UK Parliament: Banning Tor Is Unacceptable and Technologically Impossible 98
An anonymous reader writes: Months after UK prime minister David Cameron sought to ban strong encryption, a new parliamentary briefing contradicts that, at least when it comes to Tor. The briefing says, "there is widespread agreement that banning online anonymity systems altogether is not seen as an acceptable policy option in the UK. Even if it were, there would be technical challenges." The briefing cites Tor's ability to circumvent such censorship in countries like China as well as looking at both legal and illegal uses of Tor.
Re:Is there still a suddenoutbreakofcommonsense ta (Score:5, Insightful)
Well, to be honest, all it probably means is that they know how to get around tor, and they don't want people to switch to anything else.
But I'm cynical that way.
How does tor anonimize the sender and receiver. (Score:2)
Perhaps someone could explain how Tor creates anonimity. Most places I read stress the more obvious part of Onion Routing which is sort of merry go round tumbler so people can't associate where you got on from where you got off. But What I don't understand is how you preserver anonimity in the getting on part. Two things strike me as give-aways. First It seems like there has to be some zero conf step where you learn where a tor entrance node is and what port it wants to initiate the protocol. It seem
Re: (Score:3, Informative)
Client randomly chooses 3 nodes to be "entry guards". They are always used as the first node in the circuit.
For each request* the client randomly chooses 3 nodes (the entry guard and 2 others). The third of these nodes needs to be configured as an exit node (unless you are accessing a .onion site).
The Entry node knows who you are (i.e. your IP), but not what you are connecting to.
The middle node knows who the entry node and exit node are, but nothing else.
The exit node knows what ip you are visiting (and ca
Re: (Score:1)
I doubt that actually. POST is a small group of scientists who advise parliament, they're not a part of the government at all and it's extremely unlikely they'd be privy to classified knowledge about secret programmes to intercept tor communication.
Re: (Score:2)
Re: (Score:1)
>Banning TOR is not technologically impossible, it is quite easy to do. //
Go on?
Suppose I create an SSH tunnel or use a VPN to a machine that I run TOR on - you're going to enforce a ban on that and it's "quite easy". Pray tell how?
Suppose you're going to be super-naive about it and just block TOR traffic at the ISP user level - it's encrypted and can be passed on common ports like 443 - how do you stop that traffic?
Re: (Score:2)
You didn't read his post, banning it is easy, all you have to do is pass a law that says its not allowed. Enforcing the ban is the hard part.
Re: (Score:2)
TOR exit nodes are on a public list. Banning them by IP address is quite easy, and it is pretty common for admins to ban or severely restrict services to exit nodes, just because they have a reputation for abuse.
The ideal is to use TOR, then a VPN service past the exit node, so services on the Internet don't give you the middle finger.
Re: (Score:1)
From what I hear and the Tor people say, this is not correct: It is an arms-race and you may need to use certain additional measures, but so far neither side has won.
Tor does not work reliably in China. (Score:1)
Tor works in China? I rarely get Tor or torrents to connect in Beijing, but for some reason it varies depending on where I connect.
Re: (Score:1)
tor != Bittorrent.
That is all.
Re: (Score:1)
I am saying *neither* have worked well for me since I came to China a year ago.
Common sense to you and me, but... (Score:5, Insightful)
The problem is that for Cameron to change his mind on trying to ban strong encryption, would imply that he was somehow wrong to try and ban it in the first place. This of course will not happen. Politicians HATE it when they are shown to be wrong.
A bit of heated rhetoric mentioning Paedophiles, Terrorists and Tor will put paid to this report, and GCHQ will continue on their merry way treating the entire population as enemies/criminals.
Re: (Score:3, Insightful)
You just have to keep beating him down with facts. It may take a while. After a mere two centuries, even the Catholic Church had to admit the world is NOT in the center of the universe. A century and a half later, it even apologized for it's treatment of the late Galileo!
Re: Common sense to you and me, but... (Score:1)
The big difference is that the Universe is bigger than government and it won't listen to it. Tech is another matter. All it takes is a "Safe Computing Act" and you'll have to surrender your computers for destruction and get a government-approved tablet in their place. It can happen. I wouldn't tease the dragon if I were you.
