Jump to content

  • Sign up for free and receive a month's subscription

    You are viewing this page as a guest. That means you are either a member who has not logged in, or you have not yet registered with us. Signing up for an account only takes a minute and it means you will no longer see this annoying box! It will also allow you to get involved with our friendly(ish!) community and take part in the discussions on our forums. And because we're feeling generous, if you sign up for a free account we will give you a month's free trial access to our subscriber only content with no obligation to commit. Register an account and then send a private message to @dave u and he'll hook you up with a subscription.

'Firearms incident' at Westminster

Teflon Don

By Teflon Don,
in GF - General Forum

 Share

Recommended Posts

skend04 Grand Master

skend04

Posted
Posted

Rudd's plans for the encryption key to WhatsApp were rubbished this morning by a cybersecurity professor and a retired general. Was listening to R4 and the professor was saying that WhatsApp don't even possess they key and the Major said it's purely political rather than at any request by the security services. The security services have little issue joining the dots in their investigations without access like Rudd has mentioned. Furthermore if politicians got hold of the encryption key there'd be no stopping the likes of Russia doing the same for their own nefarious ends.

Link to comment
Share on other sites
  • Replies 485
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

torahboy
torahboy

The incidents in Westminster yesterday were terrible; the deaths and injuries to the pedestrians and the death of the policeman were the result of the actions of a lunatic. Regardless of his motivatio

Section_31
Section_31

From the Guardian    "As the chaos unfolded, many MPs ran for cover but Iain Duncan Smith was seen running towards the incident, hoping to find at least some of the victims fit for work"

Stickman
Stickman
Section_31 Grand Master

Section_31

Posted
Posted

If there's one thing I've learned during my working life, there's no way this country would have the organisational skills and brains to pull off any kind of mass surveilance, it'd take about 50 years and come in about 100billion over budget, with most of the money landing in the pocket of a 'millenial' and her husband who went to school with David Cameron's kid.  

Link to comment
Share on other sites
Denny Crane Veteran

Denny Crane

Posted
Posted

It's the old argument about people carrying around a device that enables its location to be transmitted, governments must love it.

If a bad actor wanted to collect the worlds secrets all he'd have to do is create a free messaging app.

I think you underestimate the level of security in end to end encryption and the maths behind it. Only the sender and receiver have access to the information. There is no cloud no archive no master access by whatsapp. Sender clicks and sends, the information is then encrypted; only the receiver can has the ability to decode it.

 

There are some providers who use weaker encryption or who don't have the strength Whatsapp do. Whatsapp use a 256 bit encryption; which is 1.1×1078 basically 1.1 followed by 78 zeros. The super computer hasn't been designed yet that has the computing power to break this in a fast timescale.

  • Upvote 2
Link to comment
Share on other sites
Rico1304 Grand Master

Rico1304

Posted
Posted

I think you underestimate the level of security in end to end encryption and the maths behind it. Only the sender and receiver have access to the information. There is no cloud no archive no master access by whatsapp. Sender clicks and sends, the information is then encrypted; only the receiver can has the ability to decode it.

 

There are some providers who use weaker encryption or who don't have the strength Whatsapp do. Whatsapp use a 256 bit encryption; which is 1.1×1078 basically 1.1 followed by 78 zeros. The super computer hasn't been designed yet that has the computing power to break this in a fast timescale.

I get that, but if the app doesn't actually use that encryption (every time) how would you know? Like the bank telling you your money is locked in a vault but it's actually in a carrier bag under the desk.

Link to comment
Share on other sites
stringvest Grand Master

stringvest

Posted
Posted

I get that, but if the app doesn't actually use that encryption (every time) how would you know? Like the bank telling you your money is locked in a vault but it's actually in a carrier bag under the desk.

 

 

you've been stung by valet parking at the airport as well then?

Link to comment
Share on other sites
VladimirIlyich Grand Master

VladimirIlyich

Posted
Posted

The Data Protection Act only allows you to keep billing data and log data on communications.

 

If you kept all messages sent by millions of people on a daily basis then you'd need to store it somewhere. Thats billions of messages daily. Data storage isn't free.

