At the time of writing, the UK government's infamous Regulation of Investigatory Powers Bill (the so-called Snooper's Charter or RIP, in common parlance) is still undergoing considerable changes. This is largely as a result of its rocky ride through the House of Lords, but also a response to the howls of derision and cries of foul play from just about every group with an interest in the internet - from civil rights groups to the British Chamber of Commerce. Quite what will emerge as law from the present debacle is uncertain.
RIP is essentially a measure that gives the authorities new powers to monitor what the 'baddies' get up to online. These measures include installing 'little black boxes' within ISPs so that internet traffic may be intercepted, and the right to demand that people who use encryption technology to protect their data must decrypt on demand. So what's wrong with that, you may wonder? Surely only those with something to hide need fear such powers?
Well, it's a big subject - too big to cover here in great detail, but quite aside from concerns about censorship, security and privacy, the biggest flaw with any system on the RIP model is that it's bound to be ineffective.
On one hand, those who really are of criminal intent can always find ways to evade surveillance (it's really not very hard to do). On the other, those caught red-handed with seriously incriminating material on their computers are not likely to decrypt it on pain of a two-tier jail sentence if, by complying, they might expect a much longer term inside.
For full coverage of RIP and its many ramifications, see the Foundation for Information Policy Research website at www.fipr.org/rip. The Campaign Against Censorship of the Internet in Britain is self-explanatory and well worth a browse (www.liberty.org.uk/cacib).
Know your cyber-rights
Yaman Akdeniz is the founder of Cyber-Rights & Cyber-Liberties UK (www.cyber-rights.org), a non-profit civil liberties organisation - or pressure group - devoted to free speech and privacy on the internet.
"I have always thought that the internet is an amazing and positive development," says Yaman. "But there are negative aspects, too. In my view, online privacy is by far the most important issue in the Information Age. Unfortunately, technology is constantly used by governments and organisations to invade the privacy of those who use it."
But surely there needs to be some way of keeping tabs on criminals? "Of course it is wrong to believe that the internet should be free from government reach or regulation, and I have no objection to laws dealing with child pornography," says Akdeniz. "But just because criminals and paedophiles misuse this medium does not mean that the authorities should seek or be granted what they call 'new powers' to turn this country into a surveillance society. All initiatives should be proportionate and effective."
There is, in fact, every chance that RIP, if it survives, will be tested in court and ruled in breach of the Human Rights Act.
Keys to encryption
The key to modern encryption (see Pretty Good Software section below) is keys, and that's what all the fuss is about. This is how it works: say you want to send Igor at DodgyArmsDealers.com a purchase order for a dozen Kalashnikovs. First, you get hold of his public key, which is just a big software-generated number, and use it to scramble the message.
Now you can send the order by email secure in the knowledge that anyone intercepting it will see only garbled gobbledegook within. Igor, on the other hand, simply has to run the encrypted order through his private key - another big number, but known only to him - for all to be revealed.
Note a couple of interesting features about this system: if the RIP police suddenly come beating on Igor's door, he might quickly encrypt all his records with the first public key that comes to hand. Now it's no longer in his power to open his files to scrutiny.
Consider the related scenario in which you receive an encrypted message from you know not whom. The authorities show up and demand that you decrypt it while they wait. Would you hesitate? What if you're being cleverly framed? In effect, you have lost the right to silence.
The Human Rights Act will undoubtedly safeguard our right to privacy, but it's a true optimist who imagines that electronic communications will ever be truly private and secure. So treat email like an open line to Spy Central and don't hesitate to indulge in some strong encryption if you have confidential information to protect.
Protect and survive
Your own dear disloyal desktop PC will happily spill the beans about you to all and sundry. Here are some simple but effective tips for covering your tracks:
- Switch off the AutoComplete feature in Internet Explorer 5 (Tools menu/Internet/Options/Content/Personal Information/AutoComplete). This stops the browser trying to fill in web addresses as you type - a useful shortcut but one which reveals the sites you've frequented in the past.
- Empty your browser's cache regularly. In Internet Explorer, go to Tools/InternetOptions/General and select Delete Files in the Temporary Internet Files area.
- Cache clearing doesn't affect your cookies. In the same area as before, click Settings and then View Files. Now you can see which sites have left a little memento of themselves on your system. Search and destroy any that you would rather keep secret.
- In the Security section of Internet Options, you can also instruct your browser not to accept any new cookies in the future. If certain websites throw a wobbly at such impertinence, you can decide for yourself whether you care to proceed.
