Technological enablers aren’t good or evil, they simply exist to facilitate whatever purpose they were designed for. Of course we always aim to maximise the good they’re capable of whilst diminishing the bad, however changing their fundamental characteristics (which are often the sole purpose for their existence) in order to do so is, in my mind, abhorrent. This is why I think things like Internet filters and other solutions which hope to combat the bad parts of the Internet are a fool’s errand as they would seek to destroy the very thing they set out to improve. The latest instalment of which comes to us courtesy of David Cameron who is now seeking to have a sanctioned backdoor to all encrypted communications and to legislate against those who’d resist.
Like most election waffle Cameron is strong on rhetoric but weak on substance but you can get the gist of it from this quote:
“I think we cannot allow modern forms of communication to be exempt from the ability, in extremis, with a warrant signed by the home secretary, to be exempt from being listened to.”
Essentially what he’s referring to is the fact that encrypted communications, the ones that are now routinely employed by consumer level applications like WhatsApp and iMessage, shouldn’t be allowed to exist without a method for intelligence agencies to tap into them. It’s not like these communications are exempt from being listened to currently just that it’s infeasible for the security agencies to decrypt them once they’ve got their hands on them. The problem that arises here though is that unlike other means of communication introducing a mechanism like this, a backdoor by which encrypted communications can be decrypted, this fundamentally breaks the utility of the service and introduces a whole slew of potential threats that will be exploited.
The crux of the matter stems from the trust relationships that are required for two way encrypted communications to work. For the most part you’re relying on the channel between both parties to be free from interference and monitoring from interfering parties. This is what allows corporations and governments to spread their networks over the vast reaches of the Internet as they can ensure that information passing through untrusted networks isn’t subject to prying eyes. Taking this proposal into mind any encrypted communications which pass through the UK’s networks could be intercepted, something which I’m sure a lot of corporations wouldn’t like to sign on for. This is not to mention the millions of regular people who rely on encrypted communications for their daily lives, like anyone who’s used Facebook or a secure banking site.
Indeed I believe the risks poses by introducing a backdoor into encrypted communications far outweighs any potential benefits that you’d care to mention. You see any backdoor into a system, no matter how well designed it is, will severely weaken the encrypted channel’s ability to resist intrusion from a malicious attacker. No matter which way you slice it you’re introducing another attack vector into the equation when there was, at most, 2 before you now have at least 3 (the 2 endpoints plus the backdoor). I don’t know about you but I’d rather not increase my risk of being compromised by 50% just because someone might’ve said plutonium on my private chats.
The idea speaks volumes to David Cameron’s lack of understanding of technology as whilst you might be able to get some commercial companies to comply with this you will have no way of stopping peer to peer encrypted communications using open source solutions. Simply put if the government, somehow, managed to get PGP to work a backdoor in it’d be a matter of days before it was no longer used and another solution worked into its place. Sure, you could attempt to prosecute all those people using illegal encryption, but they said the same thing about BitTorrent and I haven’t seen mass arrests yet.
It’s becoming painfully clear that the conservative governments of the world are simply lacking in fundamental understanding of how technology works and thus concoct solutions which simply won’t work in reality. There are far easier ways for them to get the data that they so desperately need (although I’m yet to see the merits of any of these mass surveillance networks) however they seem hell bent on getting it in the most retarded way possible. I would love to say that my generation would be different when they get into power but stupid seems to be an inheritable condition when it comes to conservative politics.
Back in July David Cameron announced that he’d be ensuring that all ISPs within the United Kingdom would implement a mandatory filtering scheme. The initiative drew a lot of negative attention, including a post from yours truly, as the UK’s citizens were rightly outraged that the government felt the need to fiddle with their Internet connections. The parallels between Cameron’s policy and that of the Clean Feed here in Australia were shocking in their similarity and I, like many others, thought that it’d likely never see the light of day. Unfortunately though it appears that not only has Cameron managed to get the big 4 Internet providers on board he’s also managed to broaden the scope far beyond its original intentions, much to the chagrin of everyone.
The base principle behind this initiative appears to be the same as the Clean Feed: to protect children from the vast swaths of objectionable content that reside on the Internet. Probably the biggest difference between however stems from its implementation as the Clean Feed was going to be enforced through legislation (although that later changed when it couldn’t pass parliament) Cameron’s filter is instead a voluntary code of practice that ISPs can adhere to. If the same thing was introduced in Australia it would be likely that none would support it however in the UK nearly all of the major suppliers have agree to implement it. The problem with this informal system though is that the scope of what should and should not be blocked isn’t guarded by any kind of oversight and, predictably, the scope has started to creep far beyond it’s initial goals.
