Feeds

VOIP and the web baffle Brit spook wiretappers

MI5, GCHQ bemoan 'biggest change since telephones'

Top 5 reasons to deploy VMware with Tegile

The head of the UK government's secret electronic spying and codebreaking agency, GCHQ, has said that his organisation's ability to intercept conversations and messages is seriously undermined by internet-protocol (IP) communications. The digital spook's comments may come as a blow to British and European politicians who have sworn to eradicate terrorism from the internet.

The revelations came as part of the annual parliamentary oversight report into the doings of the UK intelligence community, which was released today. The report is compiled by the specially-vetted MPs and lords of the Intelligence and Security Committee (ISC), who are allowed to review secret data and grill important mandarins from the shadowier parts of Whitehall.

The section on GCHQ touches on the problems caused for government wiretappers by IP networks:

One of the greatest challenges for GCHQ is to maintain its intercept capability in the face of rapidly evolving communications technology. This relates in particular to the growth in internet-based communications and voice over internet telephony.

It seems that it was much easier to tap old-school phone calls, faxes and so on as they tended to move through networks by routes which were easy to predict. Sir David Pepper, boss of GCHQ, briefed the ISC.

"The internet uses a very different approach to communications," he said.

"Rather than having any sense of fixed lines... communications are broken up... whether you are sending an email or any other form of Internet communication... packets are then routed around the network and may go in any one of a number of different routes... [This is] the biggest change in telecoms technology since the invention of the telephone. It is a complete revolution..."

Sir David went on to explain more, but his further comments - presumably covering the best ways for someone to be sure that GCHQ would not be able to tap their comms - were blanked out. So were the words of the Director-General of MI5*, in which apparently "the seriousness of these challenges was reinforced".

These remarks were made in the context of counterterrorism work against groups at least partly located in the UK. The report also makes clear that the average size of a UK-based terror network is about ten people (we are told that MI5 are watching 200 such groups, amounting to 2000 possible terrorists).

It's pretty clear, then, that even small groups without much money can avoid having their communications intercepted by MI5 and GCHQ - and that the methods involve using IP applications.

No surprises there, really - the difficulty of centrally monitoring and intercepting packet networks will be obvious to most Reg readers. Countries like China and the US have had to mount enormous, extremely expensive infrastructure efforts in pursuit of such capabilities.

But the snags aren't at all obvious to politicians. Prime Minister Gordon Brown and Home Secretary Jacqui Smith have recently pledged to prevent any use of the internet for terrorist communications, propaganda etc. So has EU vice-president Franco Frattini.

It seems that if they have only GCHQ to carry out these plans - and this is one of the biggest and baddest agencies of its type in the world, outside America - then it isn't going to happen.

Read the whole ISC report and the government's responses here. ®

*MI5 isn't the proper name. Officially the UK's domestic spooks are called the Security Service, but nobody wants to refer to a secret internal-security body by the initials "SS".

Intelligent flash storage arrays

More from The Register

next story
BIG FAT Lies: Porky Pies about obesity
What really shortens lives? Reading this sort of crap in the papers
Assange™ slumps back on Ecuador's sofa after detention appeal binned
Swedish court rules there's 'great risk' WikiLeaker will dodge prosecution
You think the CLOUD's insecure? It's BETTER than UK.GOV's DATA CENTRES
We don't even know where some of them ARE – Maude
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?