-Dear Friend,
+Dear Daniel Zeichner,
May I congratulate you on your recent election to the House of
-Commons; and commiserate with you that your first session will take
-place upon t he benches of the Opposition. I hope that you will
-quickly find your feet and come to a good working relationship with
-both the other Opposition members and those of the Government.
+Commons; and express my regret that your first session will be in
+opposition. I hope that you will quickly find your feet and come to a
+good working relationship with both the other Opposition members and
+those of the Government.
- Looking forward I fear that there is going to be a lot of rightous
-business for you as a member of the Opposition. Many of these issues
+ Looking forward I fear that you will be kept very busy holding the
+Government to account. Many of the issues requiring attention
are things that I have observed you campaigning about in the run-up to
-the election and hence I expect you need no further encouragment in
+the election and hence I expect you need no further encouragement in
those areas. There are however two matters of Conservative policy
-that I would like to encourage you to support, and in which as a
+that I would like to encourage you to oppose, and in which as a
former IT professional you may find yourself one of the more informed
members of the opposition.
Firstly there is the matter of the Communications Data Bill,
popularly known as the "Snooper's Charter". No sooner had the
Conservatives been shown to have got a definite majority than Theresa
-May was informing the BBC that she intended to pursude this bill in
+May was informing the BBC that she intended to pursue this bill in
the coming session. This bill is purported to restore to the
intelligence services capabilities that have been eroded by the
emergence of the internet as a common communications mechanism. This
2. Much of this data is not currently captured and many of the
companies involved have no experience in controlling and safeguarding
sensitive data of this nature; many of these companies will likely be
- the targets of opportunistic and targetted hacking attacks. This will
+ the targets of opportunistic and targeted hacking attacks. This will
significantly increase the risks to the public at the hands of the
criminals involved; both as a result of being able to pinpoint their
locations and movement patterns, and also because the data involved
3. The interception power involved here is significantly stronger than
traditional Police/Security powers to access, for instance, phone
- records. he data generated through our use of services like
+ records. The data generated through our use of services like
Facebook, Google and Twitter tells people far more about us, it
reveals our our tastes, preferences and social connections.
4. In theory the bill does not cover the content of communications;
- however it is not in practice easy to seperate content and
+ however it is not in practice easy to separate content and
"envelope". For instance if I were to visit
https://naked-redheads.xxx/ or https://www.support-fox-hunting.org.uk/
then it would be fairly clear what the content I was accessing was.
- For that matter the leftmost part of a URL, after a ?, is sometimes
- used as part of the "envelope" and sometimes conveys content data
- (e.g. if I search for "who is daniel zeichner" then my computer will
- make a request for https://www.google.co.uk/?q=who+is+daniel+zeichner .
+ For that matter the rightmost part of a URL, after a ?, is sometimes
+ used as part of the "envelope" and sometimes conveys content data.
+ (e.g. if I search for "who is Daniel Zeichner" then my computer will
+ make a request for https://www.google.co.uk/?q=who+is+daniel+zeichner )
5. The procedures for accessing the data as outlined in the bill are
very open; basically leaving it to the recognisance of the requester
taken at that time found that about half of those polled thought this
would be bad value for money, and only 12% thought it would be good
value. In the light of point 6 above one has to wonder if a £1.8
- billion investment might be better spent in personel for the Police
+ billion investment might be better spent in personnel for the Police
and Security Services.
9. This approach won't work at all where so-called "darknets" like
Secondly we have the worrying policy proposed by David Cameron in
-January; following the Charle Hebdo murders he asked "In our country,
+January; following the Charlie Hebdo murders he asked "In our country,
do we want to allow a means of communication between people which we
cannot read?" and proposed that it should become illegal to use
encryption that the Security Services can't break. It seems to me
that there are two major objections to this policy:
1. There's no such thing as a cryptographic backdoor that only one
- person knows. There are billions of pounds spent yearly trying to
- find holes and insecurities in cryptographic systems and when such a
- thing is found it is rarely made publically known, but instead
+ person knows. There are hundreds of millions of pounds spent yearly
+ trying to find holes and insecurities in cryptographic systems and
+ when such a thing is found it is rarely made publicly known, but instead
exploited by the actor who found it. In addition if it is plausibly
expected that a system does have a backdoor then traditional criminal
or espionage mechanisms can be used to reveal it; such as blackmail
- or bribary.
+ or bribery.
-2. David Cameron does not appear to have appreciated the quanity of
+2. David Cameron does not appear to have appreciated the quantity of
pervasive strong encryption in use by ordinary Britons daily. This
morning so far I have used strong encryption in the course of:
Open Rights Group have a lot of relevant information on their website
<https://www.openrightsgroup.org/>.
- Yours in truth,
+ Yours,
Jonathan Amery
~nmamery / letters-to-mps / blobdiff