So, what shall we ban next?
Surely this mean that we should ban shortwave radio? Ham radio? These are also methods of communicating securely when combined with that all time favourite a pen, pad and codebook! Ban biros - they can be used for cryptography.
Oh, and we'll have to ban going for walks, these can be used for dead-drops, we'll have to ban books because of book code and I suppose we'll ban all recordable media because of the steganographic potential. Further to this, why not ban all books about cryptography, all cryptographic papers, Radioshack and radioshackalikes, photography, computers and playing cards!
I jest of course. But it's all very much like Gore Vidal and cellphones. Further to this there is bugger all anyone can do about any of the above apart from working out effective methods of penetrating terrorist organisations. You can't ban a pen and paper after all... Well it would piss a few hacks off anyway.
If anything banning crypto on ISPs will have the opposite effect. Serious criminals will find more devious ways of hiding.
What about the menace of web cafes, and webmail? Maybe Mr Keegan hasn't noticed those strings of people queuing all over central London to hand over untraceable cash to log into their own personal, non-localised, anonymous communications systems. Some of them look suspiciously foreign.
Just as long as those cruise missiles aimed at easyeverything in Oxford Street don't hit the New York Port Authority offices a couple of doors down in Stratford Place, which would presumably not be acceptable collateral damage.
Guy E.S. Herbert
It's too late to retract the encryption genie.
The global economy, including all financial institutions, relies heavily on digital certificates, SSL, VPNs, ssh, PGP, strong symmetric andasymmetric encryption products, and to a lesser extent, S/MIME.
This journo's insane rant is completely impractical: any decent security person will be able to get around any type of automatic ingress/egress filtering that an ISP would be able to use without disabling itself.
C&W's internal global network is now a MPLS VPN using its own Internet infrastructure, and it is encrypted. Who would tell a major multinational, let alone all the millions of business relying on this cost-lowering and business enabling technology (it takes seconds and no dollars to add another subsidiary) that they can no longer use the Internet safely?
Just as we shouldn't have anyone trolling through an exchange at random to listen on in on calls, we shouldn't have anyone randomly trying to listen to the Internet (a la Carnivore), although I'm sure it does happen.
Encryption is not the problem people think it is: if you have been granted a warrant to establish a tap, it shouldn't be that hard to get permission to get a keyboard intercept, which allows the private key pass phrase to be recorded. This protects us against extra-judicial eavesdropping, and is legal and valid under all the major legal systems.
The idea of going back to the old ways is not practical nor do-able in any time frame.
Andrew van der Stock
Sponsored: Magic Quadrant for Client Management Tools