Bye Bye Privacy...
Discussion
Som of you may be aware of the RIPA act which went through parliament a couple of years back and allows various security agencies to intercept your electronic communications without a court order.
The act is an utterly disgraceful piece of legislation that was forced through parliament in teh face of enormous opposition from MPs and Lords as well as civil liberties, human rights & privacy groups.
Well an amendment is about to be pushed through, extending the list of agencies which can acces your communications - emails, lists of phone calls made an even the cell-location of your mobile phone.
So, soon the following will have access to all this without a court order:
- DEFRA
- Dept of Health
- Home Office
- DTI
- DTLR
- Dept for Work & Pensions
- District councils & regional govenment
- Environment agency
- Financial Services Authority
- Food Standards Agency
- The Post Office (!)
This list is inconclusive - you can find more details here: www.theregister.co.uk/content/6/25670.html and here: www.legislation.hmso.gov.uk/si/si2002/draft/20022322.htm
We should be up in arms about the way this government is determined to errode all of our privacy, not just for reasons of national security, but so that any government department can drege for practically any information about any individual *in case* there's something interesting in there..
I'd recommend using whatever technologies available to counter these control-freak government gimps..
>>> Edited by CarZee on Wednesday 12th June 11:45
The act is an utterly disgraceful piece of legislation that was forced through parliament in teh face of enormous opposition from MPs and Lords as well as civil liberties, human rights & privacy groups.
Well an amendment is about to be pushed through, extending the list of agencies which can acces your communications - emails, lists of phone calls made an even the cell-location of your mobile phone.
So, soon the following will have access to all this without a court order:
- DEFRA
- Dept of Health
- Home Office
- DTI
- DTLR
- Dept for Work & Pensions
- District councils & regional govenment
- Environment agency
- Financial Services Authority
- Food Standards Agency
- The Post Office (!)
This list is inconclusive - you can find more details here: www.theregister.co.uk/content/6/25670.html and here: www.legislation.hmso.gov.uk/si/si2002/draft/20022322.htm
We should be up in arms about the way this government is determined to errode all of our privacy, not just for reasons of national security, but so that any government department can drege for practically any information about any individual *in case* there's something interesting in there..
I'd recommend using whatever technologies available to counter these control-freak government gimps..
>>> Edited by CarZee on Wednesday 12th June 11:45
quote:
I've got a freely distributable copy of PGP Net Privacy if you want a copy...
I've a feeling part of the legislation means that if you don't hand over your PGP key when asked (or can't, because you've forgotten it, etc) then you're in trouble. It's been a while since I read up on it, but I'm pretty sure the onus was on you to prove you're NOT hiding illegal stuff or evidence of crimes, rather than them to prove that you are. Which is nice.
If memory serves, when this was becoming law someone sent PGP'd photos of a crime (can't remember what the crime was now - burning a £5 or something) to the home secretary of the time, and then told the cops. The theory was that the H.S. would have proof of a crime, and couldn't hand over the PGP key as he never had it. Don't think it achieved anything mind, and it was a couple of years ago now. A quick Google leads me here:
www.theregister.co.uk/content/6/9778.html
which contains:
"The RIP Bill contains one truly frightening basic assumption: if you have stored on your computer any form of encrypted message, you will be forced on request by the police to hand over the necessary keys t decrypt this data. If you do not have the keys, YOU MUST PROVE THAT YOU HAVE NEVER BEEN IN POSSESSION OF THEM, or you could be subject to a two-year jail term.
The principle of the police being able to view encrypted data, so that they can nail paedophiles, drug dealers, etc, has some genuine merits.
The flaw in this measure, however, is that the recipient/possessor of encrypted data is guilty, until proven innocent, something which destroys the entire foundation of our legal system. What's more, it is impossible to prove that you never had something"
Dan
Edited for grammar!
>> Edited by DanL on Wednesday 12th June 12:06
Just tried looking at the legislation which is of course unreadable.
I recall being told at primary school that the UK was the free-est country in the world ... which may have been true then (labour government!!) but sure ain't now, almost as bad as Switzerland sometimes it seems.
Still - 'bye bye privacy' - it's a long time since we had much of that.
I truly hate the jingle that "the innocent have nothing to fear/hide', which a cop of my acquaintance used to justify CCTV cameras everywhere.
I recall being told at primary school that the UK was the free-est country in the world ... which may have been true then (labour government!!) but sure ain't now, almost as bad as Switzerland sometimes it seems.
Still - 'bye bye privacy' - it's a long time since we had much of that.
I truly hate the jingle that "the innocent have nothing to fear/hide', which a cop of my acquaintance used to justify CCTV cameras everywhere.
quote:
quote:
I've got a freely distributable copy of PGP Net Privacy if you want a copy...
Matt.
Matt, for a computer numpty please explain what this is......
Ta muchly, John
John, as far as I understand it, and I am no security expert by any means, its allows one to encrypt all the information that leaves your PC. I think the basic premise is that you send people you e:mail a key and when the e:mail leaves your PC its encrypted to everyone who hasnt got that key.
This might be completely incorrect and I havent installed it yet, but its there if people want it.
Matt.
yes please I'd like a copy, does it work for stored info on your hard drive i.e business letters on a network that you maybe don't want nosey employees (or you IT guy 
carzee) looking at ????? Oh yes and incase myy laptop ever got nicked/lost etc I wouldn't some scroat getting everything
>> Edited by mel on Wednesday 12th June 12:30
carzee) looking at ????? Oh yes and incase myy laptop ever got nicked/lost etc I wouldn't some scroat getting everything >> Edited by mel on Wednesday 12th June 12:30
quote:Not quite. What you're describing is a symmetric key, which is analagous to locking a box and posting it to someone whilst posting them the key in a separate letter.
John, as far as I understand it, and I am no security expert by any means, its allows one to encrypt all the information that leaves your PC. I think the basic premise is that you send people you e:mail a key and when the e:mail leaves your PC its encrypted to everyone who hasnt got that key.
What PGP lets you do is assymetric encryption. You have a public key and a private key. The public key allows stuff to be locked in such a way as only the private key can unlock it. You distribute the public key to anyone you want - you can even post it on your website.
An analogy would be sending out identical (unlocked) padlocks to anyone who wants them. You retain the key. Someone then locks a box with one of your padlocks and sends it to you. You open it with your key. You never send out your key, so even if one of the padlocks falls into the wrong hands then you haven't been compromised (ok, the analogy falls down here as I suppose you could take a padlock apart and deduce the key from it, but no anaology is perfect).
Hope that helps
Jon
>> Edited by JonRB on Wednesday 12th June 13:23
quote:
quote:
Yes - good idea.. everyone should start using it..
What's most alarming perhaps is the ability to obtain mobile records showing what cell your phone was in and when... and there's not a lot you can do about that..
You can switch it off.
Even better - just pull the battery - that way your phone won.t even tell the cell that it is switching off.
Things are about to get worse - I am aware of phones currently being tested with a GPS locator built into the battery that will plug into standard phones that are available today that will allow accurate tracking without the phone user's knowledge.
Accurate enough to get your average speed, for example.
Be afraid, be very afraid - this will happen!
They will be sold with inocuous applications advertised, like tracking where your kids are etc, but it's just the thin end of the wedge...
Craig
FWIW Mel, my having access to your data is no different from a gynaecologist having access to your wife's nether regions.. (bear with me on this 
)
He sees it day in & day out, so he's indifferent, whereas clearly there are plenty of (ahem) laymen who must think his job is a hoot, getting to rummage around in all those fannies.
I've had access to privileged information in some pretty large organisations in my time... when I worked at News International I used to be able to read all the email send to "Dear Dierdre" which was a laugh, but there was never any inclination to access and use any information which I could profit from.
Besides, I've got a memory like a goldfish after years of chemical abuse
) He sees it day in & day out, so he's indifferent, whereas clearly there are plenty of (ahem) laymen who must think his job is a hoot, getting to rummage around in all those fannies.
