UK's GCHQ Takes A Page From China, Plans To Build A Great British Firewall
from the well,-that's-just-dandy dept
Generally speaking, taking cues from China on things like best ways to censor the internet… probably isn’t the best idea. Yet, it appears that’s exactly what the UK’s big surveillance agency, GCHQ is doing. The “Director-General of Cyber” (that’s a thing? yikes!) at GCHQ, Ciaran Martin, gave a speech at a cybersecurity summit in DC recently and announced exciting plans to censor the UK internet at a DNS level. No, really.
Finally, we’re exploring a flagship project on scaling up DNS filtering: what better way of providing automated defences at scale than by the major private providers effectively blocking their customers from coming into contact with known malware and bad addresses? Now it’s crucial that all of these economy-wide initiatives are private sector led. The Government does not own or operate the Internet. Consumers must have a choice. Any DNS filtering would have to be opt out based. So addressing privacy concerns and citizen choice is hardwired into our programme.
Of course, while the reasoning and sentiment may sound good, we’ve pointed out time and time again how DNS filtering, in particular is a really bad idea that actually does more harm than good for internet security. The internet works under the expectation that when you put in an address, the DNS system returns with info from the proper server.
And, of course, once you start mucking with the DNS system for filtering out stuff that you consider to be “malware” or “bad addresses” you open it up to much worse. You also end up validating China’s Great Firewall, since China just responds that their use of DNS filtering is also used to block “bad addresses.” It’s just that they have a different interpretation of what’s “bad.”
Filed Under: ciaran martin, dns, filter, firewall, gchq, great british firewall, great firewall, uk
Comments on “UK's GCHQ Takes A Page From China, Plans To Build A Great British Firewall”
Opting out will be deemed suspicious and navigation will be spied on with a motif. Your connection will be either filtered or watched.
Copyright Industry
What do want to bet that the copyright industry gets to identify “bad addresses” under this plan?
Re: Copyright Industry
no doubt via the City of London Police
Re: Re: Copyright Industry
Which itself is not real police.
How will this DNS filtering function? Will it just be that if you are using your ISP’s DNS that it will be filtered?
I currently use Google (8.8.8.8/8.8.4.4) for my DNS, which incidentally avoids the BT filtering of “blocked” sites like TPB and KAT (when they were up), and probably others as well. If it’s implemented in a similar manner, then there’s an easy opt out for consumers.
Re: Re:
Given the incompetent buffoons in charge, it will probably be fairly easy to circumvent regardless of how it is implemented.
My fear is that they will simply criminalise circumvention.
Unfortunately, both main parties support this kind of thing; barring a sea change in voting habits it’s unlikely to be overturned.
Non-stop snooping and censorship
http://www.dailymail.co.uk/news/article-3788294/Government-s-spies-start-building-national-firewall-protect-British-internet-users-hostile-websites.html
Yes, I know it’s the Daily Mail, but a) Martin looks like a gormless version of Himmler, and b) from the above, “he revealed that the ambitious new scheme is already being trialed” Holy fuck, why even bother having a Parliament???
Sounds like the Great Australian Firewall to me. They started filtering internet traffic some years ago “for the children.”
“Any excuse will do…”
Re: Re:
And “the children” immediately bypassed the filtering.
I'll keep this brief but want you to understand my full meaning.
Oh for fucks sake.
Re: I'll keep this brief but want you to understand my full meaning.
Not to worry chap we get your “full meaning,” though the idea that you really want us to is betrayed by the fact that the operation of this scheme will be compartmentalized and classified to the hilt.
almost
Quit beating around the bush. Just go back to dial-up nationwide. That’ll show ’em. Freakin’ terrorists.
So…. bets on how long it’ll take “known malware and bad addresses” to include “piracy websites and porn”? Will they admit to specifically looking for and blocking them, or will they insist that it’s just a coincidence that every website hosting porn or pirated material that they come across also happens to host malware?
Re: Re:
Unfortunately, I think that the malware sites that won’t be blocked will be NSA malware sites.
Stop spamming that poor logging VPN in every article.
Its Selling out your users
The one word that will immediately render this pointless
DNSSEC
Re: The one word that will immediately render this pointless
I wonder why it’s taking so long to deploy…
Anyone who unironically refers to himself and his colleagues as “securocrats” shouldn’t be trusted to control any lever of power.
Re: Re:
“securocrats” sounds like people with a Velcro or glue fetish
what better way to hide the pedophiles they keep protecting in their ranks than to try and control how that info gets released
No, not chilling at all
Yeah, when the government gets to decide which points are a “misuse”…
the weasel faced cunt Ciaran Martin, must have lacked the love of his parents or been shunned because of the way he looked and thinks that screwing everyone in the UK is the best revenge he could ever get! what a self-centered prick!
China seems like a good model to follow…
…if you are a political elitist hungry for more power over others.
Re: Re:
…if you are a political elitist hungry for more power over others.
I think you just described the vast majority of politicians.
This needs a name
I propose “Hadrian’s Firewall”.
Re: This needs a name
Great historical reference
Last time I checked, the Chinese internet works exactly like China wants it to.
The “because China” FUD is stale.
Error in story
You have an error in this story:
Blocking politically embarrassing stories, socially ‘subversive’ views and “the terrorists” ….pretty much the same interpretation
Never trade freedom and privacy for security.
IT'S ALL GREEK TO GCHQ
I’m guessing GCHQ’s “job titling clerk” doesn’t understand what ICT stands for!… and so, went with “Director-General of Cyber”, instead of “Dir-Gen:ICT”! And the said etymology of “Cyber” notwithstanding!… the Greek root for CONTROL is “neme (from where we get ‘-nomy’, for ‘management’!… and nemesis, for state, condition, or process of control– not, someone’s ‘antithetical rival’!)”, not “cyber”, or “cybern (from the Greek word, kubernaó… ‘to steer’!)”! And!… the Greek morphemic element for Agent and Agency is “etes/ ete/ et/ tes/ and even “t”, respectively (from which “-et”, in “cybern_et_ics”, is derived!… and not from the suffixal adjective, “-tics”, for “-sis”– as some, have presumed!)! And “-ic” is from the Greek suffixal morphemic element, “-ikos”!… softened to “-ic (for, ‘pertaining to’!… and the unused suffixal morphemic element ‘-os’, referring to that which is ‘characteristic of’!… ‘abounding in’!… and, etc.!)”!
.
In other words, the best Greek expression for the most efficient and effective catchphrase for the notion of Information CONTROL Technology, is “Eidonemethkhnia (i.e., ‘information control thkhni’!… and thkhni, being from the original Greek term, ‘τέχνη’!… for craft!)!… or in the contemporary parlance, “Edionemetechnea (i.e., ‘information control techne’!)”! And!… the product/ s, service/ s, or form/ s of Edionemetechnea, would be ‘Eidonemethkhnoma/ e’!… or in the contemporary singular parlance, “Edionemetechnea”, and in the plural parlance, “Edionemetechnomae”, respectively!
.
And!… incidentally!… “technology” is a poor expression for a techne’s/ craft’s product/ service/ form!… as the suffixal morphemic element, “-ology (from the Greek ‘logos’– for word!… and ‘logia’!)”, refers to the “study of” something!
.
The Greek suffixal element, “-ma (see, https://en.wiktionary.org/wiki/-%CE%BC%CE%B1… and -μᾰ!), refers to a “form of something”! For example, the Greek word “dran,” refers to “something done”!… and a “form of something done” is “drama (the ‘n’ being dropped, and ‘-ma’ added!)”! But!… and unfortunately!… and as is so often the case in language!… the term “drama” was “hijacked” by users of this expression… and began to be used, exclusively, in reference to that which is “done” by those on a stage! And although theatrical expression is “something done”… it is but one example of “something done”; and thus, should not be made synonymous with “drama”– as such! And so.. and to return to “techne (the Greek expression for a field, craft, industry!)”!… a product, service or form of a given techne, would be expressed as a technoma (in singular form!), and technomae (in plural form!)!… in contrast, to “technology (a rather bumbling way to express a techne’s product, service, or form!)”!
.
Lastly, if we desire a more efficient and effective term for Information Communications Technology, then we would use the term, “Eidoepikoino̱nió̱ntechnea (i.e., ‘Eidos/ information_epikoino̱nió̱n/ communications_techne/ craft’!… epikoino̱nió̱n– or communications!– being from the Greek word, επικοινωνιών!)”! And a product, service, or form of Eidoepikoino̱nió̱ntechnea, being, “Edioepikoino̱nió̱ntechnoma” in the singular, and “Eidoepikoino̱nió̱ntechnae” in the plural! However!… we would no longer refer to this field as ICT!… but rather, as EET (or ET!… for short!… and not to be confused with our extraterrestrial neighbors!)!
.
Please!… no emails!
DISTRACTION
P.S.: Sorry guys!… I went a tad batty in putting my earlier comment together!… and so, I made a couple of errors! Simply put!… wherever you see the prefix “Edio”, the correct prefix is “Eido (from ‘Eidos’!)”! Although I managed to refer to Eidos, I was inconsistent in correctly affixing this as a prefix to all of the necessary expressions!
.
The lesson for me!… is never allow myself to be called away when I’m in the middle of something… like correcting some denoted grammatic errors!… and promptly forgetting what’s left to be completed! And no!… it wasn’t a “call of the wild”!
.
Please!… no emails!
http://365tomorrows.com/page/2865/ Hi There!
A lovely little story I have just read
Hi there!
by submission | Oct 20, 2008
Author : Rob Burton
Dear Victim,
I am writing to you to tell you that, in a short while, you are going to be arrested for killing the Prime Minister. You didn’t do it, right? Wrong. Here at MI6, when we want to kill someone and say that you did it, you can be sure that we’ve made sure that you did.
I picked you for several reasons. Firstly, you have an interest in world affairs and have spent time on the internet researching terrorism. Now, I know that you are going to say, ‘but I wasn’t researching how to be a terrorist, I’m just concerned’. Well the courts won’t see it that way now that I’ve altered the list. Secondly, you have annoyed a few people over the years – some of them really hate you, you know – and so we got them to write their opinions on you on ‘mebook’. The press will look you up, and it will help us a lot if nobody likes you. Thirdly, you have short, dark hair, a heavy brow and a facial scar, which makes a conviction 18% more likely. Fourthly you are a liberal who is known to disagree with recent government policy – this gives you motive, and we like to eliminate as many threats as we can with one action. It’s more elegant. Lastly I picked you because, of all the many people who fit the profile, I don’t like the look of you.
According to your psychological profile, upon finishing this email you will attempt to run away – I hope you do, as it will further incriminate you – and that telling you this will not dissuade you. A few words of advice: Do not take your car, we can track it. Similarly, do not steal or borrow anyone else’s car. We can also track your mobile, PDA and laptop, and use them as listening devices. Do not go through any major urban areas; the cameras can pick up your ID using face recognition. Do not go anywhere near an airport or port either, for the same reason. Follow these simple rules and I give you six hours.
Thanks to the national DNA and biometric database, and a quick search through your bins, we have planted enough evidence around the site to easily convict you. Juries believe that DNA and biometric evidence is a rubber stamp for conviction. It is not, but they watch too much crime drama to be convinced otherwise. Also, we have hacked the new brain scan lie detector that Juries love so much, so it will show that you are feeling as guilty as a priest at a bondage party.
We thought that you might want to know why. Well, as you know, the current government has increased our budget and power exponentially over the last few terms. Now, it seems, the Prime Minister may be regretting a few of those choices. We cannot allow that, so we have killed him, demonstrating to his replacement (who is now guaranteed to win the next election) that we are not to be trifled with. This means that we can get whatever we want, which is more of the same, actually. Longer detention periods, fewer rights and greater surveillance. More power for us to play.
And why am I telling you this like some idiotic bond villain? Because it makes no difference to your fate, and because my boss and I think it’s hilarious.
This message will delete itself, leaving absolutely no trace, in two seconds.
Trust me. I know your reading speed.
GCHQ
Obviously the Loverley Boys at GCHQ have not read “1984”. They think that just because they are Twitching Poodles with the NSA they can treat us Brits like American Morons. It is a known fact that only one in ten US Oligarchs have a functioning Brain Cell.