UK to announce real-time phone, email, Web traffic monitors

UK government plans to allow the intelligence services analyse call, email and Web traffic in �real-time� could be announced by the Queen as early as May.

In reference to www.zdnet.com/blog/london/uk-8216to-announce-real-time-phone-email-...:

UK �to announce� real-time phone, email, Web traffic monitoring

By Zack Whittaker | April 1, 2012, 3:35am PDT

Summary: UK government plans to allow the intelligence services analyse call, email and Web traffic in �real-time� could be announced by the Queen as early as May.

Editors note: Despite this being April 1, or �April Fools Day�, this story is not a fabrication nor a joke. For background to this story, head this way.

Under new UK legislation, Internet service and broadband providers will be obligated to pass personal browsing, email and call data to the intelligence services for real-time processing.

�Internet firms� could also include social networks and search engines, such as Facebook, Twitter, and Google � all of which have a presence in the UK � along with broadband providers. Access to ISP logs will be opened up to the government on-demand.

The �third� UK intelligence service, GCHQ, the signals and electronics eavesdropping station based in Cheltenham, currently process call, web, and email data, such as when communications were made, but not the contents of such data.

ISPs, however, do process this data at their facilities and datacenters. These new plans would force ISPs to �mirror� all traffic through GCHQ allowing for more detailed inspection on a law enforcement level to quickly process information as it happens.

A Home Office spokesperson confirmed the upcoming legislation could be implemented as �soon as parliamentary time allows�.

�It is vital that police and security services are able to obtain communications data in certain circumstances to investigate serious crime and terrorism and to protect the public,� a spokesperson said in an emailed statement.

�Communications data includes time, duration and dialling numbers of a phone call, or an email address. It does not include the content of any phone call or email and it is not the intention of Government to make changes to the existing legal basis for the interception of communications.�

Currently under UK law, GCHQ along with police and other law enforcement agencies, would have to present a Home Secretary-issued or court-ordered search warrant to ISPs to force to hand over the data for inspection.

The new legislation would still require a search warrant to access the specific details of calls, emails and Web activity. Such personal content can still be requested under a search warrant presented to the ISP, though GCHQ will not process this data automatically.

But it will allow the intelligence services to trace people�s communications with others, who they are contacting, and how often for.

The �contact not content� rule applies in that police, law enforcement and intelligence services are interested in who people communicate with, rather than the contents of the communication itself.

But the new measures would force ISPs to install routing hardware in their facilities to open up access to GCHQ as and when it is necessary.

The legislation is expected to be announced at the Queen�s Speech in May. The speech is the only communication the Queen gives that is not written by her. It is written by legislators, specifically at Downing Street, the home and office of the prime minister.

The previous Labour government pushed for similar legislation � a time post the September 11 terrorist attacks in New York, and the July 7 London bombings. In hindsight, it seemed like a breach of civil liberties, in an age where subjective anti-social behaviour (ASBO) injunctions could prevent individuals from doing certain things along with when and in specific places, and control orders would impose �house arrest� like sanctions on suspected terrorists.

The proposals were shot down by the then opposition Conservative government, but now in power seek to bring these plans into law by the end of the year.

Edited by deleted (Sun 01-Apr-12 12:12:13)

I always think it's strange how the politicians say one thing in opposition, then do another when in power. It just shows that it is not the politicians that really make the decisions and policies, but the permament civil servants who do not answer to the people, but answer to the establishment instead. The politicians just do as they are told.

And who is going to pay for all the kit, large access channels and ongoing maintenance of all this? Along with the vast amount of hardware required by GCHQ to analyse that volume of data in real time. Oh right - all of us.

There's better things to be investing money in right now and this is wholly unmandated.

Let alone the simple fact that the people they claim to be wanting to protect us from "serious crime and terrorism" will just vpn their comms outside UK borders rendering the whole shenanigans useless.

An utter farce - and an expensive one at that.

Hmmm

I thought we had a deficit that we had to pay off.

Let's hope its an April Fool.