Among the vast list of things that are making their way onto the list of “objectionable” content are such legitimate sites including sex education sites and even the UK equivalents of sites like Kids Helpline. Back when Conroy first proposed the filter this kind of scope creep was one of the biggest issues that many of us had with the proposal as the process by which they made the list was secretive and the actual list itself, even though it was eventually made public, was also meant to be kept from the general public. Cameron’s initiative does the same and, just as everyone was worried about, the list of objectionable content has grown far beyond what the general public was told it would. It’s happened so quickly that many have said (and rightly so) that it was Cameron’s plan all along.
If you ever had any doubts about just how bad the Clean Feed would have been in Australia then the UK’s initiative should serve as a good example of what we could have expected. The rapid expansion from a simple idea of protecting children from online pornography has now morphed into a behemoth where all content either fits into someone’s idea of what’s proper and what’s not. It’s only a matter of time before some politically sensitive content makes it onto the objectionable list, turning the once innocent filter into a tool of Orwellian oppression. I’d love to be proved wrong on this but I can’t say I’m hopeful given that the slippery slope that many of us predicted came true.
Fight this, citizens of the UK.
Do you remember the last time the Clean Feed hit the Australian news? I most certainly don’t but luckily I blogged about it every time it happened and the last time it crossed my path was over 2 years ago when some Australian ISPs decided to voluntarily block 500 sites. Suffice to say the No Clean Feed movement, something which I was an active part of, was completely successful and we haven’t had to speak of it again. Indeed I thought that any modern society looking to implement something like Australia’s Internet Filter would see just how politically toxic it was and then think twice about it.
Turns out I was wrong.
David Cameron, Prime Minister of the United Kingdom, has announced a policy that looks eerily similar to the Clean Feed policy that Senator Conroy introduced all those years ago. Essentially it’s a pornography filter and while at first glance it looks like it might be opt-in it’s in fact going to be the dreaded opt-out, meaning that every Internet user in the UK will have their connection filtered unless they ask nicely for their ISP to stop. The rhetoric surrounding the policy is also eerily similar to the Clean Feed with a heavy focus on the impacts to children and attempting to curb the child pornography. If I didn’t know any better I’d say that they’d straight up copied everything about the Clean Feed and simply changed a few words here and there to make it their own. Predictably the Internet is in an uproar about this and the policy is getting all the scrutiny it deserves.
Cameron thinks that his filter will be infallible (gosh where have I heard that before) and that “it should not be the case that technically literate children can just flick the filters off at the click of a mouse without anyone knowing”. Now forgetting for a second that most parents aren’t exactly technically inclined it wouldn’t take a child genius to work out that a proxy site like HideMyAss was all that was required to bypass a filter like that. Sure you could then block those VPN sites but, hang on a second, they’re legitimate sites with completely legal use cases. So you either resign yourself to having an ineffectual filter or you go down that rather ugly path where you make anything that can bypass it illegal, something which I’m sure a lot of businesses would have something to say about.
Had Cameron done a little bit of homework he would have found out that he could win the same number of votes without alienating the tech community by saying that the filter would be opt-in. I’ve said many times in the past that I support such a policy because it gives concerned parents an easy option whilst leaving the majority of Internet users untouched. It’s also better for the ISPs as they can plan a filtering solution based on a minority of their users, rather than having to scale up a solution that has to support their entire user base. For some reason though the default position for policies like this seems to be always-on and anything else is seen as a weak compromise. Funnily enough the thing that would supposedly make such a system more effective will end up killing it in the end, even if Cameron doesn’t see it now.
So, people of the UK, it’s now time for you to do what us Australian’s did and rally together to fight Cameron’s filter policy. I’m not saying it’s going to be easy, nor without any significant effort, but after 3 years we managed to kill our Clean Feed policy for good and made talk of it so politically toxic that neither party dares mention it again. You’ll now have to do the same: contacting members of parliament, staging demonstrations and, most important of all, not letting up until they drop this policy in favor of the next voting winning scheme.
We’ve got your back, fellow members of the Commonwealth.