Re: (Score:2)
The big difference is that the Universe is bigger than government and it won't listen to it. Tech is another matter. All it takes is a "Safe Computing Act" and you'll have to surrender your computers for destruction and get a government-approved tablet in their place. It can happen. I wouldn't tease the dragon if I were you.
The prospect of this is not exactly keeping me up at night, on account of it being preposterous.
Re: (Score:1)
That is not going to happen anytime soon, because IT is still highly experimental. Unless the UK want to become part of the third world, that is. Legal measures will be ineffective too, as quite a few people realize that life without essential freedoms is not worthwhile living and will rather risk it than bow to a fascist state.
Re:Common sense to you and me, but... (Score:5, Informative)
I gather you're not aware that Copernicus was working for a Bishop of the Catholic Church?
Of course, what they were apologizing for was trying Galileo for the crime of calling the Pope an idiot in his book.
No, Galileo wasn't being tried for heliocentrism, even nominally, he was tried for asserting heliocentrism without PROOF.
Note, however, that the actual reason the Pope was butthurt over Galileo is that Galileo put a character into his book explaining heliocentrism named "simpleton", which character was, from internal clues, clearly meant to be the Pope.
Re: (Score:2)
Science doesn't have proof. Only mathematics has proofs.
Science has theories and evidence to support those theories (or evidence to falsify the theory).
Re: (Score:3)
Fine, "evidence." Galileo was right, sure, but he didn't know why he was right, and couldn't logically argue it. Instead he just called everybody who disagreed with him stupid. He wasn't practicing science in any way a scientist would find acceptable.
Theory needs to account for all observations, and explain them. Anything that is not supported by observation is not theory. So Galileo said "the earth moves around the sun!" and the Jesuit astronomers said, "not an awful idea, but there's the issue of stellar
Re: (Score:1)
General hard science does have proofs, but they have a confidence level below 100%. Come to think of it, Mathematics has a long-term error rate in peer-reviewed proofs of 1 in 1000, so even Mathematics is not fundamentally better, except for old stuff that has been tested time and again, quite like software.
Re: (Score:2)
no need to change his mind, they just forward both at the same time.
On the one hand they want a strong digital economy.
On the other, they want to the fundamental requirements of a digital economy banned and the use of basic tools for a digital economy made illegal.
In short, it's a very bad idea to invest any time or effort into the UK digital economy, cos chances are it's not going to be allowed for very long.
Re: (Score:1)
Unless the UK wants so slide into the 3rd world really fast, they will not kill their digital economy. A good example is France: Unlicensed encryption is banned, but corporations can get exceptions and for private use the authorities are looking the other way. The reason is simple: Anything else would be an economic disaster.
Re: (Score:1)
Yeah, because France is leading the digital economy....
UK is already well on the way to 3rd world.
Re:Common sense to you and me, but... (Score:5, Funny)
His cabinet friends are equally 100% clueless.
And his gov't advisers are too clueless to tell the clueles twats that they're clueless twats.
It would be nice if we get a Gov't on May 7th that isn't formed by a bunch of clueless twats but we won't. They teach them how to be clueless twats when they do their PPE degrees at Oxford and gain entry to the Establishment. It's the first rule of being a member of the UK Parliament and part of the UK Gov't.
Re: (Score:3, Informative)
Re: (Score:1)
Top Bloke?
Re: (Score:2)
Top Bloke?
See aforementioned "unhealthy sexual practices"...
Re: (Score:2)
I think the cunt ratio approaches 1 when you do PPE (politics, philosophy, and economy - a degree who's sole purpose is to prepare you to rule).
Re: (Score:3)
Re: (Score:2)
He said that he wanted to make sure that the security services could read any communication. This could just as readily be taken to mean that he believes that the high court should be able to issue a warrant forcing somneone to decrypt the message.
The fact that there already is such legislation means that he doesn't actually need to do anything and can still claim that we have suc
Re: (Score:2)
>He never actually said he wanted to ban encrpytion. That was the tech media taking some vague statements and running with it.