I have's a question for you though.

Could it be possible that all commercially available encryption has had a weakness built in that governments could exploit or is this truly legislation drawn up by technically illiterate morons?

So they condemn nespapers (quite rightly so) for phone hacking, saying it's an invasion of privacy - yet their form of invasion of privacy is OK?

I'm all for national/international security, and don't object to most forms of security measures such as cctv etc, but this takes things a step too far for my liking.

No, it's no joke

In reference to www.telegraph.co.uk/technology/news/9179087/Internet-activity-to-be...:

Nick Pickles, director of the Big Brother Watch campaign group, said: "This is an unprecedented step that will see Britain adopt the same kind of surveillance seen in China and Iran.

"This is an absolute attack on privacy online and it is far from clear this will actually improve public safety, while adding significant costs to internet businesses.

Sure - it is possible that some commercial encryption has deliberate backdoors. However most VPN providers give options for PPTP or L2TP / IPSec.

I remember 10+ years ago PPTP was considered weak and have not heard of any significant improvement since then.

AES128 and AES256, the encryption cipher most widely used for IPSec is widely believed to still be unbroken i.e. the only way to crack it is brute force guessing, which is computationally unfeasible today.

AES256 particularly is even authorised by the US gov't for securing confidential data up to Top Secret level.

One side effect of this strength of encryption is of course the introduction of laws to compel people to reveal passwords / passphrases / key files to allow access to encrypted data when under investigation. If it is believed you know the key and refuse to reveal it, then it's up to 5 years in the slammer for you. Hence encryption of static data (files etc.) doesn't really serve much use if the intention is to evade law enforcement. It is useful for your own protection i.e. collateral damage such as bank account access etc. when a laptop or USB stick etc. is lost or stolen.

Hmm... went way of topic there talking about static data encryption.. oops

As for on the fly VPN encryption, the concern needs to be what jurisdiction the VPN provider and their equipment operates in and what logging they maintain. Probably best in this respect to rent a vps or dedicated server in some unencumbered jurisdiction and setup your own VPN node with zero logging enabled.

Anyways, for the purpose of this discussion - thinking that being able to simply sniff communication data in real time on UK networks is going to achieve anything worthwhile toward the stated aims is, yes, moronic.

Of course - there may well be unstated aims.....

In reply to a post by techguy:

Let's hope its an April Fool.

It was on the Beeb yesterday.

It presses the three key buttons for government "action": coo safety, that's a good seller; hidden costs, so the gullible joe public won't notice; and snooping. Ignore the inconvenient truth that the harm arises from insufficient bodies and getting it wrong "on the ground". How often do the post-mortems reveal that "the information wasn't acted upon"? "So let's have more of this lovely information stuff that can't or won't make any difference". But no politician ever dealt with anything "difficult".

Get used to it: the politicians think we're stupid, and will do anything for what they think is a good headline. Suggestions to Dave (on a postcard, of course).

You can write the 'Yes Minister' script to cover this one so easily... Perhaps that's why the show is making a comeback?

In reply to a post by techguy:

or is this truly legislation drawn up by technically illiterate morons?

Very intelligent people with Oxbridge firsts in technically relevant subjects like Classics. The basic attitude is: 'if a chap needs to check something in Plutarch he can just pop along to the Bodlean. The only use for all this interweb thingy is stealing copyright material and plotting terrorist crimes and we will stop them, by Jingo!'

Welcome to Airstrip One.

It's common sense innit?!

In reference to twitter.com/#!/LouiseMensch/status/101752383092162560:

Common sense. If riot info and fear is spreading by Facebook & Twitter, shut them off for an hour or two, then restore. World won't implode.

Having just watched one of her YouTube videos, it's clear she lacks common sense, and is mostly full of stereo-typical political hot air. In fact, as soon as she said "... I'm the first woman ever to stand for that seat...", I closed my browser window (video here) cause quite frankly, I have better things for my ears to listen to.

