Internet firms to be banned from offering unbreakable encryption under new laws (UK)

cant wait for the Safe Network
https://forum.safenetwork.io

VPN sales are fixing to skyrocket

This is just daft, those who have something really worth hiding and little technical knowledge will very easily side-step any flawed applications. The biggest consequence of this will likely be criminals exploiting the backdoors in a few years time as processing power increases and vulnerabilities get found.

In short this move will probably make the average UK citizen more likely to be a victim of crime than protect them from it. It will also likely get abused like so much other anti-terror legislation and be used to nail people for dodging taxes or cheating the benefits system.

The title is not strictly true. It also doesnt apply to just internet firms, any company offering secure anything may be forced under the new law to deliberately make or find exploits in there code or hardware for governments to make use of when asked. They will be forced to cooperate. And I assume theres some gag order involved.

Im surprised they didn't ban open code as that gets around this. Then again free software is so prevalent on the internet that doing so would likely be impossible. Which is great. All the more reason to keep pushing it.

A good way around this is to use a small ISP (the new logging laws, which are absurd btw and impractical to do, do not apply to small ISPs), and to use your own self hosted software. That way if a warrant is placed on your data you should know about it, as you will be the one contacted to gain access to your data not a 3rd party.

Apple promotes the fact that it has, for example, “no way to decrypt
iMessage and FaceTime data when it’s in transit between devices”.

I think they are lying. I remember in one of the TEK episodes logan and wendell said that Tim Cook was very keen to give some master-key of Apple's encrypted communications to the Chinese government when asked.

What's this about?

Our only safeguard here in the UK is the knowledge that it will be implemented in the most incompetent way possible. Whenever the Tories get on their high horse we know what they are doing. Daily Mail readers that know nothing beyond their own noses rail at the world. The government should ban everything, Immigrants, Gypsies Muslims, whatever is the scapegoat of the day. "Old man yells at cloud syndrome". The Tories have little choice because these older people are the very ones that vote Tory and keep them in power.

Those of us that know what's what quietly facepalm and go on unhindered. The all pervasive incompetence of the British establishment is legendary.

There are times of real danger to our way of life. Xenophobic old farts will end up getting us out of EU just in time from them to die of old age leaving the rest of us in the shit. Baby Boomers last hura before they shuffle off this mortal coil. Most if not all of the sensible policies concerning personal freedom and rights come from our German neighbours in the EU. I wonder if it's too late to learn German... Because sure as heck I can't learn Dutch, the Netherlands would be my first choice.

This is relevant

Usually, and with the customer's knowledge and consent, we will include a login (suitably locked down and secure) for us to access the FireBrick. This means that we can address tech support issues, and make config changes if requested and so on.

This works because our customers can, and do, trust us.

Of course, even where such access is via IPSec tunnels, it still involves trusting us!

The problem is not that we are untrustworthy, but the law, if the Draft Investigatory Powers Bill passes as it is now, would legally compel us to be untrustworthy as it forces us to co-operate with "equipment interference" and "removal of protection on communication" in some circumstances.

If it passes it is simply the case that our customers cannot trust us any more, as that trust will have been officially removed by the law of the land.

So, we are considering what we should do, before any such law comes in to force.

But we may have to go further and ensure that the signing of FireBrick code for automatic updates is managed outside A&A. The issue is that whilst A&A do most of the FireBrick R&D, A&A is also a communications provider. FireBrick is not, and hopefully is outside the scope of this legislation. So A&A might be compelled to add a back door to FireBrick code.

As in the way the law is written it allows unrestricted bulk surveillance instead of targeted surveillance that they keep saying it will only be used for? The problem is, thats what they also get wrong, so although they may initially implemented it wrong, the badly written law is already law and laws almost never get changed.

The SAFE Network is a secure and fully decentralised data management service. The network is made up from the unused computer resources provided by the individual network participants.

Users on the SAFE Network provide a small part of their computer resources: hard-drive data storage, CPU processing power, and communications bandwidth. This local resource is called a Vault. Each Vault is cryptographically secure and connects to other Vaults throughout the network.

The User's data is encrypted and broken up into chunks. These chunks are then distributed around other Vaults in the network. At no point do any of the other Vaults know anything about the data they have been asked to store, other than anonymous network address information.

The result of the encryption and network-wide distribution of information is a highly secure and private data management and communication experience for all Users.

The SAFE Network also supports applications and programs that can be accessed by network Users. These applications may be free to use or paid for by using safecoins.

Safecoin is the currency of the SAFE Network and is the oil of the SAFE Network engine. This digital token can only exist on the SAFE Network and incentivises desirable behaviour. Users can earn safecoins by providing resources to the network. Similarly, Application Developers can earn safecoin by creating applications. Safecoins can be traded for any type of network service, or converted to other cryptocurrencies or traditional fiat currencies, after decentralised exchanges appear.

As the SAFE Network grows, it is anticipated that the value of the limited safecoins will grow. Safecoins are only generated by the network based on how much it is used, ensuring no over-supply. Initially safecoin will be the only currency on the network and this utility will help to further drive it's value.

1 Like

But wouldn't that also be banned under this law, unless they cooperate with the government by handing over private keys/building in back doors?

Banned ;Yes
But not able to be stopped because the network is completely autonomous and not bound to any one protocol (Like TCP/IP) it can easily be ported over to different ones . additionally they cant hand over the private keys because they wont have them the network uses self encryption to generate the keys based on the hash of the data so only the owner can de crypt the data. Your password and your key never even gets transmitted to the network. All the code is published so back doors would be visible and detected

Yeah it looks like really cool idea. I read up on it and also watched the video. It's basically Decentralized P2P "cloud" storage that is also encrypted. But i didn't know that you could trade the Safecoins for other crypto-currency. That's sounds too good to be true.

It doesn't really matter if they are banned or not because the business can just move to other countries.

It's basically Decentralized P2P "cloud" storage that is also encrypted.

Yes it is but its a lot more. Protocols for secure messaging, Voip, and video are also built into the network along with a lot more like a fully de centralized DNS . The network can also do distributed computation (sort of like folding@home) and you can purchase the computation from the network using safecoin. All data on the network is encrypted but the important thing is that the data is self encrypted. The Network is not able to read the data. Ownership of your data is entirely yours. There are no servers there is no one to give up secured data and no one to shut down no servers to seize. No trackers to shut down and no block chains to analyze.

i didn't know that you could trade the Safecoins for other crypto-currency.

Safe exchange is just about ready to launch pending the Safe Network go live. Seems like all of the exchanges pieces are in place and they are having a crowd sale to get some operating capital and more importantly distribute the Safe Exchange coin that is used for the De-Centralized Board of Trade and for voting rights on issues related to the exchange. The Exchange is said to be able to be used for trading any type of item weather it be tangible goods or data like crypt o currency.

Site
http://safex.io/sale

interview with founder of the exchange

U.K. is going backwards! If citizens are not able to use unbreakable encryption, then how about the government not using it?

there doesn’t seem to be much of a reason to fully implement all of this, perhaps just some tweaking here or there. The extremist is almost always I.T illiterate along with most of the population. Remember thinking power ( needed to configure such systems ) usually comes with the added bonus of reasoning and therefore in most cases a higher probability of not being a primal & violent individual and more rational, logical and intelligent (again not always, but you cant always stop something)

There is obviously a fine line here between safety / protection and abuse of power. The simple fact is though, if they introduce back doors they will be compromising the organisations and businesses that use partially weakened systems and therefore weakening the state itself against other states.

Basically what this means is that regular people have 1 year logs and the rest VPN out from UK.

You think they will actually only hold that data for one year?

1 Like