
UK PM wants to ban crypto: here's what it would cost, and why it won't work anyway - ColinWright
http://boingboing.net/2017/06/04/theresa-may-king-canute.html
======
firethief
> Theresa May says there should be no "means of communication" which "we
> cannot read"

The article focuses largely on the technical difficulties and implementation
risks that make this goal impractical. I would like to point out that the goal
in question is explicitly Orwell-style surveillance.

~~~
threeseed
No. Their goal is simply to go back to the previous status quo. Which was when
communication was capable of being monitored when there was a reasonable
suspicion of a crime about to be committed.

Now I don't believe this makes any sense in this era (criminals will have
crypto, ordinary people/dissidents/journalists etc will not) but I can very
much appreciate where they are coming from. It's not a simple issue.

~~~
matthewmacleod
Thank you for pointing this out. It's a key point to make that it's kind of a
complex issue.

It's obvious to me that cryptography shouldn't and realistically cannot be
outlawed. That doesn't make any sense. On the flip side, I think that most
people would accept that targeted surveillance of criminal suspects is a
reasonable tool.

The thing is, if it becomes the default for all messages to be encrypted end-
to-end – obviously a good thing – then this effective tool becomes useless.

I think any proposals to restrict cryptographic software are obviously wrong
and doomed to failure, and I will continue using such software regardless of
what laws are passed in the UK. But it _is_ a complex issue, and I wish there
was some more acknowledgement of how the field of surveillance has changed.

~~~
confounded
The Manchester attacker was reported many times as an extremist, and had the
ISIS flag on his car. To suggest that he would have been caught if only the
Food Standards Authority has constant read-access to your drunk teenage
loveletters is ridiculous.

We need more actual police officers to do more actual police work.

~~~
vixen99
Isn't it more a question of what instructions those existing police officers
are given? Currently their activities always come a bit late for the innocent
dead and injured. A positive check about someone hiring a van is not prima
facie evidence of intent to mow down pedestrians.

~~~
confounded
Comparing

\- Running investigations, police officers being known and trusted "faces" in
their community, and surveilling people in meatspace

To

\- Running grep on every TCP packet of 65 million people, then asking a
relatively small number of LEOs to "do something" when analysts see something
that could be suspicious

The former seems more likely (to me) to succeed.

------
joshpadnick
I'm also deeply concerned about "backdoors for the good guys". Beyond just
worrying about who else could get access, the "good guys" really just means
government, and my comfort level with the current Trump administration using
their "good guy" backdoor for a noble purpose currently sits at zero.

All that being said, how do we the tech community solve Theresa May's problem?
Her philosophy is "if we knew more, we could have prevented this." Is that the
right philosophy? Is there some other mechanism to authorize "legitimate"
access to encrypted data?

~~~
nyolfen
>All that being said, how do we the tech community solve Theresa May's
problem? Her philosophy is "if we knew more, we could have prevented this." Is
that the right philosophy? Is there some other mechanism to authorize
"legitimate" access to encrypted data?

there's absolutely nothing substantiating her claim. terrorists seem to have
done just fine in the absence of encryption -- the bataclan attackers
coordinated with ordinary sms. governments still make this push _all the
time_, witness the doj going after apple after san bernardino.

the UK is literally the most surveilled society in the history of the world in
terms of communications of its inhabitants intercepted by its own government,
comparable perhaps only to the stasi. this is mode of action is not working.
two attacks in two weeks, and their answer is "the same but more"?

~~~
cJ0th
> there's absolutely nothing substantiating her claim.

yes, and this is very weird. She must have a chain of reasoning going on in
her head before opening her mouth, right? We always only get the conclusion,
that is: "we need more access". Any normal person looking for a solution to a
problem would generate loads of ideas and then, when pitching an idea, present
the pros/cons of their various ideas to finally argue why they have chosen
solution x. We don't see any of that wrt to this topic.

~~~
discombobulate
> She must have a chain of reasoning going on in her head before opening her
> mouth, right?

Control thoughts -> No bad thoughts

~~~
cJ0th
But that's not reasoning. That's jumping to conclusions.

~~~
discombobulate
Quite!

------
hughw
Why even permit people to have secrets of any kind? The real "problem" is not
encryption, but people keeping secrets. Encryption is just one way of keeping
a secret. With a law banning private secrets, they could throw anyone in jail
for not answering a question.

If the government has a back door to read all your messages, they are saying
they don't want you to have any secrets at all -- but electronic messages are
the only ones they know how to pry open.

~~~
dualogy
> _Why even permit people to have secrets of any kind? The real "problem" is
> [...] people keeping secrets_

You might be on to something! To lead the way to a secret-free world, they
might wanna start by dissolving MI5, MI6, etc..

------
kikoreis
Here's an idea. Instead of spending the effort on a damaging, losing battle on
the technology side.. let's invest in social inclusion, mental health and
healthy foreign policy in the middle east.

Catching the madmen on the wrong side of the curve makes much less economic
sense.

~~~
taobility
like what European people did, let's warmly welcome them into our civilized
world.

~~~
petre
Not really Europeans. Merkel did that.

Go ask anyone in Hungary, Poland or Czech Republic, or even Romania who
complies with migrant quotas and is generaly an EU cheerer, unlike Hungary or
Poland.

~~~
Symbiote
Have any of the recent terrorists been recent migrants? I thought most were
from at least a decade ago, if not born here.

~~~
petre
Not many but there's a recent wave of rapes commited by migrants that is
downplayed and not reported my the EU cheering mainstream media.

[https://www.gatestoneinstitute.org/9934/germany-rape-
january](https://www.gatestoneinstitute.org/9934/germany-rape-january)

~~~
rikkus
Do you have any sources other than incredibly biased ones?

[https://en.wikipedia.org/wiki/Gatestone_Institute](https://en.wikipedia.org/wiki/Gatestone_Institute)

~~~
petre
Here you go. MSM outlets.

[http://www.latimes.com/world/europe/la-fg-germany-refugee-
mu...](http://www.latimes.com/world/europe/la-fg-germany-refugee-
murder-20161205-story.html)

[http://www.independent.co.uk/news/world/europe/sweden-
refuge...](http://www.independent.co.uk/news/world/europe/sweden-refugee-
centre-attacked-rape-disabled-woman-gotland-claims-a7355186.html)

~~~
morsch
Those are reports of two individual cases, hardly evidence of a "recent wave
of rapes commited by migrants".

------
foreigner
It helps to give non-computer people a non-computer analogy: This is
equivalent to requiring the walls of the houses we live in and the clothing we
wear to be made out of special material which is opaque to us but see-through
to the police. This will keep us all safe! Anybody got a problem with that?

~~~
alerighi
When I hear people say that backdoors are a good thing, I say to them: so you
wouldn't mind either if an agent breaks into your home without permission,
reads and copies all your mail and documents, installs microphones and cameras
in every room, puts a GPS localizer in all your clothes so you are constantly
tracked. Surely you don't want that, well, and if they make the same things
through a backdoor in your phone, is it ok ?

~~~
taobility
I am all right with that, as I don't think my privacy is sensitive to the
agent, my email just normal email, no terrorism, no child porn, no drug etc,
why I would care they check it or not. Apple, Google, Microsoft already scan
all your online activities, why would they better than the government? You
guys always trying to mix the privacy and security. for the iPhone case, in
case the police need to unlock the iPhone to save hundreds of people's life,
are you guys still insist that Apple shouldn't unlock the iPhone for the cops?

~~~
sebmeister
Even if you do not care about the complete loss of privacy, are you not wary
about the methods for accessing the backdoors leaking to criminals and
antagonist governments? Which has already happened, see Vault 7 and numerous
other leaks.

~~~
petre
S/He will start caring when s/he will be arrested because of a May joke or a
neighbour denouncing him/her of being a terrorist. That is how it worked in
communist countries. Neighbour issues? Just write a denouncement and file it.
The Stasi will do the rest.

~~~
taobility
in which communist country? are you still living in cold war time?

~~~
petre
In just about every communist country. No, but I lived in a commie country in
the 80s and that's how things worked: microphones in your home, the secret
police forever taping your phone line, informant neighbours, state propaganda,
different radio bands so you won't listen to foreign media etc.

~~~
Operyl
He was making a joke about you using will vs would for your Stasi comment I
think.

------
nickbauman
I'd give her a chance to retract this anyway, but otherwise PM May has
revealed that she is either a fool or an autocrat. Either should get her voted
out of office.

~~~
Latty
Unfortunately, the public doesn't understand this. They just hear someone is
"fighting the terrorists" and don't care the policy is insane.

~~~
taobility
Actually the normal care more about the safety than what you said privacy. You
can choose what you called freedom and privacy, but I also have the right to
choose safety. Why you would say your choice is prior than my choice?

~~~
k-mcgrady
The 'safety' choice is misinformed. People have allowed what they see in the
media and what politicians are saying to cause them fear - fear which is
completely irrational. I noticed this during the Question Time debates in the
UK the other night where Jeremy Corbyn was hounded on nuclear weapons. Some
people in that audience seriously believe we are on the brink of nuclear war
and want someone in charge who has no issues dropping nukes on other people. I
was pissed off watching it until I realised they genuinely seem scared. But
their is almost no rational behind that other than things they've heard on the
news. The terror attacks in the UK in the last 3 months have been devastating
- but the number of deaths and even the number of injuries needs to be kept in
perspective when choosing to give up rights as important as privacy. One
choice is informed by logic and reason, the other by exaggeration and lies.

~~~
7952
I don't think it is fear exactly. More that people favour "strength" and
reject "weakness". Nukes are strong, and disarmament is weak. That is the same
choice people make again and again. The actual sense of the policy is ignored
in favour of simplistic rejection of naive liberal weakness (as they see it).

------
brian-armstrong
You can hide meaning in plain English just by making it hard to read your
intentions or the context that the sentence is given in. Take double entendres
for example. Should we ban any grammatical construction that could possibly
hide some second meaning?

~~~
dTal
It won't be necessary to ban ambiguity directly - the effect will be
accomplished by harshly policing any problematic _potential_ hidden meaning as
"subversive" or "hate speech". It will then be wiser to avoid such
constructions.

Of course it raises the question of what constitutes forbidden speech. To
answer that I would look towards the opinions you are already frightened to
voice publicly.

~~~
ue_
Isn't hate speech more of a different matter? I can't really see how it
relates except under the umbrella of restricting speech, and I'd argue that
there are various good reasons for restricting some speech, for example
assault and shouting 'fire' in a crowded theatre.

~~~
schoen
I'd like to encourage people who mention the "shouting 'fire'" thing to have a
look at Ken White's comments on this:

[https://www.popehat.com/2012/09/19/three-generations-of-a-
ha...](https://www.popehat.com/2012/09/19/three-generations-of-a-hackneyed-
apologia-for-censorship-are-enough/)

(brief excerpt from a much longer piece: "Holmes' famous quote comes in the
context of a series of early 1919 Supreme Court decisions in which he endorsed
government censorship of wartime dissent — dissent that is now clearly
protected by subsequent First Amendment authority. The three cases in question
arose from socialist criticism of conscription during World War One. The
criticism at issue, to modern tastes, was a clearly protected and rather mild
expression of opinion.")

------
age_bronze
This propaganda about good guys backdoors being impossible again. This is
cryptographic bullshit of the highest degree. We've had the DUAL_EC scandal,
for once, as an example of NSA backdoor which as far as was proved, only the
NSA could crack. And with the fact that the NSA had so many bad leaks, yet
still everyone except the NSA can't crack it, proved that backdoors are not
only possible, but were going on behind our backs.

Don't get me wrong - I'm completely against backdoors. But when you shift the
argument into "we won't do it because it's impossible", you're already
agreeing that it should be done, while your argument won't hold because it is
in fact possible.

There's three kinds of people: 1\. Non-technical people (theresea may) that
want backdoors are don't care about whether it's possible or not. 2\.
Technical users, with a vague general knowledge of cryptography, and the
imprinted thumb rule of "backdoors are bad" 3\. People with actual knowledge
in cryptography which had already been doing research about why it is possible
for years. Just a teaser:
[https://en.wikipedia.org/wiki/Kleptography](https://en.wikipedia.org/wiki/Kleptography)

Of course, the real issue would be the scale and the distribution of access to
the backdoor to various agencies.

~~~
dTal
I just posted a similar, if much less comprehensive comment. I'm troubled
you've been downvoted for this.

Your second point in particular is highly significant. In general, "it's
impossible" should be avoided as an argument when one's true objections are
ethical. You don't want to be left standing naked because of some clever
engineering.

~~~
jimnotgym
It depends what you mean by "it's impossible" when you are discussing 'good-
guy backdoors'. I don't think the article was saying its impossible just
because it is technologically hard. The article discussed at length that what
was impossible is that the keys would be guaranteed to stay in the hands of
good guys, and that the good-guys would always be good.

I think it is perfectly reasonable to say that that is impossible.

------
pier25
"Terrorists can discuss things in private at their homes so we are going to
put cameras on every home"

Same argument, just as ridiculous.

~~~
pwm
Give it a few more years...

~~~
amiga-workbench
Consumers are already willingly installing telescreens in their homes.

------
gaius
Think of something you don't do yourself, but would like to see banned. Could
be guns, drugs, fox hunting, cars, eating meat, religion, anything, it doesn't
matter.

Now consider there are people who feel exactly the same about your thing as
you do about theirs. Civilisation absolutely requires that for them to leave
you alone, you must be willing to do the same.

~~~
lazaroclapp
But there are things we do ban other people from doing (e.g. murder or owning
slaves, to pick uncontroversial examples). There are some principles that are
personal, but also some that are agreed on collectively, as a society or
civilization.

Of course, then nobody "leaves us alone" on these things, but we agree by
majority on first principles and then argue from those to collectively decide
what is allowed and what isn't (i.e. allowed from the people _and_ allowed
from the government). Free speech and privacy are examples of such principles.
So you can definitely have a social contract where mass surveillance is
unacceptable, but rules on not hunting endangered species or owning certain
type of weapons can exist[1]. I don't think May should be prevented from
arguing for surveillance, but by the same token, people also have a right to
oppose her on it.

Yes, this opens us to the possibility of losing the debate on encryption, at
particular times and historical periods. Whereas having the iron clad rule
that all can do as they please does not. But the later rule, applied in
extremis, makes civilization impossible. Because again, we do want to ban
people from doing certain things, that is what civilization means. The point
that we need to argue is that banning people from having privacy causes more
harm to what makes us human than a few horrific crimes do.

The anarchist posture is... complex. But the (absolute) libertarian posture is
hypocritical. It wants a very particular set of rules to apply and be enforced
by the state (e.g. private property), whereas decrying rules and state
enforcement in general.

[1] And U.S. gun-owning folks agree on having rules against owning some kinds
of weapons, I would think. At the very least I have never heard one argue for
their god given right to own an ICBM on 2nd amendment grounds... is just that
we disagree on the type of weapons that should be controlled.

~~~
gaius
Both murder and slavery involve other people directly, so they are obviously
out of scope for this

~~~
lazaroclapp
That's a valid point, I think, but I am not sure the line is as clear as you
make it out to be. What is your definition of 'directly' here? I can think of
ways in which e.g. hunting endangered species, owning weapons or eating meat
affect others. Note that, of those: I revile one, I am undecided on one and I
personally do another, but in all three cases I can think of ways they affect
me when others do each of those things. Sure, they affect me in a way that is
perhaps different than being the target of murder or slavery would, I'll
definitely agree with you on that. But it is a leap from there to saying that
those are matters society should not be involved in.

Consider nuclear proliferation: in theory it does not affect people
'directly', until it does (note that any logic about increased potential risk
applies to gun ownership too, at a different scale). Now consider pollution:
affects people directly, but in a diffuse degree. Vaccinations? (I was born in
a country where a specific set of those are _mandatory_ , I approve of that
[1]). There is a limit to how much a man is an island.

I am a firm believer in having a right to privacy; a strong, fundamental,
constitutional right. I would consider forms of deflection or civil
disobedience in a society that aligned itself too strongly against that right.
But that doesn't mean is not ultimately a matter of societal values of
societal construction.

[1] Obviously they are mandatory to those with a healthy immune system who can
be vaccinated, and a number of other caveats, but still, the state makes it
its business whether or not you vaccinate your kids, and we are better off for
it...

------
659087
It really does seem that these people have lists of power grabbing desires
ready and waiting for the next attack. I imagine this woman's first private
reaction to the news of this attack was not sadness or concern for the
victims, but joy/excitement about the possibility of exploiting the situation
to achieve her political goals.

------
jacquesm
Yes, let's increase the size of the haystack. I've yet to see proof that
having the ability to read each and every communication would have prevented
_any_ attack that from the last couple of years. For the most part the
criminals communicated in clear text SMS or on open phone lines or in game
chatrooms. If they needed advanced crypto that would prove at least that we
have done everything else to make their lives harder, but so far it looks as
if there is plenty of low hanging fruit.

Suggestion: reduce the size of the haystack further so that limited manpower
can be concentrated on those cases where it is actually useful rather than to
chase each and every 16 year old with a twitter account or a facebook page.

------
age_bronze
The real issue on putting backdoors, the way I see it, is that once you gave
one government an access, you've already set a precedence and you can now be
compelled by other governments to do the same.

Giving other governments backdoors would actually hurt the original country
more than the backdoor could ever help it.

Segmenting the software according to which government is given backdoor will
freeze the whole industry, and you would still have the unsolvable problem of
imported protocols with different countries backdoors.

If the problem was only "good guys"-"bad guys" it would be solvable, but there
are no good guys. There are so many countries, and each of them trust only
themselves.

------
jimnotgym
This is a good primer on the technical side of this madness. It is quite
accessible and therefore a good one to share with people who don't yet realize
that what May is trying to do will mean the end of the internet and tech
industry in the UK.

------
AdeptusAquinas
Misses an additional point: they would need to ban software development. Or at
least, dev by unapproved, unmonitored parties.

Code to encrypt using one (of the many) algorithms shipped in .NET (which is
open source right down to the compiler, and so hard to tamper with):

    
    
      RijndaelManaged RMCrypto = new RijndaelManaged();  
      CryptoStream CryptStream = new CryptoStream(NetStream, RMCrypto.CreateEncryptor(Key, IV), CryptoStreamMode.Write);
    

Even if they banned everything else, people who want to create secure
communications can do so with the aid of less than an hour of a capable
developer's time.

~~~
tetha
On top of that: How you you distinguish an encrypted document from a data
serialized according to a proprietary format?

As long as the algorithm to write the data is unknown and secret, this is
essentially a cryptographic algorithm - you can't read the information on disk
without the secret, unless you invest a lot of time. Weak crypto, mind you,
because we'll probably be able to decrypt it in polynomial time.

So suddenly, all storage formats need to be openly documented?

------
lottin
Very nice of the author to spell 'Iphone' and 'Ios' in accordance with English
capitalisation rules, refusing to submit to the idiotic dictates of some
marketing department. Well done sir!

------
cJ0th
The list which the author introduces with the words "This, then, is what
Theresa May is proposing:" sounds mad to anyone who knows anything about
cryptography but they (Theresa May doesn't differ much from her western
colleagues here!) really mean it! So even though they will not be able to
fully succeed in reaching their goal, they are going to make our digital lives
very, very miserable if we don't find a way to short-circuit such insane plans
asap!

------
pacifika
Perhaps we should no longer assume that politicians 'do not understand the
internet' and assume they are asking for changes in the full understanding
that they don't achieve the goal for which they're introduced.

As long as the situation that's being created is more favourable for them than
the current one it's a net benefit.

Short-term politics is the biggest threat to UK society at the moment and the
current government is particularly good at it.

~~~
daemin
I'd say the reason that the people in power want to be able to collect all
information is not to protect the people, but instead to protect themselves
and their friends in powerful positions.

One of the main threats to these large organisations and the people at the top
of them ate journalists and whistleblowers. Because those are two groups of
people that can provide critical data and reasoning on bad and evil things
that are done within such large organisations.

So having the ability to find out who said what to whom will allow them to
crack down or reporters and journalists before they can get their stories out.
And it will allow them to trace and find out who the people are leaking
sensitive information outside and deal with them.

In some way this is about protecting the people, just not the people we are
all thinking of.

------
wbillingsley
It does not help that the tech companies preach a kind of false equivalence
here. Part of their argument is that they are investing a lot in ensuring they
can "take down" these posts quickly.

So, the legal system in most countries is that if you post something
explicitly (not in jest, or metaphor, but quite deliberately and with the
intent of other people's death) asking people to murder other people, that is
something that you perhaps ought to be charged with an offence over.

Meanwhile Facebook, etc, essentially argue that ok, they posted a request for
the murder of a lot of people, but hey, we took it down after only a few
thousand people read it, and we've closed the account (until they open another
one), so that's job done, no need to prosecute any further, you shouldn't ask
us to cooperate with police, we've got adverts to sell here.

Small wonder that governments are changing the law, when tech companies regard
requests to kill people as something that, if really pushed, they'll treat as
equivalent to how they handle copyright infringement, but actually there's
less money in it for them so would you mind if it was a bit further down the
planned feature list.

~~~
jamesshorten
So how should they proceed without fundamentally altering the way their
platforms work?

------
imron
Mathematicians: 2 + 2 = 4

UK PM: We'd like you to make it so that 2 + 2 = 5.

Mathematicians: That's mathematically impossible

UK PM: You just need to try harder

------
alkonaut
This is obviously nonsense - but I'm not envious of someone who has to stand
at a podium and say _something_ that will make voters believe you'll sort this
problem. Nigel Farage just suggested internment camps (on Fox News). That's
where we are now.

I don't think May's suggestion has any way of ever working - but her listeners
don't understand that. This is populism in its purest form.

~~~
mhh__
It would seem we've been able to see the real Nigel Farage, now that he has
moved away.

------
banku_brougham
I think by now our surveillance protectors already have total information
awareness, well perhaps 90% of the information and not very great awareness.
But i doubt lack of information is limitation on awareness. They could do a
lot better even with less information, i suppose.

So why demand ever more intrusive powers? I think its just an excuse, and that
they dont have great ideas to preempt attacks.

------
microcolonel
Man, I really need to move to the U.S.

Canada is becoming hostile to speech and the family with M-103, C-16, and
Ontario Bill 89. Britain had to choose between a man who doesn't understand
the nuclear deterrent and who would screw them in their biggest negotiation
for decades, who would probably end up controlling the internet for
antisemitic causes rather than ostensibly counter-terrorism causes; and a lady
who doesn't understand any of the technical implications of the whoops-
tyrannical policies she presents (in the _middle_ of a campaign no less, are
they all daft?). And because the UK Tories didn't do the smart thing and hang
on to their popular moment for dear life to secure a supermajority, there's a
hung parliament, which is only slightly better than the probably-antisemitic
national socialist labour party getting a majority.

Prime minister doesn't even pretend to be meritocratic, denigrates his cabinet
by saying that they were picked for their gender. The Social Justice Tribunals
(actual name of the institution, not hyperbolic slur) are out of control. At
least the U.S. has a real constitution, which at least purports to protect
freedom of speech, the right to petition, and the right of the people to keep
and bear arms.

Britain and Canada are sinking into the earth's core under smiling faces, and
DJT is somehow making America better despite being a rough buffoon. Every day
is opposite day.

------
_0ffh
No sane non-UK company will want to do any R&D or other sensitive stuff in the
UK anymore, lest GCHQ leak their communications to their UK-based competition.

------
boyter
Do it May, I dare you.

It will launch the geek equiilivelent of the Manhattan project to find the
master keys, and whoever does find them will become incredibly rich and
powerful.

------
pmoriarty
One word: Steganography

[https://en.wikipedia.org/wiki/Steganography](https://en.wikipedia.org/wiki/Steganography)

~~~
firethief
I don't see how that applies. Steganography cannot be used to hide encryption
on a large scale because all steganography techniques depend either on the
obscurity of the technique or on disguising encrypted data as other opaque
encrypted data. You couldn't e.g. use steganography to hide that you're
accessing a website via TLS because the client needs to know how to
communicate with the server, and there's no way to make that possible for
arbitrary citizens but not for government agents.