I've had access to privileged information in some pretty large organisations in my time... when I worked at News International I used to be able to read all the email send to "Dear Dierdre" which was a laugh, but there was never any inclination to access and use any information which I could profit from.
Besides, I've got a memory like a goldfish after years of chemical abuse
You mean the World Cup match? no haven't fogotten
It's all under control - one of the great things about having a wife is I never have to worry about where I need to be and when because she runs that side of things.. The other is that I never have to worry about sending birthday & xmess cars to people 'cause she sorts it all out, knowing full well that if she leaves it to me there's no chance..
It's all under control - one of the great things about having a wife is I never have to worry about where I need to be and when because she runs that side of things.. The other is that I never have to worry about sending birthday & xmess cars to people 'cause she sorts it all out, knowing full well that if she leaves it to me there's no chance..
quote:You're right about that.. I use handwriting so rarely now that I can hardly remember how..
What is next, reading our snal mail, that is, if any one can still write with a pen
Received a letter from an elderly aunt the other day.. totally amazed to have received a hand-written letter.. and could hardly read it..
The RIPA rears its ugly head again and yet again it will end up being shot down in flames. The practical nature of the act falls down on a couple of areas to start with :
1) Human rights - the right to NOT inciminate yourself. Therefore if you have encrypted some relevant data and fail to provide the key, you CANNOT be convicted of anything. This is a right that has been tested several times in the EU court and each time it has stood - you cannot be forced to incriminate yourself. So dont worry about that one.
2) Providing relevant encryption keys - this is just utter nonsense. Anyone that is used to VPN's and similar techology knows that the data isnt encrypted with a single key or password. They initial exchange of RANDOM keys is carried out with these keys, but subsequenly ALL data transmission is protected with a constantly changing RANDOM encryption key. These are NEVER stored - therefore it makes it not only daft but impossible to actually provide these keys to the required authorities!!! Another place where it is impossible to do.
Its utter bollox, driven through by idiots that dont understand the technology and worry about "global terrorism". Unfortunately the events of Sept 11th fell completely into their hands and now we are left with an act that is both rubbish but also impossible to actually enforce - now thats a waste of public money.....
Oh, and while I remember on the second point above - there is NOTHING in place with the government to hold these keys for you (Escrow). No infrastructure, no knowledge and certainly no security. Therefore I would personally refuse to hand over any encryption keys to them on the basis of insecurity....
Fantastic isnt it...
Cheers,
Paul
1) Human rights - the right to NOT inciminate yourself. Therefore if you have encrypted some relevant data and fail to provide the key, you CANNOT be convicted of anything. This is a right that has been tested several times in the EU court and each time it has stood - you cannot be forced to incriminate yourself. So dont worry about that one.
2) Providing relevant encryption keys - this is just utter nonsense. Anyone that is used to VPN's and similar techology knows that the data isnt encrypted with a single key or password. They initial exchange of RANDOM keys is carried out with these keys, but subsequenly ALL data transmission is protected with a constantly changing RANDOM encryption key. These are NEVER stored - therefore it makes it not only daft but impossible to actually provide these keys to the required authorities!!! Another place where it is impossible to do.
Its utter bollox, driven through by idiots that dont understand the technology and worry about "global terrorism". Unfortunately the events of Sept 11th fell completely into their hands and now we are left with an act that is both rubbish but also impossible to actually enforce - now thats a waste of public money.....
Oh, and while I remember on the second point above - there is NOTHING in place with the government to hold these keys for you (Escrow). No infrastructure, no knowledge and certainly no security. Therefore I would personally refuse to hand over any encryption keys to them on the basis of insecurity....
Fantastic isnt it...
Cheers,
Paul
there is a website under cxonstruction which will have all this info on it www.therightoknow.co.uk
not sure how good it will be but power to the people i say
not sure how good it will be but power to the people i say
Gassing Station | General Gassing [Archive] | Top of Page | What's New | My Stuff