Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

UK Government Wants Private Encryption Keys

Zonk posted more than 8 years ago | from the my-keys-not-yours dept.


An anonymous reader writes "Businesses and individuals in Britain may soon have to give their encryption keys to the police or face imprisonment. The UK government has said it will bring in the new powers to address a rise in the use of encryption by criminals and terrorists." From the article: "Some security experts are concerned that the plan could criminalise innocent people and drive businesses out of the UK. But the Home Office, which has just launched a consultation process, says the powers contained in Part 3 are needed to combat an increased use of encryption by criminals, paedophiles, and terrorists. 'The use of encryption is... proliferating,' Liam Byrne, Home Office minister of state told Parliament last week. 'Encryption products are more widely available and are integrated as security features in standard operating systems, so the Government has concluded that it is now right to implement the provisions of Part 3 of RIPA... which is not presently in force.'"

Sorry! There are no comments related to the filter you selected.

About GNAA (-1, Troll)

YHBTAndJewsDidWtc (975687) | more than 8 years ago | (#15358139)

About GNAA:
GNAA (GAY NIGGER ASSOCIATION OF AMERICA) is the first organization which gathers GAY NIGGERS from all over America and abroad for one common goal - being GAY NIGGERS.

Are you GAY [klerck.org] ?
Are you a NIGGER [mugshots.org] ?
Are you a GAY NIGGER [gay-sex-access.com] ?

If you answered "Yes" to all of the above questions, then GNAA (GAY NIGGER ASSOCIATION OF AMERICA) might be exactly what you've been looking for!
Join GNAA (GAY NIGGER ASSOCIATION OF AMERICA) today, and enjoy all the benefits of being a full-time GNAA member.
GNAA (GAY NIGGER ASSOCIATION OF AMERICA) is the fastest-growing GAY NIGGER community with THOUSANDS of members all over United States of America and the World! You, too, can be a part of GNAA if you join today!

Why not? It's quick and easy - only 3 simple steps!
  • First, you have to obtain a copy of GAYNIGGERS FROM OUTER SPACE THE MOVIE [imdb.com] and watch it. You can download the movie [idge.net] (~130mb) using BitTorrent.
  • Second, you need to succeed in posting a GNAA First Post [wikipedia.org] on slashdot.org [slashdot.org] , a popular "news for trolls" website.
  • Third, you need to join the official GNAA irc channel #GNAA on irc.gnaa.us, and apply for membership.
Talk to one of the ops or any of the other members in the channel to sign up today! Upon submitting your application, you will be required to submit links to your successful First Post, and you will be tested on your knowledge of GAYNIGGERS FROM OUTER SPACE.

If you are having trouble locating #GNAA, the official GAY NIGGER ASSOCIATION OF AMERICA irc channel, you might be on a wrong irc network. The correct network is NiggerNET, and you can connect to irc.gnaa.us as our official server. Follow this link [irc] if you are using an irc client such as mIRC.

If you have mod points and would like to support GNAA, please moderate this post up.

| ______________________________________._a,____ | Press contact:
| _______a_._______a_______aj#0s_____aWY!400.___ | Gary Niger
| __ad#7!!*P____a.d#0a____#!-_#0i___.#!__W#0#___ | gary_niger@gnaa.us [mailto]
| _j#'_.00#,___4#dP_"#,__j#,__0#Wi___*00P!_"#L,_ | GNAA Corporate Headquarters
| _"#ga#9!01___"#01__40,_"4Lj#!_4#g_________"01_ | 143 Rolloffle Avenue
| ________"#,___*@`__-N#____`___-!^_____________ | Tarzana, California 91356
| _________#1__________?________________________ |
| _________j1___________________________________ | All other inquiries:
| ____a,___jk_GAY_NIGGER_ASSOCIATION_OF_AMERICA_ | Enid Al-Punjabi
| ____!4yaa#l___________________________________ | enid_indian@gnaa.us [mailto]
| ______-"!^____________________________________ | GNAA World Headquarters
` _______________________________________________' 160-0023 Japan Tokyo-to Shinjuku-ku Nishi-Shinjuku 3-20-2

Copyright (c) 2003-2006 Gay Nigger Association of America [www.gnaa.us]

Re:About GNAA (-1, Troll)

Anonymous Coward | more than 8 years ago | (#15358228)

My God, won't you kids grow up already?

My God (5, Insightful)

voice_of_all_reason (926702) | more than 8 years ago | (#15358140)

I believe we are in need of a new Slashdot section: Horrifying

Re:My God (1, Insightful)

Anonymous Coward | more than 8 years ago | (#15358203)

I just tagged it "nazis", hope others do the same. Godwin be damned!

Re:My God (3, Insightful)

cosmo_the_third (642177) | more than 8 years ago | (#15358236)

Yeah..."Big Brother is Watching You" has become "Big Brother Knows All Your Secrets"

Call This Number: +1, Helpful (-1, Troll)

Anonymous Coward | more than 8 years ago | (#15358241)

1-800-ALQAEDA [huffingtonpost.com] and demand the arrest, trial, conviction, and sentencing of as Kim Jong iL stated, the world's most dangerous "leader" [whitehouse.org] .

Patriotically from Alabamistan,
Kilgore Trout, Colonel

One Key (2, Interesting)

Tackhead (54550) | more than 8 years ago | (#15358281)

> I believe we are in need of a new Slashdot section: Horrifying

One key to rule them all; one key to find them. One key to bring them in and in the darkness grind them. In the land of Norsefire, where England Prevails.

Re:My God (4, Insightful)

h4rm0ny (722443) | more than 8 years ago | (#15358291)

Or how about a new /. heading: Wake Up !

This is nasty. You can always tell when there are no reasons that would fly with the public when they have to invoke the paedophiles. US government has War on Terror, the UK has paedophiles.

E-mail was a god-send for the intelligence services. Automated scanning and copies of everything to look back on if they ever chose. Encryption means the free party is coming to an end. GPG is turning off the stereo and saying "GO HOME!"

They managed without it before. They can manage without it again. And if that means the Government can't achieve omniscience over the population... good!

My God-My eyes! (0)

Anonymous Coward | more than 8 years ago | (#15358304)

"I believe we are in need of a new Slashdot section: Horrifying"

Here's my entry [goatse.cx]

Re:My God (3, Informative)

TubeSteak (669689) | more than 8 years ago | (#15358314)

Well you have to put this in context.

IIRC, the Brits wanted to extend the length 'terrorists' could be arrested & held without charge (from 14 to 90 days) so that the police could have more time to try and break encrypted data.

Here's the previous /. article about that
http://yro.slashdot.org/article.pl?sid=05/11/04/13 48200 [slashdot.org]

I'm pretty sure that idea died a Horrifying death

More like "Horribly Bad Joke." (4, Insightful)

C10H14N2 (640033) | more than 8 years ago | (#15358352)

Just an example of astoundingly ignorant politicians who don't realize they're effectively criminalizing the use of cellular phones, the constantly changing keys of which would amass petabytes of data within a year, in just the UK--and that's just the keys, not the data they encrypted...and that's just the cellphones.

What absolute morons.

Simple solution. (5, Funny)

Kenja (541830) | more than 8 years ago | (#15358145)

Just stick a computer in the corner churning out encryption keys and mailing them to the UK government all day every day untill you break their database.

Re:Simple solution. (4, Interesting)

dgatwood (11270) | more than 8 years ago | (#15358224)

You do know that with the way SSL/SSH works, that's EXACTLY what you would be forced to do to comply with this law, right?

Methinks the UK government doesn't know that what it wants is technologically infeasible....

Re:Simple solution. (3, Insightful)

Anonymous Coward | more than 8 years ago | (#15358276)

I had the same thought. Most encryption is transparent to the user, and session based.
All I ever see is a little icon that tells me the connection is encrypted when I go to my banks web page...so, am I responsible for reporting the keys or is the bank? Or both? And does it matter that they are useless as soon as I log out?

Re:Simple solution. (2, Informative)

Aspirator (862748) | more than 8 years ago | (#15358247)

Nice idea, but closer to reality than might be apparent.

How about SSH (Secure Shell) keys, which are routinely recreated every so often?

The software isn't really configured to divulge these keys.

VPNs (Virtual Private Networks) are another case where keys are routinely generated and then discarded, with no mechanism to divulge them.

There are many other examples of the same thing.

Re:Simple solution. (0)

Anonymous Coward | more than 8 years ago | (#15358261)

That's actually an excellent idea. Give them the whole 256bit keyspace. They'd be as wise as before.

Well.... (1, Funny)

Anonymous Coward | more than 8 years ago | (#15358147)

isn't the whole point of a private encryption key.... that is in fact PRIVATE .. wait what's that noise outside? THEY'RE COMING THROUGH THE WALLS OMG NOOoo ;xd.fg.......

key turning point in government relations (5, Insightful)

yagu (721525) | more than 8 years ago | (#15358149)

Encryption keys don't kill people, people kill people.

If owning (not divulging) encryption keys is criminalized, only criminals will own encryption keys.

These "rules" will only push the envelope of how and what criminals (or terrorists, etc.) use to hide their activities. And at the same time, they will add one more burden to the general population to manage and ensure the government is informed of their encryption infrastructure. Nuts.

The most effective infiltration into terrorist infrastructure is still social engineering. I'd rather the money spent creating and managing something like this spent training and hiring translators, covert agents, etc.

