Feeds

EC wants to suppress internet bomb-making guides

Eurocrats, terrorists vie for techno-dunce supremacy

Mobile application security vulnerability report

The European Commission (EC) has announced plans to frustrate terrorism by suppressing online guides on bomb-making.

"It should simply not be possible to leave people free to instruct other people on the internet on how to make a bomb – that has nothing to do with freedom of expression," EC vice president Franco Frattini said yesterday.

Mr Frattini is "responsible for Freedom, Security and Justice."

When asked how the EC planned to suppress web bomb manufacture instructions hosted outside EU borders, it appeared that officials planned to act at the level of ISPs in Europe.

The Times quoted a commission spokesman as saying: "You always need a provider here that gives you access to websites. They can decide technically which websites to allow. Otherwise, how would China block internet sites? There are no technological obstacles, only legal ones."

According to the Telegraph's Brussels correspondent, "internet service providers would face charges if they failed to block websites with bomb-making instructions".

Mr Frattini and his EC subordinates appeared to have no plans for dealing with bomb instructions sent via email, browsed over encrypted relays such as Tor, sent by post, or physically transported. Nor did his plan offer any serious chance of websites being blocked at hundreds of ISPs in time to prevent full details being obtained by anyone who wanted them. Nor did it take account of the speed with which controversial information can be - and usually is - mirrored.

If the UK papers' reports are correct, Frattini and his advisors are fantastically ignorant of internet realities. The timing of the announcements seemed to respond with recent comically inept terror attempts in London and Glasgow. Given that those involved had clearly failed to do any internet research whatsoever before mounting their addled and ineffectual campaign, Mr Frattini's outburst yesterday wasn't just ignorant, but irrelevant too.

Anyone with even very basic net savvy is going to be able to get bomb-making instructions despite the laws Mr Frattini tries to push through this autumn. Even total web dolts with contacts outside the EU will be able to get information forwarded to them. A dunce's cap, please, for Frattini and the EC Freedom, Security and Justice apparat. Off to the corner with them.

A rather more crafty - if still, ultimately, doomed - strategy has been seen in recent times. Dame Stella Rimington, head of MI5* in the 1990s, penned spy novel At Risk after she retired. In it, Muslim terrorists seeking revenge for a murderous US air attack in Afghanistan (how balanced) manufacture a homemade bomb. Rimington describes the process in detail, but rather than being the real deal it is lifted wholesale from a spoof webpage.

Presumably some wannabe terrorists, cleverer than last weekend's UK ones, but still not too clever, might be taken in by this sort of thing; especially if they had only read Rimington's book, which doesn't include the giveaway at the end. Only a little bit of effort by the spooks could easily see a lot of more realistic fake-instructional websites out there, making the would-be bomber's job that much harder.

Serious terrorists, of course, will always carry out tests before going operational; but a spoofing effort would cost very little and could frustrate the less diligent bomber. Even the better class of attackers could be led to waste time and resources, and perhaps to reveal themselves by accident. Such initiatives may well be underway, in fact. They'd be at least as effective as Mr Frattini's plans, but would offer no opportunity for political posturing.

Going back to Ms Rimington and her novels, the matter of whether she's playing fair with her paying readers is for them to decide. Given that the first book contained one arguable counter-terror plant, reams of MI5 publicity material and in the end the true villains were revealed to be MI5's hated rivals in the Secret Intelligence Service (aka MI6), one could say that she should pay people to read it rather than the other way round.

Once a spook, always a spook, it seems. ®

*Actually the UK internally-oriented spooks are formally titled the Security Service. The title MI5 was officially dropped in 1929, but people still use it (perhaps because they might otherwise have to abbreviate to "SS").

Bridging the IT gap between rising business demands and ageing tools

More from The Register

next story
Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees
'Greenhouse effect is real, but as for the rest of it ...'
Adam Afriyie MP: Smart meters are NOT so smart
Mega-costly gas 'n' 'leccy totting-up tech not worth it - Tory MP
'Blow it up': Plods pop round for chat with Commonwealth Games tweeter
You'd better not be talking about the council's housing plans
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
ONE EMAIL costs mining company $300 MEEELION
Environmental activist walks free after hoax sent share price over a cliff
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.