>He said that he wanted to make sure that the security services could read any communication.
So he doesn't want to ban encryption only useful, working encryption? Not sure that really changes anything.
Logically your alternative doesn't work - if I die and the password dies with me then SS can't read the communication. Even just making it a crime not to assist with decryption do
Re: (Score:1)
As far as I can tell, he's not talking about banning anything.
If there's nobody alive who can read the encrypted message then nobody gives a damn what's in the message. The message effectively no longer exists.
But I should point out, this is not a law. This is not a bill.It's not
Re: Common sense to you and me, but... (Score:2)
He hasn't said much of anything yet. He made a political announcement, not a practical one.
Re: (Score:2)
The problem is that for Cameron to change his mind on trying to ban strong encryption, would imply that he was somehow wrong to try and ban it in the first place. This of course will not happen. Politicians HATE it when they are shown to be wrong.
A bit of heated rhetoric mentioning Paedophiles, Terrorists and Tor will put paid to this report, and GCHQ will continue on their merry way treating the entire population as enemies/criminals.
What amuses me about these conservatives is that they claim to be against what they call 'the nanny state' but then they turn around and want to ban Tor, ban strong encryption, put entire nations behind a net-nanny firewall they sourced from a company in Red China, ban hooded clothing, ban pocket knives, put CCTV all over the place ban things that obscure your face because the CCTV can't identify you, bug the telecommunications of the entire populace,..... but let me reiterate that they are still against t
Just like knifes, Morphine, Bitcoin... (Score:5, Insightful)
Tor falls into the same category as many other items which can be used for both good and bad.
A knife can be used to cut bread, but also throats. Morphine is be best pain killer there is,
but is also a killer when abused. Bitcoin (& co) can revolutionize the monetary system,
but also be used for non-tracable financing for all sorts of illegal activities.
"Non-tracable financing for all sorts of illegal activities" is also a a well-known property of... cash!
Cash is not really under political questioning (a bit more so from banking): it's common,
under relative control, and it's not new.
This leads me to believe that the banning things which can have adverse side effects
is not primarily motivated by care for the public best, but rather fear of the new/unknown and
fear of loosing control.
Re: (Score:2)
. Morphine is be best pain killer there is,
Heroin is a stronger painkiller. It's actually legal in the UK for medical use.
Re: (Score:2)
It's not a stronger painkiller. It's exactly the same. Emphasis mine:
The choice of heroin and morphine over other opioids by former drug addicts may also be because heroin (also known as morphine diacetate, diamorphine, or diacetyl morphine) is an ester of morphine and a morphine prodrug, essentially meaning they are identical drugs in vivo. Heroin is converted to morphine before binding to the opioid receptors in the brain and spinal cord, where morphine causes the subjective effects, which is what the addicted individuals are seeking.[23]
Source [wikipedia.org]
Re: (Score:2)
hey are identical drugs in vivo
Once they get to the brain, sure, but heroin passes through the blood brain barrier more effectively than morphine, making it a more effective painkiller.
Source: the exact same article you linked to, only further down.
Re: (Score:2)
tldr; Heroin is morphine in a ninja suit. It sneaks past your body's barriers and tota
the solution to their perceived problem (Score:5, Interesting)
wouldn't be to ban strong encryption, it would be to make the assumption in Law that there mere *presence* of such an encryption system is enough indication of liability. Much like the assumption made that because something posesses a moving picture display that it is being used as a televisual broadcast receiver even if it isn't actually being used as such. It's easier to assume than it is to carry the burden of proof - with assumption comes the passing of that stick to the accused (who is on a loser because - and you've got to point this out or you're screwed - you can't prove a negative, it's a logical absurdity).
What this means to Granny is that if her computer is compromised with one of those cryptolocker things that encrypts her home folder and holds it ransom, she can't decrypt it because she doesn't have the key.
Strike 1 in English Law: possession being 9/10, if you have hold of a hard drive it is assumed that you have access to the data on it.
Strike 2: if there is an encryption it is also assumed that you have the key (see previous point about proving negatives).
Strike 3: Case that Granny is accused of having kiddie porn, the assumption can now be made that said kiddie porn is inside the encrypted container. Because the Law is now changed so that criminal liability now works on Balance of Probabilities (hence doesn't need a jury to decide Beyond Reasonable Doubt), Granny is going away for a while even if a: there is no kiddie porn - which she can't prove by unlocking the encrypted container, and b: she could prove it by breaking the encryption and opening the container - make the assumption that there are other containers containing the porn, which given the mental status of State prosecutors (and police), being utterly paranoid, she be fucked because the seed thought is there (that Granny is a bad person), and combined with the balance of probabilities, "No Smoke Without Fire" applies. NSWF CANNOT apply in Beyond Reasonable Doubt because BRD REQUIRES physical evidence! And encrypted container with no access to the data is NOT physical evidence. If it were we'd see prisons bursting with people jailed on the basis of unseen contents in sealed black boxes.
Lesson for all: if you're accused of causing harm or damage, DEMAND THAT JURY AND DO NOT BACK DOWN.
</run_on_rantish_rant>
Re: (Score:1)
I don't know what it is about UK law, but on Slashdot it feels like you can make any absurd claim about it and it gets modded up. I mean, IANAL but this is just silly.
you can't prove a negative, it's a logical absurdity).
You can't prove a negative in a deductive sense but you can in an inductive sense. If little of the available evidence suggests that a proposition is true while much of the evidence suggests an alternative proposition is true, then the first proposition is unlikely to be true. For example, suppose you were accused of robbing a store at 01:45
Re: (Score:2)
You can't prove a negative in a deductive sense but you can in an inductive sense. If little of the available evidence suggests that a proposition is true while much of the evidence suggests an alternative proposition is true, then the first proposition is unlikely to be true.
"Unlikely to be true" isn't the same as "proven negative." When discussing logic, "proof" has a specific meaning.
That said, your example/reasoning is mistaken, but you're underlying point is not. It is sometimes possible to prove a negative by contradiction (proving that the affirmative is impossible).
Re: (Score:2)
Not really relevant though in this case is it. Do you really think the application of the law is by legal reasoning?
The detecting and prosecuting authority's will be instructed to apply sanctions for the personal possession of encrypting technology and to automatically sanction without discretion.
Jurys are not required for 99% of court cases, the judge just rubber stamps the prosecutions case.
Cameron has turned out to be a duffer who just repeats the odious bigotry of his class.
Even the Brown Shirt party -
Re: (Score:2)
And encrypted container with no access to the data is NOT physical evidence. If it were we'd see prisons bursting with people jailed on the basis of unseen contents in sealed black boxes. (...) Lesson for all: if you're accused of causing harm or damage, DEMAND THAT JURY AND DO NOT BACK DOWN.
I'm not sure how you think a jury would help or the law works. In the UK failing to decrypt an encrypted container is illegal under the RIP act, having a sealed black box is the crime. That's what they need proof of, not what crime they really suspect you of committed. The rest is just dragging you through the mud so the jury won't be looking very hard to find any reasonable doubt or question that you're convicted for having a locked box which by itself doesn't sound like an offense at all. The jury will be
Re: (Score:2)
there is no such thing as a victimless crime. Where you see "R -v- ...", the R stands for "Regina", ie the CROWN. It is the CROWN on behalf of Her Majesty The Queen (the VICTIM) who are making claim against you.
Re: (Score:2)
uh... how about "I'm a lawyer"?
Re: (Score:2)
THEIR exit nodes.
There's nothing stopping such a high flux of new exit nodes in the face of censorship. Especially as ANY client can be an exit node, in theory.
Re: (Score:1)
And with even a modicum of understanding of how Tor works, you would know that this is not relevant.
Simple explanation: he tries to sound 'tough' (Score:2)
Cameron is trying to sound "tough" to appeal to voters, especially in the run up to the General Election in May. Of course, sounding tough doesn't require that your stated policy makes any sense technically, logically, economically or in any other sense.
