Potty Page

May 21, 2008

Which idiot came up with this?

So this sort of thing has been in the news quite a bit recently... UK mulls big brother comms database

I can't help feeling that it won't happen. Well and if it does happen it'll be a big waste of money and the goverment are more idiotic that I first thought. This post isn't about the privacy issues that every other news vendor seems to be leaping on - they're somehow worried that the government isn't good at keeping data safe... and having a lot of data at the same time is asking for trouble.

It's more about the technicalities of it.

First of, are they going to ban encryption/mean that they need a copy of everyones private key? Is online banking (for example) going to remain secure?

Are they going to log web addresses visited or the whole content downloaded (in case you're wondering that's a lot of data... I'm sure if you look somewhere you'll be able to find the volume of data transferred over the net by HTTP by UK people). Just storing web addresses visited is kinda point less as it's very easy to make it so that the page delivered by the webserver is different depending on who's viewing it...

So, emails right. Are they going to sniff out every IP packet and find things that look like email being sent over SMTP and then grab it, or are they just going to install their email grabbing software on the servers of big ISPs? I don't send any email via an ISPs server... so they'll have to do the sniffing or convince me by fear of a fine/jail that I'll be installing their spying software on my server.

Of course that's for legitimate emails, suppose I'm an evil terrorist and I want to send emails to my evil friends, what's to stop me using a botnet (group of computers hypontised by the evil to do their evil deeds) to send the emails?

Maybe they plan on getting the emails when they are received not sent (or both). Once again, my email isn't received to an ISP server, so that's me not being counted in the stats... unless I'm forced to install their evil software.

Once again, do the store the whole email or just who it's from and to? And are encrypted emails going be illegal? If they're doing it properly they'll sure as hell be storing a lot of spam.

What about tunneling/proxying? Could I for example rent a server in Peru? And then proxy my Internet communications via that box, away from the prying eyes of the government? Of course, they could plan on storing details of every IP packet sent in the UK... and might think it suspicious that I'm talking to a computer in Peru a lot. And maybe my evil friends are talking to the box too... woo suspicious. We might even be using internal email on the server to plan our evil intentions of English soil.

Of course they might see that... so why doesn't my evil friend get a box in Panama? And then he can log on to my evil box via Panama to send me a message.

Anyways, I can't help thinking that the whole idea is flawed. It'll only manage to catch people who are evil and stupid (who send each other messages in plain text without trying to protect what they are saying). I'd have thought that you can do a shed load more damage if you're evil and intelligent and they'll never know it's going on.

So, in conclusion, I reckon that this plan is infinitely more pointless than the ID cards for stopping terrorism.

Posted by Ed at May 21, 2008 10:35 AM | Rant |