Parliament rubberstamps mass surveillance law

[redsturgeon]

Not sure this is the best board for this.

John

[stevensfo]

The government argues the incoming law provides intelligence and law enforcement agencies with the powers necessary to fight terrorism and investigate crime

I never understood this. Any terrorist who gets caught via IT surveillance, deserves to get caught because they're so thick.

John Lanchester ( a great financial writer) tried his hand at fiction and wrote 'Capital'. In it, a muslim wannabe terrorist is caught while staying with his brother in London. What John Lanchester doesn't explain to any great extent is that he was caught because he sent unencrypted emails from his brother's apartment, thus providing the police with an IP address.

Anybody with any intelligence will use free wifi areas and encryption. I have a folder on my desktop with all my personal data, financial etc, secured with Axcrypt, open source software that I've been using for 20 years. The alternative is Truecrypt, but it's not exactly user friendly.

These laws are just testing the waters for further control of the masses.

Just don't be one of those masses!

Steve

[Slarti]

Anybody with any intelligence will use free wifi areas and encryption.
Steve

And one of many VPN software to have end to end encrypted messaging.

Advisable on most free wifi so that the wifi provider can't control what you look at and so that any invasions onto the free system are blocked.

Slarti

[stevensfo]

And one of many VPN software to have end to end encrypted messaging.

I understand that VPN simply does what people used to do themselves and some still do, find internet proxies that re-route your signal through other countries. Colleagues here in Italy use them to watch UK TV.

But it still originates from your house.

No doubt I'm out of date with this, but surely, if the CIA, FBI whatever really wants to trace an email, they can get a court order that forces the VPN company to disclose the server logs and all IP addresses used, and thus trace you.

I heard many years ago that most commercial encryption software had 'back doors' built in. Okay, I don't know if that's true.

This is all academic interest only. 90% of our PC is full of incredibly boring stuff.

The other 10% is just about my plan to blow up the Houses of Parliament next 5th November. Something original for once!

Though 99% of that is about where to find a bleedin' parking space!

Steve

[Lootman]

No doubt I'm out of date with this, but surely, if the CIA, FBI whatever really wants to trace an email, they can get a court order that forces the VPN company to disclose the server logs and all IP addresses used, and thus trace you.

An IP address does not identify you unless it is your home or work computer. An IP address just identifies a location, and that might be a public place like a Starbucks. Someone who is paranoid might go to an internet cafe, pay cash, set up an email address, send the email, close the email account, delete all history and cookies on that machine and leave. The chances of that being traced to you are very small, probably relying on CCTV cameras and facial recognition software. Wear a hoodie and sun glasses if you're worried.

If it is your own machine then a VPN service typically allows you to route through any city or country that you choose from a pull-down menu. By choosing a proxy IP service that is overseas, you'd make it more difficult for the authorities in your own country to compel that foreign provider to disclose your information and location.

Not impossible, necessarily, but how difficult would depend on the privacy laws of that other nation, any reciprocity treaties and agreements between the two nations and the general attitude of the courts in that country to requests from foreigners that affect their own citizens and residents.

At least, that would be the case for an ordinary person or entity seeking access to your transmissions. If the CIA want to know what you are up to, they have a variety of overt and covert, legal and illegal ways of achieving that, and I wouldn't fancy your chances. But they need to be aggressively looking at you to justify any of that.

The plans for the WTC attack were interesting in that emails were not sent between the conspirators. Rather they used draft versions of messages in an email account that they all had access to. The authorities were looking for transmitted emails but not emails in draft folders. No doubt those draft folders are now monitored.

[quelquod]

TBH I've never really been concerned about (my own) privacy and secrecy. Unless you're up to no good is there some practical reason that you'd be worried about the security forces of the country having access to your details? It seems the sort of thing that exercises folk without really having any cause for concern. Quite a difference from anyone and everyone having access, or someone seeking to do you harm, the sort of nebulous concerns that civil libertarians like to raise Cain about but why exactly?

[Slarti]

And one of many VPN software to have end to end encrypted messaging.

I understand that VPN simply does what people used to do themselves and some still do, find internet proxies that re-route your signal through other countries. Colleagues here in Italy use them to watch UK TV.

But it still originates from your house.

No doubt I'm out of date with this, but surely, if the CIA, FBI whatever really wants to trace an email, they can get a court order that forces the VPN company to disclose the server logs and all IP addresses used, and thus trace you.

I heard many years ago that most commercial encryption software had 'back doors' built in. Okay, I don't know if that's true.

