I think this same logic that is purportedly the reasoning behind this bill would also require us to constantly record all of our vocal communications, as that would be the only way we could ensure that criminals could not have communications that aren't accessible to law enforcement.
This, of course, would require microphones on all citizens as well as many more in the surrounding environment, to ensure communications of unwilling citizens can be monitored as well. And, of course, we'd need video as well to get those pesky sign language users[0].
These sort of bills always make me wonder if we'll ever see a moral stance taken by tech companies. There's a few skirmishes that happen every now and then but there doesn't seem to be any general consensus on what companies will tolerate in both themselves and their business partners. I'd love to see a "Fair Trade"-esque branding used as an indication that the product and its supply chain don't include actors who support government surveillance.
I'm going to play Devil's Advocate here, because complaining about intrusions on our privacy and how ineffective they are, has become de rigeur on HN and Reddit without much dissent.
There clearly is a security problem in Europe at the moment, and I'm assuming that the attacks are not being organised by the security services.
So will this bill reduce, increase or have no effect on the attacks? If not, then what would reduce the attacks and why are the authorities not doing it already? If it will reduce the attacks, how much does it have to reduce them before we accept the intrusion on privacy as a necessary evil?
I appreciate you're playing devil's advocate, so I'm holding back.
"There's a security problem in Europe at the moment". What are you talking about? The number of people harmed in terrorism-related events in Europe in any given year is dwarfed by the number of people who harm themselves by accident or stupidity in those same countries. And dwarfed to an even greater extent by the number of people killed by police in the USA, or killed in mass shootings that don't get attributed to terrorism in the USA. It is the media attention given to the situation, not the situation itself, that is terrifying. Europe is extremely safe and does not have a security problem.
The entire western world has a problem with xenophobia. It can't control its own politicians who lead military assaults on middle eastern or north african nations for purportedly moralistic reasons. Assaults that are guaranteed to alienate entire generations of people and incite preditable retaliatory violence.
Nothing about the proposed privacy intrusions helps protect people from 'terrorism'. It feeds a cycle of ineffectual security theatre and provocation of western-produced radical activism that makes us all less safe. With one hand we create and promote terrorism, and with the other we strip ourselves of our freedoms and march toward technological totalitarianism.
The reason I push on this argument is that by making it, we as a community sound like we're waving away the concerns of the majority. "Oh a lorry killed loads of children? Don't worry about it love, loads more people commit suicide every year."
So those who do pander to those concerns end up winning the vote, and then they can trash our civil liberties. This is precisely how we British have ended up voting to leave the EU.
There has been a significant increase in the frequency and effectiveness of terrorist attacks in Europe. People are growing more worried about it. We need to make those people feel safe again, and we're not going to do that by saying "my privacy is more important than reducing terrorism".
The argument you make at the end is the strongest point: on the one hand we are nurturing terrorism by not dealing with the fallout of globalisation, and our governments have been sold an expensive algorithm that they believe can handle the problem, when in reality it will make us even less secure. Meanwhile, the media can sell more advertising with the increased attention, so they're quite happy to add fuel to the fire.
However, all these arguments end up being lost in whether it will work or not, and the Donald Trumps will always win that argument because they go to a lower denominator. If we want to win it, we need to show more genuine empathy.
> we're not going to do that by saying "my privacy is more important than reducing terrorism".
You are absolutely right. That is the wrong dichotomy to make.
The message should be "you cannot reduce terrorism by taking my privacy; you maybe can reduce terrorism by acting on the terrorists".
A lot of this has to do with the fact that people in general are very tired of a situation where criminals and illegal immigrants cannot be deported. For instance, in my country, an asylum seeker was convicted of violence and firearms offences but couldn't be deported nor detained; eventually he went on to a shooting rampage to murder his former girlfriend and kill four of her colleagues shooting around at a mall, using a pistol he obtained illegally from the Balkans.
Action by politicians? Make it more difficult to get a legal permit for a firearm.
So what is the solution? If we spend all our time arguing what the solution isn't, we leave a big vacuum which is then filled with even more garbage ideas.
The solution is to go on with your life. You cannot stop terrorism, but you can take out it's sting. We seem to have forgotten the lessons about the IRA, et al.
In addition, when people say "solutions" what they mean is "something that doesn't inconvenience me or require me to do anything".
However if you want "real" solutions, here are some:
1) Start denouncing ALL religion as the force for stupidity that it actually is. "I believe in an imaginary sky being with no evidence and you can't convince me otherwise" should be LAUGHED AT as the absurdity it is.
2) Get everybody off of petroleum so that there isn't any money for people to fight about over in the middle east.
3) Quit supporting dictators and bombing countries for geopolitical reasons.
4) Start fixing double digit unemployment rates instead of making them worse with "free trade" agreements that only allow companies to use open borders while preventing workers from doing the same.
5) Make mental health care a much bigger priority than it currently is.
Unfortunately, these solutions don't feed into people's preconceived biases and xenophobia and don't put more money into rich people's pockets. So they are all non-starters.
Hmm, I think your first two points are a bit harsh and don't cover the whole picture.
1) Religion is not really the problem. There are a over a billion muslims in the world, and a little more than that who are Christians. The percentage of each that are involved in violence, even major wars, is so small to be statistically insignificant (definitely less than 1% or even 0.1% (or even 0.00001% if you just consider terrorists)). When religion does come into play its typically in a more ethnocentric way - e.g. religion-as-race.
2) most of the current problems, including those coming out of iraq, were not due to 'petroleum', but rather internal rebellions and foreign interference that is probably more political/ideological than financial in nature. A certain mindset might attribute a lot of the problems in the middle east to politicians a decade earlier seeking to win elections by looking tough on dictators, but not having the willpower to deal with the aftermath of their intervention.
The other points are good, though blaming 'freetrade' as the cause for unemployment and/or other financial troubles is probably a bit simplistic.
Most religions promote "us vs them" attitudes that make people think that anything can be done to the "them". The religions in the US also give birth to our "domestic terrorists" but they don't get called that because 1) they are white and 2) "Well, they just kill baby killers, fags, etc. so they kinda deserve it."
I don't see calls to deport Baptists, thank you very much.
Religion needs to finally get terminated. Period.
> but rather internal rebellions and foreign interference that is probably more political/ideological than financial in nature.
Nobody would care about most of those dictators if there wasn't enough money involved to make them important. See: Africa. Nobody really cares one iota about genocide or terrorism in Africa as it has no importance.
> though blaming 'freetrade' as the cause for unemployment and/or other financial troubles is probably a bit simplistic.
The issue isn't "freetrade" per se. It's the fact that the corporations get to be transnational while the workers don't get to cross national borders anywhere near as easily. So, the corporations get the benefits while the workers get shafted.
I think you will find most states promote an 'us vs. them' attitude, especially in times of hardship. And conversely that both states and religions promote harmony and communion during times of plenty.
I'd argue for example that Christianity is only peaceful these days because the states that are predominantly Christian are also the most prosperous. And, if you want an example of what atheists do during times of hardship, look to soviet Russia or even Nazi Germany.
As for why middle eastern dictators matter more than African dictators to the west (basically the US), it's possibly because, on the international stage, your partially right: the middle east was initially interfered with because of its oil, but also because of its proximity to Russia. And today's conflicts are not about those reasons but the legacy of those reasons, I would say.
I wasn't arguing that it was their atheism that they committed atrocities in the name of - rather that you don't need religion to commit atrocities. That article and, I think, your position are pursuing the same fallacy but in the opposite direction.
Hitler had his ideology, Stalin his manifestos etc - they all had their own, unique 'holy book' or similar that justified their crimes and it would be a mistake as you've said to somehow link them all as being from a common position.
And yet Hitchens and possibly you do the same thing in the opposite direction: despite the average ISIS member having as much in common as your, say, average US muslim as a nazi might have to a 1917-era russian communist (next to nothing) - you are arguing that their religion, not their idealogy is at fault.
You might argue that the various holy books of faiths cause a problem: for as much as the bible and the (far better written) quran espouse love and joy etc etc they both also include a fair amount of violence. But these books have been rewritten, multiple times, and are constantly being reinterpreted. Blaming the text for the actions of the reader seems harsh.
I guess ultimately the problem I have is that people who say religion is the problem and it should be banned seem to me to be worryingly similar to those that said computer games should be banned in the 90s. A very small amount of people committed atrocities, and all of a sudden it was the games 'promoting violence and hatred' that needed to be stopped, rather than people confronting the more nebulous and difficult issue of culture surrounding the criminals that made them more susceptible to hate and sociopathy.
> There's nothing about being an atheist that promotes hatred. There isn't a holy text for Atheism that tells people to believe or do things.
On the other hand, there is nothing in atheism that can possibly say that anything is wrong. If the material universe is all that exists, humans are fundamentally no different from mosquitos or rocks. Killing a handicapped person because they inconvenience you cannot be seen as essentially worse than burning a leaf. In short, atheism provides no reason to do or not do anything other than "because I want to".
By contrast, if someone claiming to be a Christian wants to commit murder, they can only do so in opposition to the explicit commands and teachings of Jesus and of the moral laws they claim to believe.
By no means does this imply that "Christians" will always behave better than atheists. But at least there is ground for defining what it means to behave "better" and to argue for such behavior.
Nazi Germany was Christian, very much so (There were also fringe pagan elements, yes). Atheists were persecuted under Hitler. Soviet Russia didn't kill anyone in the name of atheism. Atheism isn't an ideology, only the lack of a certain kind of ideology. There isn't much that unites atheists. It doesn't mean atheists don't subscribe to any ideologies, of course. In the case of Soviet Russia, the ideology responsible for the atrocities commited would be communism. Of course, these ideologies are not the sole reason people turn into savages. But Nazi Germany and Christianity for example were compatible because they shared a lot of hatred against jews. Christianity made a lot more people susceptible to Nazi propaganda (together with economic problems) than would have been possible.
That is right, but I suspect, that if it weren't for religion, people would find another narrative, to create a "us vs them" attitude. Nationalism is an example that comes without religion, racism is another, and I suspect a plentitude of isms, that can be used for that.
I think, religion is mereley a vector for marginalization, not the problem in itself.
May be there should be a constitutional requirement to put those politicians that call for war right in the front lines along with those who actually fights it. Then may be they would have an appreciation for veterans and their care, cut back on unnecessary wars as they would think hard before putting themselves in harms way rather than war mongering sitting in the luxurious comfort.
Taking responsibility can put an end to a lot of bad things happening in todays society. Doing whatever without having to face its consequences is the root cause of such behavior that causes harm to people.
There's a lot of room for innovation here, and there hasn't been much precedent for this historically.
You could have constitutional measures controlling the way that wars were funded. A simple example: simple outlaw any kind of deficit spending by the national government. Another: a mechanism by which the release of funds could be tied up under legislation supervised by a third party such as the judiciary. [You could have a war chest, but encode it in a law such that the money could only be released if a senior court ruled that the release satisfied self-defense criteria.]
One of the reasons that the original United States constitution (Articles of Confederation) was replaced by the current one was related to military funding. In the old system, it was difficult to raise an army for shared purpose (e.g. fighting the revolutionary war) and there was potential for states to go to war with one another. The issues raised by that period will be familiar to anyone following European integration projects. Some hard-line libertarians in the US remember the Articles of Confederation fondly, because of the limits it imposed on government power.
Not at all ridiculous. You need to work harder if you're actually trying to troll people--I'll assume you are not, however.
1) Most modern societies are becoming increasingly secular.
2) Global warming demands that we get off of petroleum as much as possible anyway.
3) Not poking our nose into geopolitical nightmares is quite doable, thanks. Bush Sr. sure showed how it was done.
4) You can fix massive unemployment or you can get violence out of young men. This is pretty simple cause/effect. If young men have no prospects, they never settle down and you wind up with a large disgruntled population segment with nothing to lose.
5) Mental health care needs to be better. Period. This includes the young and the old.
One of you is answering the question "What should the country collectively [i.e. the government and people, negotiating and communicating with each other through elections and media] do about the destruction caused by terrorism?".
One of you is answering the question "What should the government do about popular fears of terrorism, which might cause the government to lose elections?".
You're in violent agreement that the easy answer to question 1 doesn't solve question 2, and the easy answer to question 2 doesn't solve question 1. Why not moot some other answers to those questions, instead of sitting on your high respective horses?
The solution is accepting that the potential for crime, even mass murder, is a necessity for a free society, and that it's better for some terrorists to succeed than for everyone to live under a government that sees all, knows all, hears all and cannot possibly be risen up against. The greater threat to life and liberty always comes from a government's response to terrorism, not from any act of terrorism itself.
Treat terrorism as just another crime, nothing special, nothing existentially critical. Nothing to fight a war against the entire world over. Governments already have the tools they need to fight terrorists without limiting encryption, they simply choose not to use the tools they have, because they would rather use terrorism as a pretext for grabbing power.
On your first paragraph, that sounds like the absurdist end of the libertarian spectrum and I'd expect more moderately minded people would take some issue with that line of thinking ...
With regards to "Treat terrorism as just another crime, nothing special," I feel that the problem with terrorism, as it is called is the fact that it is coordinated and targeted. It is more like "organised crime" but it has the specific goal literally of creating terror, whereas the interests of organised crime are purely commercial and if you don't get in their way they won't get in yours.
The issue is with people going around creating terror in a coordinated way, which undermines the authority of the state, and many people's feeling of safety.
Of course that still leaves the question of how do you respond to it, but simply "accepting that the potential for crime, even mass murder, is a necessity for a free society" is similar to me to accepting that a waterfall software development model is a natural emergent phenomenon, inevitable and should thus be embraced. It's a mode of thought that never has a happy ending.
Just to yank myself back on topic again, terrorism is thought to be similar to a child who wants his way and keeps escalating negative attention seeking tactics to the point where you either acquiesce (thus reinforcing the negative behaviour), or you smack the child (at best only a temporary solution, that could lead to further escalations if not sooner, then later in life - could even put you in front of a judge).
"Smacking the child" is what the west has been trying so far.
My personal opinion is that there is no universal generalised "third option", though intricate behavioural theories abound. I would take the opinion that every child is an individual and must be dealt with, and respected as such. It may be as simple as giving them something else to occupy themselves.
>that sounds like the absurdist end of the libertarian spectrum and I'd expect more moderately minded people would take some issue with that line of thinking ...
Should people have the right to communicate with one another without government interference? Does encryption undermine the state in a similar way as terrorism, or is it merely an extension of the existing right of people to be (to quote the US Constitution) "secure in their persons, houses, papers, and effects from unreasonable search and seizure" ?
I concede that reasonable people can disagree with where the line should be drawn (given different states and different philosophies about the proper nature of government) but I don't think it's that absurd to insist there should be limits on what any government can know about its citizens.
Unfortunately, there have been too many demonstrated cases of governments abusing the legal limits given to them, so I have no reason to expect that greater surveillance powers would be used responsibly. When it comes to weakening encryption, they're not "smacking the child," they're smacking every child and hoping they'll hit the right one sooner or later.
This may be a controversial opinion, but I do believe that a certain amount of surveillance is effective. It worked in London. It worked in New York.
But that is "using" technology. Not "crippling" it. I am sympathetic to the needs of the state, and I believe there should be some attempt to meet these needs, but with oversight, and with proper procedures and protections.
It's one thing to say James Bond doesn't have time to call back to 'M' to get permission to plant a bug but James isn't a massively industrialised automated spying operation. I'd give him sole dispensation on national security grounds but that doesn't scale up to the level that GCHQ and NSA were doing. The more actors involved the greater the possibilities for systematic abuse and that has to be acknowledged, and those questions answered.
I don't think it's controversial - one of the reasons people oppose domestic surveillance is because it's effective, if it weren't effective, its abuse wouldn't really be a problem.
But law enforcement already has ways of doing its job without getting new surveillance powers. They can find people on Tor, they can pay for exploits to get into cellphones, and there always seems to be obvious (in hindsight) dots that could or should have been connected, leading to a terrorist plot, which rarely seem to involve encrypted communications.
I want terrorists stopped, but i'm not convinced that governments can't stop terrorists even with the existence of encryption.
Just on my final point, for anybody who wants to look at how terrorism has been "resolved" in the past, I highly recommend researching "The Good Friday Agreement" which was hugely successful in Northern Ireland. It involved a large amount of compromise on both sides, and the consumption of a whole heap of humble pie.
Why do you think that there is a solution? IMHO it's a mistake to think that there are solutions to everything. Sometimes, not doing anything is the best we can do.
I know it sounds cliché to say that, but I'd rather see my gvt taking actions on things that could easily be improved. For instance, many teenagers smoke in front of every high school in my country. I see that as a much bigger threat than terrorism, and one that is much easier to address.
If we look historically, people do feel safer if people dressed like military are walking around with fake/unloaded guns. It worked very effectively after 9/11 to make people feel safe in airports, and the lack of any "real" weapons helped in eliminating the risk of having people with guns around large group of people. However that only worked as long you can keep up the illusion and keep people in the dark.
It might simply not be possible to create security that is effective, cheap, and make people feel safe.
It's not one person's privacy though, it's everybody's privacy.
And yes, that is more important than a vague attempt at reducing terrorism because your privacy is your liberty and without it democracy and free society crumbles.
Which ironically, is pretty much what islamic extremists want.
> There has been a significant increase in the frequency and effectiveness of terrorist attacks in Europe. People are growing more worried about it.
This is important to understand.
Also it is important to understand that right now Europeans are losing security for no good reason:
We could help a lot more refugees in surrounding countries than we can integrate here. It is really that simple IMO.
Seens we are allowing this stream of immigrants not because we are good-harted but because we are stupid.
This means we could be more secure and help more refugees if we stopped playing for cheap political correctness points and started to think about how we could help as many as possible.
We are getting a flow of immigrants because the civil war in Syria did not stop, and instead rage on and on destroying the infrastructure and economy there that is needed to sustain the civilian population there.
We are squeamish because we do not want to send young men and women to die in some godforsaken country, doing god know what for god knows how long.
Remember the last time that happened? Oh yes, the Iraqi occupation that seem to go on forever and forever, draining the blood and treasure of the United States.
The only reason the refugees exist in the first place is some one wants to get rid of Assad for their own self serving objectives, just like Saddam and Gaddafi.
All this while propping up despots in Saudi Arabia who run the most backward extremist regime in the world by far and make the former 3 look teadybearish in comparison.
These upstanding 'allies' are principally responsible for the global spread of wahhabism, extremism and terrorism in both financing and ideology over the last 30 years.
By a strange coincidence SA is also the west's best friend in the region. Ergo since the foreign policy division of the US and EU cannot be in any way or form characterised as naive they are in effect promoting terrorism on one hand and expending billions building the infrastructure for totalitarian surveillance security states on the other.
Millions of lives are being destroyed because of greed. The more things change the more they remain the same.
It's a misconception to think that the current wave of migration is just because of Syria. Or because of war in Iraq.
The people who come on boats to Europe are mostly not Syrians. They are from the vast lands stretching from Senegal to Morocco to Congo to Egypt to Syria to Iraq to Pakistan to India to Bangladesh, and they are not travelling to Europe because one particular place is very bad; they are travelling right now because they realize that it's about the last time to get a foothold Europe before the gates close, i.e. the current asylum process changes.
(I've met dozens and dozens of underage asylum seeker boys when arranging football trainings for them; they started to hang around in the neighbourhood and I realized it's better if they have something to do, so set up some games every week. Only a couple of them were from Syria. Many more were from Afghanistan and Iraq, but the list of source countries is very long. Mostly these boys are from middle-class families in countries that have some war but mostly just a very corrupt government, and the families have selected those who are able-bodied and have better language skills to seek for a future for themselves and possibly for the whole family, through the well-advertised family reunification programs.
The poor don't get to travel; the cost paid to people smugglers is somewhere in $5000-10000 range but the cost has been decreasing as the people-smuggling business commoditizes.)
Syria was the largest of source countries in 2015, with a particularly large number arriving in Germany as well as Sweden, but the migration is not at all restricted to Syrian refugees. E.g. in my country (Finland) Syrians were only 3 % of the applications.
For instance, in Britain, the largest numbers of asylum seekers came from Eritrea, Iran, Pakistan, Sudan and Syria as fifth. In Ireland, the largest groups were from Pakistan, Bangladesh, Albania, Nigeria and India. In Italy, the largest source countries were Nigeria, Pakistan, Senegal and Bangladesh. In France: Sudan, Syria, Kosovo, Dem. Rep. of Congo, Bangladesh.
To the extent the recent actions (or inaction) of the West can be blamed, you can blame it on getting rid of Saddam, or you can blame it on leaving Iraq too early, or you can blame it on policy in Syria. You can't blame it on sticking around in Iraq. Iraq was getting objectively better after the surge -- a (flawed) democracy was emerging, the economy was taking off, violent deaths were way down from their peak.
You can argue that Maliki forced the US out and let the country go to hell (in which case "deposing Saddam" is the Western sin), or argue that the US could have stayed if it wanted (in which case if you're a Democrat you can blame it on "deposing Saddam, because we couldn't stick around forever," and if you're a Republican you can blame it on Obama wanting to get out before the job was done to score political points.)
Other than that, though, you're left with earlier Western actions (Bush I, Sykes Picot...) or Assad or Maliki or every crazy Wahhabi cleric in the region of you want to give Arabs some credit and capacity for self-determination too.
In what way are EU states 'allowing this stream of immigrants'? The refugees are entering through illegal crossings. By definition, their entry is not allowed, but happens regardless.
A simple way to change this would be to discourage the pattern where people smugglers send a rubber boat to the Mediterranean and instruct the people in it to puncture it on sight of an EU rescue vessel because then they have to be transported to Europe. Change this so that the people are rescued and returned to the port of departure. You don't have to kill anyone, or hurt anyone, just disincentivize the people smugglers who are currently making a lot of money (and likely are contributors to political decision-makers who's come up with the current rules of engagement).
Just kill everybody who tries to enter or let even more of them die trying?
We are rich. And we are partly responsible for the situation. Not helping refugees is just inhumane and wrong.
Fixing this problem at the source would be better. So that people do not have to leave their home countries.
But how?
We are not really helping refugees with the current rules of engagement. Only a minuscule percentage of actual refugees ever make to Europe, but our capability and will to help the actual refugees is severely undermined by the great migration.
At the moment, we are creating incentives for more migrants to travel, and more of the source countries and communities to send their most active members to get a foothold in the perceived lands of opportunity - when in reality, there are no jobs for them here. We are not helping refugees, we are making a great disservice to the communities where the migrants come from.
The recent attacks in Germany are a particularly relevant example.
Aside from the fact that zero people have thus far been killed by Islamist terrorists in Germany (since...I'm not sure when), every single incident was perpetrated by one person acting entirely on his own. And the thing in Reutlingen which keeps getting lumped in was a "normal" murder.
No amount of domestic "anti-terrorism" law enforcement would have the slightest impact on any of this, not until you crank it to the level of a genuine police state with zero freedom.
> No amount of domestic "anti-terrorism" law enforcement would have the slightest impact on any of this, not until you crank it to the level of a genuine police state with zero freedom.
Also remember that Allied resistance in occupied Europe during WW2 was able to bomb military targets, produce submachine guns from scratch and distribute propaganda, while under heavy physical surveillance by the Nazis. Thus we know that practically any police state will not be able to stop determined fighters.
While you make a good point the secret police forces of the 20th century would have killed for some of the surveillance tools they'd have access to of they tried it over today.
No need to steam open letters and read them physically, phone taps which can automatically surveil entire cities making connections between people, cameras able to follow people's vehicles without carefully coordinated follow teams. Who knows how the resistance would have faired under those conditions.
Surveillance technologies have went a long way since WWII. Now, when everybody caries a bugged device in their pocket and cameras are ubique, it's no brainer. Of course, I do not advocate losing our freedom in the name of security, but mass surveillance is only a political matter, we already have technology means to achieve it.
How about media abuse of the word "terrorism". I can imagine any decent professor at any decent university of politics to choke a little when he hears about "another terror attack".
While the definition is not agreed upon globally, in order for it to be a terrorism, the attacker needs to be sending or demanding a political message to be heard or implemented by a country he or she used violence against.
But they are pushing envelope for a well known reasons. The government has different set of rules and tools to fight "terrorism" than for example, a domestic abuse case. If things will continue the way they do, pretty soon your drunk neighbor that hit his wife will be called a "terrorist".
> It is the media attention given to the situation, not the situation itself, that is terrifying.
In a very real sense, the media is causing the demoralization / fear in the US / West. Given we will spend trillions(?) of dollars fighting the terrorism that we ostensibly believe is causing that demoralization (due to its real harm on the country), why aren't we spending any trillions against the media? Not to censor the media directly, but, say, giving news outlets millions of dollars for every happy or accurate story they write, if we're going to spend that money anyway.
The first line of your response very concisely illustrates my growing unease with discussions related to privacy on hacker news.
The fact that you're having to "hold back" is sadly indicative of why debates on sensitive topics like this are turning into echo chambers. I suspect that many who hold the minority view keep quiet to avoid being yelled at.
I don't intend to take sides here. I've only ever come here to read and understand other's opinions on topics that seem too complex to tackle on my own. I have a lot of respect for this community, but sadly its becoming harder and harder to keep reading.
For example, you make some good points here but it takes tremendous effort to consider them on merit because the language in which they're expressed sounds condescending and attacking (even though you say you're holding back).
I do hope that you, and anyone else reading this, will not take this personally and instead reflect upon the virtues of more open and tolerant dialogue. And very sorry for singling you out; it's not just you.
Reasonable argumentation is a precious social resource that we should cultivate, promote, and protect. I think you express a view common to many here, and I hope this forum is able to continue fostering a culture of reasonable disagreement over combative, substanceless posturing. I happen to agree with the commenter you responded to on many points, but also found the presentation combative rather than constructive. I second your appeal to use more precise language, although I sympathize with the anger implicit in the poster's comment.
Some excellent points, and I'm happy to be challenged on my behaviour.
I didn't mean I was holding back from something sinister, but from making detailed and thorough arguments. Because I was only highlighting some issues with the Devil's advocate position, I used short points with rhetorical flourishes.
I agree none of this was conducive to a well-reasoned and objective debate. Often I don't consider I'm writing for an audience that comes here to learn - perhaps in future I should.
>I appreciate you're playing devil's advocate, so I'm holding back.
And if his views were genuine, would you then be rude? I find this implication troubling and corrosive to open discussion.
>It is the media attention given to the situation, not the situation itself, that is terrifying. Europe is extremely safe and does not have a security problem.
I couldn't disagree more. If such incidents were rare two decades ago and increasingly common today, then clearly something is going wrong. In fact, you try to make that same argument later in your post, saying that we creating the terrorism through our actions and making ourselves less safe. Which one is it?
There's a difference between self-inflicted harm and violence inflicted on strangers. Terrorist attacks in France over the last year are almost 50% on top of the normal murder rate. And while most murder victims are killed by people they were in personal conflict with, the victims of terrorism are random. There is good reason to fear them more.
Regarding potential terrorism death in Europe, two to four decades ago was a very dangerous time here.
Be it Ireland, Spain or Germany - the 70s, 80s and 90s had a way higher death toll from terror in any given year.
We had the RAF in Germany, ETA in Spain, IRA in Ireland/Britain and so on. Not to talk about Securitate in Romania and so on.
So statistically speaking we non the less have to fear less then our parents had to fear.
I am not saying, that we should just ignore it. No - on the contrary - but first we shouldn't give in to the media crazed panic and throw our freedoms in front of this Angst-Train.
We should identify the problems, look for valid solutions and then fight the causes, not the symptoms. In my eyes having our nations (living in Germany) export war and terror into the world, then take in the refugees without helping them cope with what they went through is a recipe for disaster.
We should take in refugees, as this is just basic humanity calling, but we also have the obligation to help these people with more then "just" shelter.
We also have the obligation to elect leaders wo are not trying every day to set the world on fire. Maybe in the long run this would help a "little bit" as well.
> If such incidents were rare two decades ago and increasingly common today, then clearly something is going wrong
That is just plainly wrong. In the 70ies, 80ies and early 90ies we had more terrorists and more terrorist attacks, that killed people. There was the (P)IRA in Northern Ireland, the ETA in Spain, the FLNC in France and the RAF in Germany, and these were only the most notorious groups. All of them laid down their arms and integrated into civil political groups in the past 40 years.
Two decades ago was a very quiet time for Europe in terms of terrorist attacks. The groups you cite, which are anyhow a totally different problem than Islamist terror, had mostly died down. The number of Islamist terrorist groups in the world has been increasing since the 80s and attacks on the West have been rising again since around the turn of the century. The recent spike is severe. What's most alarming about the current wave is that they are lone wolf attacks that defy our traditional capabilities to uncover plots before they are executed. ISIS has decentralized terrorism.
> So will this bill reduce, increase or have no effect on the attacks?
Many of the recent attacks, particularly those in the past week in Germany and in Nice, France, don't appear to have involved extensive planning. If that's the case, then it would follow that there wasn't much communication to monitor. Therefore this bill would have no effect on the attacks or attackers.
However, the increased access to information by the spying services may result in many more false positives and either an increase in resources needed to sustain the service, or a drop in effectiveness, perhaps leading to an increase in the number of successful attacks. [1]
> If not, then what would reduce the attacks and why are the authorities not doing it already?
The Aarhus model [2] appears to be effective, but perhaps is difficult to "sell" politically? Maybe bulk data collection and machine learning are being presented as a "silver bullet", and quicker than training up many police officers and giving the time for them to regain the trust of the communities they serve.
I will definitely read about the "Aarhus Model" - it truly is what I believe we should be doing a lot more of. However, I'd be interested in seeing what critics say about it, and some authoritative data.
You're probably right about the other stuff as well. Personally, I'm as worried about the links between the recent attacks, mental illness and poverty as I am about radical Islam. The governments are probably being oversold on what's possible with the technology, as well as how secure it will all be.
However, I do think there needs to be some kind of quicker fix. These attacks are playing into the hands of the extreme right (and left), so something needs to be done quickly if only to prevent us electing Donald Trump and his ilk.
Likely no impact, because no facility on earth has the capacity to filter and find information on this scale, especially when simple techniques are employed to hide the meaning of communication.
The methods needed to reduce attacks (geopolitical unrest resolved) is probably not within the capacity of the police forces we have, and even pretty good safety is so expensive no one is willing to pay for it (even if we did all agree to register every action we took with the government.)
There is no government action which can promise results when it comes to motivated attacks, so when you hear "oh if we allow this police action then terrorist attacks will stop." you are hearing purposeful naivete at the best, and power grabs at the worst.
Agreed. It takes 10 minutes to find a hardware store shopping list and bomb recipe. Even then, a lot of ingredients can be purchased over time without raising any flags. Buy bleach at one store and ammonia at another, say you're cleaning if anybody asks, then find a public place to mix the two.
Once someone decides to kill a lot of people, it's already too late. There is no, repeat, no way to prevent every mass murder. A determined killer will always find a way.
Nobody wants to soberly admit that the only way to prevent terrorist attacks are to keep people from wanting to do so in the first place, which is a long and imperfect process with absolutely no guarantee of success.
A lot of America's mass shooters are simply deranged and hungry for national infamy.
Why would anybody asks? But, your point stands: I've been absolutely amazed that nobody had blown up our (Parisian) metro at 8:30 in the morning already. If you want a maximum casualty count, just bring a bunch of stuff and shake it in a pressure cooker. Just synchronize payload over multiple lines, and boom, you got something around thousand of casualties, plus a massive panic mouvement, and a genuine fear of public transportation for a while.
Exactly about the fear of public transportation. Terrorism is meant to terrify people. Israelites have been dealing with terrorism for decades and it's usually met with a sober reaction reminiscent of the Japanese getting the trains back to running the day after Hiroshima. Terror attacks do happen, but there is hardly the kind of freak out one might find in, say, America.
It sounds like you're saying that because it can't be 100% effective, we shouldn't do it at all. You could say the same about having a lock for your front door, but I bet you've got one.
No, I think you're taking it too far. We only need to conclude that the minimal benefits from the proposal (i.e., few attackes would actually be averted) are vastly outweighed by the extreme cost to our civil liberties.
There do exist more reasonable compromises. For example, we as a society have already said that you can search someone's property if you get a court order. That's a smaller cost, because the authorities are forced to go through a supervised process before anyone's privacy is in jeopardy, and it's still sufficient to find the evidence in a huge proportion of cases.
But the proposal on the table is extreme. It affects everyone's privacy, before there's even a notion that a crime has been considered.
Other people - probably the majority of the UK population based on opinion polls and elections - weigh the balance differently. We (HN readers) are probably in the extreme minority, and we are not necessarily right.
The lock on my door is basically a legal seal: the door itself is often so flimsy, you could probably kick it in, but because there is a lock, you can't then claim you entered by accident or that you assumed it was ok to enter. This is why effectiveness is relatively secondary.
This sort of surveillance, on the other hand, is supposed to be all about effectiveness... But it ain't.
You don't even need to mix anything. Gasoline can be purchased freely in any country and is deadly when poured under doors, especially those doors are blocked.
Back in the 90s, I was doing telecommunications standards and one operator proposed storing all the performance information right on the optical switches. Given that a large amount of performance metrics were being generated every second, the vendors all had looks of horror on their face. Seeing that nobody else from a vendor was going to speak up, I calmly explained just what he was asking for. We could theoretically do it, but the cost would be massive. He promptly dropped the proposal.
So if it was technically possible to filter and find the information, and voters elected governments who said they were prepared to pay for it, would that make it a better idea?
No, but at least it would make it an honest proposal instead of a scam.
There is a difference between something like chemotherapy, which has drastic negative side effects but can save the body, and fake cancer drugs, which might have little to no side effects(or massive ones!) but you die either way, enriching the scam artist on your way out.
It sounds like you are trying to use the foot-in-the-door technique. But you are looking at just one concern being very hypothetically alleviated, when there are many many other reasons that have been repeatedly discussed for years. So in practice, the answer to your question is no, and there is no reasonably considered theory where the answer would be yes.
I agree with you wholeheartedly. The risk of saying "we shouldn't do this because it won't work" is that it only has to work a little bit for the argument against it to fail. And it will certainly work a little bit at reducing one type of terrorism, just not enough to outweigh all the other negative effects.
That said, I would also like to see more discussion of alternatives instead of just saying "it'll never work".
The alternatives I want to see discussed all involve cultural changes. Sometimes when I try to discuss these with people they get fixated on shifting 100% of blame onto the attackers and 0% onto culture/society/foreign policy/poverty/whatever, but assigning blame is a completely pointless activity and the question needs to be what will actually work, not what will feel good to our primitive instincts for vengeance.
Some hypothetical approaches for discussion:
- Convincing violent groups to be less violent; demonstrating that they can get more of what they want by participating in society than by attacking it (a multi-generational issue)
- Finding a place for the "lone wolf" types to feel like their needs and concerns are addressed, including mental health
- Getting first-world powers to stop purposely destabilizing other countries
- Accepting what remains of the problem as if it's a natural disaster (e.g. just as people accept or ignore the 1000x worse problem of traffic deaths)
- Convincing violent groups to be less violent; demonstrating that they can get more of what they want by participating in society than by attacking it (a multi-generational issue)
I do think that this is going to be the correct path for us as a society, long term. There are a lot of obstacles though; convincing people their theological beliefs have been manipulated, fixing the havoc created around the world from globalization, and the profits gained by some (powerful) people.
- Finding a place for the "lone wolf" types to feel like their needs and concerns are addressed, including mental health
Mental health availability in the US needs to improve immediately.
- Getting first-world powers to stop purposely destabilizing other countries
Likely no impact, because no facility on earth has the capacity to filter and find information on this scale, especially when simple techniques are employed to hide the meaning of communication
This is a very naive argument.
Of course it is possible. I can search all my Facebook messages now. We know the NSA can search a large proportion of the world's internet traffic.
You're not going to get much else than comments explaining how ineffective these measures are when you are asking how ineffective they are.
That being said, let me explain how ineffective they are:
Your law-abiding citizen will give up their encryption, but this doesn't raise the bar much for a criminal to get it. It's still just a matter of minutes until you have an encryption-implementation which is not compromised. You might get the occasional idiot-criminal who doesn't think of getting proper encryption which you therefore might be able to stop, but that's about it.
And on the other side, you expose your entire population to criminals who might steal their not-properly-encrypted information, as well as putting the country at risk of devolving into Totalitarianism. And even if none of that happens, you still have the Panopticon-effect which can have severe negative effects on mental health.
Where did you get that number? And "20% reduction" is meaningless without saying 20% of what. Like, 20% reduction of a 1/1000000 chance is not the same as a 20% reduction of a 1/3 chance.
There are two common fallacies I see here. The first happens a lot with interpreting carcinogenicity or toxicity studies, where an X% increase/decrease is quoted without an absolute value. The second happens in the stereotypical startup pitch of "if only we could get just 20% of that market" -- it's a made-up number with no basis for why that is the right number.
It is a completely made up number. If your argument against increased surveillance is based on its ineffectiveness, then there has to be a level of effectiveness where you would agree that that it's acceptable.
> If your argument against increased surveillance is based on its ineffectiveness, then there has to be a level of effectiveness where you would agree that that it's acceptable.
Not necessarily. Someone could be try to persuade by offering an argument that he thinks will be appeal to some, but does not represent his full thinking on the subject (e.g. he could also have moral reasons for opposing increased surveillance).
Europe doesn't clearly have a security problem. A few insane people committing political violence doesn't change the fact that Europe is among the safest places on the planet.
Devil's advocate for the Internet. I'd say that our being so connected helps spread and magnify these fears, and the fact that most of us carry smartphones et cetra helps keep us consistently in that state of mind.
At a data level, you are more likely to die or be injured in a politically-motivated attack today than you were 10 years ago. Attacks are now more frequent, more geographically dispersed, and more deadly - even if only on a very small percentage level.
Even if it's not a problem today (in your opinion), then either that trend has to be reversed or it will become a problem at some point.
Anyone can make a trend by selecting their date range. In the 70's in Ireland:
In 1972, there were over 12,000 shooting and bombing attacks in Northern Ireland; by 1977, this was down to 2,800.[41] In 1976, there were 297 deaths in Northern Ireland; in the next three years the figures were 112, 81, and 113.
> Even if it's not a problem today (in your opinion), then either that trend has to be reversed or it will become a problem at some point.
Just because some number has increased, that doesn't say anything about whether it will increase further, and if so, at which rate. So: How do you know there is a trend in the first place?
Nor do we know if it has reached the level of "problem" or not. Murders could be up 100% but if it's from "negligible" to "negiligible x2" then it is not "clearly a problem".
You clearly didn't live in the '70s or early '80s Europe. I was born in '79 but the signs of political violence from those decades were all around me while growing up in Italy. That menace was somehow controllable through intelligence and surveillance, because it was mostly coherent; this wave is completely different. Intelligence will never catch bullied 18-year-olds and disenfranchised taxi-driver lunatics before they do something stupid. What you need is a stronger society where people are willing to talk to "differents" as much as to their own little tribes.
Ah yes, and you are more likely to injure yourself playing a video game or hitting a parked police car [0] in the past week than you were 10 years ago. Self-harm from inattention is more frequent and more dispersed these days. We should probably only let people play games like Pokemon Go if they're not moving or driving or walking in a street.
But seriously, no one is saying they don't want to "reverse" things. There are just many ways to do that that actually solve the issue (old fashioned going out and getting the bad guys?) that don't diminish our rights.
For most of the last 20 years, fatalities in terrorist attacks in (Western) Europe were in single figures. There were three exceptions - the Madrid trains in 2004, London bombings in 2005, and the Oslo shootings in 2011.
While I tend to shrug off any attack with the idea that I still live in one of the safest corners of the planet (Small-town Norway), I do appreciate that people are, reasonably, more scared of Terrorism(tm) than they've been in the past around here.
I have a couple of ideas why this may be so:
a) Back in the seventies/eighties when media reported on the Troubles in Northern Ireland, the ETA in Spain or the RAF in Germany / BR in Italy, reporting was much more low key (For anything but the most spectacular events, Norwegian papers would typically publish a small note to the effect that "Members of the Basque separatist organization ETA today killed a police officer and two bystanders in whatever Spanish place you've never heard of."
Today if someone for whatever reason kills a couple of people, it is a major story with photos, interviews, analysis and whatnot. Hence, events on a similar scale as was experienced in the past now appear much more significant.
b) Violence today seems a lot more arbitrary; in the seventies, the typical terrorism victim if my recollection of the news back then is anything to go by, was someone who was targeted for something they were; police officers, magistrates, cabinet members, Israelis, whatever.
Hence we'd just shrug it off, as we weren't targets, anyway.
Today, for a significant number of perpetrators, anyone is a target - and that makes it a lot harder to just shrug an attack off as something which does not affect you; three people get blown up in a bar in Elbonia? Could've been you; after all you went to the neighbourhood pub only yesterday!
c) Additionally, as much (if not all) terrorism today appears motivated by religion (or, more precisely, by some perverted interpretation of religion), it is a godsend to anyone of a xenophobic bent. Get rid of the people you do not like; get rid of the terrorism problem at the same time!
Militant islamism basically makes xenophobia legitimate, which in turn can be argued to foster militantism, which further fosters xenophobia and downwards we go.
An infamous country tried the "intrusion on privacy" route, with a result one could best characterize as "chilling." It was called East Germany. It would behoove everyone to watch the excellent dramatic film https://en.wikipedia.org/wiki/The_Lives_of_Others .
Is there a security problem now or has their always been one and we just hear about it now? Secondly, in some (many?) of the recent cases, the perpetrators were "known" to police and intelligence services. How does having more info help of they don't act on what's already held?
Taking this logic a step further, what is the effect of this intrusion on privacy? Is it a philosophical problem or a real world problem? To borrow a tech phrase, are we talking about free as in speech or beer?
I think that is the stage in the debate that convinces most normal people. Losing privacy of their gmail account to some faceless government entity is a theoretical problem that has no real impact on their lives. Terrorism on the other hand is a real world problem with easy to see consequences. I think most pragmatic non-techy people are willing to make that trade. If you want to change their mind, focus on showing how loss of privacy has real world effects.
> Terrorism on the other hand is a real world problem with easy to see consequences.
No, it's not. Just as the risks of loss of privacy are much higher than generally perceived, the risks of terrorism are much lower than generally perceived. Terrorism is perceived as a problem, but it really isn't, in most parts of Europe. Car crashes are a real world problem. Terrorism isn't.
(Now, I am obviously not saying that governments should simply blindly ignore terrorism risks--but overall, it really isn't a big problem, and there almost certainly are risks where most of the money would be better spent trying to reduce fatalities.)
You are thinking of this in a vacuum and not as part of a political debate. When a politician mentions terrorism, there are coffins and mourning families to point to as victims. That is what I mean be "real" problem. It isn't about risk or pure numbers. It is about concrete effects that are easy to see and understand. What does the politician who is pro-encryption point to as a victim? If the answer is The Constitution or any other abstract ideal, you already lost the hearts and minds of the general population.
Yeah, I am not denying that it's perceived by many people as a real problem. I am just saying that it actually isn't. Which also means that these effects aren't actually easy to understand. It's easy to be mistaken about them. That's the problem.
Not accepting this misleading framing is an important step in addressing the wishes of the population for totalitarianism.
> Terrorism is perceived as a problem, but it really isn't, in most parts of Europe
Perhaps that's because the security services are doing such a fantastic job. To make sure it's not a problem in all of Europe and make sure no more children die, they can't fight the war with hands behind their backs.
This is not what I believe, but it is how the argument gets phrased. How do you beat it? Not by extolling the virtues of end-to-end encryption and the importance of your civil liberties, that's for sure.
> So will this bill reduce, increase or have no effect on the attacks? If not, then what would reduce the attacks and why are the authorities not doing it already? If it will reduce the attacks, how much does it have to reduce them before we accept the intrusion on privacy as a necessary evil?
France has the most draconian laws of any Western country atm and there is no evidence attacks in France have been reduced.
They currently hold the false belief that the reason attacks succeed is because they are handled primarily via encryption.
> The reports note that Abdelhamid Abaaoud, the "mastermind" of both the Paris attacks and a thwarted Belgium attack ten months ago, failed to use any encryption whatsoever (read: existing capabilities stopped the Belgium attacks and could have stopped the Paris attacks, but didn't). That's of course not to say batshit religious cults like ISIS don't use encryption, and won't do so going forward. Everybody uses encryption. But the point remains that to use a tragedy to vilify encryption, push for surveillance expansion, and pass backdoor laws that will make everybody less safe -- is nearly as gruesome as the attacks themselves.
> For all the years of worry that terrorists would develop more sophisticated methods, Thursday’s attack in Nice realized a fear that turned out to be far worse: a form of violence so crude that it renders many of our usual defenses useless.
These aren't sophisticated people and they've correctly determined the government isn't capable of stopping attacks via communication mechanisms they actively monitor.
The security problem is lone wolfs, who by definition don't talk with others so this wouldn't have any effect on them. Even if it did you would get the same result by limiting the law to Muslims.
If nothing else the last two decades have shown us that people planning harmful attacks tend not to use complex, digital methods of communication and innocent people tend to. I'm like a sardine on a train so I can't easily provide references now but that in itself should be enough to say 'YOU'RE NOT TARGETING VIOLENT CRIMINALS - YOU'RE TARGETING THE PUBLIC! (and likely corporate / political competition)' and that should be that.
I agree with you. Every time I bring that up, I get down-voted due to the cognitive dissonance that folks have with their fondle-slabs. Now people are being conditioned to think it's normal for their microphone to always be on.
Depending on the handset model, you can open one up and physically remove (or disable) the mic, and use it with a wired headset that you plug in when you want to make or receive a call.
Admittedly it is a bit drastic, but low-tech and very effective.
Most cell phones have pretty low-quality microphones. My guess is that a basic white-noise generator in an inaudible frequency would render the microphone pretty much useless. That being said, there is the problem of then having to maintain the white noise generator.
White noise can be filtered out if it's not louder than the source sound within the frequency bands of interest over the time interval that matters for interpreting speech. So make sure it's loud, and maybe contour the noise to match the frequency distribution of speech, and maybe make it unpredictably variable over time.
One neat idea from Neal Stephenson's Anathem (with likely analogues elsewhere) is essentially a chatterbox that records people speaking in a conversation, chops up the audio into syllables, and plays those back at random to foil eavesdroppers. This might work better than white noise, assuming you trust the computer that's doing the scrambling!
But wouldn't it only have to be loud at the microphone? So a quiet but very close white noise source (e.g. something taped directly over the microphone) could mask a louder but more distant source?
I got that from The Register and I agree with their assessment. I can't walk 50 feet without seeing someone with their face buried in their phone, even while they are walking around town, oblivious to the world around them.
It actually reminds of an episode of Star Trek the Next Generation where the ship was commandeered after the crew were "drugged" by a hypnotic game. I believe the episode was "The Game".
Seriously, what you're talking about is one of the reasons I've wanted to get a Blackphone... but I think I saw a blip on my radar that it may be compromised
I think they'd have to monitor and restrict thoughts or at least be able to extract memories. The frightening thing is: if there ever comes a time when such technology is available, they will try to use it.
Why do you say it's analogous to "requiring us to constantly record all of our vocal communications"? Don't they just want to make it possible for police to record electronic communications, the same way police can already record vocal communications with a warrant and sufficient resources?
Tetrep, your comparison with vocal speech absolutely nails it. Just because the medium has changed, there is no justification for total surveillance. Few 50+ years old mainstream politicians see it that way.
It's such a pointless war on its own law-abiding citizens. It makes me sad.
People that really care about privacy, people who need to hide what they do will not be majorly impacted.
* The main threat is metadata anyways, not the data itself. Locating where you are (e.g. with millions of cameras and facial recognition) is a much worse threat.
* They will still use full disk encryption, free software, PGP or AES, etc. outside of the affected apps. That software won't stop to exist, nor the mathematics that powers it will stop working.
The sad part is that the people who will be disproportionally affected will be the common people who have nothing to hide anyways, and do not have the technical means, or the will, to protect themselves.
I agree with most of what you wrote. Just one comment:
> (e.g. with millions of cameras and facial recognition)
The vast majority of CCTV in the UK is not networked, and owned by small private companies (e.g. your local corner store), and rarely store data long enough to be of use to anyone unless something sufficiently serious happens to cause a request to be made quickly.
While there are areas covered by networked, government operated cameras, they are not the norm.
Yes but although privately owned I believe quite a large number are managed remotely by a few large security monitoring companies. Anecdotally I've heard from contacts who work with the security services on defense research projects that these are very much accessible.
There are a huge number of CCTV cameras in the UK (potentially up to six million[0]), but it is somewhat misleading to call it a network of cameras. Many are owned by private businesses, not the Government. From [0]:
> A key finding of our research is that the proportion of cameras controlled by local government is around 1 in 70. [...] Without the help of businesses investing into their privately-owned systems, the Police would only have access to the one publically-owned camera per 1,000 head of population [population of UK/1000 ~= 64000]
You are stating something that the parent comment explicitly says is not true. Quoting:
> The vast majority of CCTV in the
> UK is not networked, and owned by
> small private companies ...
So you say:
> UK is being watched by a network
> of 1.85m CCTV cameras.
Your comment adds nothing to the discussion, and is contradicting the parent comment without evidence.
Whether you are right or wrong, I suspect that's why you're being downvoted. If you flatly contradict someone without substantially adding to the discussion, that's what happens.
It's demonstrably not a fact, and it doesn't add to the discussion. Add constructively to the discussion and contrary opinions are not only tolerated, but engaged.
> UK is being watched by a
> network of 1.85m CCTV cameras.
It's not a network - the comment was not factually correct. I was answering the question and explaining my understanding of a likely cause for the downvotes - I personally did not downvote it.
You are assuming security against terrorism etc. was the main goal. I think that's completely not the case. There are no facts that support that mass-surveillance or measures compromising encryption have ever been effective at saving lives.
How about illegal drugs trade? Well, literally anything, including planning a murder or even a burglary. Noble goals, aren't they?
And, of course, political insurgency, mass disobeyance, etc, etc — just as a side effect.
What the powers that be try to sell us is security without compromises. Security above all, no matter the price (as long as it makes the powers more powerful). I think there is a real value in lower security, when civil rights and mere privacy of millions of people are put above the police's ability so solve a particular crime. You see, keeping everyone in a max security prison would be most efficient in thwarting any crime at all, but we're not doing that, at least yet, at the expense of some crimes being committed. The society already demonstrates that this compromise is acceptable. But the power always tends to push the other way.
> They will still use full disk encryption, free software, PGP or AES, etc. outside of the affected apps. That software won't stop to exist
"Dangerous hacker arrested, found in possession of illegal hacking tools. An unnamed officer said 'we couldn't have done it without our metadata analysis'"
If the tools for encrypting your data are illegal, they dont need to decrypt your data anymore.
It provides a sort of scapegoat for attacks. The government can't be seen as doing nothing against the threat of terrorism, so when the adversary uses encryption to cover their tracks, the government can point and say 'we did our best to outlaw their method of communication'.
It must be this. Even politicians will be greatly impacted. Since anything can be used against them. Even the most innocent text message if leaked. And none of them is guaranteed to have control over it.
> It's such a pointless war on its own law-abiding citizens.
Governments will always wage war on law abiding citizens, taking away freedoms in exchange for securities until the citizens are secure but no longer free.
>Governments will always wage war on law abiding citizens, taking away freedoms in exchange for securities until the citizens are secure but no longer free.
And even then, such a notion of "security" might seem dubious to those who are conscious of having lost said freedoms.
> 'If we do not provide for access to encrypted communications when it is necessary and proportionate to do so then we must simply accept that there can be areas online beyond the reach of the law.'
Yes, yes we must accept that, since it's reality. Queen Elizabeth can no more hold back encrypted communications than King Canute could hold back the tide.
It's a re-balancing. Before electronic bugs every park and pub had conversations that were completely beyond the reach of the law. And that's ok. We used to call that liberty.
Even here you see people who harbor the delusion that governments are all-powerful, ignoring the fact that if they employed mind-readers, or, for that matter "polygraphers," they would be an unscientific fraud and no amount of law could change that.
If I want to keep my communications encrypted online, I'm going to do so. The only people who won't have the same luxury as me are those that follow the law. I don't get it.
If encrypted communications are illegal, then anyone using them is an automatic target for investigation and the encryption itself may be probable cause to open up their lives and property.
It's considerably more difficult to conceal the fact of encryption on the wire than (say) a gun in your home.
This depends on the amount of communication. Steganography can attach a noise-like information stream to another, innocent stream, like a stream from a webcam constantly scanning one's backyard "for security purposes".
It's a whack-a-mole problem, and the moles always have a pretty fair chance.
This, of course, keeps the encryption in the hands of the technically savvy and motivated few, while the majority will have to use security with backdoors, and possibly other holes, for the convenience of the snooping by the government and online thieves alike.
Ciphertext is supposed to be impossible to distinquis from random noise, so how are they going to prove I am not just sending random noise, with a PGP header?
As for asking why I would do such a thing? I think the law is wrong and want to make the court waste their time.
No one would actually send random noise as a message, so the law would assume that comnunications which look like random noise are, prima facie, encrypted comms and something the police have a right to see in cleartext.
The folks at https://www.random.org/ and similar true-randomness providers would beg to differ.
They do, in fact, have a paid service to deliver what appears to be random noise as a message, then store that noise in their archive for subsequent re-verification.
I recall seeing videos of lava lamps and handfuls of d6 dice on a vibrating table, broadcast live over the internet, purely for their utility as potential sources for truly random numbers.
I can easily see a case for sending randomness in a client-server game with protections against cheating and bandwidth restrictions. The randomness server sends the same chunk of noise to game client and game server, and the game client sends user commands to the game server. As long as the user isn't cheating, the official server copy of the game state and the client copy remain in sync.
Given the scenario in question, that only helps you at layer one of the surveillance process and only for a very brief time. You're now a suspect to be watched intricately.
At layer two, they begin digging into your life, tapping everything they can, following you, and most likely eventually getting a warrant or equivalent to enter your home and seize your property. There's no scenario under which you don't break some arbitrary law, given enough time, at which point you're done.
That's a self-fulfilling prophecy. Once the state begins persecuting a citizen based on a suspicion of exercising free speech and security in their papers and effects, it is ethically correct for that person to rebel.
And once that person rebels, according to Presidential Decision Directive XXX, the government may consider that person an unlawful enemy combatant, apprehend them without a warrant, and incarcerate them at Secure Facility [REDACTED] for interrogation and/or neutralization by means of [REDACTED]. If they are ever heard about again, it will be because the government "found" ISIS materials, CP, or other bad stuff on their computer.
Encryption is not illegal, but even if it were then everyone should still use it, because not using it reveals much more information.
In a society were encryption is illegal or even seriously treated as "probable cause", then the authorities are likely to pick out anything in your day-to-day activities to use against you in an offensive legal process. So "not using encryption" is a fool's defense that makes literally zero rational sense - except from the perspective of a government psyops agent trying to spread FUD about encryption and discouraging its widespread adoption amongst the population.
In the UK encryption is not illegal, but possession of data believed to be encrypted, which you cannot or will not decrypt upon demand, is a crime of its own, punishable by two years imprisonment (no link to terrorism required -- 5 years maximum sentence of any link is suspected).
It needn't be the security services, or even the police; cases can be brought by the taxman. This has been the case for the last 10 years or so, the new law will extend these powers.
If the computer that you are using right now, like an Ipad, or a PC with intel inside, has the ability to be remotely controlled, like it has with Intel ME, or Apple(for use when someone steals an Iphone...), and the law mandates that they can access this service, then you can't keep ANYTHING encrypted.
It is worse than not encrypting it, because you believe it is encrypted, when it is not. Technically it is, but they can read the key transparently without you noticing.
Those services can access all the computer(the entire RAM and disk, all the processors) and have privileges over your applications and even the OS.
Interesting to see that at the same time the EU privacy watch dog is proposing to mandate encryption and outlaw these kind of decryption methodologies[0]. While still an opinion, it is good to see that in this area the EU is among the most progressive governments around.
[0] https://secure.edps.europa.eu/EDPSWEB/webdav/site/mySite/sha...
Interesting indeed. I thought it peculiar that the UK government released the Tony Blair report just before the BRexit vote. That report certainly got many people riled up about the 'establishment' and possibly could have changed the BRexit voting result. My point is that if the UK had stayed in the EU then the UK surveillance bill might have been dead in the water because it might have comflicted with EU law.
The EU referendum was on the 23rd June 2016 and the Chilcot report (as it is known formerly) was released 6th of July 2016. So those facts aside your point, do you have any conflicting EU laws in mind? I ask as currently the UK has not left and then looking at 2 years notice so any new UK law coming into play for years (due to the time to formulate them), will be complying within current EU laws and regulations.
This belief that you can somehow force the strong encryption genie back in his bottle is fascinating, if sad.
I guess it is not as futile as it may appear at first glance, though - after all, you don't need all the world's suppliers of communication software to adhere to be successful; just force the major ones to help you out, then simply assume that anyone using an insignificant (by user base) app is up to something nefarious.
Anyone hell bent on killing people will likely succeed. Surveillance is not the answer. Too much data is just as bad as not enough. The solution is finding out WHY people want to kill you and fix THAT.
I mean they're just going to fine/jail anyone within their jurisdiction that uses your software. Pretending that you can't ban encryption because you can't eliminate its availability is silly.
This is a political problem that must have a political solution.
I can't help but wonder how this bill, on top of Brexit, will affect the state of technology entrepreneurship in the UK. Why should an entrepreneur start up a technology business in the UK if his efforts will be hampered by politicians who have no clue about how technology actually works?
I have no doubt that the people working for GCQH know as much as anybody about encryption. The question is, are they smart enough to convince buyers that encryption with backdoors is secure against hackers. Because if buyers don't believe encryption with backdoors is secure, they won't buy it. If the buyers won't buy it, it's going to be very hard for entrepreneurs to succeed in selling it.
It's time to call this stuff out for what it is: flat out idiocy or lies. Possibly both.
Here's a brief thought to uncover why:
There are two countries. Country A has security capabilities equivalent to today's UK. Country B, equivalent to today's UK plus the proposed changes.
Could maniacs based in country B commit attacks of equivalent fatality to maniacs based in country A? Of course they could.
Could a criminal gang in country B get away with crimes of similar magnitude to a similar gang in country A? Of course they could.
Other threads here have pointed out the minimal extra effort that would be required by perpetrators, if any.
So why propose these changes, and why give the stated reasons?
Perhaps the government doesn't understand the negligible impact they'll have. This seems unlikely, although perhaps they "can't see the wood for the trees" and are getting carried away with the current xenophobic mood in the air.
Perhaps the government is showing its true colours and exercising the basic Conservative desire to deny societal evolution, by tightening control over anything new and complex.
Perhaps they've had a good hard think to the best of their abilities, and have genuinely decided this is The Best Thing To Do.
Whatever the reason, it's either founded on idiocy or couched in lies.
It is to an extent funny to think that governments think they can sit on top of communications and implement mass surveillance. If you make it illegal to encrypt your stuff, the knowledged/tech savvy people will start to work on using steganography. There will be an explosion of cat pictures in the Internet. Good luck finding the hideous cat :-)
All the government does now is inconvenience to the majority of citizens who they have nothing to worry about anyway.
I am surprised they did not add the line "think of the children" in there somewhere...
Meanwhile in the real world, criminals will resort to sending encrypted USB sticks via post, or carrier pigeons, or implanted in mules. There is always a way around these things for those that absolutely do not want their communications compromised. It is safe to say that any criminal enterprise knows that live electronic communication of any sort is likely to be compromised.
Also of concern, is that criminals will now have extra attack vectors to sensitive data, because if encryption has to be weakened for Government, it will be easier for other parties to exploit.
I'm sorry but between this and everything else lately...they seem pretty committed to "Security at any economic and/or personal cost! Security for everyone!"
I don't think it's to do with people 'losing their minds'. The weird thing about bills like this, or really anything effecting privacy/IT security, is that no matter how bad it is the general public have no idea it's happening. The number of people I've spoken to who know nothing about Snowden/PRISM etc despite it being front page news for months shocks me.
That basically means that it's up to a small group of people who are informed (like ourselves) to do what we can to stop this stuff. If we sit back and do nothing they won't have any problem implementing these laws.
For a long time, people who are concerned about online security and privacy have been derided as paranoid, tinfoil-hat-wearing kooks.
Not only that, but it seems to me that there's been far less coverage of these issues in mainstream media than in the tech press, and most mainstream coverage seems to take the governments' side. People who get most or all of their news from TV likely won't hear anything about all this; if they do, their eyes will glaze over as they don't have a clue how encryption works, or why it's important. Or, it will just vanish in the news cycle and they never think about it again.
Edit: It also seems to me that most people just aren't going to care unless it directly affects them, at which time it's already far too late.
If this is implemented, it's going to be fun the day that someone from the government gets hacked and compromised via the very same security weaknesses they ordered.
I feel like the UK is showing us what happens when the western world enters the information age without the protections and focus on individual freedoms some other countries have (not just the US, although of course they're high on the list).
In many ways we're seeing history play out all over again - new, disruptive thing shows up, governments wet themselves in terror, and try to control it. The difference is what happens now; in the US this tends (excluding drugs) to lead slowly towards a more nuanced position where the reigns are gradually loosened. In the UK that seems to never happen, the arrow of control and government intrusion only ever points in one direction. It's very puzzling; I'm not sure what the source of it is but I think it's going to be a serious issue in the future. Specifically as the rest of the world forges ahead, either through the evolving view of attempting to control of the uncontrollable, or through sheer lawlessness in other countries where the control is never in place. In the middle will be the UK, clinging desperately to the belief that (as someone else in the thread put it) they can hold back the tide.
If the laws are this regressive and encompassing, the very least we as citizens can do is to lobby for full transparency in requests - after all the data belongs to the individual (regardless of what the TOS claims) and the individual deserves to know about requests on his data immediately.
If UK finishes leaving the EU, they will just be excluded from the market given their diminished relevance. Are sure given the power vacuum in tech, I'll release a gimped software product for their citizens. $£$£$£$£$£$£$£$£$£
> “Doors are now almost ubiquitous and are the default for most houses and buildings. If we do not provide for access to people's bathrooms when it is necessary and proportionate to do so then we must simply accept that there can be rooms beyond the reach of the law,”
There are well-established and functional methods for extending law into areas that you can't see all the time. You don't need to ban encryption, in exactly the same way that you don't have to ban doors. Just because it's ooon the iiiinterneeettttt doesn't mean you need to break everything.
The state's enforcers do not fear doors, because they have boots for kicking, and stout legs to fill them. Even the heavier doors can be breached by prybar, ram, cutting torch, or explosive.
But when your bathroom door is protected by 256-bit encryption, the peace of your metaphorical deuce-dropping is (statistically) guaranteed until such time as the sun leaves the main sequence and devours the Earth.
The states conveniently ignore that kicking down a toilet door to pick through someone's poo and count the peanuts is not generally beneficial to anyone's security, especially when holding out a net under the appropriate sewer pipe could usually achieve the same results with less public outrage.
In any case, those with truly incriminating poo-peanuts will likely burn them, or head off into the woods with a trowel, and your toilet raids will only end up menacing those who linger too long in the stall, solving sudoku puzzles or practicing toilet-square origami, or whatnot.
Exactly my point. Just like you don't mount cameras in everybody's bathrooms, you don't outlaw encryption. Instead, you install spy software on your target's computer, or you plant a bug in their light fixture, or subpoena Facebook to see if they ever messed up and said anything unencrypted. You can still find things out even if someone is being serious and uses end-to-end encryption, just like you can still find things out even if someone is being serious and burns their incriminating poo-peanuts.
My ability to speak on stage before an audience ranges dangerously close to Harpo, Marceau, and Teller. I might be able to write for someone else, though.
Or how you don't have to ban virus scanners on Windows just in case UK spooks want to run a virus on your computer because no safe spaces for terrorists.
_asylum_applicants,_2015_(number_of_first_time_applicants,_rounded_figures)_YB16.png){kind=link}
This, of course, would require microphones on all citizens as well as many more in the surrounding environment, to ensure communications of unwilling citizens can be monitored as well. And, of course, we'd need video as well to get those pesky sign language users[0].
These sort of bills always make me wonder if we'll ever see a moral stance taken by tech companies. There's a few skirmishes that happen every now and then but there doesn't seem to be any general consensus on what companies will tolerate in both themselves and their business partners. I'd love to see a "Fair Trade"-esque branding used as an indication that the product and its supply chain don't include actors who support government surveillance.
[0]: OT, but it makes me realize you can literally make illegal gestures due to https://en.wikipedia.org/wiki/Hate_speech_laws_in_the_United...