and copying what they like since the year dot. So, the key question for me about this latest news is why is the state bothering to announce it? My suggested answer is that it is to remind us serfs who's boss and to challenge us to do something about it. We won't. So it'll be chocks away for whatever the next encroachment on the to do list may be. That's a good question. Perhaps they're concerned that the tax cattle is getting restless, so they think it is time to show the cattle prod? It certainly doesn't feel like it's for our benefit, either way. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.