This is all academic interest only. 90% of our PC is full of incredibly boring stuff.

The other 10% is just about my plan to blow up the Houses of Parliament next 5th November. Something original for once!

Though 99% of that is about where to find a bleedin' parking space!

Steve

VPN software creates a secure link between 2 computers, one of which could be an internet proxy, but its most common commercial use is to allow remote staff to connect into the company's systems, securely.

In fact many companies connect everybody by VPN, wherever they are and have little other than the operating system firewall, AV and VPN software on the PC, everything else residing on virtual desktops on the servers. That way, if you are at your desk next to the server room, in the remote office in the next city, at home or on a MacDonald's free wifi, you can still use the companies systems without risk to the company.

If you want to use VPN to hide from security forces or law & order, there is no VPN company, just 2 off the shelf sets of VPN software to allow the naughty people to communicate. Well, one per PC.

I actually have 3 different bits of VPN software on my PC that allow me to connect to 5 different customers, securely.

Slarti

[Slarti]

TBH I've never really been concerned about (my own) privacy and secrecy.

Well, if you don't do any online shopping or banking, that may well be OK

Unless you're up to no good is there some practical reason that you'd be worried about the security forces of the country having access to your details? It seems the sort of thing that exercises folk without really having any cause for concern. Quite a difference from anyone and everyone having access, or someone seeking to do you harm, the sort of nebulous concerns that civil libertarians like to raise Cain about but why exactly?

As for why I'm worried about security forces having access to my data, not everybody who works for them is honest, their systems are repeatedly shown to be less than watertight and if, as seems possible, our government is taking a lurch to the right, there are many who would oppose that and would not want their trade union or currently legitimate political activities in the hands of future politicians.

Cheers
Slarti

[Slarti]

When you vote a number is recorded against your poll paper, which I remain unconvinced isn't 'destroyed', at least not until after the content has been recorded elsewhere. The state having access to how each voter actually voted via record keeping is the start of a slippery slope IMO.

Although off topic for this board, I will answer that.

This has always been the case, at least since the 60s.

The poll lists with vote reference on are sealed under the observation of any appropriate observers (party members) collected, bundled and stored by the returning officer's deputy. When I say sealed, this may include an observer's seal

As far as I am aware, when this information has been used to confirm or deny election fraud, there has been no suspicion that the lists had been tampered with between close of poll and access under warrant.

Cheers
Slarti

[Lootman]

If you want to use VPN to hide from security forces or law & order, there is no VPN company, just 2 off the shelf sets of VPN software to allow the naughty people to communicate. Well, one per PC.

Although some naughty people may use VPN software to do naughty things, there are perfectly legitimate reasons to use a VPN as an individual. For example HMA (adorably standing for "Hide My Ass") software is UK-based, perfectly legal, sells well and will protect all your devices.

[Slarti]

If you want to use VPN to hide from security forces or law & order, there is no VPN company, just 2 off the shelf sets of VPN software to allow the naughty people to communicate. Well, one per PC.

Although some naughty people may use VPN software to do naughty things, there are perfectly legitimate reasons to use a VPN as an individual. For example HMA (adorably standing for "Hide My Ass") software is UK-based, perfectly legal, sells well and will protect all your devices.

From everybody other than the government as this story points out https://invisibler.com/lulzsec-and-hidemyass/

I have mentioned the most important one is to protect you from free wifi insecurities, but VPN services may not protect you from the service provider DYOR

Slarti

[Lootman]

From everybody other than the government as this story points out https://invisibler.com/lulzsec-and-hidemyass/

I believe that there have been a few attempts to compel HMA to release data. Some were successful, like the one the article cites. Others were not. I don't know the internals of how HMA works but I would imagine that all HMA will know is which proxy server you used and some timestamps - not the content of your transmissions. So a court order would give them that proxy IP but then the investigator would have to issue another court order for the IP provider for that proxy, to identify the proxy host. Finally if that works they would then have to compel the host of that proxy server to comply.

So, a lot of steps and surely only done when a serious crime has been committed - not for ordinary everyday use. And it makes sense for HMA to capture and retain only a bare minimum of information.

I have mentioned the most important one is to protect you from free wifi insecurities, but VPN services may not protect you from the service provider DYOR

That may be true in general but it's not the most important use for me. I use it to access sites that I am otherwise blocked from or diverted away from, usually in other countries. To ensure my IP provider cannot read my content. And (probably the only slightly naughty one) getting past filters that limit my access although, even then, I am often only bypassing filters that are claimed to be there to "protect" me.