You don't need to be an 'investor' to invest in Singletrack: 6 days left: 95% of target - Find out more
Whilst the country is being distracted by the foppish sex pest turned bastard lovechild of Neil Oliver and Wim Hoff, the "Online Safety Bill" has quietly been passed in Parliament.
Further reading:
The whole world is basically now goverened/run by people who have literally no idea how anything to do with computers/IT/Internet etc actually works. And it's these idiots who are making decisions about everything to do with computers/IT/Internet etc
Is it even enforceable/enactable?
Where does that leave things like telegram and mastodon?
Ffs.
Honest to ****, what the hell has this country become?
I thought tinfoil hats were one size fits all? What's the problem? 😉
Gonna be interesting to see how this plays out. Whilst I can't see someone like Apple giving up on the UK market and they'll probably cave in and provide a back-door entry to their encryption, I can't see all VPN providers doing the same.
So, what's to stop anyone in the UK just installing a VPN from a company which doesn't have a legal, physical or business presence in the UK?
Because the traffic still goes via your ISP and if they are allowed to decrypt and inspect it the VPN won’t make any difference.
I would be astonished if Apple of all companies would capitulate.
"You can't sell phones here unless you give us a bypass to your security."
"OK. Bye!"
Give it two years, the dominant player will be the iPhony. Bonus, backdoors both for the UK government and the Chinese one. What could possibly go wrong.
what’s to stop anyone in the UK just installing a VPN
Nothing at all as far as I can fathom.
Whilst I can’t see someone like Apple giving up on the UK market and they’ll probably cave in and provide a back-door entry to their encryption, I can’t see all VPN providers doing the same.
They refused to do it for the US security services. It needs enough of our security IT professionals to keep telling the ****wits who came up with this harebrained scheme that it will be barely hours before government ministers have all their financial details splattered all over the dark web, along with all the juicy salacious little secrets they’d rather the grubby end of the media didn’t have.
And it will happen, the law of unintended consequences dictates it.
Wonder if they could apply it to a ministers device then get someone to hack it.
Because the traffic still goes via your ISP and if they are allowed to decrypt and inspect it the VPN won’t make any difference.
Surely that would be the whole point in using a VPN. They wouldn't be able to decrypt it as traffic is obscured within the tunnel that they won't have the key for.
Surely that would be the whole point in using a VPN. They wouldn’t be able to decrypt it as traffic is obscured within the tunnel that they won’t have the key for.
As long as they don’t have the key…..
You would have to configure a VPN proxy or something on your router at home so all your devices used it and then something else on your phone for when you’re out and about I guess…
I would be astonished if Apple of all companies would capitulate.
What, famously principled Apple?
If there's money to be made they'll cave...
A VPN wouldn't help with what's being proposed for phone surveillance, it's not about an encryption backdoor either - it's software on the phone that scans/intercepts data before it's encrypted and can extract that data and send on (presumably initially to the app provider, it's not clear if then a warrant is required by the police etc. to obtain that data (I would have thought so, that's a requirement now in order to access someone's gmail etc. stored in the cloud))
So I wouldn't have thought it needs the phone maker to enable this as the functionality could be embedded within the app (if it's being done by a separate app the phone OS would need to allow it (at least on iOS), or that security control to be circumvented which I guess is how Pegasus works). Within the app is one thing, at least then you know Meta is only scanning/extracting stuff you create within the Facebook app, I'd be concerned if it was outside the app as who's then policing social media companies aren't gathering data from other apps (call me naive but I actually marginally trust UK government agencies more than I trust social media companies...) .
The main problem I see with the Bill is how (deliberately) vaguely written it is, it should never have been passed in it's current state and it's no surprise people aren't taking the government at it's word about how the powers it grants will be used.
it’s software on the phone that scans/intercepts data before it’s encrypted and can extract that data and send on (presumably initially to the app provider
Eh? So what happens if this mysterious software isn't installed on the phone. Like if someone bought the phone abroad? Or is it somehow going to magically install itself when connecting to any "UK network"?
Is there an idiots guide about how this is gonna be implemented?
Right so - not commenting on the morality of this, but just from the philosophical aspect: What's the difference between the police being able to read your messages and being able to break into your house and confiscate your computer or anything else to go through it? Which they can already do.
I would be astonished if Apple of all companies would capitulate.
“You can’t sell phones here unless you give us a bypass to your security.”
“OK. Bye!”
bUt THeY neeD US mOrE tHAN We nEEd THeM...
Right so – not commenting on the morality of this, but just from the philosophical aspect:
The primary problem is from a security aspect.
Once its been backdoored you have to hope no one else gets their hands on it and runs it willy nilly.
Although for your comparison another problem is this sort of surveillance can be done at scale and without being obvious. So again more liable to misuse than having to send a team of cops to kick down the door.
What, famously principled Apple?
If there’s money to be made they’ll cave…
I don't think they'd have to cave. Want to get more younger people engaged in politics? Apple saying you can't get a new iphone because of your government should do it
What’s the difference between the police being able to read your messages
It's not the police (or any other "lawful authority" ) I'm concerned about. It's the unintended consequence of deliberately introducing a potential vulnerability I'm bothered about. I prefer the piece of mind that my banking app is secure and isn't about to be emptied by some criminal gang (or criminal state). And I'm sure my boss is equally concerned that any apps I use for work aren't similarly compromised...
(The company I work for WAS hacked about 18 months ago. Boy, that was not fun times I can tell you)
Glad to see there hasn't been any of the "Well if you've got nothing to hide you've got nothing to worry about" insufferable imbeciles popping up in this thread yet.
Worrying times indeed. Particularly worrying for sensitive information used in government agencies or security sectors, most will have to develop fully airgapped networks to ensure they adhere to compliance standards, same with SaaS companies that have high stakes competition. I mean really it's entirely unmanageable, certain VPN encryption methods if it's all monitored by ISP would be safe to use but not older IPSEC types, if its software based then im sure in Linux/Android devices you'd be able to disable it with some tinkering.. If it's hardware based it means all new devices will pass the cost onto the consumer and will be a nightmare to deal with
What’s the difference between the police being able to read your messages and being able to break into your house and confiscate your computer or anything else to go through it?
Because the conclusion is that we now should just leave our front door unlocked rather than them having to break in.
It’s the unintended consequence of deliberately introducing a potential vulnerability I’m bothered about.
Any install on a handset that sits there ahead of encryption is a massive potential problem, the government's track record on competently delivering IT projects is not reassuring. The backdoors will have backdoors aplenty.
As you say, no sane banking group will allow its app security to be universally defeated this way.
You wonder what the response will be from foreign governments or corporations brimming with sensitive information, who will be confronted by every single one of our citizens carrying these devices into their countries and headquarters.
Honestly; if the 'tech-bros' had paid a"bit" of attention to even trying to pretend to pay lip service to people saying that the on-line environment is particularly hazardous to children and vulnerable adults in their mad dash for everyone's money; we wouldn't be facing this sort of legislation now.
Their choices were "do something" or "have something done to you by ****ing idiots who don't know shit"
I guess counting their money was more fun/distracting
A more cynical soul might think that 'online safety' is simply the fig-leaf which the government has hung over measures which can potentially deliver carte blanche access to our devices, after an opportunistic request from the security services to a weak government, and an even weaker Home Secretary.
TBH though if the secret services aren't asking for this sort of access, they they're not doing their jobs properly. Somewhere in the middle is sensible legislation that keeps "most" people safe and their information private. I'm entirely un-surprised that we didn't manage it.
The whole world is basically now goverened/run by people who have literally no idea how anything to do with computers/IT/Internet etc actually works. And it’s these idiots who are making decisions about everything to do with computers/IT/Internet etc
I have always thought it is amazing that you can be the minister in charge of the health service, but never worked in the NHS, or be Defence secretary and having never served in the military, instead you get "yes" people giving you the overview you want to hear, and have no practical experience yourself.
I suspect that this is a policy that will not survive meeting reality. I hope so. Implementing and enforcing it is going to be impossible
TBH though if the secret services aren’t asking for this sort of access, they they’re not doing their jobs properly.
Oh, I'm sure they ask for this kind of thing frequently, but it's the job of competent government to strike a balance between their needs and wants, our freedoms, and the economic reality of the market with which they're seeking to interfere.
Because the conclusion is that we now should just
leave our front door unlockedgive them a skeleton key rather than them having to break in
A skeleton key whose existence shows an exploitable flaw in the locking mechanism that any motivated person can then aim to emulate.
@martinhutch comply agree, which makes this whole mess even more dead on arrival. It's clearly un-workable, and as @tjagain suggests won't survive contact with reality.
Also; coming down the line for the same people who bought you this hot-mess is devising legislation about GAI, LLM, and artificial biology
I'm going to predict it won't be a success.
Yeah, I'm not sure how you would even start enforcing this with multiple handset manufacturers serving the UK market. I imagine they'd subcontract out the software itself to the Israelis, they have a knack for this kind of thing, and they'd probably leave themselves some additional backdoors as well so they could provide access to other clients. It will make us a global pariah in terms of information technology, and anyone carrying a UK handset across a border would be viewed with suspicion.
TBH though if the secret services aren’t asking for this sort of access, they they’re not doing their jobs properly.
I gather that in the U.S. the authorities can ask for a confidential court order to access suspicious accounts and that Google, Apple, Microsoft, etc. are actually very cooperative as long as a court order is issued.
On top of that, non-U.S. citizens don't have the constitutional protections that U.S. citizens have. Despite all the boasts to the contrary, iPhones aren't perfectly secure, neither are Android phones, MacBooks, Windows PCs, etc. For high-value targets, the U.S. authorities will use zero-day exploits to hack devices. If they can get their hands on the device for a few minutes, it's compromised and the owner won't suspect a thing. Even brand new devices still in their box may have been intercepted mid-delivery and hacked, then replaced in new packaging.
It's the difference between going the extra mile to target a specific individual, and obtaining the authority of the court to do so, or employing specific espionage methods, again against individuals or groups.
This potentially casts a net over the online input/output of pretty much every citizen on demand. The temptation to employ behavioural and keyword algorithms widely would be irresistible.
but it’s the job of competent government
They haven't demonstrated any kind of competency (other than money laundering) for a few years
Even brand new devices still in their box may have been intercepted mid-delivery and hacked, then replaced in new packaging.
I seem to remember this happening with chip and pin machines when they were a new thing.
No. This is actually the entire point of the debate...I gather that in the U.S. the authorities can ask for a confidential court order to access suspicious accounts and that Google, Apple, Microsoft, etc. are actually very cooperative as long as a court order is issued.
As it currently stands, even Apple cannot get access to your iPhone/iMessages on behalf of law enforcement/governments even if they wanted to (which they don't) because it is encrypted and there is no backdoor (and they are refusing to implement one).
https://en.wikipedia.org/wiki/Apple%E2%80%93FBI_encryption_dispute
Actually there's quite a lot of misunderstanding on this thread - no-one is talking about device-level backdoors so there's no danger of the security of an entire phone being compromised. The bill would put the onus on the messaging providers (WhatsApp, Apple iMessage, etc) so if they didn't want to comply they would simply withdraw their service in the UK.
But the clause is extremely vague at the moment, and could amount to nothing - but this is actually a huge problem in itself for us in the UK in that a law seems to have been passed but it has not yet been decided what it actually is!!
The government has 'experts*' who say this is feasible. Show your working then and name them. After all if they have nothing to hide, they have nothing to fear.
(*I suspect that these are all drips under pressure and nothing more)
The irony explosion when the right gives the left the very thing they've been asking for. 🙄
Couple of good podcasts with a knowledgeable lass from Big Brother Watch knocking about in this bill.
"Get back in there and do stuff to do with computers!"
I wonder about signal et al? Would their server be blocked at IP level if they refused to comply?
I suspect that this is a policy that will not survive meeting reality.
The basic MO of our government has been to say they'll do something and expect that enough people will take that the mean that it happened
The government has ‘experts*’ who say this is feasible. Show your working then and name them. After all if they have nothing to hide, they have nothing to fear.
Our government leaks like a sieve - theres no need to publish anything anymore. Just leave it to whoever has got eyes on your job to reveal any meaningful information in an attempt to rubbish you 🙂 Thats how we find out whats in all the briefings our ministers receive and ignore.
The basic MO of our government has been to say they’ll do something
A more cynical soul might think that ‘online safety’ is simply the fig-leaf which the government has hung over measures which can potentially deliver carte blanche access to our devices
I really don't think you need to be cynical about the current govt to think this. Cynical might be wondering how much of brexit was about the ability to do things like this. Actually, no, that's not cynical either.
Wonder if they could apply it to a ministers device then get someone to hack it.
Indeed. Let's pilot it on high value data and devices, just to prove we have nothing to fear and it's all perfectly safe and normal....
TBH though if the secret services aren’t asking for this sort of access, they they’re not doing their jobs properly.
Which doesnt mean they should be listened to. Vaguely remember reading about some former tory minister saying they use to come and ask for x and then get politely ignored.
Plus for somewhere like GCHQ whilst some of their people would like it those who work on the defensive side would be sobbing quietly in the corner.
Somewhere in the middle is sensible legislation that keeps “most” people safe and their information private. I’m entirely un-surprised that we didn’t manage it.
I am not sure there is a sensible solution to it. Even if in theory its only the provider who has the master key to unlock then you need to hope they remain secure.
Plenty of examples of that failing eg recently the Azure account key loss.
Quite.
EternalBlue, anyone?
I'd be surprised if Apple (and similar) were prepared to make deliberately insecure versions of their software specifically for the UK market. I think the global harm would outweigh the local sales.
There's a lot more than security at risk from this Act. As I read it, any online web forum (such as STW and thousands of others) will be a "regulated user-to-user service" and the provider of that service will incur a huge raft of duties and legal responsibilities, to the point where I doubt anyone who isn't make a lot of money out it will be prepared to it on.
It doesn't all come into effect immediately, and the Regulations and OFCOM Codes of Practice don't exist yet, so it's hard to say exactly what effect it will have, but I can't see any way in which small volunteer run forums can continue. They will just have use a big platform like Facebook that has the resources to do it.
Anyone who wants to try reading the words for themselves, I think this is the most recent version (possibly without the final amendments):
https://bills.parliament.uk/publications/52368/documents/3841
Since it's waiting for but doesn't yet have Royal Assent it's still technically a Bill and isn't on legislation.uk so parliament.uk is the only place.
Our best hope is that we get a change of Government before the damage is done, but I can see the tabloid media ("Starmer wants to scrap online protection for kids!") making it an unlikely manifesto commitment.
It's a Woolly hat law full of holes tbh. I generally thought this had been kicked into the long grass. As international law is so difficult to Police nevermind domestic law bring your phone to the UK and let the government have a little snoop? I can see this getting enshrined then no one having a clue how far it effects people/business
Admittedly it's more about data than phones but tbh most of the data we consume is over a phone
I have always thought it is amazing that you can be the minister in charge of the health service, but never worked in the NHS, or be Defence secretary and having never served in the military, instead you get “yes” people giving you the overview you want to hear, and have no practical experience yourself.
Who though?
Most people would agree that the Peter Principle holds true. You can't just promote people and expect them to be competent just because they're now managing people doing something they were good at. You wouldn't recruit Dr's from the hospital gift shop, why would you recruit a health secretary from the NHS IT department (or a nurse, cleaner, porter, receptionist). The job requirements are politics and corporate management, not orthopedic surgery and oncology.
The irony explosion when the right gives the left the very thing they’ve been asking for. 🙄
Who the F on the left asked for this?
Closest is the generally universal demand that could Boris please try a bit harder to remember his WhatsApp password.
Who the F on the left asked for this?
Loads of drips have been screaming about controls on the web. This place was up in arms when Flack died by suicide as a result of 'trolls'.
I can't be arsed to do the usual STW form of posting a bunch of links, but you could use this link.
The govt did what I'd expect any govt to do and overreach and **** it right up.
Some people so desperately want saving from themselves they forget who is in charge. A bunch of clueless midwits who'd **** up toast.
Errr, yeahhhh but why do GCHQ need access to everyone’s everything in order to make Facebook moderate bullying/hate speech?
Well obviously they don't but Govts do like overreach, I'm really surprised that you're all surprised. Has nobody been following this?
Big Brother Watch admit they have not achieved as much as they'd like in having the bill amended, Labour have promised to strengthen it. No mention of opposing this shite though.
Even Tory backbenchers think it's a crock of shite.
@relapsed_mandalorian usually I'm pretty much in agreement with stuff you say but you're off the mark here. Those poeple have nothing to do with left/right and are just the usual folk that have no idea how technology works, no inclination to learn and then get all upset when it blows up in their face because they're too lazy to do the basics (extending to actual parenting).
Basically like handing a pack of chimps a loaded SA80 each and being surprised when they don't master arms drill after the first one blows it's face off. Those people are the chimps but without the excuse that they're chimps.
How does WhatsApp encryption actually work? Is it going to be possible to have three-way encryption?
Its end to end encrypted. The keys to encrypt/decrypt are generated and held on the device and so, in theory, whatsapp etc has no ability to read them (since its their code in practice they would be able to get hold off the keys at least for future interaction)
The main alternative would be to generate them centrally and send them out to the individual devices as well as saving them in the background.
I wonder about signal et al? Would their server be blocked at IP level if they refused to comply?
Signal have already said they’ll leave the U.K. if they’re required to install back door access.
How does WhatsApp encryption actually work? Is it going to be possible to have three-way encryption?
As dissonance says; same with Apple’s Messages app, end2end encryption, and Apple have no access to anything contained in messages sent or received. If enforcement entities can get access to a device, then there’s Israeli software that can break a locked iPhone, the FBI/NSA have it, after threatening Apple with all sorts of repercussions if they didn’t help.
Apple, quite rightly refused, because of what would happen if they didn’t, and the phones were accessed anyway by the software the NSA/FBI had paid for.
The Israeli security company responsible have also built Pegasus, (I think that’s its name) which is being used to hack phones belonging to people at risk from unfriendly countries, like Russia, Hungary, and lots of others who don’t like journalists digging into their nefarious practices.
Apple have already sent out a security update for iOS 17 to patch three zero-day exploits that have already been hacked - China might be behind those, they’re already banning government employees from owning iPhones. More as a reprisal against the American government banning Huawei from any infrastructure installations, but anything they can get hold of could be useful.
The keys to encrypt/decrypt are generated and held on the device and so, in theory, whatsapp etc has no ability to read them
So it's private key encryption? The key is already on your phone or is it installed when you install WhatsApp?
I gather that in the U.S. the authorities can ask for a confidential court order to access suspicious accounts and that Google, Apple, Microsoft, etc. are actually very cooperative as long as a court order is issued
This exists in the UK, social media/email service providers etc. have portals for authorised government agencies whereby they can get access to what's stored on the provider's systems (e.g. Bob's gmail mailbox). This is strictly controlled though and requires a warrant or court order etc.
What's being proposed in this Bill though is allowing authorised agencies to not only intercept communications data (as they can and do already) but to decrypt it as well. The problem is most encryption systems in use by social media companies etc. don't have back-doors and would become inherently much weaker if that sort of functionality were built in (an analogy would be encryption as it stands is an impenetrable wall without a door but they're now adding a high security door to it, still secure on the face of it but now has vulnerabilities such as unauthorised people getting hold of the door key or tailgating someone who is authorised who's used a key).
I just can't see either device manufacturers or app creators creating a backdoor into their encryption systems themselves, as I said I see it more likely it will be done within the app so that the data is extracted before it's encrypted (e.g. as you're typing in a message within the app) but it's then not clear where that information would be sent or stored. Presumably it would have to be back to the service/app provider, likely sent to them encrypted but stored in their systems in a way where it can be extracted and unencrypted on request (from a government agency). As long as time stamps are recorded it should be possible to link an intercepted (but encrypted) communication the agency has with the decrypted version of that message held by the service provider. This is all wild speculation though and may well not be technically possible...
TBH Facebook, Apple, Whatsapp, Snapchat etc threatening to leave the UK market over this would be a wake up call to the increasingly small number of people who still think we have a vaguely competent government.
Persuading every app manufacturer capable of E2E encrypted communications to install a backdoor has to be impossible. Wouldn't they have to resort to a keylogger type thing at device level? And of course, those who really don't want their messages being read (ie the people you're trying to catch) will always look for a way to stay ahead, such as Sky ECC.
How does WhatsApp encryption actually work
It doesn't matter, when quantum computing gets into it's stride, they'll all be decrypted overnight any way.
What irks me most about this bill is the Big Brother Surveillance State nature of it.
This is coming from a party who love to band on about free speech, saying what you want and if you take offence that's your problem.
They want to control and monitor everything we do and say and think and talk about.
It doesn’t matter, when quantum computing gets into it’s stride, they’ll all be decrypted overnight any way.
Well, apart from Signal at least. They have just updated their crypto to something that current (and future) quantum computers will have a hard time with.
This could go the way of the old "Export Cryptography" rules that the US put in place for ITAR/weapons exports, but given that normal, strong PKI is pretty much everywhere, that just meant you took off your default, weak crypto and installed a strong cert in its place. You'd have to make every manufacturer either use some sort of escrow system for keys so that they could three-way it, or force them to install a backdoored algorithm (like the Russian ciphers?) tht _had_ to be used in the UK and could not be configured away.
This bullshit just highlights _AGAIN_ that politicians haven't got a clue. How in the hell you would go about forcing this on global companies and every device in the UK is beyond me. Operator settings may be able to set some configurations, but this may not impact the apps installed on a device. Even if they did, would their devices be exempt? Who else would be able to claim an exemption, footballers?
Just as a thing, this would weaken security for everyone in the UK. Backdoored crypto is a terrible idea (ask RSA) as the backdoor _will_ be exploited by foreign actors and then you have truly lost the keys to the kingdom.
The key is already on your phone or is it installed when you install WhatsApp?
Its a version of the Signal protocol.
When you install whatsApp it generates a public/private key.
Then everytime you start a chat it uses that to securely create a symmetric key per chat (since using pki all the time is expensive) which is also stored on the phone.
I think they use the full implementation so it actually generates a new key per message.
Not quite sure how the group chats work.
WhatsApp can certainly compromise it. They could also have it send the keys each time back to a central server for people of interest or simply bcc the messages to a central server using a separate key.
There is no way to defend once the phone itself has been compromised. Examples being Pegasus or law enforcements compromise of the "ultra secure" Encrochat phones.
Well, apart from Signal at least.
They hope...
Isn’t this whole thing pointless? If I was a ‘bad person’ that wanted to communicate without the government reading my messages what’s to stop me doing this outside of communication apps?
I’m no expert but surely all I’d need is a stand-alone encryption tool at each end (signal’s open source, isn’t it? so, getting at suitable code should be possible) then I can create public and private keys, share the public key, encrypt a message with my friend’s public key and attach it to an email. There’s probably better ways to do this but my point is that anyone that really wants secure comms will be able work around this law.
Encription is ‘just’ maths, the government may as well try and ban calculus, or French.
There’s probably better ways to do this but my point is that anyone that really wants secure comms will be able work around this law.
Yes however the counter argument (in my opinion rather weak) is it makes it harder if you force people into meeting up for key parties etc and so makes it harder to scale.
The alternative is the criminals go for "secure" networks but they have the disadvantage of now concentrating criminals in one place. Aside from Encrochat there are several other cases where these have been compromised by one or other countries security agencies who then invited other countries cops to the party. In one case the FBI/Australian cops cut out the hassle of compromising the system and just created their own company Anom.
I tend agree with whoever said this won't stand up to the harsh glare of reality is probably right.
Based on my reading, VPN solves this.
So, the VPN service providers will have a good christmas party...
Unless the Gov decides to restrict VPNs...
When you consider what uses E2EE/VPNs, mobile banking, internet shopping, business/remote working VPNs...ugghhhh.
All from a Gov that stated it wanted to the UK to be a high tech hub of industry.
It doesn’t matter, when quantum computing gets into it’s stride, they’ll all be decrypted overnight any way.
This isn't really correct, at least for government secure stuff, 'quantum-safe' cryptographic algorithms have been mandated for a while now. I would assume encrypted app providers would either already be using them or would switch to them at a time quantum computing became a real threat.
Based on my reading, VPN solves this.
It really doesn't if the messages are intercepted before encryption and transmission, which is what the 'magical technology' being suggested by the government is alluding to.
It really doesn’t if the messages are intercepted before encryption and transmission, which is what the ‘magical technology’ being suggested by the government is alluding to.
If this Magical tech is being provided by the same company that provides the magical tech that would solve the Brexit/Northern Ireland issue, we are probably safe for a quite a while...
As zilog6128 has posted my understanding with Apple is it only affects iMessage. And Apple has threatened to withdraw that service. .There is also a message service the UK security services use including the MOD which will be affected which I can’t remember the name of that has also threatened to withdraw from the UK if it passed.
I am not IT literate at all.
Ive read most replies on this thread, and almost all doesnt make sense. I can jist about use word and excel and IT never interested me
I also have some young kids growing up and about to join a world of horrible social media, pron, abuse etc.
What is this legislation aimed at? Was it originally to prevent kids seeing/accessing stuff they shouldnt? Wasnt it out credit card details in to get onto a pron site? Has it creeped in scope to a much larger more wide ranging issue?
Sorry i am a luddite! But interested 😉
What is this legislation aimed at? Was it originally to prevent kids seeing/accessing stuff they shouldnt? Wasnt it out credit card details in to get onto a pron site? Has it creeped in scope to a much larger more wide ranging issue?
Pretty much. So either the security services saw the opportunity to sidle up for a landgrab as the legislation was under development, or some tech bod said 'we can't achieve your aims unless we do this much wider thing', and Suella said, fine, I can't be seen to drop my proposed legislation, so we'll just do it that way.
There's a few things going on in the bill. @ravingdave from your perspective there will hopefully be some welcome changes. At least that is my view.
Most people have agreed for some time now that young kids should not be able to stumble across porn and other inappropriate content online. Yet despite this being VERY easy to solve nothing has been legislated for so only a few companies (OnlyFans is actually one of the responsible ones) have actually done anything.
Will it stop 15/16/17 year olds getting access to porn. No. They will find ways round it. Just like those of us in our 40s did when we wanted a porn mag.
Will it stop primary school aged kids seeing porn. It will make it a lot harder. That's got to be worth it. Speaking as a parent of a 7 and 4 year old.
Will someone be able to read my whatsapp messages? Maybe? And then try and sell me a new shed. Perhaps. It won't be legal but might happen.
Will we be able to reduce amount of abhorrent content shared online (even by a tiny fraction)? Yes. Again, if the risks are someone knows a bit more about my mundane life and it reduces this shit then I'm game.
Sorry if I'm bucking the trend here and coming off all Tory. I'm not, I'm a raging lefty. But I'm also a parent. And that's my priority right now.
Isn’t this whole thing pointless?
I'm reasonably confident I could write an app now that used private key encryption and install it on my Android phone. Then I could send you the app and the private key and you could do the same. Noone would ever know.
I'm also reasonably confident I could do the same thing with PKI and create a criminal network based on my own shady certificate authority and anyone could use it.
if you’re not bothered by it why don’t you post your gmail username and password so we can have a poke around in all the emails you’ve sent over the past decade.
I’m also reasonably confident I could do the same thing with PKI and create a criminal network based on my own shady certificate authority and anyone could use it.
Which then makes you very interesting to governmental organisations across the world.
So unless you are really, really good and really, really lucky then chances are one countries law enforcement agency would find their way in and then invite everyone else to the party.
Will it stop primary school aged kids seeing porn. It will make it a lot harder.
How? vpn job done. Unless you are wanting to block vpns in which case thats work from home amongst other things knackered.
The only way to prevent those kids seeing stuff is for their parents to properly supervise them.
Will someone be able to read my whatsapp messages? Maybe? And then try and sell me a new shed.
Or pretend to be your kid to extort some money etc etc.
Will we be able to reduce amount of abhorrent content shared online (even by a tiny fraction)? Yes.
Evidence required.