Translate

If you're looking for a post about Cait Riley, click here

Want new Blog posts sent to you automatically when the Blog is updated? Enter your email address & click the GO button. I won't spam you.

Tuesday, 3 April 2012

Email and web monitoring laws (proposed UK)


This proposal does seem to be exceptionally silly. Any well-advised Bad Guy will be able to avoid it. The problem (for the “authorities”) is the diversity and rapid evolution of the services available on the Internet.

Standard email is not a great problem. It is handled in a fairly straightforward way using a handful of published protocols. (SMTP, IMAP, POP3, etc.). If you use an email program, those acronyms will almost certainly be involved “under the hood”.

If you use a web-based email service such as Google, Yahoo or Hotmail it's a bit harder to snoop. Such services tend to use secure protocols such as HTTPS. However, I'm going to ignore that layer of protection purely because it's possible that the authorities can defeat it. The problem is that the protocols used by web-mail services are diverse, often proprietary, unpublished and worst of all, frequently changing. This makes monitoring a major technical project.

The situation gets worse when you start to look at the many other messaging systems around. I'm thinking of services like Facebook that provide several ways for people to “talk” and the technical bits underneath are changing all the time. Another example is Ebay where a communication channel is provided between sellers and buyers.

To be sure, the snoops will probably have no difficulty proving that target A and target B both visited Ebay last week. But then, so did millions of other people. So the snoops would need to do some more technical work. Just for Ebay and then for all the other sites the Bad Guys might use. And there'd be endless maintenance as sites were “improved”.

There is one useful trade-off the monitors could use. They could not bother doing the detailed technical work on minority sites. Sure, the Bad Guys might use them but basic traffic analysis works better on them. If terrorist C uses obscure.com and so does terrorist D then it tends to suggest they may be communicating – although it's unlikely to be solid enough on its own for a jury 


No comments: