Interception Modernisation Programme

Richard Clayton ukcrypto at chiark.greenend.org.uk
Tue, 7 Oct 2008 20:51:01 +0100 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <Pine.SOC.4.64.0810071642270.509@bowling.cent.gla.ac.uk>,
Chris Edwards <chris@eng.gla.ac.uk> writes

>Discussed here in July.  Now in the mainstream media - e.g:
>
> http://www.theregister.co.uk/2008/10/07/detica_interception_modernisation/
>
> "Billions of pounds of public money will soon be up for grabs for private 
> IT contractors ready to serve the Interception Modernisation Programme - 
> UK spy chiefs' plan to store details of every call, email, text and web 
> browsing session."
>
>Although the word "interception" is used a lot, it looks to me like 
>they're really talking about traffic data - and lots of it.

Depends if you think that DPI is "interception"...

... and what you actually mean by "traffic data" :)

It's often suggested that the Bad Guys could avoid traffic analysis by
heading off for a chat room inside of World of Warcraft (or Second Life
or whatever).  Now consider a "black box" that is able to pick apart the
World of Warcraft protocol packets sufficiently to be able to determine
which chat room you were in (or your virtual world coordinates, say).

Feeding this data into the mix would permit intelligence to be extracted
such as "X met with Y and Z" -- where "met" is obtained from the black
box generated traffic data, but this traffic data is only obtained by
inspecting World of Warcraft "content"....

... anyway, you can see why this generation of black boxes needs to be
programmed remotely, so as to be retargeted at will.

Note also that the requirements spec is very different from existing
"interception boxes". Interception is about "all the traffic" but "only
a few people at once" and with the constraint "no-one must know".
Whereas these boxes are "traffic data only" but "all of the people all
of the time" and there's no need for secrecy ...

... except maybe they will be secret in so far as they probably won't be
fitted at the smallest ISPs -- but for 12billion, I expect you get to go
right down the food chain...

- -- 
richard                                              Richard Clayton

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety.         Benjamin Franklin

-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1

iQA/AwUBSOu9pZoAxkTY1oPiEQKxawCgo+Ly2yii55ig2ds0J8KzFGPk3aIAnRiN
tRNYUolL8hSKSqG2NAJowOnD
=eD2N
-----END PGP SIGNATURE-----