Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: What technical countermeasures are there for the UK's snooping agenda?
7 points by marcuspovey on April 18, 2012 | hide | past | favorite | 3 comments
The UK plans to intercept all electronic communication. They currently don't plan to snoop on content, but as noted elsewhere connection data is just as invasive.

To me this is both a civil liberties and business risk problem. I view my list of business contacts as confidential information and I don't trust the government not to leave this information on a train somewhere.

Legal solutions are one thing, but the snoops keep raising their heads, so my feeling is that we need to actually find a way to make this sort of thing technically impossible.

Content encryption is already largely solved, although for email we still need a critical mass of people using PGP or similar.

VPNs just seems to push the problem to another jurisdiction, and if this is an agenda all governments will one day pursue, this will become decreasingly useful.

What can an individual do to protect content and connection data? Onion routing for mail servers? Do technical solutions rely on everyone doing it and so are unlikely to get much traction?

This is a tricky question.

People talk about "privacy" and "anonymity" but these two concepts can be contradictory. (Especially if you're using public key encryption. The key ties a message to an identity pretty solidly.) You're asking for message meta data (TO and FROM) to be private.

I suppose Chaffinch[1] could be adapted with some kind of anonymous re-mailing system such as Cypherpunk[2] anonymous remailers.

Note that the only thing the new law adds is "real time" monitoring of meta data. They already have permission to do retroactive monitoring of meta data.

There is a mailing list with many knowledgable people and they probably discuss this in depth. It's UKCRYPTO[3]. (They're the kind of people who should be on HN.)

[1] (http://www.cl.cam.ac.uk/~rnc1/Chaffinch.pdf)

[2] (http://anonymous.to/tutorials/anonymous-remailers/)

[3] (http://www.chiark.greenend.org.uk/mailman/listinfo/ukcrypto)

I suppose the same way citizens in other countries with 'authoritarian regimes' circumvent snooping - go with an outside country provider who wants to protect your civil liberties.

To me it seems that all governments are following this agenda, whether for surveillance for its own sake or to counter "Piracy"... so I think the list of safe harbours will only decrease over time...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact