Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Internet firms to be banned from offering unbreakable encryption under new laws
The Telegraph UK ^ | 02 Nov 2015 | By Tom Whitehead, Security Editor

Posted on 11/03/2015 11:58:52 AM PST by Swordmaker

UK -- Companies such as Apple, Google and others will no longer be able to offer encryption so advanced that even they cannot decipher it when asked to under the Investigatory Powers Bill

Internet and social media companies will be banned from putting customer communications beyond their own reach under new laws to be unveiled on Wednesday.

Companies such as Apple, Google and others will no longer be able to offer encryption so advanced that even they cannot decipher it when asked to, the Daily Telegraph can disclose.

Measures in the Investigatory Powers Bill will place in law a requirement on tech firms and service providers to be able to provide unencrypted communications to the police or spy agencies if requested through a warrant.

The move follows concerns that a growing number of encryption services are now completely inaccessible apart from to the users themselves.

It came as David Cameron, the Prime Minister, pleaded with the public and MPs to back his raft of new surveillance measures.

He said terrorists, paedophiles and criminals must not be allowed a "safe space" online.


(Excerpt) Read more at telegraph.co.uk ...


TOPICS: Business/Economy; Constitution/Conservatism; Culture/Society; Government
KEYWORDS: applepinglist; billgates; gatesfoundation; microsoft; netneutrality; uk; windowspinglist
Navigation: use the links below to view more comments.
first previous 1-2021-4041-59 last
To: Still Thinking
Either I'm on crack, or they came up with some new permutation math, or that's supposed to be 223^144. ;)

Brain Fart.

41 posted on 11/03/2015 2:14:31 PM PST by Swordmaker ( This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 38 | View Replies]

To: I want the USA back
The government wants to know everything about everybody.

People forget that 'the Government' is nothing more than the guy down the street who works for the IRS or the post office...

'The Government' is your neighbors, people who have no business having any authority over you.

You would not let your neighbor snoop in your business, nor should you let 'The Government'.

42 posted on 11/03/2015 2:22:54 PM PST by IncPen (Not one single patriot in Washington, DC.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Swordmaker
The Investigatory Powers Police State Bill


43 posted on 11/03/2015 2:25:57 PM PST by familyop ("Dry land is not just our destination, it is our destiny!" --"Deacon," "Waterworld")
[ Post Reply | Private Reply | To 1 | View Replies]

To: Still Thinking
But knowing the UUID, for a person known to have a four-character passcode, couldn't they just brute force the 223^4 possible combinations of that with the UUID, hash, and find the one that matches? 223^4 is 2.47x10^6, so that's still a lot, but not past the death of the universe or anything.

Nope, the key will be 132 characters of which any of the characters can be any of 223 possible characters. . . The four digits can appear any where in the 132 characters. As I understand things, they do not know this UUID. . . or where the four passcode characters were entangled in this UUID or how. . . and the UUID and the entangled passcode are only the basis for creating the key, not the key itself.

There is an algorithm that actually creates the key. All of this occurs inside the A9 processor and is never allowed outside of the processor. HASHes of all of this are kept in the Secure Enclave portion of the Processor which is not accessible from outside the processor.

44 posted on 11/03/2015 2:26:25 PM PST by Swordmaker ( This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 40 | View Replies]

To: IncPen
"People forget that 'the Government' is nothing more than the guy down the street who works for the IRS or the post office...

'The Government' is your neighbors, people who have no business having any authority over you.

You would not let your neighbor snoop in your business, nor should you let 'The Government'.
"

That's the best description of what's going on.


45 posted on 11/03/2015 2:28:04 PM PST by familyop ("Dry land is not just our destination, it is our destiny!" --"Deacon," "Waterworld")
[ Post Reply | Private Reply | To 42 | View Replies]

To: DesertRhino
And indulge me one more question. How does this affect or not effect data stored in the cloud? If you are backing up to the cloud, if they cannot open your phone, cant they essentially get that data from the provider?
Or does the encryption reach that deep?

The same key is used to encrypt what leaves the iOS device and is sent to the iCloud. Apple gets pre-encrypted data. According to the white paper I read on the subject, Apple then takes the pre-encrypted data from the user, splits in four pieces entangles it with four other users according to an algorithm, encrypts it again with another 256 bit AES encryption to which they DO have the key, and then store it on their or leased servers. When the customer wants his data back, the process is reversed, his data is extracted and sent back. If the government requests data with an appropriate search warrant, Apple will provide them with the encrypted files, but will help no further, meeting the letter of the law. In other words, they get a pile of un-decypherable gobble-de-gook, useless without the users' key and ONLY decipherable on the user's device, where the original UUID is available. (Grin). They have to have BOTH pieces PLUS the algorithm that makes the key. Without all three, either piece and even both are useless. Essentially the white paper stated that any decryption had to be done on the device it was created on.