A convincing point about the futility of this proposed rule comes from the article:

Clayton, on the other hand, argues that terrorist cells do not use master keys in the same way as governments and businesses. "Terrorist cells use master keys on a one-to-one basis, rather than using them to generate pass keys for a series of communications. With a one-to-one key, you may as well just force the terrorist suspect to decrypt that communication, or use other methods of decryption," said Clayton.

Re:key turning point in government relations (0, Redundant)

Anonymous Coward | more than 8 years ago | (#15358208)

>Encryption keys don't kill people, people kill people.

No. Chuck Norris kills people.

Re:key turning point in government relations (4, Insightful)

pete6677 (681676) | more than 8 years ago | (#15358271)

Just as all criminals turned in their guns when they were outlawed, I'm sure they'll all turn over their encryption keys and keep using them to communicate so law enforcement can observe. Right. What would someone have to be smoking in order to think this is a good idea? Its nothing more than a blatant power grab that will ONLY affect law abiding people and have no effect whatsoever on "terrorists" or whatever other boogeyman will be used to justify more overreaching laws.

odd request (3, Insightful)

arakis (315989) | more than 8 years ago | (#15358154)

How will they know that they have the correct private keys without "testing" them on the owners' encrypted communications every so often? Oh well, it is England after all. Living on an island can do odd things to living things.

Re:odd request (3, Insightful)

gurutc (613652) | more than 8 years ago | (#15358196)

And you could just add a false layer to the encryption. So the keys the govt have decrypt the data into something that's recognizable and looks real, but is just a facade for another still encrypted layer.

Re:odd request (5, Informative)

TCM (130219) | more than 8 years ago | (#15358287)

Enter TrueCrypt and hidden volumes made for exactly that reason: http://www.truecrypt.org/hiddenvolume.php [truecrypt.org]

Re:odd request (-1, Troll)

Anonymous Coward | more than 8 years ago | (#15358225)

They can very quickly verify the validity of the private-public match using what is known as a Bottle Algorithm. Bottle Algorithms [bottleguy.com] are computationally simple to implement and can be replicated in hardware to suit the task.

Porn, not informative! (2, Insightful)

pla (258480) | more than 8 years ago | (#15358340)

Who the hell modded this informative?

Check the destination of that link before you click it... It goes to Bottle Guy - Just another site similar to Goatse or TubGirl.

Re:odd request (2, Informative)

gsslay (807818) | more than 8 years ago | (#15358278)

England isn't an island.

Stop giving the US gov't ideas (5, Funny)

courtarro (786894) | more than 8 years ago | (#15358157)

It's a good thing that, as an American citizen, I don't have to worry about these violations of my privacy.

Re:Stop giving the US gov't ideas (1)

casings (257363) | more than 8 years ago | (#15358242)

even if the senate and house were to pass this in the US government, it would be struck down as anti-constitutional by the supreme court, as it violates the fourth ammendment explicitly, although obtaining a warrant would force one to give up encryption keys.

Spaceballs: (4, Funny)

norminator (784674) | more than 8 years ago | (#15358163)

My encryption key is:


Re:Spaceballs: (3, Funny)

Volante3192 (953645) | more than 8 years ago | (#15358222)

That's amazing! I have the same combination on my suitcase!

Re:Spaceballs: (1)

dzfoo (772245) | more than 8 years ago | (#15358266)

What?! Only an idiot would think of using that as the combination!


Re:Spaceballs: (0)

Anonymous Coward | more than 8 years ago | (#15358223)

Hey, thats the combination on my suitcase!

Damn the Americans! (4, Funny)

Anonymous Coward | more than 8 years ago | (#15358166)

Damn facist Americans! I am so glad that I live in Europe where such things never happen!

Re:Damn the Americans! (1)

DaHat (247651) | more than 8 years ago | (#15358255)

Americans? This is the UK gov at work you fool.

Re:Damn the Americans! (0)

Anonymous Coward | more than 8 years ago | (#15358334)

Hear that sound....?

That was the sound of a joke whooshing over your way-too-literal head.

I RTFA, but I don't get it... (5, Funny)

Nijika (525558) | more than 8 years ago | (#15358168)

So is it that they want the criminals to hand over their passwords before they commit a crime? This should go well with the anti bank-robbery legislation requiring all would-be robbers to call in a schedule before they pull off a heist.

no diffreance than real life (3, Interesting)

a_greer2005 (863926) | more than 8 years ago | (#15358172)

I assume that the there is a simmaler rule for safes/lockbox combinations.

Re:no diffreance than real life (1)

grub (11606) | more than 8 years ago | (#15358238)

I assume that the there is a simmaler rule for safes/lockbox combinations.

No need! Thanks to the wonders of 21st century technology we have things called 'drills' and 'hammers'. You should check them out.

Re:no diffreance than real life (1)

SylvesterTheCat (321686) | more than 8 years ago | (#15358245)

Why would you assume that is the case?

I don't know either way, however, I know that I do not know.

Orwell, here we go again!! (3, Insightful)

casings (257363) | more than 8 years ago | (#15358173)

Britain's use of anti-privacy situational crime prevention measures are a means of targeting petty crimes and the innocent while displacing more professional and semi-professional crime into other areas. These techniques do not stop the criminal, as he is already committing a crime, what would he care if you added "refused to give up private key" to his list of crimes?

The UK needs to wake up and realize that these forms of crime control only waste money and create more crime, than stop crime from happening.

Let someone else handle it (1)

DreadPiratePizz (803402) | more than 8 years ago | (#15358175)

What if the criminal has someone else handle their encryption/decryption, and thus does not even know their key? Can you be jailed for not giving away information you don't know?

It won't be long (1, Insightful)

Anonymous Coward | more than 8 years ago | (#15358176)

before we all get issued our Newspeak dictionaries...

http://www.newspeakdictionary.com/ns_frames.html [newspeakdictionary.com]

Warning (5, Insightful)

Nerdfest (867930) | more than 8 years ago | (#15358180)

If this goes into effect it would make it a very dangerous thing to have files of random characters .... you'd have a lot of trouble explaining them.

Nah, you have *partitions* of random characters (2, Informative)

Colin Smith (2679) | more than 8 years ago | (#15358363)

Could be swap, could be unformatted forgotten junk etc. The government would have to prove it was real data in an encrypted format. That's easy if it's a file on a filesystem, not easy if it's "forgotten" space on an apparently unformatted part of a disk. That's why this kind of legislation is so bloody stupid. What can I say, we're talking about politicians here, always trying to treat the symptoms rather than the cause.


What about global corporations? (4, Interesting)

voice_of_all_reason (926702) | more than 8 years ago | (#15358183)

Most major companies have offices all around the world, presumably. So now they'll have to have a separate (pretty much disposable) encryption method just for the UK?

What about communication between offices on the internet? A japanese analyst creates some research, but due to technical problems the only Compliance office up is in Europe. So every program or service that can comminicate with Britain has to check if a request is going to/through the UK before applying the "approved" encryption.

To quote, "this is madness"

This is bizarre (5, Funny)

idontgno (624372) | more than 8 years ago | (#15358185)

It's like some sick competition between the US administration and the UK one.

"Oh, yeah, you think that telephone call database is slick, check this sh*t out. We're gonna make our subjects give up their crypto keys or go to jail"
"Oooh, good one!" (high five)

perfectly reasonable (2, Insightful)

Surt (22457) | more than 8 years ago | (#15358188)

Much like a warrant to search a physical premises, having the police have the power to force you to expose your private data is perfectly reasonable, so long as it is similarly regulated by the courts. Unfortunately, as the article points out, there are problems with proving that you do or don't have the key to unencrypt, but the general principal of allowing the police to search something with a warrant does not seem problematic.

Re:perfectly reasonable (3, Insightful)

btpier (587890) | more than 8 years ago | (#15358239)

If they want to force someone to expose their private data, they should get a warrant to do that once you are suspected of a crime not before. As others have said, this treats everyone like a criminal.

Re:perfectly reasonable (1)

sholden (12227) | more than 8 years ago | (#15358337)

But when the police search your house with a search warrant, you don't have to point out where you've hidden what they're looking for. You just have to let them search for it.

At least that's what the TV cop shows tell me :)

Steganography (4, Insightful)

MarkByers (770551) | more than 8 years ago | (#15358194)

Time for steganographic file systems where your private data can be hidden inside innocent looking files. They can't force you to disclose your key if they don't know and/or can't prove that you have one.

http://en.wikipedia.org/wiki/Steganography [wikipedia.org]

Who needs encryption? (-1, Flamebait)

Anonymous Coward | more than 8 years ago | (#15358195)

Even though I have heard concerns over privacy and hence the need of encryption, I still am not convinced that encryption is a must. And I still believe that only if you are doing something illegal, you need encryption.

But I am open to see arguments in favor of encryption on /. Convince me.

Re:Who needs encryption? (2, Insightful)

SylvesterTheCat (321686) | more than 8 years ago | (#15358297)

Convince you? OK. How about this?

If the government has reason to believe that I am doing something illegal, then convince a judge to SIGN A WARRENT.

Re:Who needs encryption? (4, Interesting)

hunterx11 (778171) | more than 8 years ago | (#15358298)

Encryption may not be a must for most people, but keeping the government out of one's private business is a must for all people, everywhere.

Re:Who needs encryption? (0, Funny)

Anonymous Coward | more than 8 years ago | (#15358315)

you're the worst troll I've ever seen.

wow (0)

Anonymous Coward | more than 8 years ago | (#15358198)

And I thought our government had it's head up it's ass. I guess I'll scratch the U.K. off my list of places to live when I can't bear the loss of freedoms in this country anymore.

In other news... (5, Insightful)

GillBates0 (664202) | more than 8 years ago | (#15358200)

increased use of encryption by criminals, paedophiles, and terrorists.

...it has been found that:

- cameras are used by criminals, paedophiles, and terrorists - we need access to your negatives/memory disks.
- houses are used by criminals, paedophiles, and terrorists - we need access to your house keys.
- cars are used by criminals, paedophiles, and terrorists - we need copies of your car keys.
- ATM machines are used by criminals, paedophiles, and terrorists - we need to know your PINs.
- Online email services are used by criminals, paedophiles, and terrorists - we need to know your username/passwords.
- Computers are used by criminals, paedophiles, and terrorists - we need to install a backdoor on your computer.

Re:In other news... (0)

Anonymous Coward | more than 8 years ago | (#15358249)

6) That's only for linux users. All Windows machines probably already have a backdoor.

Re:In other news... (1)

Billosaur (927319) | more than 8 years ago | (#15358332)

You forgot one:

- Air is used by criminals, paedophiles, and terrorists - we need you to stop breathing for a while.

1984 news (4, Informative)

Teun (17872) | more than 8 years ago | (#15358365)

- cars are used by criminals, paedophiles, and terrorists - we need copies of your car keys.

You're behind the times.
The UK is already (planning) installing a system of automatic licence plate recognising camera's throughout the country. The resulting database will allow a very comprehensive following of cars and thus persons.

The next step is of course that you have to report to the police whenever you've driven an other car but your own...

Answer to UK rants about NSA/ATT (1, Insightful)

Anonymous Coward | more than 8 years ago | (#15358201)

Gee, I wonder what all the uk fanboys who were dissing the US about the whole NSA/ATT debacle have to say about this? Face it boys and girls, this is happening everywhere. The terrorists won a major strategic battle on 9/11, they have successfully changed the scope and nature of privacy rights across many of the worlds "democratic" nations.

England Prevails (5, Interesting)

zariok (470553) | more than 8 years ago | (#15358211)

"England Prevails"

Parliment better watch out... hear there's a train heading there loaded with fireworks and other things that go boom.

Re:England Prevails (1)

sxpert (139117) | more than 8 years ago | (#15358251)

mod parent funny :D (too bad you can't mix, insightful would have been appropriate too :D )

Criminalization (0)

Anonymous Coward | more than 8 years ago | (#15358213)

If secure encryption is criminalized only criminals will have secure encryption...

Come On (1)

JamesP (688957) | more than 8 years ago | (#15358214)

I don't know how stupid politicians can get. I'll give them my encryption keys OVER MY DEAD BODY.

Or I'll make sure the keys is something like POLITICIANSAREARSES or something like that.

Or maybe it's better to just give them the keys, but not divulge the secret encryption method used.

And how about wifi? (2, Insightful)

mustafap (452510) | more than 8 years ago | (#15358216)

So, do I need to send my wifi keys too? And bluetooth? What about the encryption used by GSM?

And my car remote lock fob, that too?

Is it April the 1st?

Re:And how about wifi? (1)

CockMonster (886033) | more than 8 years ago | (#15358357)

GSM encryption is readily crackable and besides, it's only encrypted between base-stations (masts) and phones. Once your conversation reaches the base-station it is decrypted until it reaches your recipient's base-station where it's re-encrypted. So all they need is a set of headphones and access to the network provider's infrastructure to listen to your conversations/read your texts.

OMFG (1)

gunne (14408) | more than 8 years ago | (#15358217)

Great Britain _really_ wants to become air strip one... (CCTV everywhere, registration of number plates of every car, all the time, and now this.)
I just don't get it, has none of their politicans read 1984? If not, they probably should.
Even though I don't live in GB, this is scary since the current swedish justice minister applauds every step in this direction taken by GB, and he is quick to propose new laws.
In fact, so quick that the review process for proposals for new laws has ben swamped.

Brilliant idea... (1)

Psmylie (169236) | more than 8 years ago | (#15358218)

I'm sure the criminals, paedophiles, and terrorists will just be lining up to hand over their keys, too.

Re:Brilliant idea... (5, Interesting)

grub (11606) | more than 8 years ago | (#15358285)

I'm sure the criminals, paedophiles, and terrorists will just be lining up to hand over their keys, too.

That's the odd thing about this. You can get up to 2 or 5 years in the can (depending on if they think you're a terrorist). So if you have gigs of terrorist info that could get you sent away for life, just say you lost your keys and go away for 5 years max.