------
yodsanklai
> If you want a preview of what a back door looks like, just look at the US
> Transportation Security Administration’s “master keys” for the locks on our
> luggage

Good point. I have the same issue in my building. The postman has a master key
to open the mailboxes. Apparently, these master keys are now well-spread and I
can't order packages anymore as they get stolen.

------
laythea
Even if this was actually possible to do without compromising our security, it
would not achieve anything as the bad guys will just use alternative methods
to achieve their goals.

End game: Society will be none the safer, and the government/puppet masters
will have total surveillance.

------
kukabynd
If 99.99% of made transactions are not malicious in nature why should people
who made those transactions suffer? There are other means to detect suspects
that don’t ask for a cost of a privacy of the nation.

On the whole other point of this don’t you think there’s a chance to the
possibility that certain terror/cyber attacks were made by some intelligence
agency? Timing on this is too convenient.

Besides, there is no known method that can resolve all types of cryptographic
methods thus it makes it useless spending of taxpayers’ money.

------
geff82
To all my still-EU-cocitizens: you still have the possibility to leave your
neo-facist country for another part of Europe. It will not get better, as the
anglo-saxon world is currently destructing itself.

------
jk2323
Why do they want to ban crypto? Because of terrorism? Why does Poland or
Hungary don't want to ban crypto and why don't they have terrorism?

Easy solution: Ban Islam and Muslim migration.

------
squarefoot
Using fear to push for restrictive laws is not news, pretty much every
government did it or will do it one day. It's just too tempting, people will
accept the restrictions as a mean to fight terrorism/pedophiles/serial
killers/$CURRENTENEMY etc. until the new laws will be slowly and silently used
to quench dissent.

------
moomin
The article is pretty sniffy about Hogwarts' security, but it's missing an
important point: magic can detect intent. So yeah, it might be possible for
Harry Potter to build what Theresa May is asking for, but a) he doesn't exists
and b) I'm pretty sure it'd be against his progressive principles.

------
IvanK_net
If I had to explain the basics of "information" and "communication" to average
people, I would say something like this.

There is no difference in the communication over the internet, over the letter
mail, or verbal communication with voice. The encryption can be used in any
form of communication. And the problem of banning it is always the same.

Banning the encryption is impossible simply because detecting the encryption
is impossible. When you see two persons on the street, one says that the
weather is nice, and the other responds that the grass is green, you can never
know if there is some hidden message in their communication. Encrypted
information can always be "tunneled" through unencrypted channels. Even if you
ban all computer apps with encryption, you ban people from making own apps,
make every person wear a microphone and a camera 24/7, there will always be a
way to deliver information from one person to another without anybody else
knowing about it.

Actually, banning encryption apps may be good for privacy, because you never
know if the app maker made some backdoors in their encryption method and he
already sells your information to somebody.

~~~
6Typos
>Actually, banning encryption apps may be good for privacy, because you never
know if the app maker made some backdoors in their encryption method and he
already sells your information to somebody.

IMHO, the answer to this lies in Open Source + reproducible
builds/compilation. Not in banning/not using apps that promise privacy.

If what you're trying to achieve is awareness about the possible false sense
of security (when not appropriate), then the answer is educating people about
it.

EDIT: Typos/Grammar.

------
davidf18
The truth is that Britain and the US has been funding Palestinian terror for
years and PM May knows this but refuses to withdraw funding:

[https://www.nytimes.com/2017/05/02/world/middleeast/palestin...](https://www.nytimes.com/2017/05/02/world/middleeast/palestine-
mahmoud-ab..).

"The issue of payments to families of suicide bombers and others who commit
violence has become a frequent complaint by Israel and its supporters. The
Palestinian Authority spends about $315 million a year to distribute cash and
benefits to 36,000 families"....

Only last week the Palestinians named a women's center after Dalal Mughrabi
who hijacked a bus on Israel’s Coastal Road and killed 38 civilians, 13 of
them children, and wounded over 70.

I feel the pain of the British from the terrorist attacks, but why don't they
stop all funding to the Palestinians until we can be certain they are no
longer funding terror nor glorifying terrorists? Why doesn't President Trump
stop all funding if he is truly serious about combatting terror?

~~~
davidf18
It is very disturbing that people have down voted this implying the believe it
is OK for US and British taxpayers to fund and incentivize Palestinian
terrorists and funding a Palestinian government that names a women's center
after a terrorist.

~~~
lehi
Yitzhak Shamir was the leader of a self-avowed Zionist terrorist group that
directly orchestrated the murders of hundreds of civilians, politicians,
policemen, and scientists.

Israel made him Prime Minister and, in honor of his centenary in recent
months, has named research institutes and hospitals in his memory to add to
the streets and parks that already bore his name.

How much funding and incentive has Israel received from US and UK taxpayers?

