UK – Page 6 – More Zonkyness

Who Decides What Public Inquiries Should Take Place?

Sep 292013

Who decides whether or not to hold a public inquiry? The government of course, and they usually make their decision on the cost of a public inquiry.

But it is rather convenient when a public inquiry delves into embarrassing subjects such as :-

the Bloody Sunday inquiry which took place 25 years after the event.
the Iraq Inquiry.

Never mind the fact there has been no public inquiry into political corruption after the MPs expenses scandal. Which all goes to show that we cannot trust the government to investigate themselves. Or the police: Look at how hard people have had to work at getting at the truth behind the Hillsborough disaster.

Or in other words, we cannot trust the government to determine whether public inquiries should be held, nor the scope of those inquires. Whilst the government usually does reasonable work in setting up public inquiries, and the reason for refusing to establish public inquiries is down to cost, it is not unreasonable to plan for the worst case scenario where a future government may refuse to establish an inquiry to conceal their own bad deeds.

As such the decision of what public inquiries should proceed should be in hands of a third party. An independent third party with no past or present politicians, senior policepersons, etc. Essentially a panel of the powerless.

Are We Living In A Police State?

Politics No Responses »

Aug 192013

No.

Anyone who thinks so needs to read a bit of history on what life was like in real police states.

But on a day when news of an incident where a journalist was detained for 9 hours and his electronic media confiscated, we do have to ask ourselves whether we are headed in that direction. And whether we really want to go in that direction.

David Miranda was held under anti-terrorist legislation – specifically schedule 7 – in what was clearly an attempt at harassment for publishing stories embarrassing the UK and US governments. Now the victim here is clearly a journalist, and whilst it is possible for a journalist to be involved in terrorism, I really rather doubt this one has time to be particularly active at this time. This is a high profile case, but how many of the 61,145 other suspects detained under schedule 7 last year were detained for non-terrorism purposes?

Anti-terrorism legislation is very powerful, and whilst it may be justified to tackle terrorism, it certainly must not be used for other purposes. And in this case it was.

And undoubtedly we will have some sort of review of the case, a lot of noise, and very little action. It’s almost certain that the police who detained David Miranda will escape scot free, or with a notional slap on the wrist, and not with a prison sentence that they deserve.

The NSA and GCHQ Are Spying On Us …

Security No Responses »

Jun 082013

Which is news how exactly? Spying on us is what the NSA and GCHQ are for.

Over the last day or two, we have been hearing more and more of the activities of the NSA (here) and GCHQ (here) spying on “us” (for variable definitions of that word). Specifically on a programme called PRISM which monitors Internet traffic between the US and foreign nations, but not on communications internal to the US.

Various Internet companies have denied being involved, but :-

They would have to deny involvement as any arrangement between the NSA and the company is likely to be covered by heavyweight laws regarding the disclosure of information about it.
It’s also worth noting that they have asked the company executives whether they are involved in PRISM, but not asked every engineer within the company; it is doubtful in the extreme that any company executive knows everything that happens within their company. And an engineer asked to plumb in a data tap under the banner of national security is not likely to talk about it to the company executive; after all the law trumps company policy.
The list of companies that have been asked, and have issued denials is a list of what the general public think of as the Internet, but in fact none of the companies are tier-1 NSP; whilst lots of interesting data could be obtained from Google, any mass surveillance programme would start with the big NSPs.

What seems to have been missed is the impact of agreements such as the UKUSA agreement on signals intelligence; the NSA is “hamstrung” (in their eyes) by being forbidden by law from spying on US domestic signals, but they are not forbidden to look at signals intelligence provided by GCHQ and visa-versa. Which gives both agencies “plausible deniability” in that they can legitimately claim that they are not spying on people from their own country whilst neglecting to mention that they make use of intelligence gathered by their opposite number.

There is some puzzlement that PRISM’s annual cost is just $20 million a year; there is really a rather obvious reason for this … and it also explains why none of the tier-1 NSPs have been mentioned so far either. Perhaps PRISM is an extension of an even more secret surveillance operation. They built (and maintain) the costly infrastructure for surveillance targeting the tier-1 NSPs and extended it with PRISM. In particular, the growing use of encryption means that surveillance at the tier-1 NSPs would be getting less and less useful (although traffic analysis can tell you a lot) making the “need” for PRISM a whole lot more necessary.

As it turns out there is evidence for this hypothesis.

But Are They Doing Anything Wrong?

Undoubtedly, both the NSA and GCHQ will claim what they are doing is within the law, and in the interests of national security. They may well be right. But unless we know exactly what they are doing, it is impossible to judge if their activities are within the law or not. And just because something is legal does not necessarily make it right.

Most people would probably agree that a mass surveillance programme may be justified if the aim is to prevent terrorism, but we don’t know that their aims are limited to that. The surveillance is probably restricted to subjects of “national interest”, but who determines what is in the national interest? Just because we think it is just about terrorism, war, and espionage doesn’t mean it is so. What is to stop the political masters of the NSA or GCHQ from declaring that it is in the national interest to spy on those involved with protests against the government, or those who vote against the government, or those who talk about taxation (i.e. tax avoidance/evasion)?

Spying is a slippery slope: It was not so very long a ago that a forerunner of the NSA was shut down by the US president of the day because “Gentlemen do not read each other’s mail.”. But intelligence is a tool that is so useful that more and more invasive intelligence methods become acceptable. It is all too easy to imagine how today’s anti-terrorist surveillance can become tomorrow’s 1984-like society.

That does not means that GCHQ should not investigate terrorism, but that it should do so in a way that we can be sure that it does not escalate into more innocent areas. Perhaps we should be allowing GCHQ to pursue surveillance, but that it should be restricted to a specified list of topics.

Is China The Bad Boy In Cyber Warfare?

Computing, Security No Responses »

May 182013

The strange thing about being involved in information security is the phenomena of cyber warfare.

After all, what does tinkering with computers have to do with real war? Well it depends what all that tinkering leads to, and we simply do not know what would happen in a real war. We are in the beginning of the era when aggressive hacking supports war.

But probably the overwhelming majority of activities labelled as cyber warfare are in fact espionage, or a grey area in between. Any kind of hacking that leads to information disclosure, is espionage rather than warfare. More aggressive hacking – such as writing malware to spin centrifuges into destruction – falls into the grey area between espionage and warfare; it’s too aggressive to be labelled espionage, but isn’t part of a legal war (and yes there is such a thing). In terms of legality, it could well be that such acts are illegal acts of war, but morally justified.

And why is China always the bad actor here? Practically every hacking conference video dealing with cyber warfare drops big hints about the activities of China with little in the way of evidence. There is some evidence that China may be involved in cyber espionage, but as for cyber warfare itself, there is far more evidence for the involvement of the US, Israel, and even the UK; although the rumoured replacement of an Al-Qaeda recipe for a pipe bomb with one for cupcakes doesn’t seem like an act of war, but perhaps an exhibit of the English sense of humour.

Part of the problem is that anyone who reads their firewall logs will find a huge number of attacks coming from Chinese address space. As an example, a quick inspection of the addresses blocked on one of my servers for attempted ssh brute force attacks gives the following table :-

Count	Country Code	Country
255	CN	China
51	US	United States …
29	KR	Korea (South)
19	BR	Brazil
17	DE	Germany
15	IN	India
13	RU	Russia
13	GB	Great Britain
13	FR	France
11	ID	Indonesia

This is not intended to be an accurate reflection of anything other than the number of infected machines trying to brute force accounts on my server.

The high presence of China is an indication of the number of malware infections within China, and the large population of the Chinese. It doesn’t actually say anything about where those attacks originate. Every hacker with enough sense to tie up their shoe laces will be pivoting through privacy proxies, and using armies of infected hosts to send out their attacks. These infected hosts are the ones whose addresses show up in your logs.

Assuming that because these addresses are Chinese means that the Chinese state is behind attacks is faulty logic. There is no reason why the Chinese state hackers (if they exist … although it is almost certain they do) would use Chinese addresses to attack from; they are more likely to be using addresses from the US, Europe, South America, etc. If anything, attacks coming from Chinese addresses indicate :-

Private sector hacking (which is the majority)
Attacks from state groups other than China.

It may well be that China is engaged in industrial scale cyber espionage; it may also be that what people assume are Chinese attacks are in fact other states. After all cyber espionage is probably one of the cheapest ways to get involved; within the means of even the smallest and poorest states.

UK Is Persecuting The Christian Minority?

Media, Politics, Religion No Responses »

Mar 302013

In something I first heard about in the Daily Mail, so there was an instant credibility gap, it seems that Lord Carey has been blathering on about how Christians feel like a persecuted minority, and that the government is discriminating against them.

Which is of course complete rancid rhino bile.

And any christian who feels persecuted against needs to take a good hard look at things.

According to the 2011 census, 59% of the UK population claimed to be christian. Given that 59% is more than 41%, I’d say that any christian who feels that they are a minority probably needs to take their socks off to count above 10. It is the rest of us – humanists, secularists, muslims, buddists, hindus, atheists, agnostics – who have the right to claim to be a minority. Given that 2001 (72% christian) was the first time the question was asked, it is hard to make historical observations regarding levels of christianity in the UK. Christians would of course say that we have been historically a christian society where everyone was a christian; others would say those who weren’t christian were under a great deal of pressure to pretend.

There are occasions when we get forced to sit through some sort of christian ceremony, although it was more common in the past than today. And it can be quite creepy listening to you guys speaking to your imaginary friend (or is it friends?).

Nothing to do with what goes on inside your churches of course, but christian ceremonies in public life can be excluding to those who are not christian. Take for example, the infamous council meetings where pre-meeting prayers are no longer permitted. Or rather praying out loud as part of the meeting is no longer permitted. If such prayers are part of a council meeting, they are effectively an unconscious expression of the kind of people who should take part in the meetings – that is practising christians. Or in other words, you are saying that the real minorities – atheists, muslims, etc. are not welcome.

Not that a period of silent contemplation at the start of a council meeting is a bad idea – indeed, it is probably a very good idea. And nobody is saying that you cannot talk with your imaginary friend(s) in the silence of your mind.

Carey specifically mentions the legalisation of gay marriage as one of the symptoms of “aggressive secularisation” within the government. Actually legalising gay marriage is simply doing the right thing; there is nothing in the legislation that forces anyone to get married to someone not of their choice! So it is merely allowing those who choose to, to get married to the person of their choice.

What christians who oppose gay marriage are complaining about, is that they are no longer allowed to impose their views of what marriage should be onto those who believe differently.

In other words christians are complaining about not being allowed to persecute others.

If christians still feel they are being persecuted in the UK, perhaps they should look at some of the real examples of christians being persecuted around the world (see http://en.wikipedia.org/wiki/Persecution_of_Christians). Any kind of inspection of what happens around the world will make any decent person claiming that UK christians are being persecuted thoroughly ashamed. Whatever the rights or wrongs of the case (and frankly in the case of the BA employee, both sides could do with being told to just grow up), being unable to wear a cross in jewellery form at work hardly compares to being stoned to death.

Older Entries Newer Entries