(oh and before any woman reading this thinks I'm a feminist pig, I have no problem with women having positions in politics, what I have a problem with is the fact we are in the year 2012, and yet we still seem to have little girls like her coming out with lines like "... I'm the first woman ever to stand for that seat..." - seriously, grow tf up.

As for her twitter comment...

Common sense. If riot info and fear is spreading by Facebook & Twitter, shut them off for an hour or two, then restore. World won't implode.

... she's being pretty obtuse, or she is just being genuinely stupid. Sure, you can mitigate the organisation of riots and anti-social behavior by temporarily shutting down social media websites, but isn't it more pertinent to address the underlying cause of why these riots are happening in the first place? I don't suppose any of you recall last year's BBC reporting on the events, when they were interviewing a member of the public (local to where the riots kicked off, in North London, on the street) and he was coming out with some home truths when asked by the reporter why he thought they were happening, and you could just see that the BBC were not happy about this and that there was someone behind the camera signalling to cut the interview / transmission and move on. He crossed the line with what he was saying, you could just tell. Quick, cut this before too many people realise what he's saying.... yada yada.

In the last decade, every political party I have seen in power takes things in the same direction, so I now no longer vote. It's a waste of my time. The only way this country is going to change is by people power helping to reform it. The current system is corrupt, stale and rotten to the core, and shows no sign of improvement anytime soon.

But returning to the topic of this thread, for an infrastructure (the internet) that is designed to allow freedom of expression, and communication, between millions of people, they now want to control and monitor it. Effectively, they want to govern it. It is all about control, nothing more. And since the WWW was conceived back at the start of the 1980s, they've been very twitchy about not being able to control it. Seems those days are soon to gone for good.

This really is another nail in the 1984 coffin for sure, not much more to go, and then we'll all be buried alive, just like Kill Bill.

I always think it's strange how the politicians say one thing in opposition, then do another when in power.

I've seen enough over the years to realise this is actually common place. It's how they work. They did this with the promise to cut tuition fees for the last election, didn't they? Then what did they do? They put them up!

It's like "I'm your best friend, please vote for me" and then when they're in, it's "sorry, who are you?!"

Edited by deleted (Sun 01-Apr-12 19:37:18)

I've e-mailed my local MP (a Tory) explaining why on a technical level this will be a complete white elephant but politicians are so dim it probably will go over his peanut of a brain.

Actually, this is potentially more real and possible than you realise.

Advances in technology over the last 2 decades mean it is now very trivial to track and classify connections to and from individual hosts. It's possible to do this using an offline solution, by mirroring (tapping) all ISP traffic entering and leaving the network at all peering points that ISP has to the rest of the internet. It's possible to run this "machine" and have it classify tens of thousands (even hundreds of thousands) of connections per second, extremely reliably and effortlessly. If it fails, no harm done, because as it's an offline solution (not an inline one) and so would bring no negative impact to the end user (eg. you and me) should it break.

After reading more today about the government's proposals for this, they are not interested in logging all packets from all internet users. That is, as we all know, impossible. What they are more interested in having is, at the drop of a hat, the ability to log onto this tracking platform located in some specific ISP, and then tune in and filter on particular types of traffic, be that on specific ports, or to and from two IP addresses or range of IP addresses, and then observe (and probably log) just that traffic, in real-time, over a period of time.

In fact, if they had any sense, they would not do this on a per ISP basis. Better to locate all peering points the country has to the rest of the internet and put this magical tracking kit in there. For example, LiNX is the major peering organisation in the UK - put the equipment in that, and you've probably caught 90% of all UK internet traffic between ISPs, and traffic entering and leaving the country.

I know this sounds a bit like The Bourne Identity, but this is real, and it can be done, and is entirely possible. The issue is cost, and whether they can find the technical expertise to build and maintain such a system. For as we all know, the centralised NHS database was a complete disaster, and that was actually a kinder-garden exercise to implement compared to this, which they managed to balls up quite admirably.

Edited by deleted (Mon 02-Apr-12 19:28:12)

http://www.conservatives.com/news/speeches/2009/09/d...

I wonder what he says now..

Al

Here's a copy of an email I sent to our Tory candidate in the 2010 election

From: Al <xxxx>@xxxx.vivaciti.net>
To: [email protected] <[email protected]>
Date: Saturday, March 27, 2010, 10:13:02 AM
Subject: Government snooping
Files: <none>

Hello Amber

What are your comments on the following article in The Telegraph;-
http://www.telegraph.co.uk/news/newstopics/politics/...

I hope the government are tackled about this in The House as this is
just another step in eroding our privacy.

Alan
---------------------------------------------------------------------------

and here is her reply before she was elected

From: Amber Rudd <[email protected]>
To: Al <[email protected]>
Date: Saturday, March 27, 2010, 6:25:09 PM
Subject: Government snooping
Files: Message.html

Re: Government snooping

Hi Alan

It sounds disgraceful - and just the sort of thing we have to be wary of, namely further encroachment of our civil liberties.  Typical of this Government and a trend I would expect a Conservative Government to reverse.

Thank you,

Amber

Amber Rudd

Please sign up for my monthly newsletter at www.amberrudd.co.uk  to follow my  local activities and campaigns.

Conservative Parliamentary Candidate for Hastings and Rye
---------------------------------------------------------------------------

Its a sad day when they look after Abu Qatada's human rights & spy on us.

Al

I agree, cost and competence are the real issues. Apart from the fact that the police and security services don't (or can't for whatever reason) act effectively on the information they already have, problems demonstrated on every post mortem and never addressed; the (out-of-anybody's control) bills will be passed to the consumer in one way or another, and I see a real danger the smaller, specialist (and better) ISPs will just decide it's not worth the bother serving the SME and residential market. So much for competition. And as for the Government record on IT projects - perhaps name one that's gone to plan or budget?

Bond movies should stay in the realm of fiction, in my opinion; not become Government policy.

Edited by deleted (Mon 02-Apr-12 23:56:19)

It'll stop any illegal hacking by the press though. Just ring up their buddies and get loaded memory sticks/cards.

There's an petition up against this on the government e-petition website

http://epetitions.direct.gov.uk/petitions/32400

this isnt realistically possible.

For 2 prime reasons.

1 - it can be encrypted, including the headers.
2 - email can be hosted anywhere, including someones own home pc or a server in china. So even if broadband isps agreed to start monitoring what amounts to huge amounts of data, anyone hosting elsewhere would bypass all that. #1 would fix sniffing on email ports.

The policy stinks of the usual guilty until proven innocent attitude of the uk government.

Edited by Chrysalis (Wed 04-Apr-12 12:09:34)

In reply to a post by Chrysalis:

1 - it can be encrypted, including the headers.

Encrypting the headers may make it a tad tricky for an email to be sent to its intended destination?

DPI will most likely still allow the ISP to see that email was being sent to server xyz

Only way to hide that is VPN/Tor type solutions, and one must wonder how many VPN solutions are actually agency sponsored.

they become unencrypted once at the SMTP server so no.

In reply to a post by MrSaffron:

DPI will most likely still allow the ISP to see that email was being sent to server xyz

Only way to hide that is VPN/Tor type solutions, and one must wonder how many VPN solutions are actually agency sponsored.

nope it wouldnt work if encrypted.

So the SMTP server knows how to decrypt the headers? Doesn't sound very secure to me.

its to prevent sniffing between the end user and the STMP server.

in the case of eg. a broadband isp sniffing email traffic, it would prevent that as by the time it hits the SMTP server its off the broadband isp's network.

All this without fancy VPNs as well, all modern common email clients allow encryption.

Edited by Chrysalis (Wed 04-Apr-12 13:38:42)

So if DPI cannot tell that an email is being sent to a server, how do the switches route the traffic to the server?