They also stated there's an increasing delay in each attempt at trying to do it. . . slowing down the process if they do attempt passcodes by brute force on the device. . .

46 posted on 11/03/2015 2:35:52 PM PST by Swordmaker ( This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 37 | View Replies]

To: Swordmaker
Oh OK, so I guess we're talking about encryption for stuff stored on the phone and stuff that can be transmitted already encrypted and not decryptable by anything other than that phone, IOW the key never needs to get transmitted anywhere and is built from a UUID no one else knows.

If that's the case, then it makes sense. If they can get the UUID, then I stand by my previous question. Obviously, having put the entanglement algorithm into the phone, they know what the rules are and can recreate the steps, given the UUID. But if they don't know and can't discover the UUID, then it should be secure.

47 posted on 11/03/2015 2:38:57 PM PST by Still Thinking (Freedom is NOT a loophole!)
[ Post Reply | Private Reply | To 44 | View Replies]

To: Swordmaker
Essentially the white paper stated that any decryption had to be done on the device it was created on.

That's what I inferred would have to be the case but didn't realize they'd actually implement that (given that you can't decrypt on another Apple device that you own, etc.).

48 posted on 11/03/2015 2:42:15 PM PST by Still Thinking (Freedom is NOT a loophole!)
[ Post Reply | Private Reply | To 46 | View Replies]

To: DiogenesLamp

There’s a good selection of Android side-load apps for various types of encryption on FDroid


49 posted on 11/03/2015 2:49:25 PM PST by FourPeas ("Maladjusted and wigging out is no way to go through life, son." -hg)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Swordmaker
He said terrorists, paedophiles and criminals must not be allowed a "safe space" online.

By that same logic, people should be able to be stopped and searched at any moment. Wouldn't want to give terrorists, paedophiles and criminals a "safe space" on the roads, sidewalks, their homes or anywhere else.

50 posted on 11/03/2015 2:51:27 PM PST by FourPeas ("Maladjusted and wigging out is no way to go through life, son." -hg)
[ Post Reply | Private Reply | To 1 | View Replies]

To: FourPeas
There’s a good selection of Android side-load apps for various types of encryption on FDroid

It has been discovered that Android keeps the keys in an unencrypted Text file in a Library outside of any locks and not even hidden. If one knows where to look, even the unlock key is there. They found even Samsung's Knox key in it. . . after they were given the US government's OK for full access secrets. OOPS.

51 posted on 11/03/2015 3:03:48 PM PST by Swordmaker ( This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 49 | View Replies]

To: Swordmaker; null and void

PING!


52 posted on 11/03/2015 3:10:25 PM PST by Tolerance Sucks Rocks (Democrats and GOP-e: a difference of degree, not philosophy)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker
Another article on the subject:

Apple can't decrypt your iPhone: Why it matters

53 posted on 11/03/2015 3:30:24 PM PST by Swordmaker ( This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

It is time to discuss personal issues only when sitting next to a nice waterfall.


54 posted on 11/03/2015 4:18:00 PM PST by GingisK
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

David Cameron has declared himself a fascist NWO pig and sealed his fate. He can either stay in Britain and be hanged as a traitor or try to flee the country and end up brutalized and shot dead on the hood of an SUV like Qaddhafi. The NWO is going down, and it will be very bloody for them and their families.


55 posted on 11/03/2015 4:44:48 PM PST by sergeantdave
[ Post Reply | Private Reply | To 1 | View Replies]

To: 109ACS; aimhigh; bajabaja; Bikkuri; Bobalu; Bookwoman; Bullish; Carpe Cerevisi; DarthDilbert; ...
This is an Apple suit, but I'm sure the results will apply to all smart devices. - ANDROID PING!

Android Ping!
If you want on or off the Android Ping List, Freepmail me.

56 posted on 11/03/2015 8:05:14 PM PST by ThunderSleeps (Stop obarma now! Stop the hussein - insane agenda!)
[ Post Reply | Private Reply | To 2 | View Replies]

To: dfwgator

Carrier pigeons?

That’s why wind farms have been erected.


57 posted on 11/03/2015 9:57:58 PM PST by Scrambler Bob (Using 4th keyboard due to wearing out the "/" and "s" on the previous 3)
[ Post Reply | Private Reply | To 14 | View Replies]

To: vette6387

Uh-huh.


58 posted on 11/06/2015 10:38:40 AM PST by the scotsman
[ Post Reply | Private Reply | To 18 | View Replies]

To: Swordmaker

http://www.technologyreview.com/news/543511/claimed-breakthrough-slays-classic-computing-problem-encryption-could-be-next/


59 posted on 11/13/2015 12:23:33 PM PST by Southack (The one thing preppers need from the 1st World? http://tinyurl.com/ktfwljc .)
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-59 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson