Sunday, 26 March 2017

Amber Rudd - You Don’t Know What You’re Doing

After last week’s attack in London, and all the talk of tech giants not doing enough to prevent the terrorism-inclined from getting clued up on how to go about their murderous business, we have the spectacle of other tech firms being upbraided for being too secretive, not least messaging specialist WhatsApp, which Khalid Masood is said to have been using before launching his hired Hyundai into the crowds on Westminster Bridge.
Amber Rudd holds The Internet in her hands (allegedly - thanks to Tim Ireland)

With this as the backdrop, home secretary Amber Rudd presented herself for questioning by the host on The Andy Marr Show (tm) this morning, and very quickly demonstrated that she is not only proficient in bullshitting, she is also woefully short of knowledge on the subject which just happened to be under discussion: the technology used in messaging apps, and especially the use of security - like end to end encryption.

Marr put it to her that terrorists being able to keep their messages secret was totally unacceptable. Ms Rudd was not obliged to go along with that suggestion - she could have made good arguments for privacy - but instead replied “There should be no place for terrorists to hide. We need to make sure that organisations like Whatsapp - and there are  plenty of others like that - don’t provide a secret place for terrorists to communicate with  each other … on this situation we need to make sure that our intelligence services have the ability to get into situations like encrypted Whatsapp”.

Ho yus. There is a teensy problem with this idea: allowing the spooks - who, let us not forget, have leaked and been caused to leak information at a non-trivial rate in recent years - to break the encryption of WhatsApp, or indeed any app, leads inevitably to the criminal element following along behind. Worse, those criminals may have their back door into those apps leaked in turn to terrorists - and there we are back at Square One.

It got worse for Ms Rudd when Marr mentioned the arguments between Apple and the intelligence agencies in the USA: her view was “We’re not saying open up, we don’t want to go into the cloud, we don’t want to do all sorts of things like that, but we do want them  to recognise they have a responsibility to engage with government, to engage with law enforcement agencies when there is a terrorist situation”.

So what did she mean? Marr specifically cited the argument around having a back door into security, and this only made the home secretary’s ignorance more visible: “I would ask Tim Cook to think again about other ways of finding out, of helping us work out, how we can get into situations like Whatsapp on the Apple phone”. Yeah, right.

WhatsApp is not an Apple product; it is an independent company. Cook is not going to be able to help anyone to crack another firm’s encryption. Anyhow, what about that end-to-end encryption? “I do agree what we have to have a situation where we can have our  security services get into the terrorist communications, that’s absolutely the case”.

Well, if she isn’t talking about a back door, what the hell is she talking about? Does Amber Rudd not know that organisations like GCHQ hoover up data in bulk; they don’t do one-off trawls on the fly, and certainly not when the person involved - as Khalid Masood was - is not even on their radar. The interview was not progressing well.

Would she favour using the model used in Germany, where sites allowing proscribed content are liable to be fined? “I’m not sure the German plan has been entirely successful”. Why not? What useful alternative can she muster? “I know it sounds a bit like we’re stepping away from legislation but we’re not …  I’d like to have an industry - wide board set up where they do it themselves. They could do this, I want to make sure they do”.

Without any stick, or perhaps even without any carrot? What was she actually driving at? “What I’m saying is the best people, who understand the technology, who understand  the  necessary hashtags to stop this stuff even being put up, not just taking it down, but stop putting it up in the first place, are going to be them”.

It was all about “the necessary hashtags”. It was at this point that anyone sitting on the fence over Ms Rudd’s ability to understand one end of Information Technology from the other should have heard the warning klaxon sounding long and loud. She doesn’t like encryption, but it keeps all those tens of millions of online transactions that take place every hour of the day safe and secure. Would she want to see that endangered?

Does she want to leave peoples’ privacy open to abuse by anyone with criminal intent? Because as soon as there is a back door into any secure technology, it ain’t going to remain secure for long. And how does she think she will get tech firms to be cooperative with Governments and their agencies without both carrots and sticks - as well as having a minister who knows what he or she is talking about?

Amber Rudd was a totally unconvincing interviewee. And if the Government cannot do any better, we need to know why. Someone send Amber Rudd a copy of I T for Dummies.

7 comments:

  1. She's a horrible woman, like most tory women in cabinet: May, Soubry, McVey, Patel, Rudd, Warsi, Thatcher, Greening, and any number of others.

    They all have the same thing in common. They seem incomplete, as though there's something vital missing, quite apart from a complete dearth of normal sensitivity. They're the female equivalent of bitter and twisted male loonies like Tebbitt, Joseph, Hammond, Fallon, Hunt, and any number of other corner-shop sociopath mentalities.

    Her performance today was par for their anti-social course. It doesn't matter what the portfolio is, they all look and sound the same. Not a trace of humanity in any of them.

    ReplyDelete

  2. Equivalence of the Day: No 8 in a series

    May, Soubry, McVey, Patel, Rudd, Warsi,Thatcher = each other = Tebbitt, Joseph, Hammond, Fallon, Hunt = bitter and twisted male loonies = other corner-shop sociopath mentalities.

    ReplyDelete
  3. Something very important to ask here; how do the PTB know that Masood sent a WhatsApp message?

    Unless they were monitoring him already; it must be because they either have access to his phone and managed to break into it or because the person he sent the message to told them. In which case they already have access to the message itself (and possibly a whole lot more), and Rudd is just using this as an excuse for normal Home Office business as usual.

    ReplyDelete
  4. I expect little else from tory MPs, Andrew Marr should be sacked though. The twat.

    ReplyDelete
  5. I seem to remember a similar tale of a problem with encrypted messages after the London riots, only that time it was Blackberry Messenger's fault. How's that doing now?

    Lots of talk, but rather than being honest and saying there is absolutely nothing you can do if someone decides they are going to take out a few people they try and offer a solution.

    ReplyDelete
  6. She has the power to mandate a back door into Whatsapp, why didn't Marr ask her about them?

    Why is no-one asking if Hyundai could have done more? "I am calling in SMMT to sort it out". Yeah Right!

    ReplyDelete
  7. One point that they are all missing in this is... and it's a doozie...

    Even if backdoors were mandated and implemented in every single commercial app. It wouldn't take anyone with a modicum of programming knowledge more than 5 mins to write their own app using completely bogs-tandard API's, or even write their own encryption routines as part of the program using easily accessible code on the internet.

    I know very little about android app development (ie next to nothing) and only know a rough "concept" of programming in java (but could probably hack together a non-oo/procedural style program, my language knowledge is IBM/i RPG)... but could at a push follow a "how to write apps" course or blog and then link it to the encryption API's and the telephony or text message API's and have a working, if somewhat crap, whatsapp program that could talk directly between two phones without even requiring an interloper "service provider" by just sending encrypted SMS messages, in a few weeks.

    The cat is so far out of the encryption basket its already on its 5th generation of kittens.

    Heck, as pgp is a thing you could always send encrypted attachments in emails via a throwaway account on various email providers, via your phone manually if you wanted to take the long way around... apps are just more convenient.

    And yet somehow these dumb people somehow get to make laws, and TV appearances, without any understanding of even the most basic of concepts of the internet/phones/life. *sheesh*

    ReplyDelete