WWW inventor Tim Berners-Lee slams plans by Amber Rudd and Donald Trump

[northwichcat]

The web's creator has attacked any UK plans to weaken encryption and promised to battle any moves by the Trump administration to weaken net neutrality.

Sir Tim Berners-Lee was speaking to the BBC following the news that he has been given the Turing Award.

It is sometimes known as the Nobel Prize of computing.

Sir Tim said moves to undermine encryption would be a "bad idea" and represent a massive security breach.

Home Secretary Amber Rudd has said there should be no safe space for terrorists to be able to communicate online. But Sir Tim said giving the authorities a key to unlock coded messages would have serious consequences.

"Now I know that if you're trying to catch terrorists it's really tempting to demand to be able to break all that encryption but if you break that encryption then guess what - so could other people and guess what - they may end up getting better at it than you are," he said.

Sir Tim also criticised moves by legislators on both sides of the Atlantic, which he sees as an assault on the privacy of web users. He attacked the UK's recent Investigatory Powers Act, which he had criticised when it went through Parliament: "The idea that all ISPs should be required to spy on citizens and hold the data for six months is appalling."

In the United States he is concerned that the principle of net neutrality, which treats all internet traffic equally, could be watered down by the Trump administration and the Federal Communications Commission.

"If the FCC does move to reduce net neutrality I will fight it as hard as I can," he vowed.

Private messages
The web's creator also said he was shocked by the direction the US Congress and Senate had taken when they voted to scrap laws preventing internet service providers from selling users' data.

He said privacy online was as important as the trust between a doctor and a patient.

"We're talking about it being just a human right that my ability to communicate with people on the web, to go to websites I want without being spied on is really, really crucial."

Last month, in an open letter marking the 28th anniversary of the web, Sir Tim warned about the problem of fake news spreading online.

He repeated those concerns and said there might be a design flaw in some web services: "Fake things, false things tend to propagate more than truth and in a way maybe hatred tends to propagate in some cases more than love."

He added that everyone had a responsibility to address this issue, including the major technology companies.

"People who have created those various social networks need to sit back and look at the way they are being built," he said.

http://www.bbc.co.uk/news/technology-39490324

I wonder if Rudd or Trump have even thought about discussing their proposals with the W3C or if they just think they know best, despite having no proper knowledge of internet security.

 

[dosxuk]

Politicians are stuck between a rock and a hard place. There's newspapers who'll happily print a front page with "Terrorists communicate using encrypted messaging services and the Government can't find out their plans! Bad!" in the top half and "Government reveals plans to listen in to your messages to your children! Bad!" in the bottom half. They can't win both arguments, and will be criticised by various parties regardless of which way they end up going.

 

[D365]

They can't win both arguments, and will be criticised by various parties regardless of which way they end up going.

Because we know they're not just going to use these back doors solely to "counter terrorism".

 

[ExRes]

Because we know they're not just going to use these back doors solely to "counter terrorism".

Do we really? perhaps you would like to enlighten us then, with some form of proof of course rather than references to episodes of The Lone Gunmen

 

[SS4]

Politicians are stuck between a rock and a hard place. There's newspapers who'll happily print a front page with "Terrorists communicate using encrypted messaging services and the Government can't find out their plans! Bad!" in the top half and "Government reveals plans to listen in to your messages to your children! Bad!" in the bottom half. They can't win both arguments, and will be criticised by various parties regardless of which way they end up going.

Our politicians also had a golden chance to show their hand but missed it when they ignored Leveson's findings on the media.

I have the right to send a letter and it not be opened by the government so why should my email be any different? I can look through a catalogue without being snooped on so why can't I browse?

 

[najaB]

Do we really? perhaps you would like to enlighten us then, with some form of proof of course rather than references to episodes of The Lone Gunmen

The issue there being that the Intelligence services, from first principles, operate in the shadows and if there's proof that they were there then it means they didn't do their jobs properly!

