In many cases already have a "back-door" which allows staff to read people's communications.
Which is nothing to do with backdooring encryption.
In many cases already have a "back-door" which allows staff to read people's communications.
A judge requiring data stored by a company is not the same thing as a back door into an encryption scheme.
Either this bill is targeted at intercepting email and Facebook messenger like you said, and will therefore be useless at catching the terrorists and the paedophiles, or it wants to be able to intercept all encrypted traffic and then decrypt it, in which case I don't think anyone claiming a huge impact to UK businesses is overreacting.
I don't have a problem with it as long as there is a proper authority e.g. a judge, to authorise the use of the backdoor. It shouldn't be any different to a phone tap (used to catch fly-tippers) or a hidden camera in someone's home (used to catch Stephen Lawrence's killers).
Also - how can you possibly claim that you're not overreacting when you think the bill is about intercepting all encrypted traffic and decrypting it?![]()
Email, whatsapp, facebook etc aren't affected because they don't have that sort of encryption.
The link in the OP states what this bill is about - messaging systems like Apple's iMessage where not even Apple staff have access to your messages. Personally I'd like to think that if a group of terrorists in the UK are plotting a mass-murder then they shouldn't be completely safe to use a messaging system that's so easy my Gran can use it. Email, whatsapp, facebook etc aren't affected because they don't have that sort of encryption.
Also - how can you possibly claim that you're not overreacting when you think the bill is about intercepting all encrypted traffic and decrypting it?![]()
If you put a backdoor in for one, you put a backdoor in for all. For example, there are indications that the NSA altered the structure of the DES algorithm, presumably to make it easier for them to access. That permanently undermined trust in that algorithm to the point where AES was created as an open standard to replace it - not necessarily because the NSA specifically had (or might have) access, but that the algorithm had that built-in weakness that somebody could exploit.
Once that backdoor exists, there's nothing to stop criminals, or the Chinese, from exploiting it. It's not possible to put a 'UK government only' backdoor in there - anyone who understands the mathematics sufficiently can use the same exploit. If nothing else, this leaves the government open to massive legal costs when their gimped cipher inevitably gets hacked by the Chinese.
Actually they do use the same sort of encryption, the only difference is where the endpoints lie. For iMessage the endpoints are the sender and receiver, for Facebook messaging the endpoints are the user clients and Facebook's servers - hence why a Facebook employee with access to those servers can read the decrypted messages. They both use industry standard algorithms for the encryption.
Snowden endorsed.....
No it wouldn't lol - see what I mean about hysterical over-reactions?
But everyone's communications aren't being decrypted.
Interesting that Facebook messaging isn't affected by this discussion because Facebook staff can read the messages you send. Interesting that the sky hasn't fallen in because of this.
Because fundamentally communications would still be secure enough to do business. Companies aren't worried about the British security services monitoring their comms, they're worried about hackers gaining their customer's data, staff data or their IP etc, or the effects of a terror attack on their business. Having a strong, stable state where the rule of law is in place creates a good environment for business.
If you put a backdoor in for one, you put a backdoor in for all. For example, there are indications that the NSA altered the structure of the DES algorithm, presumably to make it easier for them to access. That permanently undermined trust in that algorithm to the point where AES was created as an open standard to replace it - not necessarily because the NSA specifically had (or might have) access, but that the algorithm had that built-in weakness that somebody could exploit.
Once that backdoor exists, there's nothing to stop criminals, or the Chinese, from exploiting it. It's not possible to put a 'UK government only' backdoor in there - anyone who understands the mathematics sufficiently can use the same exploit. If nothing else, this leaves the government open to massive legal costs when their gimped cipher inevitably gets hacked by the Chinese.
Sadly I can see the Tories try and progressively push down this road as far as people will let them.
Why does it even need to be hacked?
This isn't a partisan issue - Labour would do exactly the same. The source of demand for this is the three letter agencies and the civil service/bureaucrats who run this country long term.
If you put a backdoor in for one, you put a backdoor in for all. For example, there are indications that the NSA altered the structure of the DES algorithm, presumably to make it easier for them to access. That permanently undermined trust in that algorithm to the point where AES was created as an open standard to replace it - not necessarily because the NSA specifically had (or might have) access, but that the algorithm had that built-in weakness that somebody could exploit.
Once that backdoor exists, there's nothing to stop criminals, or the Chinese, from exploiting it. It's not possible to put a 'UK government only' backdoor in there - anyone who understands the mathematics sufficiently can use the same exploit. If nothing else, this leaves the government open to massive legal costs when their gimped cipher inevitably gets hacked by the Chinese.
Actually they do use the same sort of encryption, the only difference is where the endpoints lie. For iMessage the endpoints are the sender and receiver, for Facebook messaging the endpoints are the user clients and Facebook's servers - hence why a Facebook employee with access to those servers can read the decrypted messages. They both use industry standard algorithms for the encryption.
They're also used to losing it. It's why wikileaks is what it is...
Another point is hackers getting access to the data. The recent Talk Talk attack just shows how easy it could be to get what is very sensitive data.