Re:Simple explanation: he tries to sound 'tough' (Score:5, Insightful)
Consider also that Cameron appeals primarily to the Daily Mail reading baby boomer crowd, because they tend to vote for and he's hoping he can get them all onside. As such he's bound to spout technophobic rhetoric because much of that generation and the Daily Mail crowd find technology and change scary as shit.
It was only a week or two back Cameron stood and said that benefits for the elderly should be protected regardless of wealth (i.e. free bus passes, TV licenses, and money for heating for millionaire retirees are acceptable). His argument was that these people have lived through recessions and fought wars for us. I couldn't watch it with a straight face, I mean, he is aware the last 10 - 15 years happened right? he surely can't have missed the whole Afghanistan and Iraq thing coupled with the worst financial crisis in living memory all of which were fought by and impacted non-pensioners the most?
His pro-pensioner, pro-Daily Mail rhetoric has reached farcical levels in his desperation to keep the pensioners onside because as well as his recent anti-technology views he's also got the gall to tell entire generations that those wars they fought, that financial crisis they've been suffering and dealing with cuts and job losses through? well those just don't matter and it's tough shit. It's not like the vast majority of pensioners alive today even saw, let alone fought in the war - on the contrary most enjoyed a period of unprecedented wealth growth and relative peace.
At this point anything Cameron says is beyond nonsense and UKIP panic induced Daily Mail pandering.
Re: (Score:1)
Hang on there : "Daily Mail reading baby boomer crowd"
I am in the age group BUT would not even use the Daily Mail as toilet paper ;-)
Don't judge us all by the same criteria.
Re: (Score:2)
Yes, I'll clarify because it is a little ambiguous, I'm well aware not all baby boomers read it, and I'm referring specifically to those that do, or those that at least have the same mindset of believing the world still owes them everything ever and everyone else can go screw themselves.
I absolutely agree that yes, there are at least some good baby boomers :)
Re: (Score:2)
OAPs are the Tory's core voters, the base that their success stands on. That's why they will always be looked after by Conservative governments.
Re: (Score:2)
What OAP benefits have they slashed exactly? Winter fuel payments, free bus passes, free TV licenses are all intact regrdless of whether you're a pauper or a billionaire. The state pension has been increased in value, and ever more money has been poured into social care and the NHS to try and resolve the crisis that their failure to pay a fair share through their working life that covers the costs of what they expect to receive from the state now has caused.
All in all they've got it pretty good - the stats
They are just trying to cover up (Score:2)
Their upper class wants to communicate anonymously: http://www.thedailybeast.com/a... [thedailybeast.com]
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
What's amazing still is how little traction that story has gotten. Everybody's just like "oh, well, guess that's all in the past, the pedos are all dead and it's certainly not going on still, so nothing to see here let's move on..."
It's yet another one of the things the tinfoil hat crowd was right about. Alex Jones and other conspiracy minded folk have always said there are pedophiles in positions of power throughout the world who cover for each other. It's almost like a club. You get bumped up in the ranks
Re: (Score:2)
Alex Jones and other conspiracy minded folk have always said there are pedophiles in positions of power throughout the world who cover for each other.
Alex and those other folks say a lot of things, they're immune to evidence. A stopped watch being occasionally right shouldn't raise eyebrows.
Sayeth the Government (Score:2)
Re: (Score:1)
Hehehehehe, nice! Not supported by the facts, though.
It's pointless to ban them anyway (Score:2)
Re: (Score:1)
From what the Tor folks say, this is not true. It is an arms-race and it may need special measures to get through, but so far neither side has won.
Or (Score:1)
TOR is throughly compromised and they don't want people to stop using it, they want them to feel "safe" using it.
neeto (Score:1)
Ha ha oh wow. Since when did this ever start showing up in statements? Last I checked we still have people (from plebs to politicians) saying crap like "We should show everyone's name on the internets!"
And even multi-million corporates saying crap like "Let's base policy around the user's location because we can tell where they are." Then some tech says something about "proxies and VPNs" and the decision makers say something about "Fix it