Feeds

Straw slams civil liberties lobby

Do you speak Gibberish?

  • alert
  • submit to reddit

Security for virtualized datacentres

Foreign secretary Jack Straw launched a scathing attack on the civil liberties lobby in an interview on Radio 4 on Friday.

Mr Straw, who pushed through some pretty Draconian laws while home secretary, complained to the Today programme that he was held back by civil liberties groups and was forced to water down police and secret service surveillance powers (in the RIP and Terrorism Acts, to name two).

It was tied in with the US terrorist attacks of course. Mr Straw said: "It wasn't Big Brother government. It was government trying to put in place increased powers so we could preserve our democracy against this new type of threat. Now people are saying: 'Why are these terrorists here?'" Which somewhat underlines many people's views of Jack Straw.

The argument is that if the police had been allowed to decrypt every email sent in or through the UK, then we would have no terrorists in Britain - and that that is far preferable to the government being allowed to snoop into our private or commercial lives whenever they fancy.

Smarting

The government is smarting from revelations that terrorists - some connected to the US atrocities - are working in Britain and had/maybe-still-are using the UK as a base. Current home secretary David Blunkett has also gone to town by advocating ID cards - a frequent government solution to embarrassing matters that it can't control.

However, UK citizens have stepped into the argument using their weapons of logic and rational thought over political frustration, ill-informed evangelising and desire for power. Newsgroups have been buzzing with informed comment.

How exactly would extensive powers for the police to eavesdrop on every UK citizen have helped prevent the appalling attacks in the US?

Below are just a few comments we've seen:

"At the back end of the cold war, I was a party to several defence and intelligence policy studies that concluded that the new style threats that we would face would require a shift of resources from electronic to human intelligence assets in order to maintain effective defences. It would be interesting to look at the split of the UK intelligence budget between MI5/6 (spies) and GCHQ (electronics) over the last decade to see if any such shifts have taken place. I hope that Parliament will look into this once
the dust has settled."

"They [the terrorists] seem to have made some use of e-mail but it was all unencrypted and (without the benefit of hindsight) apparently innocuous. If I was involved in an undertaking with a thousandth as much at stake, I would want to look my confederates in the eye to see how they reacted to what I said."

"Both government and broadcasters have framed the debate as a platitudinous 'balance' between civil liberties and public safety. But this was always a false dichotomy - the main thrust of criticism against the RIP Act is that it is completely ineffective. Four methods have been suggested for dealing with criminal use of encryption. Three are fatally flawed, but more importantly, they try to solve to wrong problem."

"The problem is that no politician would have the guts to say that the chief object of policy was suborning commercial and institutional traffic."

"I don't think that any amount of signals intelligence, however intrusive, would have caught them. They were far too careful and especially too sparing in their use of telecommunications. More powers to intercept or to decrypt are simply barking up the wrong tree. In fact, without some infiltration of the organisation, I don't think there was anyway of catching them before they got to the airport."

"I do not blame the electronic intelligence agencies for what has happened since not even they can subvert the laws of physics."

"Attempts to blame those who fought against GAK in RIP are, in my view, attempts to divert attention from the real issue - why Jack Straw and his friends in law enforcement spent so much time on RIP instead of on other measures that would have stood more chance of success agianst the sort of attacks we have now experienced."

"Nobody seems to have mentioned the extreme loyalty within Arab groups - not just to families, but also to the leader of the group. This has been explained to me by several people who have worked out in the Middle East."

Mass attack

We have covered in the past how encrypted messages can easily be hidden from authorities - most simply by putting a second encrypted message within the first. The fact that the attacks happened without security services having the slightest idea would suggest a very small, compact group as opposed to a huge conspiracy.

Would mass surveillance locate such a group? The likelihood is minute. Then of course there is the implicit assumption that the terrorists were so stupid that they wrote huge swathes of what they intended in straightforward text and send all of it over the Internet in the form of emails.

Unless all of these assumptions are true, mass surveillance would be of very little help. There can little doubt that much of the organisation was done face-to-face, because that is simple human interaction. It is very hard to persuade someone to do something (like kill themselves) over email.

And when it comes down to fine details, how much information is needed to inform someone of which flight to board, or which embassy to bomb? None at all. Not in terms of the billions of bytes criss-crossing the Internet every second.

In short, where we have failed is in insufficient human interaction with dangerous people. Technology has the unnerving effect of making you believe that because you have so much information then you have captured everything you need to know. Nothing could be further from the truth.

If all this intended surveillance had no palpable effect on commercially sensitive information; didn't mean that the authorities would have unreasonable access to your personal details; wouldn't allow for simple abuses and threats, we would welcome it.

But it does and we don't. ®

Related Stories

Broader surveillance won't prevent terrorism -Schneier
Internet Security: We're all responsible
Brits want ID cards, not worried about privacy
Americans want Uncryption

Choosing a cloud hosting partner with confidence

More from The Register

next story
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
'Cowardly, venomous trolls' threatened with TWO-YEAR sentences for menacing posts
UK government: 'Taking a stand against a baying cyber-mob'
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.