Remember the snooping could be done at the core router level not just at the higher level.

they can see the SMTP server destination although that doesnt need DPI as that will just be an ip address however in terms of domain names and email address destinations if its encrypted then no.

eg.

my mail server is mail.mydomain.com and I login via TLS. - the server is hosted in spain
I send to [email protected]

the isp would know I am logging into my server in spain but they wouldnt know my email address, the email address I am sending to or the contents of the email. Email works differently to browser traffic.

I suspect what will happen is this.

There will be an agreement made with the big freebie mail providers such as gmail and hotmail. They will monitor emails sent via their services to comply with new regulation.
There will be an agreement made with uk broadband providers, such as virgin media and BT who provide email services to their broadband customers.
There will possibly be agreements made with uk based email hosting companies, however if so it will likely only be the major ones as its a market thats saturated with huge amounts of hosting services so its probable they all wont be made to be compliant.

Anything hosted overseas I suspect wont be affected. In that scenario it would need DPI like you said but that can be evaded via encryption.

Even if email hosting companies cooperate the cost of doing so will be huge, as email logs get very big and fast, remembering also the volume of emails that are spam etc. and thats without any contents of emails been logged only headers.

Edited by Chrysalis (Wed 04-Apr-12 15:20:20)

Knowing which mail server you talk to would add to the puzzle pieces, and encrypted may count as a flag point, another if others are sending 'dodgy' stuff via that same server, then another point for not bothering to use your ISP's own server.

Who knows GCHQ what deals the international agencies have in terms of data sharing, that may reveal more.

well not where the email is been delivered to just the SMTP one is logging into.

Remember if one is using an external SMTP service they login to that SMTP server, then its that server which will send the email to its destination. So basically in the picture I painted the government wouldnt have a clue where an email is been sent to. It would need cooperation from other governments worldwide.

In reply to a post by MrSaffron:

Knowing which mail server you talk to would add to the puzzle pieces, and encrypted may count as a flag point, another if others are sending 'dodgy' stuff via that same server, then another point for not bothering to use your ISP's own server.

Actually there is a seriously majority of people who don't use their ISPs own server. Its the explosion in webmail and private domains. I personally don't know anyone who uses an ISP mailbox, but many have them. (my ISP doesn't even offer email services).

Plus many services force encryption already, even within an ISP, to protect login details and prevent spammers from using SMTP. I believe all the USA ISPs do this with TLS-POP3 and TLS-SMTP.

Who knows GCHQ what deals the international agencies have in terms of data sharing, that may reveal more.

Yes - and there was a sensible comment that if the Govt hadn't made public their intentions last week in such fashion, that many people wouldn't now be learning about simple crypto methods.

There are plenty of services hosted in countries where the UK won't have reciprocal intelligence information - and the next step will be to install a "great firewall" to block these countries.

Edited by jchamier (Wed 04-Apr-12 19:19:53)

In reply to a post by jchamier:

Actually there is a seriously majority of people who don't use their ISPs own server

That I doubt. Or perhaps it is true if you are counting people at work as well as at home?

Actually there is a seriously majority of people who don't use their ISPs own server.

Quite a lot of SMTP goes via on-net ISP SMTP servers I would think, some enforce it at least on port 25.

Many domestic users go through email trauma when they change ISP, not realising the options available to them. Earlier today a guy with an email client issue was wanting to change ISP !

I think Phil could very possibly be right. Huge numbers use gmail these days, and even yahoo and hotmail. Usually via webmail.

Edited by RobertoS (Thu 05-Apr-12 01:45:40)

indeed, I did wonder after I posted if there would be measures taken to block uk broadband users communicating to non uk ip's on ports 25 and 587. That would be very extreme tho and I dont think they will go that far.

Perhaps an idea for a survey

The problem I have with this is that they are driving people to VPN's, Tor, I2P etc.

At the moment the law enforcement agencies can use internet communication in building their case. When just about anyone who is computer savvy starts using these services it will really hinder their investigations.

Corporations and governments are keen to exploit the possiblities for monitoring their customers and citizens (advertising) and do away with their right to private communication yet when the tables are turned (P2P, Arab Spring) and it's their way of life that's at stake they trample over all those peoples civil liberties. But, of course, it's to counter terrorism or to protecxt the children or whatever they see as the next threat. The real threat is people all over the world can now communicate with one voice and that scares the hell out of them.