~~~
davidf18
When it comes to terror, there is no middle ground. If you are against terror
in the Britain and the US then you are against terror in Israel.

> "hundreds of civilians, politicians, policemen, and scientists"

Please cite your sources. The British had appointed the head of the
Palestinians a terrorist who was responsible for the deaths of 73 Jewish
students in Hebron in 1929 including 10 Americans. It was this man who became
"The Grand Mufti of Jerusalem" who later spent WW II as a guest of Hitler's in
Berlin. This man who was appointed by the British wanted Hitler to bring "The
Final Solution" to the Middle East.

It was Israel which bombed the Iraqi Nuclear Reactor which made Operation
Desert Storm far easier than it would have been if Iraq would have had nuclear
weapons. Israel is committed to fighting terror and not letting terrorists get
away with terror. See Steven Spielberg's movie, "Munich" about how the
Palestinian terrorists that killed 11 Israeli athletes in the 1972 Munich
Olympics were tracked down and killed. Or see how once prevalent airplane
hijackings were stopped by the Israeli "Raid on Entebbe" which itself was
featured in 3 different movies.

There has to be zero tolerance for terror. The Palestinians, instead of
combatting terror embrace it. They honor terrorists and they pay them and
their families over $300 million per year of US and British taxpayer money.

[http://www.timesofisrael.com/un-chief-pulls-support-for-
pale...](http://www.timesofisrael.com/un-chief-pulls-support-for-palestinian-
womens-center-named-after-terrorist/)

"Palestinian Media Watch, which first brought attention to the naming of the
women’s center, recently quoted a local village leader saying that “the center
will focus especially on the history of the struggle of Martyr Dalal Mughrabi
and on presenting it to the youth groups, and…constitutes the beginning of the
launch of enrichment activities regarding the history of the Palestinian
struggle.”

In addition to the women’s center in Burqa, the PA has named a number of
events and facilities in honor of Mughrabi and the other terrorists who died
during the massacre in a firefight with Israeli security forces, with the
ruling Fatah party repeatedly hailing them as “martyrs.”

There will never be a Palestinian State until the Palestinians elect
leadership that denounce terror instead of embracing it.

------
jsjsjsjsjsjs
If they ban secure software it surely will work as terrorists are law-abiding
citizens. Right?

------
a_c
About the Travelsentry locks, what happen if someone from the airport open
your luggage, and tamper with the content?

How can one be sure that the content their luggage has not been tampered with?
I assume the answer is no but would love to hear otherwise

------
jimnotgym
Lots of discussion earlier here
[https://news.ycombinator.com/item?id=14480758](https://news.ycombinator.com/item?id=14480758)

------
blazespin
The solution is a drivers license to use the internet. No more anonymity.
Can't create backdoors(that'd be like removing the steering wheels from cars),
but the internet is a public space like our highways. You can cause a lot of
damage there, so you should have a license or passport.

Controlling speech or disabling crypto is very Orwellian.

obfuscating crypto is trivial. God Kay must either be as dumb as Trump acts or
think we are all stupid.

~~~
akersten
> The solution is a drivers license to use the internet. No more anonymity.

That's not a solution, that's a failure and a regression. There is nothing
wrong with the way the internet works right now.

~~~
blazespin
Wow, really? The internet is very very broken. I believe in privacy, but I am
also a very very big believer in accountability.

Anyways, disabling crypto is super stupid. We all agree on that. Terrorists
will just embed crypto in images.

Kay also wants to restrict access to pron but that's her hang up.

~~~
akersten
> Wow, really? The internet is very very broken.

It works fine for me. I view the pseudo-anonymous nature of the Internet as a
feature, not a bug.

I think we agree fundamentally that attempting to ban or restrict math is
ridiculous. For the sake of discussion - what specifically about the current
structure of the Internet is broken? You allude to accountability, but it's
fairly easy for law enforcement to track someone down (in the "not-
using-7-proxies" case - and even then, just repeat step 1 below):

* Subpoena a site for IP records

* Subpoena their ISP for subscriber information

Now, whether that person is actually located somewhere actionable is another
question - but that's a geopolitical problem, not an Internet problem. The
first point - sure, maybe a site doesn't keep IP logs. Are you saying it
should be mandatory to track the source of posts? (Should it be mandatory for
physical establishments to log the biometrics of visitors? If the answer to
these questions is different, why?)

How would your proposal for tying Internet access to physical identity (e.g.
drivers' licenses) impact access for those in developing nations? There are
already a lot of hoops for them to jump through to get online.

Edit: I didn't downvote, by the way - I do still believe in the HN ethos of
only downvoting spam/meme posts. People should have a chance to read both
sides of a discussion.

------
dTal
>there's no back door that only lets good guys go through it.

Much as I agree with the general principle, this argument is flawed (except
insofar as 'good guys' do not remain 'good'). What exactly is a crypto key, if
not a "back door that only lets X go through it"?