 

[WelshBluebird]

Do we really? perhaps you would like to enlighten us then, with some form of proof of course rather than references to episodes of The Lone Gunmen

Governments and councils have a long track record of misusing such abilities.

Just look at the most recent bill that has been passed. Why on earth do the Competition and Markets Authority need access to the entire populations internet history? (hint - they don't).

 

[Jonny]

The trouble with ^backdoors^ generally in IT systems, such as encryption, is that it is not possible to guarantee that they will be restricted to the good guys. Even then, that's assuming that the good guys are the good guys.

 

[Groningen]

This plays for over 3 years. John Oliver made then a video about it with 5741 comments and more than 12 millions views: https://www.youtube.com/watch?v=fpbOEoRrHyU&t=2s

 

[DynamicSpirit]

Governments and councils have a long track record of misusing such abilities.

Just look at the most recent bill that has been passed. Why on earth do the Competition and Markets Authority need access to the entire populations internet history? (hint - they don't).

But that's not actually misuse, is it? To my mind, misuse would be something like, deliberately using the data to spy on someone's private life, or to falsely frame someone of a crime they didn't commit, or supplying the data to a company in order to give it an unfair advantage in negotiations and so on. Merely having access to the data doesn't by itself constitute misuse (although it may be unnecessary or disproportionate, depending on the context).

Do you have anything concrete to justify your assertion of a long track record of misuse?

 

[D365]

Invasion of privacy is not a misuse of data?

 

[DynamicSpirit]

Invasion of privacy is not a misuse of data?

Well yes, invasion of privacy would arguably represent a misuse of data if it's not proportionate to and specific to some reasonable legitimate investigation. But merely having data about some communications you sent sitting on a computer that no human being is likely to ever look at is hardly an invasion of privacy, is it! (And one would hope that if a Government department has access to data about private communications, there would be procedures in place to ensure that data is only ever looked at by human beings if there are reasonable grounds to do so (for example, evidence from elsewhere that indicates you may be planning to commit a particular crime).

 

[D365]

But merely having data about some communications you sent sitting on a computer that no human being is likely to ever look at is hardly an invasion of privacy, is it!

Isn't the whole point of encryption supposed to be that only the receiving computer can decrypt the message?

 

[AlterEgo]

Invasion of privacy is not a misuse of data?

How is your privacy being invaded by the CMA's ability to access, on a macro scale and not an individual scale, the whole of the UK's internet history?

 

[Tetchytyke]

Do we really? perhaps you would like to enlighten us then, with some form of proof of course rather than references to episodes of The Lone Gunmen

Geoffrey Prime? He was a spy at GCHQ who, when he wasn't disclosing secrets to the Russians, was using GCHQ monitoring equipment to see when young girls in Cheltenham were home alone so that he could go and rape them.

 

[Tetchytyke]

How is your privacy being invaded by the CMA's ability to access, on a macro scale and not an individual scale, the whole of the UK's internet history?

But why do they need it?

If they can gain information about unusual internet patterns, and use that information in an investigation against an individual, then it clearly isn't on a macro scale.

If they can't use this information then they clearly don't need to have it.

There is a lot of information in metadata that, individually, seems innocuous.

The metadata shows that someone in my house has been searching about abortion, and that my daughter has repeatedly rung Marie Stopes, but nobody knows why...

 

[northwichcat]

The trouble with ^backdoors^ generally in IT systems, such as encryption, is that it is not possible to guarantee that they will be restricted to the good guys. Even then, that's assuming that the good guys are the good guys.

Indeed. If someone leaves an organisation their access to any important systems is almost always removed. However, are GCHQ going to phone up the likes of WhatsApp every time a GCHQ employee resigns or is sacked and tell them they have to change their encryption codes to prevent them getting in to the wrong hands?

 

[DynamicSpirit]

But why do they need it?

If they can gain information about unusual internet patterns, and use that information in an investigation against an individual, then it clearly isn't on a macro scale.

If they can't use this information then they clearly don't need to have it.

There is a lot of information in metadata that, individually, seems innocuous.

