Feeds

Why Bletchley Park could never happen today

Can you keep a secret? No, course you can't

Combat fraud and increase customer satisfaction

Feature Following the torrent of revelations about US and British government surveillance unleashed by whistle-blower Edward Snowden, we now know what many had previously guessed: with a few exceptions*, the spies have the electronic world pretty much wired.

Some spied-upon countries – such as Brazil and Germany – have reacted furiously, and the articles published by the Guardian and others have started a debate in the United States which might lead to some changes.

The reaction in Britain, though, has been muted. We love our spooks, both fictional, like James Bond, and semi-legendary, like those who worked at Bletchley Park. Britain’s World War II code-breaking centre remained a secret for three decades after the end of the war – a war which some historians believe those at the centre shortened by two years. It now hosts a wonderful set of preserved buildings and exhibits, including The National Museum of Computing.

Rebuilt Bombe Bletchley Park, photo copyrighted mubsta.com

A rebuilt Bombe, Bletchley’s first code-breaking machine – an electro-mechanical device designed by Alan Turing and fellow mathematician Gordon Welchman, following development work by the Polish Cipher Bureau. Photo by: mubsta.com

But while Bletchley’s heroes are rightly venerated, the Snowden affair suggests that the model it pioneered – still used by its successor GCHQ and its American big brother the NSA – may be heading towards obsolescence.

The end of spying as we know it?

Bletchley Park relied on total, long-term secrecy over its methods. If the Nazi regime had realised that the Allies were breaking its "unbreakable" Enigma machines on a routine basis, the game would have been up. But that secret was kept for the entire war and for three decades beyond.

The expiry period for such secrets is a bit shorter these days: it has taken less than two years for GCHQ’s Tempora project's access to undersea cables to become common global knowledge. So what has changed?

Firstly, whistle-blowers have become much more efficient, even in the last decade. In 2003, GCHQ translator Katherine Gun leaked an email on the NSA’s bugging of the United Nations in the run-up to Iraq War. (She was cleared of charges under the Official Secrets Act when the prosecution offered no evidence in her trial.) In 2013, Edward Snowden’s material has blown the gaff on everything from numerous modern-day NSA and GCHQ capabilities and methods to their dodgy taste in PowerPoint graphics.

As Chelsea (formerly Bradley) Manning and WikiLeaks demonstrated, the combination of networked secret agencies and high-capacity storage devices can allow one person to do an enormous amount of leaking, and with the actual documents rather than deniable claims.

No doubt such agencies are currently working on how they might prevent this in future. The problem is that the obvious answer – stopping flows of information by heavily compartmentalising such agencies – would presumably greatly hamper their efficacy. Otherwise why let an NSA contractor in Hawaii slurp GCHQ’s wiki?

The enemy of my enemy... hang on, who IS the enemy?

Secondly, the type of enemy the secret agencies were built to fight is no longer their main target (unless they are taking a greater interest in China than they let on).

This may be the only example of Nazis being an enemy you would choose: they were highly organised, operated in known areas and used Enigma machines for nearly everything, making it both worthwhile and possible to read all their communications.

Terrorists – a definition which is itself sometimes a matter of opinion – comprise a wide range of groups and individuals, who use whatever they can and may operate anywhere and infiltrate any group – or indeed, become aligned to the cause while in a group which first appears at odds with it. In spy logic, that makes it desirable to be able to spy on everyone, using everything, everywhere.

And that leads to the question of loyalty. During World War II and the Cold War, it wasn’t hard for most people to decide which side they were on – although even then, the likes of Anthony Blunt chose differently. Since 1989, the threats to the countries of the free world have been from terrorists who certainly wish to commit mass murder, but do not pose an existential national threat.

However, the way such terrorists have operated has convinced many politicians to reduce the freedoms of their own people, particularly to personal privacy – a contentious choice, given it means secret agencies carrying out mass surveillance on their own people and allies. A whistle-blower exposing how this works will probably commit career suicide and may end up in exile or prison, but will also be treated as a hero by many.

SANS - Survey on application security programs

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.