If you're up in arms about being stopped by the police....

pxl8 said:
I used to run one but gave up as some many hosts/isp refused or bounced the mail as they assume any mail arriving from a DSL connection directly is probably spam rather than legit :(
Click to expand...

That's what I have too, it can be a bit flakey, sometimes it works sometimes it doesn't, so I've gone back to using my ISP's SMTP server.
 
NathanJT said:
Try looking up RIPA!

"The Regulation of Investigatory Powers Act (RIPA) legislates for using methods of surveillance and information gathering to help the prevention of crime, including terrorism."

However (and it's a BIG one), councils can initiate RIPA for something as simple as being suspected of allowing a dog to foul a pavement. They then have carte blanche access to your data.

My appologies though as it's only who you emailed and not the content:

"Ripa allows council officials to authorise the use of covert surveillance, to obtain phone records and details of email traffic from personal computers (though not the contents of the emails) and to find out which websites people are logging on to."

Nonsense? or you just don't know how bad things are getting?
Click to expand...


:bang::bang::bang:

The clue is in the name of this piece of legislation. REGULATION of Investigatory Powers Act. Before RIPA the Police and others could organise covert surveillance without having to demonstrate and record the need for that surveillance, what it expected to achieve and how any collateral intrusion might be dealt with.

But of course if you'd rather go back to this state of affairs then it would make my job a lot easier. :thumbs:

Oh and Councils can only apply for RIPA Authorisations when they are investigating a CRIMINAL offence and are not entitled to undertake intrusive surveillance, so they can't break into your house and install equipment, quite rightly so as well. I would really struggle to see how knowing who you've been e-mailing would be pertinent to a dog fouling case so it just wouldn't happen in these circumstances.

If during the course of an investigation a council needs to prove communications between individuals took place they can apply to have that information released, again they would need to demonstrate the need and that the other avenues of investigation had been fully exhausted first. And even then the request could be refused. Most of the requests for information are to confirm a current address and nothing else.

Sorry to put a damper on the hysteria but it this is the reality of RIPA.
 
Yv said:
As already mentioned, it would be no surprise at all if the special services havent been doing this for years anyway
Click to expand...

I'd be very surprised if they have - I seriously doubt that there's any way that all firewall and wireless access point manufacturers and their employees have an unwritten rule to allow a back door to the security services and that this has NEVER been leaked to the press!

This would of course include the open source community who produce Linux and its variants.

The bad thing about this report in the Times is that if they're putting legislation in place to allow it to happen, then somewhere down the line the government might FORCE the manufacturers to include a back door.
Which would then almost instantly be compromised.

Time to move to Linux everyone!
 
I'm unsure just why you would think the government might FORCE the manufacturers to include a back door.:thinking: The fact is that in many circumstances they wouldn't need one. If you use a hub or router supplied by your ISP your ISP will have on record the WEP key of the supplied device. One quick phone call from the security services to the ISP is all it would take.;)

Then again if they can't be botherd with making a phone call theres always

http://www.theregister.co.uk/2007/04/04/wireless_code_cracking/
 
Eric Mc said:
I'm unsure just why you would think the government might FORCE the manufacturers to include a back door.:thinking: The fact is that in many circumstances they wouldn't need one. If you use a hub or router supplied by your ISP your ISP will have on record the WEP key of the supplied device. One quick phone call from the security services to the ISP is all it would take.;)
Click to expand...

Please tell me you've changed yours? anyone who doesn't must be insane, default paswords are for idiots.
 
a1ex2001 said:
Please tell me you've changed yours? anyone who doesn't must be insane, default paswords are for idiots.
Click to expand...

Yes I've changed mine:lol: But how many don't....or don't even know that they can:shrug: Thats why I stated "many" not all circumstances;) If you've followed the link I posted you'll see that even if you have changed it your little or no better off;)
 
Eric Mc said:
I'm unsure just why you would think the government might FORCE the manufacturers to include a back door.:thinking: The fact is that in many circumstances they wouldn't need one. If you use a hub or router supplied by your ISP your ISP will have on record the WEP key of the supplied device. One quick phone call from the security services to the ISP is all it would take.;)
Click to expand...

As has already been said - it's an absolute doddle to change the WEP key, if you're* dumb enough to still USE WEP.
Personally, I only know one person who uses an ISP supplied wireless access point. They're peanuts to buy now and a doddle to set up.

Eric Mc said:
Then again if they can't be botherd with making a phone call theres always

http://www.theregister.co.uk/2007/04/04/wireless_code_cracking/
Click to expand...


WEP's an old standard. In the not too distant future there will be very few people using it.


*not you personally - the generic 'you'! :D
 
Eric Mc said:
Yes I've changed mine:lol: But how many don't....or don't even know that they can:shrug: Thats why I stated "many" not all circumstances;) If you've followed the link I posted you'll see that even if you have changed it your little or no better off;)
Click to expand...

Those who don't are unlikely to be attracting the attention of MI5 and the link you supplied only reffers to basic WEP encryption which is well out of date now and anyone relying on that for security is again unlikely to be of much interest to MI5.
 
Hacking is hacking....the fact that a goverment legislation makes it "acceptable" is in one word "bolox". Hacking is hacking end of story!
 
WEP, WPA, WPA2, makes no difference, they are now all cracked.

Using serious encryption is your only hope of keeping your traffic relatively safe.
 
po10c said:
Hacking is hacking....the fact that a goverment legislation makes it "acceptable" is in one word "bolox". Hacking is hacking end of story!
Click to expand...

Would you still have the same ridiculous attitude if hacking some potential terrorists home PC prevented another 7/7 style bombing? I'm not saying this legislation is spot on but it's hardly the blank piece if paper the times is making out and it's certainly not going to lead to every house in the uk being monitored. Government agencies sometimes need extra powers and in this case I really don't think it's a step to far.
 
neo2810 said:
WEP, WPA, WPA2, makes no difference, they are now all cracked.
Click to expand...

My point exactly:thumbs: Ok it's not the sort of thing your average hacker sitting at home is going to be able to manage but it becomes a different matter when the hackers are government employees sitting at a PC for 8hrs a day being payed to do just that.
 
I can understand why people are so angry about this, but I keep having the same thought ... "Meh, I have nothing to hide, let them search my hard drive/emails/history, at the end of the day, if in doing this to someone else they stop a child being molested (or any other serious crime), it's worth it". :shrug: It's really just another way of monitoring someone they suspect has or is committing a crime. I don't think they are going to randomly search anyone, I think it will only be used if they have a reason to. A bit like someone watching/filming/photographing someone suspected of benefit fraud (I watch On The Fiddle the other night, can you tell? :lol:).

Like I said though, I can understand why people have a problem with this. But if your scared of them seeing naked pics of your spouse or something else that is also innocent but very private... I shouldn't worry, the police officers using this technique will likely develop the same 'Once you've seen one, you're seen them all' kind of professionalism that gynecologists have :lol:
 
I'm not really all that protective of my privacy from Government agencies but I do worry about the actual person employed by the Government being trustworthy and responsible with my data.

It's kind of funny how despite on numerous recent occasions Government agencies have lost all sorts of sensitive data through the actions of stupid individuals and yet they want even more access to more data from us. If they can't keep the current data they hold safe then what hope is there when they have access to everything! lol

Just as an afterthought, I don't reckon they'll have the resources to be able to mass-hack everyone and I'm sure hacking takes time, therefore they'll probably just stick to suspected sources.
 
Ah yes, RIPA, the legislation forcing ISPs to record the from, to, time of an email but oddly enough not the subject or content. But then I guess terabytes of hard disc are cheap these days ;)
 
a1ex2001 said:
This is a non-news item they basically say they will hack your wireless network or break in and instal a key logger on your PC, neither of these are easy.
Click to expand...

On the contrary, hacking wireless networks is very easy and once you've hacked a wireless network, installing a key logger is child's play.
 
what a lovely world we live in, good job we're not as bent as the politicians who decide and serve this garbage......
 
welly said:
On the contrary, hacking wireless networks is very easy and once you've hacked a wireless network, installing a key logger is child's play.
Click to expand...

:thumbs: And once done it will only be a matter of time before they leave the information gathered on the seat of a bus/taxi/train* somewhere:bang:

* Delete as appropriate
 
Glad to see my original tongue in cheek post has been responded to so vigourously! :p :D



Puz said:
Ah yes, RIPA, the legislation forcing ISPs to record the from, to, time of an email but oddly enough not the subject or content. But then I guess terabytes of hard disc are cheap these days ;)
Click to expand...


The backbone legislation for this requirement is actually the Anti-terrorism, Crime and Security Act 2001 and the point about ISP's responsibility for storing the above data has been rumbling on since its introduction.

I used to work for an ISP and in 2003 we anticipated that we would require around 230TB of storage per year to retain the data at current usage levels, I hate to think what it would be now. The main problem, however, isn't the storage of the data but the management of it as any requests from law enforcement bodies for data sets would have to extracted correctly and this was going to cost much more than the actual storage. ISP's quite correctly objected to the extra financial and resource costs this would impose on them and the argument has been ggoing to and fro for many years now.

This was a poorly thought out piece of legislation and because no ISP's were consulted when it was drafted it has mainly been unenforceable since it's inception particularly with regard to Part 11 which deals with Retention of Communications Data.
 
maddog.mark said:
:bang::bang::bang:

The clue is in the name of this piece of legislation. REGULATION of Investigatory Powers Act. Before RIPA the Police and others could organise covert surveillance without having to demonstrate and record the need for that surveillance, what it expected to achieve and how any collateral intrusion might be dealt with.

But of course if you'd rather go back to this state of affairs then it would make my job a lot easier. :thumbs:

Oh and Councils can only apply for RIPA Authorisations when they are investigating a CRIMINAL offence and are not entitled to undertake intrusive surveillance, so they can't break into your house and install equipment, quite rightly so as well. I would really struggle to see how knowing who you've been e-mailing would be pertinent to a dog fouling case so it just wouldn't happen in these circumstances.

If during the course of an investigation a council needs to prove communications between individuals took place they can apply to have that information released, again they would need to demonstrate the need and that the other avenues of investigation had been fully exhausted first. And even then the request could be refused. Most of the requests for information are to confirm a current address and nothing else.

Sorry to put a damper on the hysteria but it this is the reality of RIPA.
Click to expand...

And if that were the case why did the Head of the Local Government Association, Sir Simon Milton, have to write to all councils to ensure they ONLY used these powers appropriately back in June?

It's clear that it's not a widely abused thing BUT the powers are still there.

If you're happy to have some unelected jobsworth rifling through your data, so be it. But as far as I'm concerned this is way beyond "I've got nothing to hide".

Yes, nonsense.. You originally said 'Did you know that council workers can access your e-mails which are sent?'. Which is utter nonsense.
Click to expand...

They can access who you emailed, not the content, I did clarify that point.
 
welly said:
On the contrary, hacking wireless networks is very easy and once you've hacked a wireless network, installing a key logger is child's play.
Click to expand...

While i'm willing to concede that hacking wireless networks is reasonably esy especially if they are poorly secured, but I would love to know how once the network is hacked installing a keylogger is childsplay? Just because your sat on my network doesn't give you any access to my PC's.
 
my biggest objection is the without a warrant bit, police need a warrant to search a property, so stands to rights they should need a warrant to search a pc whatever the source of the search.
Thats my 2p
 
a1ex2001 said:
While i'm willing to concede that hacking wireless networks is reasonably esy especially if they are poorly secured, but I would love to know how once the network is hacked installing a keylogger is childsplay? Just because your sat on my network doesn't give you any access to my PC's.
Click to expand...

The keylogger is alternative to network access.

If you've got the network cracked you can monitor all the traffic in and out including websites, emails, etc.

Keylogger just gathers similar information in a different way.
 
The thing is, the computer savvy villains will already know how to

a) protect their machines against intrusion (there is no 100% safe method for a networked machine ;))

b) to trace where an attack is coming from should their protection be insufficient

c) use a sandbox

d) deflect the intruder to a place they are happy for it to be

e) return fire
 
a1ex2001 said:
Would you still have the same ridiculous attitude if hacking some potential terrorists home PC prevented another 7/7 style bombing? I'm not saying this legislation is spot on but it's hardly the blank piece if paper the times is making out and it's certainly not going to lead to every house in the uk being monitored. Government agencies sometimes need extra powers and in this case I really don't think it's a step to far.
Click to expand...

Perhaps the Times is thinking that it will go the same way as s.44 and end up as a form of deterrent rather than detection. s.44 has failed to provide any convictions and only a handful of arrests. What is has done is provided the police with the means to stop and search hundreds of thousands of people without cause (s.43 requires reasonable suspicion, s.44 doesn't). It's not what is was intended for but that's how it's being used. Copper doesn't like the look of someone, give em a tug. Member of the public doesn't like the look of someone, call the cops who now have a duty to give them a tug. So now we have a situation where I can call the cops and say I saw this person who looks a bit iffy, describe you and where you were and next thing you know a couple of coppers are pulling up and searching you.

But let's not stop there, let's micro-chip everyone so should an event happen the Gov could detect who was at the location and trace them, etc?

Or the idea that was banded about a while back of putting trackers in cars for road tolls that could also be used for speeding, etc.?

The common theme here is the Gov or "authority" saying we don't trust anyone so we're watching you all and the justification is if you're not doing anything wrong you've got nothing to hide which is no different than saying you're presumed guilty until proved innocent. :(
 
Jo said:
I can understand why people are so angry about this, but I keep having the same thought ... "Meh, I have nothing to hide, let them search my hard drive/emails/history, at the end of the day, if in doing this to someone else they stop a child being molested (or any other serious crime), it's worth it". :shrug: It's really just another way of monitoring someone they suspect has or is committing a crime. I don't think they are going to randomly search anyone, I think it will only be used if they have a reason to.
Click to expand...

Bear in mind this gives them a RIGHT to access your machine.
If they're REALLY convinced you're a terrorist, but they can't quite find the evidence they need just how much temptation will there be to plant that evidence in order to prevent an atrocity?
It doesn't look like this will need a warrant, so their may well be limited monitoring of what they're doing while they're on your machine.

If on the other hand they had NO right to be there unless they got a warrant, then if you could show your network had been hacked before the evidence was uncovered, you might be able to construct a defense in court.
 
NathanJT said:
And if that were the case why did the Head of the Local Government Association, Sir Simon Milton, have to write to all councils to ensure they ONLY used these powers appropriately back in June?

It's clear that it's not a widely abused thing BUT the powers are still there.

If you're happy to have some unelected jobsworth rifling through your data, so be it. But as far as I'm concerned this is way beyond "I've got nothing to hide".



They can access who you emailed, not the content, I did clarify that point.
Click to expand...

I don't know why he said it, I know I and many unelected jobsworths wondered if he'd bothered to make any attempt to understand the legislation though.

Lets be clear in order for me to rifle through your data I would have to have a damn good reason for it, I've not yet come across such a reason, to the point that when I ask for information I make it clear what information I most definately don't want or need so there is no confusion. All of this gets recorded, signed off by head of service and centrally stored. We then get the visted by The Information Commissioner (an ex high court judge) who reviews all our paperwork and I can assure you would not be impressed with any frivilous use. RIPA has suffered greatly because people don't understand it.

Oh and don't forget us useless Council types are the ones that empty your bins, salt the roads, pay a lot of your benefits, run your schools and libraries, ensure your sewers are working correctly, inspect restaurants to ensure that the food you eat is safe and a whole host of other things to, but clearly we're just nosey, jobsworths who sit on backsides all day. Thanks for reminding me I'd forgoten amongst all the jobs I had today;)
 
Woz! said:
If on the other hand they had NO right to be there unless they got a warrant, then if you could show your network had been hacked before the evidence was uncovered, you might be able to construct a defense in court.
Click to expand...

But by making it so that a warrant is required, the suspects would then have time to dispose of 'things' thus making it a waste of time. Plus if there were a time when time is of the essence ... perhaps they get a tip off that something big is going to happen in 1 hour, and Joe Bloggs is the planner. That gives them just enough time (I have no idea how long it would take, so this is just an example) to access his machine and find out the plan in time to stop it, yet the police don't have enough time to get a warrant. Yes they would be able to stop the crime from happening, but no doubt the case, when it came to court would be thrown out due to the police accessing the planners machine without a warrant. Leaving the criminal free to try again, but be harder to track/trace.


As for the police 'planting' stuff ... If you truly have done nothing wrong, I imagine it would be easily proved. Because surely the 'hack' would be date traceable, as well as the date that all the 'planted' stuff was left on the computer. :shrug: I'm only guessing there though, happy to be proved right or wrong.
 

I'd be more concerned about the OP's user title me self :rules: is he touting for work may hap? :shrug: :lol:
 
My technology gear has been fitted with C4 and a doomsday switch since way before all this made the headlines :D
 
Cobra said:
I'd be more concerned about the OP's user title me self :rules: is he touting for work may hap? :shrug: :lol:
Click to expand...

Lol can't belive we got this far into this thread without noticing this:lol:.
Well spotted sir:thumbs:
 
Jo said:
But by making it so that a warrant is required, the suspects would then have time to dispose of 'things' thus making it a waste of time.
Click to expand...


I don't think suspects would know the police were seeking a warrant.
The first thing the suspect knows, is the police banging on the door with a warrant to search their PC....or something.
How they get the proof they need to be issued with a warrant, is the thing.
 
Makes me wonder how many "bent" MI5 officers are currently storing up "useful nuggets of data" to line their own pockets with, once they retire/go AWOL :suspect:!?

This whole legislation is based on the (flimsy) assumption that the "good guys" are to be trusted at all times :schtum:.
 
Personally,I'd be more concerned about getting arrested by some clueless plod for taking pics of the MFI MI5 van spying on you from the street ;)
 
Flash In The Pan said:
Personally,I'd be more concerned about getting arrested by some clueless plod for taking pics of the MFI MI5 van spying on you from the street ;)
Click to expand...

You can't shoot what's not there....:suspect: What MI5 van? That's a Pizza van, no MI5 here matey....


:D
 
You must log in or register to reply here.
Back
Top