David Cameron’s internet surveillance plans rival Syria, Russia and Iran
|
Version 0 of 1. What David Cameron thinks he’s saying is: “We will command all the software creators we can reach to introduce back doors into their tools for us.” There are enormous problems with this: there’s no back door that only lets good guys go through it. If your WhatsApp or Google Hangouts has a deliberately introduced flaw in it, then foreign spies, criminals, crooked police (such as those who fed sensitive information to the tabloids who were implicated in the phone-hacking scandal – and like the high-level police who secretly worked for organised crime for years) and criminals will eventually discover this vulnerability. They – and not just the security services – will be able to use it to intercept all of our communications, from the pictures of your kids in your bath you send to your parents to the trade secrets you send to co-workers. But this is just for starters. David Cameron doesn’t understand technology very well, so he doesn’t actually know what he’s asking for. For his proposal to work, he will need to stop Britons from installing software that comes from software creators who are out of his jurisdiction. The best in secure communications are free/open-source projects, maintained by thousands of independent programmers around the world. They are widely available and, thanks to things like cryptographic signing, it is possible to download these packages from any server in the world (not just big ones like Github) and verify, with a high degree of confidence, that the software you’ve downloaded hasn’t been tampered with. Cameron is not alone here. The regime he proposes is already in place in countries such as Syria, Russia, and Iran (for the record, none of these countries have had much luck with it). There are two means by which authoritarian governments have attempted to restrict the use of secure technology: by network filtering and by technology mandates. Cameron has already shown that he believes he can order the UK’s ISPs to block access to certain websites (again, for the record, this hasn’t worked very well). The next step is to order Chinese-style filtering using deep packet inspection, to try and distinguish traffic and block forbidden programs. This is a formidable technical challenge. Intrinsic to core internet protocols, such as IPv4/6, TCP and UDP, is the potential to “tunnel” one protocol inside another. This makes the project of figuring out whether a given packet is on the white-list or the black-list transcendentally hard, especially if you want to minimise the number of “good” sessions you accidentally blackhole. More ambitious is a mandate over which code operating systems in the UK are allowed to execute. This is very hard indeed. We do have, in Apple’s iOS platform and various games consoles, a regime where a single company uses countermeasures to ensure that only software it has blessed can run on the devices it sells to us. These companies could, indeed, be compelled (by an act of parliament) to block secure software. Even there, you’d have to contend with the fact that other EU states and countries such as the US are unlikely to follow suit, and that means that anyone who bought their iPhone in Paris or New York could come to the UK with all their secure software intact and send messages “we cannot read”. But there is the problem of more open platforms, such as GNU/Linux variants, BSD and other unixes, Mac OS X, and all the non-mobile versions of Windows. All of these operating systems are already designed to allow users to execute any code they want to run. The commercial operators – Apple and Microsoft – might conceivably be compelled by parliament to change their operating systems to block secure software in the future, but that doesn’t do anything to stop people from using all the PCs now in existence to run code that the PM wants to ban. More difficult is the world of free/open operating systems such as GNU/Linux and BSD. These systems are the gold standard for servers, and widely used on desktop computers (especially by the engineers and administrators who run the nation’s IT). There is no legal or technical mechanism by which code that is designed to be modified by its users can co-exist with a rule that says code must treat its users as adversaries and seek to prevent them from running prohibited code. This, then, is what David Cameron is proposing: • All Britons’ communications must be easy for criminals, voyeurs and foreign spies to intercept. • Any firms within reach of the UK government must be banned from producing secure software. • All major code repositories, such as Github and Sourceforge, must be blocked. • Search engines must not answer queries about webpages that carry secure software. • Virtually all academic security work in the UK must cease – security research must only take place in proprietary research environments where there is no onus to publish one’s findings, such as industry R&D and the security services. • All packets in and out of the country, and within the country, must be subject to Chinese-style deep-packet inspection and any packets that appear to originate from secure software must be dropped. • Existing walled gardens (such as iOS and games consoles) must be ordered to ban their users from installing secure software. • Anyone visiting the country from abroad must have their smartphones held at the border until they leave. • Proprietary operating system vendors (Microsoft and Apple) must be ordered to redesign their operating systems as walled gardens that only allow users to run software from an app store, which will not sell or give secure software to Britons. • Free/open-source operating systems – which power the energy, banking, e-commerce, and infrastructure sectors – must be banned outright. Cameron will say he doesn’t want to do any of this. He’ll say he can implement weaker versions of it – say, only blocking some “notorious” sites that carry secure software. But anything less than the programme above will have no material effect on the ability of criminals to carry on perfectly secret conversations that “we cannot read”. If any commodity PC or jailbroken phone can run any of the world’s most popular communications applications, then “bad guys” will just use them. Jailbreaking an OS isn’t hard. Downloading an app isn’t hard. But stopping people from running code they want to run is. What’s more, it puts the whole nation – individuals and industry – in terrible jeopardy. • This article was originally published on Boing Boing |