Security


It’s taken a long time, maybe even too long, but the people and media of the UK are starting to wonder when their formerly Great Britain became the sort of total surveillance society that the East German Stasi dreamt of building: a society where children are routinely fingerprinted and DNA samples taken for the flimsiest reason; where police can look at your phone records without judicial oversight; where the authorities set up road blocks not to look for dangerous criminals but on fishing expeditions; where there are cameras on every corner, and some of them can even count the number of people in your car by scanning for human blood.

And people are starting to wonder how it happened:

We looked with a mixture of condescension and concern at those continental countries where, despite being democratic, the State still kept a wary and distrustful eye on its citizens.

As for the Eastern bloc, thank God we did not live there!

What has happened today would have seemed unimaginable 30 years ago.

Britain has become one of the most bugged, surveyed countries on Earth.

Privacy International says we have the worst record in Europe for intrusion, and ranks us on a par with Russia.

The writer Timothy Garton Ash, who lived in Communist East Germany and later wrote a book about its Stasi secret police, said yesterday that Britain is an even more developed “surveillance state”.

We have more CCTV cameras than any other country in the world – an estimated 4.2 million of them.

We have the biggest national DNA database in the world. We probably also have one of the highest rates of monitoring.

Believe it or not, the authorities, including councils, launch bugging operations against 1,000 people a day. That could include you.

How did this happen? How did a country that was proud of its liberties, and knew the proper place of the State, allow itself to be turned into an eavesdroppers’ paradise?

It seems that there’s no sin too petty for the Little Hitlers in the UK to spy on you, and very little in the way of oversight:

Should the police wish to see your telephone records today, they no longer need to show ‘probable cause’ to a judge. They just need to turn on their computers (or phone a friend). In 2005/6, this power was used a staggering 439,000 times over 12 months – a figure certain to rise with mandatory data retention and its extension to internet usage by 2009. The lack of independent scrutiny means we can only guess what the police were up to, but in accessing records more than 1,200 times a day, we can be certain that their activities went far beyond the scope of organised crime and terrorism.

Often without their parents’ knowledge, children are fingerprinted by their schools for such trivia as identifying their lunch orders and what books they borrow from the library. These school records are a boon to a government which considers everybody a criminal, would-be criminal or soon-to-be-criminal:

Jim Knight, the minister for schools and learning, also said this summer that the police could help themselves to the children’s fingerprints if they are trying to solve a crime – regardless of whether they have ever previously been in trouble with the law. Dowty says it is turning us from a nation of free citizens into a nation of suspects: ‘Why should we have our fingerprints or DNA stored if we have done nothing wrong?’

Why indeed?

(Updated on 18 April: some minor spelling and grammar corrections.)

Rumours of Microsoft Windows including CIA or NSA backdoors have been around for years. This one though seems to be genuine.

Good random number generators (RNGs) are important for computer security. There are many security applications, from secure passwords to the software that lets you do Internet banking, that rely on a healthy chunk of randomness. If you can predict the “randomness” (in other words, if it isn’t really that random), you can often break the security. So important is the use of random number generators that the US government works closely with industry and academics to produce the state of the art RNG software.

But the government’s trusted role in the process includes a powerful temptation: what if they could include backdoors in the security software, so they could access your data but (hopefully) nobody else could? Some years ago, under President Clinton, the US tried to mandate the Clipper chip, which included a virtual backdoor to any software using it. That attempt failed, but in November security consultant and professional cryptoanalysist Bruce Schneier wrote about one of the latest RNGs championed by the NSA, “Dual_EC_DRBG”:

Problems with Dual_EC_DRBG were first described in early 2006. The math is complicated, but the general point is that the random numbers it produces have a small bias. […]

But today there’s an even bigger stink brewing around Dual_EC_DRBG. In an informal presentation (.pdf) at the CRYPTO 2007 conference in August, Dan Shumow and Niels Ferguson showed that the algorithm contains a weakness that can only be described as a backdoor.

With a cloud over the Dual_EC_DRBD algorithm, one wonders why Microsoft have now added it to Vista. It suggests to me not so much any nefarious motives on behalf of Microsoft, as just a failure to do their homework. Dual_EC_DRBD comes with NSA’s stamp of approval, but civilian cryptoanalysts are advising that even if the backdoor has not been put in it deliberately, it’s mere existence is a security breach.

It’s important not to over-react to this one. It doesn’t mean the NSA can read your email — they’ve had the ability to do that for years. What it does mean is that, at some time in the future Vista application software that relies on Dual_EC_DRBD will contain a secret backdoor. Who knows who will have the key? The NSA? Some private contractor who helped build it? In five years time, it could be in the hands of anyone.

If Microsoft is serious about security, they need to remove this insecure RNG from Vista.