Monday 27 March 2017

Fun Online Polls: Post-Brexit trade deals & Encryption

The results to last week's Fun Online Poll were as follows:

Post Brexit, the UK should…

Impose trade barriers and tariffs - 1%
Remain in the Single Market/EEA - 10%
Rejoin EFTA - 6%
Try and negotiate a custom deal with the EU - 10%
Revert to trading on WTO terms - 13%
Abolish trade barriers and tariffs unilaterally - 58%
Other, please specify - 2%


Good, I was with the majority on that one. Thanks to everybody who took part.
---------------------------
There has been some mumbling along the usual lines about whether the services like Whatsapp should be forced to provide the police with 'encrypted' messages if the police obtain a warrant. See e.g. PC World (the magazine, not the shop):

"It used to be that people would steam open envelopes or just listen in on phones when they wanted to find out what people were doing, legally, through warranty,” [Amber Rudd, Home Secretary] said “But on this situation we need to make sure that our intelligence services have the ability to get into situations like encrypted WhatsApp."

Rudd told Sky News that end-to-end encryption has its place, but it is not incompatible with providing a system for law enforcement agencies to have access to information with a warrant, if absolutely necessary."


I personally don't see a problem, surely we can accept that a judge can sign off a warrant to tap your 'phone, steam open your letters or search your house if the police make a reasonable case.

Why should Whatsapp messages be any different? That's far from saying that the police should be able to routinely view all messages, emails and so on. The police have always been able to obtain warrants to search houses - that has not led to a situation where they routinely enter people's houses on a whim and have a rummage, has it?

Vote HERE or use the widget in the sidebar.

11 comments:

Bayard said...

That presupposes that the CIA haven't already backdoored the encryption.

Mark Wadsworth said...

B, unlikely. Have they ever caught anybody? Ever? The CIA just go round stirring up trouble, that's the easy bit.

Bayard said...

That's not what the backdoors are for. Spooks are only interested in people plotting to disrupt TPTB, not criminals. Anyway, just like we didn't stop the Germans bombing Coventry because we didn't want them to know we'd cracked their Enigma code, the CIA aren't going to do petty stuff like catching criminals and advertise the fact that so-called encryption isn't.

Shiney said...

@B

They'd need a lot of computing power... which they undoubtedly have.

Plus... whats the point?

Harry, my sysadmin, reckons he could write a secure messaging app for Android in about 30 minutes, using freely available tools. Don't you think the more sophisticated terrs have thought of this as well? Its like playing whack-a-mole... close off one avenue then another gets 'invented'... that's the power of the 'net is it routes around 'problems'.

Shiney said...

@B

And I'm one of those condescending Unix (well, Linux) users in your avatar (although my beard is a little smaller).

Paul Lockett said...

The comparisons aren't like for like.

The state can get a warrant to enter my home, but it can't require that we all leave our doors unlocked to aid in that process.

The state can tap my phone, but it can't require that we all talk in plain English on the phone to aid in that process.

The state can steam my letters open, but it can't demand that we only seems letters in an approved format.

Therefore, if we were to apply the same approach to WhatsApp, the state would be able to see whatever data passed through WhatsApp's servers, but they wouldn't be able to demand that we all sent our messages unencrypted to aid them.

Bayard said...

"Plus... whats the point? "

Does there have to be a point to what government agencies do? They just like to be seen to be doing something.

"Its like playing whack-a-mole..."

They probably see it as a game, too.

"but they wouldn't be able to demand that we all sent our messages unencrypted to aid them."

I think the difference is here that it is not us that is encrypting the messages, it's WhatsApp, so getting them to hand over the key to their encryption IS like steaming open the envelope. The encryption is the envelope.
The difference is a bit clearer with e-mails. The text of the email has to be digitised to be sent down the wire. The state can read the email by translating the digital information back to text. If that text is encrypted before sending, then they can't, nor can they demand the key off anyone but the sender, certainly not the ISP.

Shiney said...

@B
Isn't WhatsApp end to end.. like email? i.e. even WhatsApp can't read the messages.

Shiney said...

Chaps

And try some these for size... http://www.timworstall.com/2017/03/28/quite-so-8/

Mark Wadsworth said...

Sh, it might be a bit tricky - perhaps impossible - on a technical level, but the principle is the same.

Paul Lockett said...

Bayard: I think the difference is here that it is not us that is encrypting the messages, it's WhatsApp, so getting them to hand over the key to their encryption IS like steaming open the envelope.

No, it is us that is encrypting the message. It is end-to-end encryption. The key sits on the end user's device. WhatsApp doesn't have the key and so they can't hand it over.

If that text is encrypted before sending, then they can't, nor can they demand the key off anyone but the sender, certainly not the ISP

Which is exactly the situation with WhatsApp.