Feeds

EC wants to suppress internet bomb-making guides

Eurocrats, terrorists vie for techno-dunce supremacy

Secure remote control for conventional and virtual desktops

The European Commission (EC) has announced plans to frustrate terrorism by suppressing online guides on bomb-making.

"It should simply not be possible to leave people free to instruct other people on the internet on how to make a bomb – that has nothing to do with freedom of expression," EC vice president Franco Frattini said yesterday.

Mr Frattini is "responsible for Freedom, Security and Justice."

When asked how the EC planned to suppress web bomb manufacture instructions hosted outside EU borders, it appeared that officials planned to act at the level of ISPs in Europe.

The Times quoted a commission spokesman as saying: "You always need a provider here that gives you access to websites. They can decide technically which websites to allow. Otherwise, how would China block internet sites? There are no technological obstacles, only legal ones."

According to the Telegraph's Brussels correspondent, "internet service providers would face charges if they failed to block websites with bomb-making instructions".

Mr Frattini and his EC subordinates appeared to have no plans for dealing with bomb instructions sent via email, browsed over encrypted relays such as Tor, sent by post, or physically transported. Nor did his plan offer any serious chance of websites being blocked at hundreds of ISPs in time to prevent full details being obtained by anyone who wanted them. Nor did it take account of the speed with which controversial information can be - and usually is - mirrored.

If the UK papers' reports are correct, Frattini and his advisors are fantastically ignorant of internet realities. The timing of the announcements seemed to respond with recent comically inept terror attempts in London and Glasgow. Given that those involved had clearly failed to do any internet research whatsoever before mounting their addled and ineffectual campaign, Mr Frattini's outburst yesterday wasn't just ignorant, but irrelevant too.

Anyone with even very basic net savvy is going to be able to get bomb-making instructions despite the laws Mr Frattini tries to push through this autumn. Even total web dolts with contacts outside the EU will be able to get information forwarded to them. A dunce's cap, please, for Frattini and the EC Freedom, Security and Justice apparat. Off to the corner with them.

A rather more crafty - if still, ultimately, doomed - strategy has been seen in recent times. Dame Stella Rimington, head of MI5* in the 1990s, penned spy novel At Risk after she retired. In it, Muslim terrorists seeking revenge for a murderous US air attack in Afghanistan (how balanced) manufacture a homemade bomb. Rimington describes the process in detail, but rather than being the real deal it is lifted wholesale from a spoof webpage.

Presumably some wannabe terrorists, cleverer than last weekend's UK ones, but still not too clever, might be taken in by this sort of thing; especially if they had only read Rimington's book, which doesn't include the giveaway at the end. Only a little bit of effort by the spooks could easily see a lot of more realistic fake-instructional websites out there, making the would-be bomber's job that much harder.

Serious terrorists, of course, will always carry out tests before going operational; but a spoofing effort would cost very little and could frustrate the less diligent bomber. Even the better class of attackers could be led to waste time and resources, and perhaps to reveal themselves by accident. Such initiatives may well be underway, in fact. They'd be at least as effective as Mr Frattini's plans, but would offer no opportunity for political posturing.

Going back to Ms Rimington and her novels, the matter of whether she's playing fair with her paying readers is for them to decide. Given that the first book contained one arguable counter-terror plant, reams of MI5 publicity material and in the end the true villains were revealed to be MI5's hated rivals in the Secret Intelligence Service (aka MI6), one could say that she should pay people to read it rather than the other way round.

Once a spook, always a spook, it seems. ®

*Actually the UK internally-oriented spooks are formally titled the Security Service. The title MI5 was officially dropped in 1929, but people still use it (perhaps because they might otherwise have to abbreviate to "SS").

Beginner's guide to SSL certificates

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
YARR! Pirates walk the plank: DMCA magnets sink in Google results
Spaffing copyrighted stuff over the web? No search ranking for you
In the next four weeks, 100 people will decide the future of the web
While America tucks into Thanksgiving turkey, the world will be taking over the net
Microsoft EU warns: If you have ties to the US, Feds can get your data
European corps can't afford to get complacent while American Big Biz battles Uncle Sam
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.