The bill doesn’t explicitly ban encryption the government has introduced legislation that would ban companies like Apple from offering end-to-end encryption. What makes this particularly ironic is the discovery of other documents from earlier this year that show the UK encouraging enterprise and governments to adopt encryption.
Both the BBC and the Telegraph have sounded off about the new powers the government is seeking. According to the BBC, the new law (the Investigatory Powers Bill) would give government investigators “to see if someone used Snapchat at 07:30 GMT on their smartphone at home and then two hours later looked at Twitter’s website via their laptop at work, but neither the text typed into the app, nor the specific pages looked at on the social network would be accessible.”
That kind of power isn’t what has privacy advocates and security researchers worried, however. the IPB also requires that companies must take “reasonable” steps to provide data when a warrant is issued, even if that warrant applies to encrypted communication. Companies like Apple literally can’t take “reasonable” steps to provide law enforcement with information because they no longer have the ability to peer into their own encrypted devices without user-provided information.
While the bill doesn’t explicitly ban encryption, there’s been enormous concern about how things will play out if the government demands access to material that Apple, Google, or another manufacturer literally can’t provide.
A Home Office spokesperson speaking to the Telegraph said this:
The Government is clear we need to find a way to work with industry as technology develops to ensure that, with clear oversight and a robust legal framework, the police and intelligence agencies can access the content of communications of terrorists and criminals in order to resolve police investigations and prevent criminal acts. That means ensuring that companies themselves can access the content of communications on their networks when presented with a warrant, as many of them already do for their own business purposes, for example to target advertising. These companies’ reputations rest on their ability to protect their users’ data.” (Emphasis added).
Apple’s own encryption system can’t be made compliant with the new law without changes, which is why so many companies have been against these types of laws in the first place. Implementing encryption methods with backdoor decryption only weakens the entire stack. There’s no way to create vulnerabilities that are guaranteed to remain in the hands of the white hats, no matter who those white hats happen to be.
ISPs will be forced to retain this data for one year, including the aforementioned data on browsing activities.
https://www.extremetech.com/extreme/217 ... nd-its-use
Stay vigilant and be the best you can be...(hit the gym and preach the BTC gospel my brothers)