The metadata shows that someone in my house has been searching about abortion, and that my daughter has repeatedly rung Marie Stopes, but nobody knows why...

The problem there is that it's impossible to know upfront which information is going to be needed. You don't know upfront who is going to turn out to be a terrorist or a violent criminal or a fraudster etc. So you basically have a choice between collecting information on - possibly - everyone - knowing that most of that information will never need to be directly examined (at least, not by any human being). Or not collecting the information that it turns out you did need, and as a result you're unable to prevent a terrorist attack or a series of raids by a criminal gang or some abuse by a paedophile ring etc. So which is the lesser evil? It seems clear to me that the least bad thing to do is to just collect the (mostly irrelevant) data, so you maximise the chances of having the information that you do later need to prevent (for example) serious crimes.

 

[Tetchytyke]

So which is the lesser evil?

"If you have nothing to fear then you have nothing to hide".

collect the (mostly irrelevant) data

Who gets to decide what is irrelevant and innocuous data?

We've seen that with the NHS selling medical data to insurance companies and to Google. The data that the NHS sold cannot be used to identify an individual. However insurance companies can, and have, transposed the "anonymous" bulk data against data they hold about their own customers and then used that knowledge to change insurance premiums or remove cover.

In isolation, metadata cannot really identify any one individual. But if you use the metadata alongside other information you hold, it becomes very very revealing indeed.

And this is the problem with this issue. Superficially it does look like it is innocuous data, if you're doing nothing wrong you've got nothing to fear. But apply it against enough other sources of innocuous data and suddenly it isn't very innocuous or irrelevant after all. The Stasi understood this better than any other organisation and, whilst I wouldn't compare GCHQ to the Stasi, it is best to remember that things are rarely as innocent as they seem.

Metadata: They know from records that there is a teenage girl in my family.
They know someone rung a Marie Stopes helpline, but not what was said. They know someone was looking at website pages about abortion, but not what they were looking for.

 

[northwichcat]

"If you have nothing to fear then you have nothing to hide".

http://ukmac.net/2016/05/show-me-yours-a-new-campaign-video-from-liberty-human-rights-group/

They know someone rung a Marie Stopes helpline, but not what was said. They know someone was looking at website pages about abortion, but not what they were looking for.

Which could be the actions of someone researching abortion for a school project or letting a visiting friend use her phone and computer but would likely be interpreted as meaning she got herself pregnant.

 

[SS4]

If anyone states that you don't need privacy if you've nothing to hide feel free to post any of your

• real name
• address
• bank card details
• browsing history
• phone number
• phone number of your contacts
• social media pages

Inserting backdoors in encryption is fundamentally the same as sending information en clair.

 

[DynamicSpirit]

If anyone states that you don't need privacy if you've nothing to hide feel free to post any of your

• real name
• address
• bank card details
• browsing history
• phone number
• phone number of your contacts
• social media pages

Inserting backdoors in encryption is fundamentally the same as sending information en clair.

That's not necessarily a very good comparison. In many cases the encryption we're talking about is encrypting either messages (WhatsApp messages etc.) or stuff that's stored privately on one or two devices, whereas you're dramatically comparing that with posting stuff online. But there is quite a substantial difference between sending some information unencrypted in some message (which might get intercepted en-route, or may get exposed if the machine it's stored on subsequently gets hacked, but that's only a small chance) and leaving that same information publically visible online where it's guaranteed that anyone can see it for what may be many years.

(To be clear, I certainly don't advocate sending some of the information you've listed unencrypted. But doing so is arguably unsafe but nowhere near as unsafe a leaving the information in public view on a website in perpetuity. In fact, I'd hazard a guess that a high proportion of people reading this have at some point sent stuff like phone numbers or bank account numbers unencrypted in emails or text messages).

 

[WelshBluebird]

That's not necessarily a very good comparison. In many cases the encryption we're talking about is encrypting either messages (WhatsApp messages etc.) or stuff that's stored privately on one or two devices, whereas you're dramatically comparing that with posting stuff online. But there is quite a substantial difference between sending some information unencrypted in some message (which might get intercepted en-route, or may get exposed if the machine it's stored on subsequently gets hacked, but that's only a small chance) and leaving that same information publically visible online where it's guaranteed that anyone can see it for what may be many years.