- Your browser's History folder keeps a semi-permanent record of your surfing. Go to Tools/InternetOptions/General and click the Clear History button.
- If you click Start and then Documents, you can see and access the files you most recently opened. To prevent others from sharing this privilege, click Start/Settings/Task Bar & Start Menu/Start Menu Programs and Clear.
- Contrary to appearances, deleting a file doesn't permanently remove it from your hard disk. The only way to do that, short of destroying the disk itself, is to overwrite it with fresh data - for which you need specialist software. One popular, powerful option is Window Washer (www.webroot.com). This automates all of the tasks listed above and comprehensively shreds unwanted files into the bargain. It costs $30 (about £20), but you can download it and try it free for 30 days. All the major utility suites also offer a range of cleaning tools.
- Simplest of all, password protect everything in, or rather out of, sight.
Tracks and trails
One of the enduring misconceptions about the internet is that it offers complete anonymity. It may feel that way but you can't help but leave footprints as you weave your merry way around the web. For a simple but vivid example, drop in on Privacy.net (www.privacy.net) and see how much the site knows about you already. Scary, huh? This is also a good starting point for learning how to keep a low profile online, as is Anonymizer (www.anonymizer.com).
We'd also recommend Cookie Central (www.cookiecentral.com) for every last crumb of cookie folklore. If you post messages in newsgroups, did you realise that every word you write is preserved for posterity? Just try searching for yourself with Deja.com's Power Search utility at www.deja.com/home_ps.shtml. The same is usually true of mailing lists, where every ill-conceived or embarrassing message may be archived on a website for all the world to dredge up and use against you in the future.
Of course, it's possible and often desirable to use a false name and secondary email account for newsgroups and mailing lists, if only to deflect the inevitable spam and flames, but a remarkable number of people are apparently quite happy to include their real address and phone number in their email signature. This is not to be recommended, in our view, not least because there are plenty of sneaky software programs out there busily scanning public forums for just such information. Your phone will soon be ringing off the wall with exclusive offers for double-glazed mobile kitchens or whatever it is they try to sell you halfway through dinner.
Pretty Good Software
The best-known encryption software - Pretty Good Privacy, or PGP - was developed by Phil Zimmerman, an achievement which led to him being persecuted for three years by the US Customs department.
As he stated in his unapologetic address to the US Senate: "The only way to hold the line on privacy in the Information Age is strong cryptography - cryptography strong enough to keep out major governments." A freeware copy of the program can be downloaded from his website - www.pgp.com - but the commercial release is considerably easier to use.
However, there's nothing like suspicious behaviour to draw suspicion upon oneself, and a PGP-encrypted message is quite clearly hiding something. An alternative approach is to use a program such as Steganos Security Suite. This not only encrypts files but hides them within others. What appears to be an innocent family snapshot might conceal your company's accounts or the battle plan for the revolution.
PGP is distributed by Network Associates and costs £20. Call 01753 217500 or visit www.mcafee.com.
Steganos Security Suite is distributed by Pow! and costs £40. Call 01202 716726 or visit www.pow-dist.co.uk.
As the dispute over the legalities and technicalities of RIP rages, we can just imagine the tittering in the smoke-filled rooms of the secret services. After all, they've been systematically monitoring every electronic communication under the sun for years.
Enemies and allies alike are spied upon. Secrets are traded across battlelines. Word recognition software filters emails to identify conspirators. Industrial espionage enables companies in the spy ring loop to secure orders. It's a global conspiracy, it's called Echelon, and there's nothing you can do about it.
Far fetched? Well, while we await the findings of a European committee's investigation into whether Echelon does in fact exist and, if so, whether its methods are legal (a clue: yes and no).
Here's a fun game you can play at home. Strike up an email correspondence with a friend and include some or all of the following key words and phrases in your messages: heroin, hacker, bomb, anarchy, subversion, fifth columnist, David Shayler. Then get under your bed and stay there. On second thoughts, perhaps it's safer to follow the Echelon saga from a distance.
Should you be inclined to let rip against RIP, pay Stand a visit at (www.stand.org.uk) and make your voice heard.
14nm Cavium ThunderX2 CPUs deployed in HPE Apollo 70 supercomputer for US National Nuclear Security Administration
MWR's Countercept platform and phishd technologies key to F-Secure acquisition
Brexit labour shortages will lead to higher adoption of robotics
Newbies will be thrown in with the big boys on Sanhok as Kar98 fodder