This will, I predict, cost a lot of money and will fail to deliver what you might expect.
Let's put aside the possibly massive abuse of civil liberties that such a scheme invites and focus on how useful it will be for its intended purpose.
Who will pay?
It looks like the Internet Service Providers (ISPs) will be doing the bulk of the work. The additional work will cost money, which will almost certainly be passed to the customers (us).
What will be tracked?
According to the BBC, the system will:
"enable intelligence officers to identify who an individual or group is in contact with, how often and for how long."My understanding of this is that ISPs will track who receives emails from who, but not the content. So if Individual A (Alan) sends an email to individual B (Brian) then the government can discover this fact, although without necessarily knowing the content of that email.
No doubt IP addresses will be tracked too, adding to the likelihood that Alan really is Alan, and that Brian is Brian.
From the sketchy information available so far it seems that this will allow the government to track fairly low-level criminals who have the technical naivety of Luddites.
Organised criminals have been using 'burner' mobile phones for years, treating their devices as disposable. Buy a phone for cash, set up a free webmail account and it would be tough for anyone to work out if you were Alan, Brian or Ayman Al-Zawahiri.
Rik Ferguson from Trend Micro agrees that dangerous criminals have at least a semblance of security sense:
"If national governments and law enforcement organisations truly believe that online criminals and international terrorists don’t know how to hide their online traces, then we have a bigger problem than we thought (sending an encrypted email with spoofed sender address from an Internet café is only lesson one)."
No comments:
Post a Comment