Feeds

VOIP and the web baffle Brit spook wiretappers

MI5, GCHQ bemoan 'biggest change since telephones'

The Power of One Infographic

The head of the UK government's secret electronic spying and codebreaking agency, GCHQ, has said that his organisation's ability to intercept conversations and messages is seriously undermined by internet-protocol (IP) communications. The digital spook's comments may come as a blow to British and European politicians who have sworn to eradicate terrorism from the internet.

The revelations came as part of the annual parliamentary oversight report into the doings of the UK intelligence community, which was released today. The report is compiled by the specially-vetted MPs and lords of the Intelligence and Security Committee (ISC), who are allowed to review secret data and grill important mandarins from the shadowier parts of Whitehall.

The section on GCHQ touches on the problems caused for government wiretappers by IP networks:

One of the greatest challenges for GCHQ is to maintain its intercept capability in the face of rapidly evolving communications technology. This relates in particular to the growth in internet-based communications and voice over internet telephony.

It seems that it was much easier to tap old-school phone calls, faxes and so on as they tended to move through networks by routes which were easy to predict. Sir David Pepper, boss of GCHQ, briefed the ISC.

"The internet uses a very different approach to communications," he said.

"Rather than having any sense of fixed lines... communications are broken up... whether you are sending an email or any other form of Internet communication... packets are then routed around the network and may go in any one of a number of different routes... [This is] the biggest change in telecoms technology since the invention of the telephone. It is a complete revolution..."

Sir David went on to explain more, but his further comments - presumably covering the best ways for someone to be sure that GCHQ would not be able to tap their comms - were blanked out. So were the words of the Director-General of MI5*, in which apparently "the seriousness of these challenges was reinforced".

These remarks were made in the context of counterterrorism work against groups at least partly located in the UK. The report also makes clear that the average size of a UK-based terror network is about ten people (we are told that MI5 are watching 200 such groups, amounting to 2000 possible terrorists).

It's pretty clear, then, that even small groups without much money can avoid having their communications intercepted by MI5 and GCHQ - and that the methods involve using IP applications.

No surprises there, really - the difficulty of centrally monitoring and intercepting packet networks will be obvious to most Reg readers. Countries like China and the US have had to mount enormous, extremely expensive infrastructure efforts in pursuit of such capabilities.

But the snags aren't at all obvious to politicians. Prime Minister Gordon Brown and Home Secretary Jacqui Smith have recently pledged to prevent any use of the internet for terrorist communications, propaganda etc. So has EU vice-president Franco Frattini.

It seems that if they have only GCHQ to carry out these plans - and this is one of the biggest and baddest agencies of its type in the world, outside America - then it isn't going to happen.

Read the whole ISC report and the government's responses here. ®

*MI5 isn't the proper name. Officially the UK's domestic spooks are called the Security Service, but nobody wants to refer to a secret internal-security body by the initials "SS".

Maximizing your infrastructure through virtualization

More from The Register

next story
Sit back down, Julian Assange™, you're not going anywhere just yet
Swedish court refuses to withdraw arrest warrant
UK Parliament rubber-stamps EMERGENCY data grab 'n' keep bill
Just 49 MPs oppose Drip's rushed timetable
MPs wave through Blighty's 'EMERGENCY' surveillance laws
Only 49 politcos voted against DRIP bill
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Delaware pair nabbed for getting saucy atop Mexican eatery
Burrito meets soft taco in alleged rooftop romp outrage
British cops cuff 660 suspected paedophiles
Arrests people allegedly accessing child abuse images online
LightSquared backer sues FCC over spectrum shindy
Why, we might as well have been buying AIR
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.