BBCR4 on Crypto-wars today at 13:30

Peter Fairbrother zenadsl6186 at zen.co.uk
Mon Mar 17 15:52:10 GMT 2014 

Hi Caspar,

There are many omissions and over-simplifications, but at 4.41 
@gordoncorera says:

"The Levinson case goes to the heart of a fundamental clash between two 
opposing sides - there are those who want our electronic communications 
to be entirely private, so that absolutely no-one apart from the 
recipient can know what's benig said. Set against them are those who 
think the State should be able to get access, for instance when it says 
it's investigating crime or protecting national security.


I think that's it in a nutshell - and on that basis, with the demands 
for keys in RIPA we lost the crypto wars in the UK.


Oh, and what about if the State says it is bugging Angela Merkel's phone 
"for the purpose of safeguarding the economic well-being of the United 
Kingdom"?




At a later point he is talking to a NSA wonk who says  "pedophiles are 
particularly savvy for reasons I don't understand".

Two comments on that - first, from the little I have seen they aren't 
actually all that savvy, they just use some crypto where most people 
don't use any.

But second, they are highly targeted and there is then a darwinian 
process - if they don't use encryption effectively then they won't 
remain at large. In the US it's fairly easy to use crypto effectively, 
just encrypt everything, as in general Court-enforced revealing of keys 
is regarded as testifying against oneself and against the Fifth Amendment.

It's a little harder to use crypto effectively in the UK because of the 
key demands in RIPA Part 2 - but only a little, you don't have to be any 
kind of nerd, eg truecrypt seems to do that job OK if used properly.


(I disagree with the extent of pedophile targeting, which I think is 
politically- rather than harm- driven -- if some pedo wants to rot his 
brain masturbating to pseudo-child imagery I can't see that that's any 
of the state's business unless he actually does something to real children.

Any supposed link between watching kiddy porn and actual child abuse is 
by no means proven - the little evidence we have actually strongly 
suggests otherwise. I digress, but pedophilia is often misused as an 
excuse to increase surveillance powers because of it's political impact.)





Of course the crypto wars are only a part of a larger privacy issue, eg 
can NSA/GCHQ use electronic communications to track people's movements? 
Can they track who you are talking to? Can they track everybody's 
movemnents and contacts? Technically yes to all the above, even when 
there is no suspicion about you, but should they be able to?



Another "horseman" is terrorism, but again it's more about politics than 
actual harm reduction. From Bruce Scheneier's CRYPTO-GRAM, January 15, 2014

" We have no evidence that any of this surveillance makes us safer. NSA 
Director General Keith Alexander responded to these stories in June by 
claiming that he disrupted 54 terrorist plots. In October, he revised 
that number downward to 13, and then to "one or two." At this point, the 
only "plot" prevented was that of a San Diego man sending $8,500 to 
support a Somali militant group.

We have been repeatedly told that these surveillance programs would have 
been able to stop 9/11, yet the NSA didn't detect the Boston bombings -- 
even though one of the two terrorists was on the watch list and the 
other had a sloppy social media trail. Bulk collection of data and 
metadata is an ineffective counterterrorism tool. "


That's something I think Baroness Manningham-Buller would agree with; 
but perhaps Charles Farr, who is far more power-hungry (and who would 
love to bug Angela Merkel's phone), might publicly disagree.




I don't tweet, but I'll cc this to @gordoncorera.


BTW, why do you think the Darkmail effort is doomed? I kinda agree, but 
I'd like to know what you think.


-- Peter Fairbrother




On 16/03/14 08:55, Caspar Bowden (lists) wrote:
> http://www.bbc.com/news/magazine-26581130 by @gordoncorera
>
> Especially like the line "and activists began building systems for
> /people/ to use..."
>
> BBC Online write-up doesn't mention
> - Cocks & Williamson
> - Clipper
> - Labour Information Superhighway pledge not to do key escrow
> - "Licensing of Trusted Third Parties" consultation and Labour's
> conversion to key-escrow
> - Reversing burden of proof on key possession in RIPA
>
> @gordoncorera evidently thought he should report on Ladar Levinson's
> doomed attempt to create server-side-secure encrypted email, rather than
> the UK's own virulent role in crypto-wars, and in 2013 twice re-assured
> the public that UK has a "no-spy" deal with US, and refused to correct
> this even after disproved by Snowden docs and disavowed by Obama
>
> Will any ukcrypto people Tweet him some of his omissions, and ask why
> BBC is airbrushing the UK's own crypto-wars out of history?
>
> [During Crypto-wars UK, Newsnight preferred to waste 8 minutes on a
> rugged helicopter ride to see Sealand crypto-rebels rather than explain
> the policy options]
>
> Caspar
>
>
>
>

More information about the ukcrypto mailing list