~~~
zxcmx
I think what gets missed is that communcations interceptors are an entire
platform (not just a key somewhere). There are lots of computers glommed onto
the network to make the capability happen and humans to manage them.

The hard part is managing keys, access, storage, networking etc. The security
on a lot of "lawful access" systems for cell networks is not as great as one
would hope, and the LI system is sometimes the _goal_ of attackers in a telco.

Just the capability (click n clone or tap to disk) is dangerous even when
turned off. Of course, no one actually makes a telephony system without LI...

------
logicallee
I don't want to make this too political, but I am really curious about
people's perspectives. Please stay like close to the center in your response
to my question, _obviously it is easy to make a kneejerk response_. (I address
this at the end of this comment.)

So, we heard about a recent terrorist that he was banned from his Mosque (for
being too radical), reported by other Muslims, and that the FBI also reported
him to the UK.

What do you guys think that the UK should do in this case?

I mean let's take an absurd example of a petition by 50 people from mosques
and community saying, "Hey, this person is not a member of our community but
is spouting radical nonsense and wants to commit terror."

In this case what should be done?

I am drawing a complete blank, because it doesn't take long to prepare
terrorist acts but until you do them you aren't really a terrorist.

The only thing I can think of is something that even I can see would be a
joke. If the government came to me and said, "hey we received over 12 people
asking us to watch you because you are a terrorist. We'd like you to
voluntarily participate in civilization training to better understand why
terrorism is wrong. You'll get £200 for participating."

But I can hardly type that without it sounding like a joke. I mean there's
politeness but this sounds just absurd. (I added the £200 part because I think
there is no way they would agree otherwise. But if it's not voluntary then
that doesn't sit right with me either.)

So in this actual, real-world case, what should the UK have done?

I don't think increasing surveillance so that you catch someone between the 45
minutes it takes them to inform themselves how to perform terrorism, and going
and doing it. People are pretty strong and powerful and have a million tools
of every kind, more surveillance couldn't possibly help here, I mean the
reaction time would have to be like seconds from when someone chooses to start
googling how to do terrorism to making a concrete enough plot to be criminal.
It's just not a solution.

So returning to my question -- for the case I mentioned, what should we done?

 _Note: I understand that it is easy to make a flippant, knee-jerk response.
For example, it is easy to say, "if someone reports a muslim for radical
speech the reported muslim should be thrown in prison without a trial, and
throw away the key". I really don't want to start a thread like that so please
don't respond if you have attitudes like this: I've represented your response
in this last paragraph and ask you please not to derail this thread on this
subject. Yes, it is very easy to deal with if totalitarianism is okay. I
specifically say this because I know people in real life who would make
exactly this response or one exactly like it. That is not my question and I've
represented this position in this paragraph, no need to repeat it, and you
would just get downvoted. In this comment I am asking for people's practical
ideas that are close to the center, if they have any. Thank you._

~~~
CamperBob2
What should we do?

We should man up (metaphorically speaking) and accept that a few attacks from
violent nutcases every so often are the price of living in a free society.

~~~
logicallee
this is fair, but you do have to be careful because as you may or may not
know, many parts of the world are literal war zones. So "a few" can become "an
explosion in London killing 10-30 people, occurring about once a year". Or
once a month. Or twice a day.

Obviously you do agree that at some point there is a line to draw. so the
argument for finding the _solution_ to this early on is not without merit.

"a stitch in time saves nine." Maybe two pamphlets sent twice a year to every
address in the UK, describing why civilization and a free society is great and
explaining why it means not blowing people or yourself up, would solve these
people. If that costs £70 million per year but cuts terrorism down by 85%, how
many people need to die before you would say, hey that's worth doing: 100
people a year? 500? 1,000? 5,000? 10,000? At that point it costs taxpayers
around £7,000 per victim and since fatal victims of terrorism stop paying
taxes at that point it is free.

I Googled how many people died from Terrorism in the UK. This article from
literally yesterday says....

[http://www.telegraph.co.uk/news/0/many-people-killed-
terrori...](http://www.telegraph.co.uk/news/0/many-people-killed-terrorist-
attacks-uk/)

Well, that article says:

\- 13 people died because of terrorism in the UK between 2010 and 2015.

So obviously we are very far from that metric. Actually this kind of supports
your assertion.

It doesn't mean nothing needs to be done but your point is a lot stronger than
I thought! Thanks for the response.

------
stesch
Fur fubhyq ona greebevfz.

------
awqrre
everything should be public, especially Government secrets...

------
id122015
why not educating people instead of banning ?

------
sleavey
Terrorism happened before the internet.

------
kradem
Imo this isn't about legislative of today, rather about the
philosophy/politics of today responsible for the legislative of the future.

Today's cryptography is like the ice sculptures art, we could show a lot, but
on unstable timeline.

The true art is going to come with the quantum computers and the governments
will have to have legislative for someone sending messages to someone else
because they won't have any other tool available.

