Comments on: Policing the Wires

By: Dave Pimlott

Dave Pimlott — Sun, 11 Jan 2009 23:27:55 +0000

http://www.rossde.com/PGP/pgp_weak.html is a pretty good summary of the problems that have occurred and (I assume) been patched. I haven’t yet found the private key recovery paper that I’m pretty sure I read…

By: David Bradley

David Bradley — Sat, 10 Jan 2009 23:21:08 +0000

Yeah, they’re b*st*rds anyway, if they’re spying on the innocent. But, no I don’t think 256-bit PGP has been broken yet, has it? Got a link for the crack?

By: Dave Pimlott

Dave Pimlott — Sat, 10 Jan 2009 21:11:50 +0000

assuming that they haven’t broken PGP (which I rmember reading about is mathematically possible) then the security forces won’t know that the email contained “I like playing with Barbie dolls” but they will know who is talking to who and I believe that sometimes that can be enough for you to be investigated further.

A thought that occurred to me as I was writing – perhaps they aren’t interested in the contents of the emails as much as who is talking to who – i.e. who should we (the security forces) be looking at next. Which (to me) makes a lot more sense that archiving peoples “lolcat” emails to their mates. The security services already have a watch list so legally being able to see who is sending and receiving emails from people on your watch list would be a good way to find other potential terrorists.
Not that a Network Security bod like myself knows the methods used by the security forces….

By: David Bradley

David Bradley — Fri, 09 Jan 2009 21:04:43 +0000

Ah, good point Dave…but either way, if you’re pgp’ing your emails there’s nothing for the spooks to read but garbage, right?

By: Dave Pimlott

Dave Pimlott — Fri, 09 Jan 2009 20:07:57 +0000

Regarding the second point you make: no matter what precautions you take at some point your email will be sent to some Mail Transfer Agent (MTA) which *will* talk (using SMTP) to the destination persons MTA and will therefore be logged by this mythically useful system (point four is a very good point!). That is unless you run your own SMTP server and have everyone who wants to send you email connect via a VPN directly to your mail server.

By: David Bradley

David Bradley — Fri, 09 Jan 2009 14:49:57 +0000

Yep, Nick, you’re right…I knew that, I was typing faster than my brain was working at 7:15 this morning right after this news was on BBC Radio 4 Today program…

By: Nick

Nick — Fri, 09 Jan 2009 14:35:41 +0000

re the Sweeney (as in Todd…Plod) the Sweeney actually refers to The Flying Squad which is based at New Scotland Yard ( an elite branch of the Metropolitan Police Service specialising in combatting armed robbery and violent crime within the Metropolitan Police area in London. )The name derives from Cockney rhyming slang, in which the expression Sweeney Todd rhymes with (and stands for) ‘Flying Squad’.