Feeds

VOIP and the web baffle Brit spook wiretappers

MI5, GCHQ bemoan 'biggest change since telephones'

5 things you didn’t know about cloud backup

The head of the UK government's secret electronic spying and codebreaking agency, GCHQ, has said that his organisation's ability to intercept conversations and messages is seriously undermined by internet-protocol (IP) communications. The digital spook's comments may come as a blow to British and European politicians who have sworn to eradicate terrorism from the internet.

The revelations came as part of the annual parliamentary oversight report into the doings of the UK intelligence community, which was released today. The report is compiled by the specially-vetted MPs and lords of the Intelligence and Security Committee (ISC), who are allowed to review secret data and grill important mandarins from the shadowier parts of Whitehall.

The section on GCHQ touches on the problems caused for government wiretappers by IP networks:

One of the greatest challenges for GCHQ is to maintain its intercept capability in the face of rapidly evolving communications technology. This relates in particular to the growth in internet-based communications and voice over internet telephony.

It seems that it was much easier to tap old-school phone calls, faxes and so on as they tended to move through networks by routes which were easy to predict. Sir David Pepper, boss of GCHQ, briefed the ISC.

"The internet uses a very different approach to communications," he said.

"Rather than having any sense of fixed lines... communications are broken up... whether you are sending an email or any other form of Internet communication... packets are then routed around the network and may go in any one of a number of different routes... [This is] the biggest change in telecoms technology since the invention of the telephone. It is a complete revolution..."

Sir David went on to explain more, but his further comments - presumably covering the best ways for someone to be sure that GCHQ would not be able to tap their comms - were blanked out. So were the words of the Director-General of MI5*, in which apparently "the seriousness of these challenges was reinforced".

These remarks were made in the context of counterterrorism work against groups at least partly located in the UK. The report also makes clear that the average size of a UK-based terror network is about ten people (we are told that MI5 are watching 200 such groups, amounting to 2000 possible terrorists).

It's pretty clear, then, that even small groups without much money can avoid having their communications intercepted by MI5 and GCHQ - and that the methods involve using IP applications.

No surprises there, really - the difficulty of centrally monitoring and intercepting packet networks will be obvious to most Reg readers. Countries like China and the US have had to mount enormous, extremely expensive infrastructure efforts in pursuit of such capabilities.

But the snags aren't at all obvious to politicians. Prime Minister Gordon Brown and Home Secretary Jacqui Smith have recently pledged to prevent any use of the internet for terrorist communications, propaganda etc. So has EU vice-president Franco Frattini.

It seems that if they have only GCHQ to carry out these plans - and this is one of the biggest and baddest agencies of its type in the world, outside America - then it isn't going to happen.

Read the whole ISC report and the government's responses here. ®

*MI5 isn't the proper name. Officially the UK's domestic spooks are called the Security Service, but nobody wants to refer to a secret internal-security body by the initials "SS".

The essential guide to IT transformation

More from The Register

next story
GCHQ protesters stick it to British spooks ... by drinking urine
Activists told NOT to snap pics of staff at the concrete doughnut
Britain's housing crisis: What are we going to do about it?
Rent control: Better than bombs at destroying housing
Top beak: UK privacy law may be reconsidered because of social media
Rise of Twitter etc creates 'enormous challenges'
What do you mean, I have to POST a PHYSICAL CHEQUE to get my gun licence?
Stop bitching about firearms fees - we need computerisation
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
We need less U.S. in our WWW – Euro digital chief Steelie Neelie
EC moves to shift status quo at Internet Governance Forum
Oz biz regulator discovers shared servers in EPIC FACEPALM
'Not aware' that one IP can hold more than one Website
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.