And before anyone says it one of the things I find really annoying is the 'If you've got nothing to hide' statement. Everybody has got something they'd rather keep private.

Concerned Citizen

I think the proportion on freebies/webmail coming to the Main Site or the forums, (and who would respond to a survey here), could be significantly lower than the general population Andrew , but it could be worth doing.

In reply to a post by Anonymous:

At the moment the law enforcement agencies can use internet communication in building their case. When just about anyone who is computer savvy starts using these services it will really hinder their investigations.

I don't think VPN or any encrypted traffic (web, email, ssh etc) will concern them. They've already said that, initially, it is not the content of data they are trying to obtain, purely where traffic (connections) are being established and data is being sent from and to.

So, sure, setup a VPN from your own box to your co-person in Asia/America/wherever else. They'll still be able to see this being done. In fact, it will be exactly this kind of traffic they will be looking for. Whilst they can't see the contents of what is being transmitted, they will then have grounds to pose the question "Why is a UK host communicating with a Asian/American host via encrypted VPN? Does the VPN session follow any set pattern (eg. establishes a connection between certain times of the day?, does the connection remain established, and, how much data is being transmitted between these two VPN end points and is it at constant speed, or bursts of speed, over various periods of time?).

Edited by deleted (Thu 05-Apr-12 10:07:19)

I use hotmail as my email client to access both my hotmail account and to access emails sent to my personal transferable email address via my ISP's mail server. So I am not sure how I would be counted?

@Anon (Concerned Citizen)
You forget that the "internet-savvy" are a tiny proportion of the internet users. They may or may not care, just "that's what governments do , shrug ", and carry on breeding or watching the government-encouraged mass dumbing-down football. They certainly won't get into "VPN's, Tor, I2P etc".

_{Apologies to football-lovers here, but it really is "the opiate of the people". It has ceased to be a sport, but big business and mass addiction.}
The attitudes of western goverments and the Murdochs of the world come down to "Welcome be a religion that pours into the bitter chalice of the suffering human species some sweet, soporific drops of spiritual opium, some drops of love, hope and faith", i.e. football. We don't live in a democracy, but an oligarchy.

As for VPNs etc., I just don't see how those can ultimately defeat surveillance. It's just a question of where in the communication chain the equipment is sited. Similarly with encryption. The key has to be transmitted somehow.

I suppose you realise that it isn't long ago since a van outside an office could pick up everything appearing on staff computer screens? From the signal passing along the cable from computer box to the monitor! (I believe decent cables are now screened to prevent that).

Edited by RobertoS (Thu 05-Apr-12 10:29:03)

Would add that some (me for a start) use both ISP e-mail and hotmail, depending on the purpose of the e-mail and/or the recipient. Things like once-only website registrations, or for situations where the recipient will not be contacted after a resolution would be for hotmail.

So I can't say use one more than the other, rather than both at similar levels.

Food for thought for setting up a survey form.

Same for me: ISP email for friends and business associates, Hotmail for newsletters etc and Gmail for other online things.
I like to keep web based stuff away from my ISP email to help avoid junk mail.

BTW folks. BBC Parliament channel right now - 'Mobile Technology in Policing'

Slightly related.

In reply to a post by mixt:

I don't think VPN or any encrypted traffic (web, email, ssh etc) will concern them. They've already said that, initially, it is not the content of data they are trying to obtain, purely where traffic (connections) are being established and data is being sent from and to.

So I connect to a VPN provider in some country or other everything between me and that provider is encrypted they therefore have nothing of value other than I connect to a VPN provider in another country.

I set up as a Tor relay what useful data, on me, do they get out of that?

Of course the tax payer will have to pay for the running aof the data centre(s) required. This is a pure waste of time, effort and money and is against all our civil liberties.

I know it was kicked out last night but trust me it will be back.