Feeds

Top spook: ISP black boxes NOT key to UK's web-snoop plan

We fully expect Google, Facebook and Twitter to hand over your data

Beginner's guide to SSL certificates

Government-funded black boxes that monitor the UK's internet traffic are not "the cornerstone" of the Home Office's web super-snoop plan, a top spook has told MPs and peers.

Ex-MI6 man Charles Farr, who heads up the Office for Security and Counter-Terrorism, dismissed claims that Deep Packet Inspection (DPI) probes are the "central plank" of the government's Communications Data Bill currently being scrutinised by Parliament.

Instead, he insisted that cooperation with communications service providers (CSPs) such as Google and Facebook was key to the proposed surveillance legislation.

Police, spooks and the taxman - among other authorities - would need to use packet-capturing black boxes when CSPs declined to provide access to communications data where it is suspected that criminal activity has taken place, said Farr.

"We could in theory accept that there is a communication service used by criminals where we cannot access any data. But that is not the view of this government," he said, speaking at a committee meeting of the politicos on Tuesday afternoon.

If CSPs refuse to provide those authorities with access to such data, a black box would be placed on a network where such information could be hoovered up.

Farr [pictured centre]: 'I dunno. A black box is about this big, I guess'

Farr added that in those instances the security services would work with ISPs to develop the technology and the telco would store the data.

Interestingly, the government's Director of Communications Capability Directorate Richard Alcock appeared to indicate that the likes of Google, Twitter and Facebook would be expected to retain unencrypted data on their systems.

All of those CSPs - whose cooperation Farr had earlier described as a "patchwork quilt" - are not only headquartered overseas but have also each implemented the Secure Sockets Layer (SSL) protocol on their services.

Up until yesterday, it was unclear how spooks could intercept traffic when such websites transmit individual user sessions over encrypted SSL channels.

"Through the bill we'll only be able to access communications data. CSPs will hold unencrypted data on their systems, we'll need to work with them," Alcock said.

"It's very easy to separate content from communications data," he added before offering reassurance to the committee of politicos by saying "we won't be applying systems that cannot reliably do that".

Peter Hill - the Head of Unit for Pursue Policy and Strategy Unit at the Home Office - stressed at the meeting that many CSPs were only too happy to cooperate. The reason for the new legislation, he added, was that "the data that we need is not available rather than that it's not being shared with us".

Farr described the discussions his office has had with CSPs as "constructive". He said: "Those providers understand there is an issue, they want to help to address it but they want a legal process to support it."

On the issue of DPI, Alcock said black boxes were already "used as a matter of course" by ISPs.

"It's possible to use that existing kit to establish the who, where and when," he said before repeating that "if we cannot reliably extract comms data by that route then we won't do it".

Farr had earlier defended Home Secretary Theresa May's draft communications bill - dubbed a snoopers' charter - by saying that clarity was needed about what data providers should retain. He said a "technical problem" existed with the current Data Retention Directive (DRD) and the Regulation of Investigatory Powers Act (RIPA).

"The lack of data is then compounded by a legal problem because the DRD is not clear about what information should be retained," he said.

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.