Security

What do UK and Iran have in common? Both want to outlaw encrypted apps

Tearing down security will make us all secure? WTF

Encrypted communications will be backdoored or banned in the UK if the Conservatives win the next election, Prime Minister David Cameron has pledged.

Youtube Video

The UK government has always had the power, “in extremis,” to read Brits' personal post and eavesdrop on electronic chatter, he repeatedly insisted on Monday in a speech to the party faithful in Nottingham.

It was vital, he said, that the UK government maintained those powers, and there’s no need to worry about abuse of power – because each spying order would have to be personally signed off by the Home Secretary, Theresa May.

"We have a better system for safeguarding this very intrusive power than probably any other country I can think of," Cameron said during a PR offensive to upgrade the government’s abilities to put the populace under total surveillance after the General Election on or before May 7.

Many won’t be reassured that the Right Honorable Theresa May MP will have personal signing authority over their privacy, given her record. Her criticisms of the Human Rights Act were dismissed as "childlike" and "laughable" by her Tory predecessor Ken Clarke – although he later apologized for the "language I used" rather than the sentiment.

"The question remains, are we going to allow a means of communication where it simply isn't possible to [intercept]," Cameron continued. "And my answer to that is: no, we must not. The first duty of any government is to keep our country and our people safe."

Safe by stripping security from computers and handhelds.

Cameron, who on Sunday marched in Paris with nearly four million others over the Charlie Hebdo killings, didn't name specific software applications in his latest speech, but there are any number of programs that could be in trouble if Cameron gets his way. The PM's anti-crypto-dream could conceivably be stretched to ban or nobble Apple’s iMessage service, WhatsApp and so on.

Politics does make for strange bedfellows. Cameron’s announcement comes just days after the Iranian government decided it was taking a similar step and banned WhatsApp, along with comms software Tango and LINE, Associated Press reports.

The moderate government of President Hassan Rouhani hadn't wanted to institute the ban, but was forced to after the judiciary – which is mostly appointed by Iran’s religious Supreme Leader rather than by elected officials – ruled that they must go.

Of course, this was just another interdiction for Iran: the country already blocks YouTube, Twitter and Facebook, plus it filters out VPN connections used to smuggle traffic in and out of networks and country borders.

Exactly how the UK government could practically thwart encryption in Blighty is unclear: must software include backdoors for spies – and hackers – to exploit to eavesdrop on citizens? Would it be unlawful to possess code, source or executable, that performs a cryptographic algorithm? What counts as cryptographic – even random number generation?

Will ISPs be ordered to drop all packets that match a given encryption protocol, even VPNs or SSL? Will specific ciphers, key lengths and protocols be banned; what if new or tweaked versions appear? Will it be as much as an embarrassing mess as the anti-porn web filtering?

A ban is likely to prove disastrous for Blighty's IT industry, and unlikely to stop the terrorists, who are ostensibly the reason why Cameron wants an end to end-to-end encryption. If encryption is outlawed, only the outlaws will use it.

The thought of Cameron’s crew taking on Silicon Valley over crypto is laughable. The top technology firms are in active conflict with the US government on the issue, so the idea that they would roll over and heed the wishes of America’s former ruler is optimistic to say the least. ®

Sponsored: Global DDoS threat landscape report