Hey there! Sign in to join this conversationNew here? Join for free

Pedophiles are voting Tory. Lets ban the Tory party. Watch

    Offline

    15
    ReputationRep:
    More Mathemagicien savagery

    • Political Ambassador
    Offline

    14
    ReputationRep:
    Ugh! Troll!
    • Thread Starter
    Offline

    20
    (Original post by ChaoticButterfly)
    Why is the resident Tankie the one defending privacy rights? :rofl:
    Because an entrenched, authoritarian, Anglo-capitalist neoliberalist state is the biggest threat to leftism. At least in an anarchist state, state socialism would eventually rise again.
    Offline

    19
    ReputationRep:
    (Original post by AlexanderHam)
    Why does an ordinary citizen in a Western democracy need hard encryption for their personal communications? Other than very specific things like banking data and health information, why do ordinary citizens need to be able to encrypt their text messages to their friends and family?

    I personally do not subscribe to the idea that there should be communications that the government cannot surveill and wiretap if they need to and have a judicial warrant.
    When I knowingly vouchsafe my 'digital footprint' to a state entity, I place my most sensitive communications and private activities beneath the auspices of any and all governments thereafter in perpetuity, including those that may seek to institute retroactive forms of persecution predicated upon 'thought crime'.

    Now, while I don't personally subscribe to quite so paranoid a worldview, one could yet argue that this balance is more delicate—and precarious—than you might think: Donald Trump's domestic surveillance policy isn't Barack Obama's domestic surveillance policy, but those NSA databanks sure as hell don't purge themselves every four years, and if Theresa May weren't so laughably ineffectual I'd trust her about as much as I do the former.
    Offline

    16
    ReputationRep:
    (Original post by Mathemagicien)
    Banks, shops, all sorts of websites rely on peer to peer encryption. You want us all to send passwords as cleartext over the internet?
    You didn't read my post. Do me the courtesy of actually reading it, then come back to me.

    Why aren't you using your real name to post here, citizen? Why do you use passwords?
    Apples and oranges. I post here using a pseudonym. That's a different proposition from saying that MI5 shouldn't be able to intercept my communications between this computer and the website should they obtain a judicial intercept warrant.
    • Thread Starter
    Offline

    20
    (Original post by AlexanderHam)
    Apples and oranges. I post here using a pseudonym. That's a different proposition from saying that MI5 shouldn't be able to intercept my communications between this computer and the website should they obtain a judicial intercept warrant.
    I'm not saying MI5 shouldn't do that. In fact, they already can and do. Do me the courtesy of actually reading it, then come back to me.

    I'm saying there shouldn't be backdoors, and there shouldn't be blanket bans on us lowly citizens from encrypting our communications.
    Offline

    16
    ReputationRep:
    (Original post by Mathemagicien)
    I'm not saying MI5 shouldn't do that.
    Except that widespread hard encryption in consumer apps like Whatsapp denies MI5 effective means of intercept.

    Do me the courtesy of actually reading it, then come back to me.
    Except I haven't misconstrued anything you've said. We're disagreeing, that's a different thing.

    I'm saying there shouldn't be backdoors
    Ugh. How many times have I said I'm not advocating for back doors? (in the sense of deliberately weakened crypto) Why do I have to do all the work in this conversation?

    If you'd bothered to read the post to which you were replying, you'd realise I said that organisations like banks and hospitals and other similar vendors should have access to hard encryption so that people can transmit their data securely over the internet. If the security services need a wiretap, they can do it at the bank end; the bank simply provides the data to the government (that is not a backdoor; that's just the bank providing data upon request).

    So citizens would have access to apps and software from companies with whom they do business that would allow them to transmit data securely over the internet. Said businesses would have to provide any such data upon request with a judicial warrant.

    Businesses would also have access to hard encryption to secure their own data, networks and intellectual property.

    The difference between your position and mine is that citizens would not have access to messaging apps that had hard encryption. So when they're doing bank transactions online, their data would be perfectly secure. No backdoors, no change from now. The only thing they wouldn't be able to do is have apps like Whatsapp and Telegram that use crypto protocols like Needham-Schroeder to make normal communications between citizens highly secure and resistant to decryption even with significant computing power given over to brute decryption.

    I'll give you two scenarios. In the first scenario, which is how things are currently, citizens have apps like Whatsapp that have hard crypto built in to it and all messages are automatically encrypted and even the app provider isn't able to see them and has no backdoor. Let's say MI5 issues a warrant to wiretap Mr A so they can see his communications with Mr B, which are occurring over Whatsapp. They can't get Whatsapp to turn over the data to them as the company can't access that data. They can't wiretap the connection between them as all they will have is the encrypted text, which would take massive computing power to brute force it.

    If they want to wiretap Mr A's whatsapp conversation, they have to mount a significant operation to somehow get malware installed onto the phone. That's a huge undertaking; it would take a number of agents a significant period of time to work out how and where they can inject malware onto the phone. Or else they have to install bugs in his house and car to physically listen to what he is saying and, to the extent possible, watch him.

    That's different to if MI5 wants to get hold of Mr A's banking transactions; although the transactions and data are encrypted when they travel over the internet, the bank itself has the data and can provide it to MI5 upon request if needed.

    Requiring MI5 to mount a significant operation to install malware onto a target's phone every time they want to tap their comms is a huge impost on their resources. Given there are around 5,000 jihadis on MI5's watch list and they only have 4,000 employees (of whom perhaps only 40% might be assigned to counterterrorism), the only way they can keep an eye on large numbers of jihadis is with electronic surveillance; that is the advantage the Security Services have had. The availability of hard crypto for normal messaging conversations nullifies that advantage.

    So here's the second scenario. MI5 obtains a wiretap warrant for Mr A's communications. Hard crypto for normal civilian communications (other than that provided by banks, healthcare, and organisations who have access to the data at the other end and can provide the information to law enforcement on request) has been outlawed in this scenario. Instead of having to mount a large operation with maybe up to a dozen agents working out how and when they can inject malware onto his phone or bug his house and car, they can simply log into a system like Xkeyscore and open up Mr A's whatsapp communications.

    MI5 doesn't care that some hippy in Brighton likes Corbyn or voted Green, or that some dude in Manchester likes big butt porn. They do care about Mr A's communications with his ISIS controller, and the prohibition on hard crypto in consumer messaging apps means that they could use electronic surveillance to even up the score just a little bit, given the huge number of jihadis and the very limited resources MI5 has in terms of keeping an eye on all of them.

    Now I'm not saying you have to agree with this proposition, but at least characterise it properly rather than claiming I'm advocating for weakened crypto for everyone including business transactions, banking, health etc. My position is hard crypto for banking, health etc, (situations where MI5 can always just request the data from the organisation/company) but not for consumer-level messaging apps. A person not having access to encrypted personal messaging apps doesn't make their computing insecure, and if they really want to, they can encrypt it using shared keys or some similar thing. But for general, consumer-level messaging apps (the sort jihadist sympathisers might be likely to use), hard crypto built-in would not be available. I don't see how this is really any serious imposition on civil liberties, but it does provide MI5 with the necessary electronic surveillance advantage over the jihadis to keep (as far as is possible and realistic) as many of those 5,000 under surveillance as they possibly can.
 
 
 
  • See more of what you like on The Student Room

    You can personalise what you see on TSR. Tell us a little about yourself to get started.

  • Poll
    Did TEF Bronze Award affect your UCAS choices?
    Useful resources
  • See more of what you like on The Student Room

    You can personalise what you see on TSR. Tell us a little about yourself to get started.

  • The Student Room, Get Revising and Marked by Teachers are trading names of The Student Room Group Ltd.

    Register Number: 04666380 (England and Wales), VAT No. 806 8067 22 Registered Office: International House, Queens Road, Brighton, BN1 3XE

    Quick reply
    Reputation gems: You get these gems as you gain rep from other members for making good contributions and giving helpful advice.