There is zero difference at all. If GCHQ and the like are allowed either a backdoor or a method to decrypt the messages, then that data may aswell be posted online for everyone to see (as if GCHQ has access, then you can guarantee hackers do too).

 

[najaB]

...as if GCHQ has access, then you can guarantee hackers do too.

You can't be sure that they do, but more importantly you can't guarantee that they don't.

 

[DynamicSpirit]

There is zero difference at all. If GCHQ and the like are allowed either a backdoor or a method to decrypt the messages, then that data may aswell be posted online for everyone to see (as if GCHQ has access, then you can guarantee hackers do too).

No. The difference is most definitely NOT zero.

I wasn't talking particularly about backdoors - so that's a bit of a red herring in the context of the point I was making. I was simply observing that posting data online in a public forum is a significantly greater risk than - say - sending a private message unencrypted or having data stored in (supposedly) secure databases, and therefore equating one with the other - as the post I was replying to suggested doing - was misleading. There is a difference in the degree of risk, and that difference is not zero for the case I was pointing out.

(If you're not convinced, bear in mind that in security, degree of risk is crucial: In terms of personal information online, there's almost nothing you can do consistent with living a normal life that is completely safe. It's almost never a case of safe vs unsafe - it's almost always trying to do things that make your data safER. Applying proper security, including encrypting sensitive information (such as passwords and bank account details) is obviously strongly advisable in order to substantially reduce the risk of something bad happening because data fell into the wrong hands, but it doesn't completely eliminate the risk. What's important is always going to be the degree of risk (vs how much effort you are willing to put into reducing the risk).

 

[DynamicSpirit]

Taking the discussion back to backdoors: Clearly, if there was some backdoor in encryption that allowed anyone with a bit of technical knowledge to easily decrypt messages or information in databases, then that would be silly, as it'd make encryption pointless, and would basically destroy privacy. But I'm not sure that's what Government ministers mean.

I suspect the argument it's something more like, that it'd be nice if there was some way that you could decrypt messages IF you had the resources available to the Government and the security forces - including the ability to throw millions of pounds worth of computer hardware at particular sets of data that you had some reason to be suspicious of - but that this process would be financially prohibitive to almost anyone except Governments. Another possibility might be: Some hard-to-access backdoor that depends on companies such as Facebook and Google being willing to make some private information on their databases available to the security forces (and presumably they would never intentionally make that information available to anyone else).

There are still problems with that idea that might possibly still make it unworkable (most obviously, that improvements in computing power, or the ability of hacker groups to enlist botnets, might reduce the difference between the resources they have and the resources a Government has). And it's not clear that there is any technological means available to implement what people such as Amber Rudd are saying they want. But nonetheless, in that form, the idea of some kind of backdoor is not so obviously stupid in principle as some people seem to be making out.

 

[WelshBluebird]

but more importantly you can't guarantee that they don't.

Which is why the assumption should be that they do.

Taking the discussion back to backdoors: Clearly, if there was some backdoor in encryption that allowed anyone with a bit of technical knowledge to easily decrypt messages or information in databases, then that would be silly, as it'd make encryption pointless, and would basically destroy privacy. But I'm not sure that's what Government ministers mean.

I suspect the argument it's something more like, that it'd be nice if there was some way that you could decrypt messages IF you had the resources available to the Government and the security forces - including the ability to throw millions of pounds worth of computer hardware at particular sets of data that you had some reason to be suspicious of - but that this process would be financially prohibitive to almost anyone except Governments.

There are still problems with that idea that might possibly still make it unworkable (most obviously, that improvements in computing power, or the ability of hacker groups to enlist botnets, might reduce the difference between the resources they have and the resources a Government has). And it's not clear that there is any technological means available to implement what people such as Amber Rudd are saying they want. But nonetheless, in that form, the idea of some kind of backdoor is not so obviously stupid in principle as some people seem to be making out.