In advance, or on demand? (1)

caluml (551744) | more than 8 years ago | (#15358219)

Is this a change from the current laws? Giving them up (on pain of 5 years) when asked for is one thing. Giving them up in advance takes it to a whole new level. What does this include? SSH id_dsa keys? SSL certs? Passphrases for mounting crypto partitions?
And trust it to the government? They have never once run an IT project properly. Disgusting (if true).

Just following suit. (2, Insightful)

bi_boy (630968) | more than 8 years ago | (#15358220)

Eastasia set the tone and Oceania is keeping in step. Just wait for the perpetual war, that'll be fun.

New encryption scheme (4, Interesting)

Guysmiley777 (880063) | more than 8 years ago | (#15358231)

Simple solution: You have a new encryption scheme where there are 2 private keys. The first one allows decryption, the second wipes the drive. Guess which one you give to the police?

Re:New encryption scheme (1)

Iphtashu Fitz (263795) | more than 8 years ago | (#15358338)

Simple solution: You have a new encryption scheme where there are 2 private keys. The first one allows decryption, the second wipes the drive. Guess which one you give to the police?

Guess what happens when the police decides to verify your key the day after you give it to them.

Proper English (1)

LoonyMike (917095) | more than 8 years ago | (#15358233)

All your private keys belong to us
(these ones speak proper english)

Big Brother Culture (1)

ngileadi (966224) | more than 8 years ago | (#15358237)

The streets in Britain are flooded with CCTV.
This new development just adds to the infrastructure for the next totalitarian goverment.
Although I trust the current goverment to use technology for good, sooner or later this technology will be abused against Britain's own citizens, by a less democratic government.

And people here are worried about ID cards.

Key ? What key ? (1)

alexhs (877055) | more than 8 years ago | (#15358244)

All my important communications are ROT-13 encrypted. What key should I give ? ;)

Surprised? You shouldn't be (1)

MikeRT (947531) | more than 8 years ago | (#15358253)

In theory, Tony Blair writes, traditional court processes and attitudes to civil liberties could work. But the modern world is different from the world for which these court processes were designed. This view that due process is obsolete explains the Prime Ministers conduct; it explains the connection between extradition without safeguards, detention without trial, Asbos without criminal offences, subjective and discretionary judgments, police powers to arrest, and increasing ministerial powers. They are all characteristic of Blair legislation; they all avoid due process of law.

-From this article [timesonline.co.uk]

I've never understood why American conservatives support him as a leader, rather than simply appreciate his support in the war on terror. He has many anti-conservative [blindmindseye.com] positions and is a member of the Fabian Society. He's Britain's problem, but it's high time that American conservatives realize what American libertarians have known about Blair for a while: he's not our ally at all beyond the War on Terror. In fact, Blair was not only a close supporter of Clinton, but is far worse as a leader than Clinton in most respects. I'd take the latter over the former any day (as long as it's Bill, not Hillary).

Ya gotta hand it to Blair, though. He's honest about holding a totally "fuck you" attitude toward civil liberties whereas Bush still genuflects before that "God damn piece of paper" (as Bush supposedly called the US Constitution) that those "dead white men" with their libruhl idears wrote up after kicking out Blair's predecessors 2 centuries ago.

Bumper sticker slogan (1)

ewg (158266) | more than 8 years ago | (#15358257)

"If strong encryption is outlawed, only outlaws will have strong encryption."

In Soviet Russia... (5, Insightful)

Fapestniegd (34586) | more than 8 years ago | (#15358258)

There was no crime, because the secret police would carry you off and shoot you in the head if you were even suspected of a crime. Wiretaps were the norm and the government could do whatever it wanted. Privacy didn't exist. And they were safer from criminals for it. Well, safer if we define criminals as ones that weren't in the KGB.

Yeah, no "In Soviet Russia" Joke here.

This is frightening. It's like we're becoming the very thing we fought in the cold war. A totalitarian government.

But at least we have 37 types of cereal.

You Can Have My Keys... (1)

Bob9113 (14996) | more than 8 years ago | (#15358263)

You can have my keys when you pry them from my cold, dead, fingers.

Private keys for criminals (2, Insightful)

BaltikaTroika (809862) | more than 8 years ago | (#15358264)

Here's an idea... why not just make it a crime for pedophiles, criminals and terrorists to NOT give over their private keys AFTER they've committed their crime.

That way Joe Sixpack can keep sending encrypted communications and not have to worry about the government reading them - as long as he doesn't start blowing stuff up, too.

Actually it is easy to avoid (2, Informative)

trifish (826353) | more than 8 years ago | (#15358273)

If the police requests your encryption keys, you can actually give it to them (i.e. comply) without actually giving them access to your encrypted files.

All you need is TrueCrypt [truecrypt.org] , which is open source on-the-fly disk encryption software for Windows and Linux.

The software provides something called Plausible Deniability and it is further enhanced by the so-called hidden volume method.

Basically, it is impossible to prove that you have TrueCrypt-encrypted data and you can even supply a key to decrypt a decoy volume containing some not-really-sensitive data. The bottom line, you comply with the law (order to decrypt) and your data stay private.

Actions are criminal, not tools (5, Insightful)

dada21 (163177) | more than 8 years ago | (#15358275)

A criminal that rapes someone may have talked during the rape -- it is the rape that was evil.

A criminal that shoots someone in the head used a gun -- it is the shooting that is evil. He could have used a baseball bat.

A criminal that blows up a building might use a cell phone -- it is the building exploding that is evil. He could have used e-mail or writing a big X on a tree.

We have to stop government from criminalizing actions that are part of our right to speech. This right is not something Constitutional or created out of any government document -- it is a natural right that all humans share, no matter what the laws say.

I'll continue to encrypt, and I'll dare the government to try to restrict me. If I have to, I'll encrypt by using an encryption program that hides my real text to make it look like readable language. Let them try to stop that. Or I'll use my own spoken code. Will they find a way to criminalize it?

Don't criminalize tools, criminalize criminal actions.

Eh? (0, Troll)

gowen (141411) | more than 8 years ago | (#15358277)

If I've incriminating documents in a safe, the police are going to ask for the key. If they don't get it, they're going to break in, and I'll be arrested for obstruction of justice. I don't recall everyone being up in arms about the police, having obtained the proper warrants, coming into my house and breaking into my safe.

Besides the fact that this involves computers, why is this different?

Easy solution (0)

Anonymous Coward | more than 8 years ago | (#15358286)

Plausible deniability [wikipedia.org] is your friend. At least one good open source encryption package, Truecrypt [truecrypt.org] , implements this feature whereby a ciphertext can have an arbitrary number of (or just one) encryption key(s), each one giving access to a different plaintext, and no mathematically known method of proving which is the "real" key.

So if the cops come around asking for your keys, you could give them the one that decrypts it to harmless family photos. Of course your decoy payload would need to be interesting enough that your adversary is less likely to suspect your hiding something (eg dont use photos of the family dog as the decoy if it's likely you're hiding state secrets, instead your decoy should consists of similar but benign content).

Charlton Heston Says... (2, Funny)

Laoping (398603) | more than 8 years ago | (#15358292)

When we outlaw encryption keys, only criminals will have encryption keys.

Get your stinking hands off my encryption keys, you damn dirty apes!!!

Olympic BigBrother Games (1)

slashflood (697891) | more than 8 years ago | (#15358293)

Currently, it's a head-to-head race between the U.S. and the U.K. Germany is getting better, but nevertheless on the third place.

A solution (2, Interesting)

ratboy666 (104074) | more than 8 years ago | (#15358294)

Presuming that current crypto is secure, public key cryptography provides a solution.

Specifically, the public key is published, but private keys are pretty much unknown. The only thing you really know about your private key is the passphrase needed to use it (note that the computer using an entropy source generated the key in the first place).

The key itself? Should be stored on a flash memory card. Or another easily destroyed medium. If broken, you have NO way of supplying the key to the government.

The issue is key management. If the key doesn't exist, no amount of threatening or torture can cough it up. Sure, the passphrase (at the drop of a hat), but the key?


Summary is not complete (5, Informative)

igb (28052) | more than 8 years ago | (#15358300)

I'm as opposed to section 3 of RIPA as the next man, but I have the benefit of having read it in detail. What is proposed is that, following a lawful search with a warrant issued by a judge, the police or judiciary can demand the keys to any encrypted material that is seized. Refusal to produce keys can be treated as a crime in its own right. Since in America your government, it would appear, doesn't bother with the ``lawful search with a warrant'' part, I think we can safely tone down the ``UK sucks'' tone.

The basic argument is that the purpose of a search warrant is defeated by encryption. Now I think that's wrong, or at least part wrong, and I think an alternative would be to make material held by the defendant which he does not choose to decrypt something that the jury can take account of, just as refusal to testify is now, under limited circumstances, something the judge can point to during summing up. And the alternative of forcing decryption isn't offered (although quite how someone would demonstrate that plain text they offered really _was_ the decryption is a whole other question).

The is bad, illiberal law, and those of us involved in campaigning against it have been in correspondance with our MPs for some years. But it's not just Britain that is tearing up its freedoms in the face of minor terrorism: the USA collectively shat its pants and ripped up a century of jurisprudence on the 12th of September. It makes far more sense for people with a desire for freedom to work together, rather than to assume that we're a bunch of proto-fascists while Bush Jr defends your constituional rights.


Better keep track of those keys. (0)

Anonymous Coward | more than 8 years ago | (#15358301)

What if you loose one of your keys, would they just throw you into jail?

Will M$ be giving people a copy of their keys that encrypt their Vista hard disk with every copy in the UK so they can be mailed to the government or just send them straight there.

Implementation (4, Insightful)

WhiteWolf666 (145211) | more than 8 years ago | (#15358307)

People; don't say "This can't be done."

This is referred to as a "catch-all" type of law. Beware the wonders of selective enforcement.

The idea here is that if you find a suspected terrorist, and they use encryption, you don't even need to bust them for terrorism OR for not providing their encryption keys when demanded. You can just go to step A, look up their name in the government encryption key database, find out that no, they did not provide their encryption key to , and take them directly to jail.

Regardless of whether or not the are a terrorist, regardless of whether or not they are willing to turn over their encryption keys when asked, you can find them guilty.

This is not about collecting everyone's encryption keys (at least not at first). Initially, this will be used as a blunt stick to smack anyone the government doesn't like. Think of the way seat belt laws are enforced; cops won't stop you for not wearing your seat belt, but they'll sure as hell issue a ticket for it even if you aren't speed, have all your paperwork in order, and have done nothing else wrong. It's a sort of standby crime they can get you on.

Sleepwalking into a Police State (2, Insightful)

thagrol (864136) | more than 8 years ago | (#15358313)

This is just the latest in a long line of moves by the current government to reduce freedom and liberty in the UK, all in the name of security.

Add this to the National Identity Register, ID cards, the Civil Contingencies Act and the Parliament Act and the UK is well on the way to becoming a police state.

And the worst of it is, most people seem to think this is a good thing.

The real terrorists... (0)

Anonymous Coward | more than 8 years ago | (#15358316)

...the real terrorists are nations, not lone terrorists or terrorist organizations like Al-Qaeda. The UK Government should imprison themselves for being responsible for the deaths of hundred of thousands of Iraqies (remember the sanctions).

Iraq body count made a comparision between the number of innocent civilians killed by USMC and by the "terrorists".

The conclusion was that including 9/11 the terrorist had killed 3500 innocent civilians. The USMC had killed at least 13000 innocent civilians. In Iraq only most civilian deaths (about 35%) has been by USMC and that is the largest single factor responsible for civilians deaths. The terrorists is behind only 9% of the civilian deaths.

Something to think about the next time you call someone a terrorist...

What about entropy freaks? (0)

Anonymous Coward | more than 8 years ago | (#15358319)

I'm obsessed with entropy. I collect entropy from tons of sources, process them, and burn them to DVDs. When I have collected enough, I use them to burn a DVD with what I think are true random numbers -- a sequence of numbers that no Turing Machine can generate, unless its description is as large as the sequence. This is really hard to do. random.org only gives you a few megabytes of randomness. I want 4 GiB.

Will the UK government send me to jail because they think it's encrypted self-incriminating data?

They need it for terrorists and pedophiles ... (1)

Nicolas MONNET (4727) | more than 8 years ago | (#15358320)

... and after a while, it will be very handy to frame jaywalkers and pot smokers.

Sure! (1)

Subbynet (905560) | more than 8 years ago | (#15358321)

I can already see the terrorists handing over their keys - *sarcastic face* Once again another government idea that will hurt everyone but the people it's targeted against. If me and you know this, then why don't they... Personally coming from the UK I believe they do - so it's just another case of home land surveillance. (Along with the other shit load of databases, Camera's, Police street searches, and the expected Bio-ID Card.)

Same drummer (1)

TRS80NT (695421) | more than 8 years ago | (#15358341)

Is it an election year in Great Britain? In the US it seems this "criminals, p[a]edophiles, and terrorists" chant happens most as campaign rhetoric or as smoke and mirrors to deflect attention away from something else.

Surprising.. but not Alarming (1)

Dirtwalker (967403) | more than 8 years ago | (#15358342)

Well well... It seems it is not just the US Govt/CIA/NSA playing tricksies on its citizens when it comes to privacy and electronic monitoring. UK officials bring up valid reasons (pfft) for wanting such encryptions keys to be reported to the govt. I'm curious to know which agencies will have access to the database of keys, and will there be procedures to protect innocent citizen's data private data from being mishandled (or in the case of corporations - stolen. See Corporate Espionage).

ok Fine (1)

qwp (694253) | more than 8 years ago | (#15358346)

Ok, Fine..
but will they at least write some good encryption software todo it with.
Most encryption software sucks.

Side note, would this also mean we don't have to use the verisign terriost any more?

I would not worry (1)

mapkinase (958129) | more than 8 years ago | (#15358366)

They won't be able to keep up with encryption algorithms, unless they limit the usage of algorithms to "approved by the government".

This is nuts.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?