 

Of course that doesn't stop governments intercepting and archiving messages inflight, which is what they do. They don't need private companies to do it for them.

GCHQ. Tempora?

Link to comment
Share on other sites
M_B Mentor

M_B

Posted
Posted

GCHQ. Tempora?

 

Exactly. The traffic is harvested inflight and then they search the data with software that looks for keywords. They can't do that with WhatsApp messages though because they can't get through the encryption.

Link to comment
Share on other sites
Rick Sanchez C-137 Grand Master

Rick Sanchez C-137

Posted
Posted

Exactly. The traffic is harvested inflight and then they search the data with software that looks for keywords. They can't do that with WhatsApp messages though because they can't get through the encryption.

 

That's only if you trust whatsapp. There could be "master keys" present, through they say they employ the signal protocol, which, if they do, would mean it is secure end to end.

 

Besides, the content isn't the only important thing. If someone has all the meta data on everyone (who they are texting, how frequently, when etc) then they already have too much IMO. No one should have that except your phone company.

Link to comment
Share on other sites
Section_31 Grand Master

Section_31

Posted
Posted

I sent my willy to a girl over snapchat once. No doubt about 34 people in an office in Taiwan went mental.

 

I sent mine to some bird I'd just started seeing via text along with the words 'good morning', Boxing Day 2006, she went apeshit because her two year old was in the next room (?) 

Link to comment
Share on other sites
M_B Mentor

M_B

Posted
Posted

That's only if you trust whatsapp. There could be "master keys" present, through they say they employ the signal protocol, which, if they do, would mean it is secure end to end.

 

Besides, the content isn't the only important thing. If someone has all the meta data on everyone (who they are texting, how frequently, when etc) then they already have too much IMO. No one should have that except your phone company.

 

Meta Data is a different kettle of fish and yes that is kept by phone companies but presumably intelligence services harvest that too. I agree that data should be strictly controlled.

Link to comment
Share on other sites
stringvest Grand Master

stringvest

Posted
Posted

Most data is strictly controlled, in that organisations harvesting data are regulated in terms of what data an be captured and the way that data can be distributed and used.  However over 90% of the general population are unaware or have expressed no interest in restricting access and/or use of captured data captured beyond the minimum DPA regulations.   

Link to comment
Share on other sites
Rick Sanchez C-137 Grand Master

Rick Sanchez C-137

Posted
Posted

Most data is strictly controlled, in that organisations harvesting data are regulated in terms of what data an be captured and the way that data can be distributed and used.  However over 90% of the general population are unaware or have expressed no interest in restricting access and/or use of captured data captured beyond the minimum DPA regulations.   

 

In my experience "strictly controlled" doesn't mean that much. It might be legislated but how often is it checked? How strong and frequent are the checks? I can't name names but I used to work for a company who was accidentally breaching data protection laws for YEARS without even realising. Then when someone made them aware of it they went "oh shit" and threw out/destroyed the data they were holding on file. So they never got found out despite not even trying to hide it. If someone is trying to hide it, well, it's even less likely to get found out. Arguably though it'd be harder to fly under the radar with something as large with mining and storing every text or voice conversation without a leak or whistle blower.

Link to comment
Share on other sites
stringvest Grand Master

stringvest

Posted
Posted

In my experience "strictly controlled" doesn't mean that much. It might be legislated but how often is it checked? How strong and frequent are the checks? I can't name names but I used to work for a company who was accidentally breaching data protection laws for YEARS without even realising. Then when someone made them aware of it they went "oh shit" and threw out/destroyed the data they were holding on file. So they never got found out despite not even trying to hide it. If someone is trying to hide it, well, it's even less likely to get found out. Arguably though it'd be harder to fly under the radar with something as large with mining and storing every text or voice conversation without a leak or whistle blower.

 

 

There are all sorts of contraventions of the DPA, and of other data protection, security and privacy standards - large, small, conscious, unconscious - happening under the nose of almost every IT department almost every day.   And, quite often, within the IT department.  And it might be a little complacent/naive to think that there might not be other channels of access to our data.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...