Feeds

So, what shall we ban next?

John Keegan

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

Bomb the ISPs - Daily Telegraph


Surely this mean that we should ban shortwave radio? Ham radio? These are also methods of communicating securely when combined with that all time favourite a pen, pad and codebook! Ban biros - they can be used for cryptography.

Oh, and we'll have to ban going for walks, these can be used for dead-drops, we'll have to ban books because of book code and I suppose we'll ban all recordable media because of the steganographic potential. Further to this, why not ban all books about cryptography, all cryptographic papers, Radioshack and radioshackalikes, photography, computers and playing cards!

I jest of course. But it's all very much like Gore Vidal and cellphones. Further to this there is bugger all anyone can do about any of the above apart from working out effective methods of penetrating terrorist organisations. You can't ban a pen and paper after all... Well it would piss a few hacks off anyway.

If anything banning crypto on ISPs will have the opposite effect. Serious criminals will find more devious ways of hiding.

John Everitt




What about the menace of web cafes, and webmail? Maybe Mr Keegan hasn't noticed those strings of people queuing all over central London to hand over untraceable cash to log into their own personal, non-localised, anonymous communications systems. Some of them look suspiciously foreign.

Just as long as those cruise missiles aimed at easyeverything in Oxford Street don't hit the New York Port Authority offices a couple of doors down in Stratford Place, which would presumably not be acceptable collateral damage.

Guy E.S. Herbert




It's too late to retract the encryption genie.

The global economy, including all financial institutions, relies heavily on digital certificates, SSL, VPNs, ssh, PGP, strong symmetric andasymmetric encryption products, and to a lesser extent, S/MIME.

This journo's insane rant is completely impractical: any decent security person will be able to get around any type of automatic ingress/egress filtering that an ISP would be able to use without disabling itself.

C&W's internal global network is now a MPLS VPN using its own Internet infrastructure, and it is encrypted. Who would tell a major multinational, let alone all the millions of business relying on this cost-lowering and business enabling technology (it takes seconds and no dollars to add another subsidiary) that they can no longer use the Internet safely?

Just as we shouldn't have anyone trolling through an exchange at random to listen on in on calls, we shouldn't have anyone randomly trying to listen to the Internet (a la Carnivore), although I'm sure it does happen.

Encryption is not the problem people think it is: if you have been granted a warrant to establish a tap, it shouldn't be that hard to get permission to get a keyboard intercept, which allows the private key pass phrase to be recorded. This protects us against extra-judicial eavesdropping, and is legal and valid under all the major legal systems.

The idea of going back to the old ways is not practical nor do-able in any time frame.

Andrew van der Stock

High performance access to file storage

More from The Register

next story
Spanish village called 'Kill the Jews' mulls rebranding exercise
Not exactly attractive to the Israeli tourist demographic
Oz bank in comedy Heartbleed blog FAIL
Bank: 'We are now safely patched.' Customers: 'You were using OpenSSL?'
Happy 40th Playmobil: Reg looks back at small, rude world of our favourite tiny toys
Little men straddle LOHAN, attend tiny G20 Summit... ah, sweet memories...
Forget the beach 'n' boardwalk, check out the Santa Cruz STEVE JOBS FOUNTAIN
Reg reader snaps shot of touching tribute to Apple icon
Lego is the TOOL OF SATAN, thunders Polish priest
New minifigs like Monster Fighters are turning kids to the dark side
Dark SITH LORD 'Darth Vader' joins battle to rule, er, Ukraine
Only I can 'make an empire out of a republic' intones presidential candidate
Chinese company counters pollution by importing fresh air
Citizens line up for bags of that sweet, sweet mountain air
Google asks April Fools: Want a job? Be our 'Pokemon Master'
Mountain View is prankin' like it's 1999...
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.