UK's GCHQ Takes A Page From China, Plans To Build A Great British Firewall

from the well,-that's-just-dandy dept

Generally speaking, taking cues from China on things like best ways to censor the internet… probably isn’t the best idea. Yet, it appears that’s exactly what the UK’s big surveillance agency, GCHQ is doing. The “Director-General of Cyber” (that’s a thing? yikes!) at GCHQ, Ciaran Martin, gave a speech at a cybersecurity summit in DC recently and announced exciting plans to censor the UK internet at a DNS level. No, really.

Finally, we’re exploring a flagship project on scaling up DNS filtering: what better way of providing automated defences at scale than by the major private providers effectively blocking their customers from coming into contact with known malware and bad addresses? Now it’s crucial that all of these economy-wide initiatives are private sector led. The Government does not own or operate the Internet. Consumers must have a choice. Any DNS filtering would have to be opt out based. So addressing privacy concerns and citizen choice is hardwired into our programme.

Of course, while the reasoning and sentiment may sound good, we’ve pointed out time and time again how DNS filtering, in particular is a really bad idea that actually does more harm than good for internet security. The internet works under the expectation that when you put in an address, the DNS system returns with info from the proper server.

And, of course, once you start mucking with the DNS system for filtering out stuff that you consider to be “malware” or “bad addresses” you open it up to much worse. You also end up validating China’s Great Firewall, since China just responds that their use of DNS filtering is also used to block “bad addresses.” It’s just that they have a different interpretation of what’s “bad.”

Filed Under: , , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “UK's GCHQ Takes A Page From China, Plans To Build A Great British Firewall”

Subscribe: RSS Leave a comment
Anonymous Coward says:

How will this DNS filtering function? Will it just be that if you are using your ISP’s DNS that it will be filtered?

I currently use Google ( for my DNS, which incidentally avoids the BT filtering of “blocked” sites like TPB and KAT (when they were up), and probably others as well. If it’s implemented in a similar manner, then there’s an easy opt out for consumers.

Anonymous UK Resident says:

Re: Re:

Given the incompetent buffoons in charge, it will probably be fairly easy to circumvent regardless of how it is implemented.

My fear is that they will simply criminalise circumvention.

Unfortunately, both main parties support this kind of thing; barring a sea change in voting habits it’s unlikely to be overturned.

Anonymous Jester says:

Non-stop snooping and censorship

Yes, I know it’s the Daily Mail, but a) Martin looks like a gormless version of Himmler, and b) from the above, “he revealed that the ambitious new scheme is already being trialed” Holy fuck, why even bother having a Parliament???

Anonymous Coward says:

So…. bets on how long it’ll take “known malware and bad addresses” to include “piracy websites and porn”? Will they admit to specifically looking for and blocking them, or will they insist that it’s just a coincidence that every website hosting porn or pirated material that they come across also happens to host malware?

HegemonicDistortion says:

No, not chilling at all

In previous public remarks that I’ve made in the UK, I’ve focused on the three main motivations for systematic cyber attack… Another is propaganda: where the global platform that the Internet gives anyone and everyone is misused to make a point, attract attention or to instil fear and intimidate.

Yeah, when the government gets to decide which points are a “misuse”…

John Mayor says:


I’m guessing GCHQ’s “job titling clerk” doesn’t understand what ICT stands for!… and so, went with “Director-General of Cyber”, instead of “Dir-Gen:ICT”! And the said etymology of “Cyber” notwithstanding!… the Greek root for CONTROL is “neme (from where we get ‘-nomy’, for ‘management’!… and nemesis, for state, condition, or process of control– not, someone’s ‘antithetical rival’!)”, not “cyber”, or “cybern (from the Greek word, kubernaó… ‘to steer’!)”! And!… the Greek morphemic element for Agent and Agency is “etes/ ete/ et/ tes/ and even “t”, respectively (from which “-et”, in “cybern_et_ics”, is derived!… and not from the suffixal adjective, “-tics”, for “-sis”– as some, have presumed!)! And “-ic” is from the Greek suffixal morphemic element, “-ikos”!… softened to “-ic (for, ‘pertaining to’!… and the unused suffixal morphemic element ‘-os’, referring to that which is ‘characteristic of’!… ‘abounding in’!… and, etc.!)”!
In other words, the best Greek expression for the most efficient and effective catchphrase for the notion of Information CONTROL Technology, is “Eidonemethkhnia (i.e., ‘information control thkhni’!… and thkhni, being from the original Greek term, ‘τέχνη’!… for craft!)!… or in the contemporary parlance, “Edionemetechnea (i.e., ‘information control techne’!)”! And!… the product/ s, service/ s, or form/ s of Edionemetechnea, would be ‘Eidonemethkhnoma/ e’!… or in the contemporary singular parlance, “Edionemetechnea”, and in the plural parlance, “Edionemetechnomae”, respectively!
And!… incidentally!… “technology” is a poor expression for a techne’s/ craft’s product/ service/ form!… as the suffixal morphemic element, “-ology (from the Greek ‘logos’– for word!… and ‘logia’!)”, refers to the “study of” something!
The Greek suffixal element, “-ma (see,… and -μᾰ!), refers to a “form of something”! For example, the Greek word “dran,” refers to “something done”!… and a “form of something done” is “drama (the ‘n’ being dropped, and ‘-ma’ added!)”! But!… and unfortunately!… and as is so often the case in language!… the term “drama” was “hijacked” by users of this expression… and began to be used, exclusively, in reference to that which is “done” by those on a stage! And although theatrical expression is “something done”… it is but one example of “something done”; and thus, should not be made synonymous with “drama”– as such! And so.. and to return to “techne (the Greek expression for a field, craft, industry!)”!… a product, service or form of a given techne, would be expressed as a technoma (in singular form!), and technomae (in plural form!)!… in contrast, to “technology (a rather bumbling way to express a techne’s product, service, or form!)”!
Lastly, if we desire a more efficient and effective term for Information Communications Technology, then we would use the term, “Eidoepikoino̱nió̱ntechnea (i.e., ‘Eidos/ information_epikoino̱nió̱n/ communications_techne/ craft’!… epikoino̱nió̱n– or communications!– being from the Greek word, επικοινωνιών!)”! And a product, service, or form of Eidoepikoino̱nió̱ntechnea, being, “Edioepikoino̱nió̱ntechnoma” in the singular, and “Eidoepikoino̱nió̱ntechnae” in the plural! However!… we would no longer refer to this field as ICT!… but rather, as EET (or ET!… for short!… and not to be confused with our extraterrestrial neighbors!)!
Please!… no emails!

John Mayor says:


P.S.: Sorry guys!… I went a tad batty in putting my earlier comment together!… and so, I made a couple of errors! Simply put!… wherever you see the prefix “Edio”, the correct prefix is “Eido (from ‘Eidos’!)”! Although I managed to refer to Eidos, I was inconsistent in correctly affixing this as a prefix to all of the necessary expressions!
The lesson for me!… is never allow myself to be called away when I’m in the middle of something… like correcting some denoted grammatic errors!… and promptly forgetting what’s left to be completed! And no!… it wasn’t a “call of the wild”!
Please!… no emails!

Anonymous Coward says: Hi There!

A lovely little story I have just read

Hi there!

by submission | Oct 20, 2008

Author : Rob Burton

Dear Victim,

I am writing to you to tell you that, in a short while, you are going to be arrested for killing the Prime Minister. You didn’t do it, right? Wrong. Here at MI6, when we want to kill someone and say that you did it, you can be sure that we’ve made sure that you did.

I picked you for several reasons. Firstly, you have an interest in world affairs and have spent time on the internet researching terrorism. Now, I know that you are going to say, ‘but I wasn’t researching how to be a terrorist, I’m just concerned’. Well the courts won’t see it that way now that I’ve altered the list. Secondly, you have annoyed a few people over the years – some of them really hate you, you know – and so we got them to write their opinions on you on ‘mebook’. The press will look you up, and it will help us a lot if nobody likes you. Thirdly, you have short, dark hair, a heavy brow and a facial scar, which makes a conviction 18% more likely. Fourthly you are a liberal who is known to disagree with recent government policy – this gives you motive, and we like to eliminate as many threats as we can with one action. It’s more elegant. Lastly I picked you because, of all the many people who fit the profile, I don’t like the look of you.

According to your psychological profile, upon finishing this email you will attempt to run away – I hope you do, as it will further incriminate you – and that telling you this will not dissuade you. A few words of advice: Do not take your car, we can track it. Similarly, do not steal or borrow anyone else’s car. We can also track your mobile, PDA and laptop, and use them as listening devices. Do not go through any major urban areas; the cameras can pick up your ID using face recognition. Do not go anywhere near an airport or port either, for the same reason. Follow these simple rules and I give you six hours.

Thanks to the national DNA and biometric database, and a quick search through your bins, we have planted enough evidence around the site to easily convict you. Juries believe that DNA and biometric evidence is a rubber stamp for conviction. It is not, but they watch too much crime drama to be convinced otherwise. Also, we have hacked the new brain scan lie detector that Juries love so much, so it will show that you are feeling as guilty as a priest at a bondage party.

We thought that you might want to know why. Well, as you know, the current government has increased our budget and power exponentially over the last few terms. Now, it seems, the Prime Minister may be regretting a few of those choices. We cannot allow that, so we have killed him, demonstrating to his replacement (who is now guaranteed to win the next election) that we are not to be trifled with. This means that we can get whatever we want, which is more of the same, actually. Longer detention periods, fewer rights and greater surveillance. More power for us to play.

And why am I telling you this like some idiotic bond villain? Because it makes no difference to your fate, and because my boss and I think it’s hilarious.

This message will delete itself, leaving absolutely no trace, in two seconds.

Trust me. I know your reading speed.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...