If there is a backdoor, then that means the encryption is no longer secure. Simple as that. As you correctly point out, botnets etc mean that any access available to governments will also likely be available to hackers.

No. The difference is most definitely NOT zero.

I wasn't talking particularly about backdoors - so that's a bit of a red herring in the context of the point I was making. I was simply observing that posting data online in a public forum is a significantly greater risk than - say - sending a private message unencrypted or having data stored in (supposedly) secure databases, and therefore equating one with the other - as the post I was replying to suggested doing - was misleading. There is a difference in the degree of risk, and that difference is not zero for the case I was pointing out.

Surely the reverse could also true though?

I would suggest that sending private messages or having data stored elsewhere gives a false sense of security. We have seen private files stored on cloud services leaked for example. People trusted those services to keep their files secure. If it was a case of publicly posting data online for anyone to see - those sensitive files wouldn't have been posted.

 

[SS4]

Taking the discussion back to backdoors: Clearly, if there was some backdoor in encryption that allowed anyone with a bit of technical knowledge to easily decrypt messages or information in databases, then that would be silly, as it'd make encryption pointless, and would basically destroy privacy. But I'm not sure that's what Government ministers mean.

I suspect the argument it's something more like, that it'd be nice if there was some way that you could decrypt messages IF you had the resources available to the Government and the security forces - including the ability to throw millions of pounds worth of computer hardware at particular sets of data that you had some reason to be suspicious of - but that this process would be financially prohibitive to almost anyone except Governments. Another possibility might be: Some hard-to-access backdoor that depends on companies such as Facebook and Google being willing to make some private information on their databases available to the security forces (and presumably they would never intentionally make that information available to anyone else).

There are still problems with that idea that might possibly still make it unworkable (most obviously, that improvements in computing power, or the ability of hacker groups to enlist botnets, might reduce the difference between the resources they have and the resources a Government has). And it's not clear that there is any technological means available to implement what people such as Amber Rudd are saying they want. But nonetheless, in that form, the idea of some kind of backdoor is not so obviously stupid in principle as some people seem to be making out.

A built in backdoor in encryption is always stupid.

What you describe is brute-force hacking - try all the possible combinations as quickly as possible until you get the right one. That is not a backdoor - instead a backdoor is piece of code put in to enable the owner to gain access to the program/traffic. With a backdoor whoever knows about it doesn't have to spend the time brute forcing the encryption but can use a tool to immediately access encrypted content. Security through obscurity is also lost so everyone will be looking for it making it more likely to be found

Besides other governments also have access to sophisticated hardware including those who are not exactly friendly with the UK.


For a more physical example imagine that you've padlocked (and this padlock is the kind with a code on) something you want to keep secret - brute force is someone physically trying codes until they get access. A backdoor is having the key - a thief can just steal the key for easy access.


I don't understand how people can decry the Great Firewall of China but are OK with the UK government installing backdoors and spying on users' browsing habits. And as for Sir Tim he's hardly whiter than white after endorsing DRM as a web standard

 

[D365]

We have seen private files stored on cloud services leaked for example. People trusted those services to keep their files secure.

A lot of these "hackings" were a consequence of stupid passwords being used and would have been much less likely to happen otherwise. True, there is two-step verification now, but not a lot else that can be done without inconveniencing the average user further.

 

[WelshBluebird]

A lot of these "hackings" were a consequence of stupid passwords being used and would have been much less likely to happen otherwise. True, there is two-step verification now, but not a lot else that can be done without inconveniencing the average user further.

Totally agreed. My point in bringing it up wasn't to have a go at the companies involved, it was to make the point that if people think something is secure, they will be more willing to trust it with private data.

Thus these services potentially give greater risk when it comes to personal data ended up somewhere you don't want it, because people will trust these services with sensitive data and then either use rubbish passwords or these services get hacked, whereas with the publicly viewable web, people generally know better than to post sensitive data for all to see.