nettime's_roving_reporter on 27 Jul 2000 15:01:23 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> RIP


     <http://www.newscientist.com/news/news.jsp?id=ns224964>

     Britain is about to waste millions of pounds on an obsolete Internet
     snooping system
     
     
     INTERNET users can avoid having their e-mails intercepted by the
     British government if they follow some simple advice published this
     week by two leading Internet security experts. The advice is designed
     to highlight failings in the government's multimillion-pound plan to
     install "black box" e-mail recorders on the premises of Internet
     service providers (ISPs).
     
     Distributed to MPs earlier this week, the paper is a last-ditch
     attempt to explain why the Regulation of Investigatory Powers (RIP)
     Bill is unworkable.  If passed by Parliament this week, RIP will give
     security forces unprecedented powers to snoop on Internet users and
     demand encryption keys.
     
     But Ian Brown, an Internet security expert at University College
     London, and Brian Gladman, a former Ministry of Defence information
     security expert, state in their briefing paper that the interception
     technology that the Bill requires is already obsolete. Rather than
     helping catch criminals, they say these recorders would be easy for
     criminals to evade. They describe the powers in the Bill as
     "technically inept", and list a number of ways in which someone with
     no technical know-how could circumvent black boxes installed at ISPs.
     
     They say the introduction of affordable "always-on" ultrafast
     connections, such as ADSL, will change the way people access the
     Internet, with more and more setting up their own mail servers. When
     this happens, says Brown, there is no reason why people shouldn't
     bypass ISPs and the government's snooping boxes installed there (click
     on thumbnail for diagram). This can't be done with dial-up connections
     because mail servers need to listen out constantly for new mail.
     
     Cut out the middleman: there's no reason why mail shouldn't be sent
     direct to a recipient, bypassing the Internet service provider's mail
     server--and prying eyes Snoopers want to tap ISPs' mail servers
     because they decrypt mail automatically. If e-mail is "session
     encrypted"--where keys are generated for each new session and
     discarded--snoopers can only read e-mail at the mail server. Because
     the server is an end point for session encryption, all mail is briefly
     decrypted there.
     
     Other more obvious methods for beating black boxes involve using
     prepaid mobile phones (bought with cash) and free, anonymous ISP
     accounts.  Alternatively, users can access the Net through a British
     ISP but use a foreign mail server. The easiest method by far is to use
     a small ISP that doesn't use the services of larger ones: the
     government says it will only place black boxes on some of the larger
     ISPs.
     
     The emergence of a new Internet protocol, IPv6, also renders black
     boxes redundant. In IPv6, all packets of data sent over the Net will
     be machine-encrypted by default. This will make all Net communications
     untappable.
     
     Although it will be a few years before IPv6 is fully implemented, it
     is already spreading, Brown says. "Microsoft is introducing it in
     Windows 2000, and Cisco is introducing it to its routers." So far, the
     British government has set aside UKP20 million to help ISPs pay for the
     black boxes, says Caspar Bowden, director of the London-based
     Foundation for Information Policy Research. FIPR is publishing Brown
     and Gladman's briefing paper on its website (www.fipr.org/rip).
     
     Bowden says criminals will easily circumvent the devices. "I don't
     think ministers understand this," he says. Brown and Gladman say they
     have withheld less obvious box-beating ideas to avoid handing crooks
     ideas on a plate.
     

#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: majordomo@bbs.thing.net and "info nettime-l" in the msg body
#  archive: http://www.nettime.org contact: nettime@bbs.thing.net