[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Saturday 25 October 2008 12:28, Jonathan Roberts wrote: > 2008/10/25 Simon Williams <simon@xxxxxxxxxxxxxxxxxxx>: > > Neil Stone wrote: > >> http://yro.slashdot.org/yro/08/10/15/2222209.shtml > >> > >> "The Communications Data Bill (2008) will lead to the creation of a > >> single, centralized database containing records of all e-mails sent, > >> websites visited and mobile phones used by UK citizens. In a > >> carnivore-on-steroids programme, as all vestiges of communication > >> privacy are stripped away, The BBC reports that Home Secretary Jacqui > >> Smith says this is a 'necessity.'" > > > > How exactly are they planning to do this? People encrypt mail. > > I doubt that a huge number of people actually encrypt their mail. > Also, I think I heard the plans have been revised not to include > message content, but headers such as origin/destination, time sent etc Having had the missfortune to manage an e-mail system and then being forced to search messages in it I think the noise level is so high it would be almost impossible to extract any REAL information. > > The other thing that effects encryption as protection is that as part > of the RIPA act a person can be required by law to hand over their > encryption keys, with failure to do so resulting in a jail sentence > (with longer sentences for terrorist suspects). I've had conversations > with people who argued that a judge would never recognise this as it > violates your right not to incriminate yourself, but recently a judge > did support this and said there were occasions when this can be > superseded. You can encrypt data in such a way that it doesn't seem encrypted - or rather it cant be proved to be encrypted. And you can send white noise that looks like its encrypted so they waste time trying to decrypt it (see my comments above). Like the man said - only the idiots will get caught. > > > they need all private mail servers > > as well. Even *I* have a mail server. > > Even if they don't have the information from your own mail server, > they have the information from everyone who you've emailed on public > servers, and of messages that have gone through public SMTP relays > etc. A lot of work is being done that does analysis based on > association, so you may find yourself being more closely investigated > because your email records link you to someone who's own email records > link them to a known terrorist. > > With the whole six degrees of separation thing having gained more > support lately, looks like we're all associated to a terrorist by just > a few emails! > > Will ha > > Jon -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html