When my Dad died it fell to me to sort out his online presence. I sat down at his fancy HP Touch Screen Media Centre monstrosity and promptly demonstrated why full disk encryption is so vital.
Within 5 minutes I had full access to his computer, and everything on it. This included Outlook Express, which dutifully connected to his email account using the credentials it had handily stored away. 30 minutes later and I owned almost his entire digital life.
Once you have access to someones email, you have access to a huge number of websites they’re registered with. Don’t know the password? No problem, we’ll handily email you a link to reset it to something you do know via an email sent to the compromised account you now own. Oh goody!
But that’s OK, no one is going to steal your computer and get access to your email client. Maybe not (although you might just want to enable full disk encryption, just in case), but then perhaps someone like TalkTalk will slip up and release account details which give them access to your email – because, hey, remembering lots of passwords is hard and what’s the harm in using the same password everywhere?
Now lets just pretend that companies like TalkTalk need to suddenly start storing lots more personal information because the government said so. What’s going to happen here? Are you going to get a well architected, well implemented system with security being on of the basic tenants of its design? Or are they just going to ram something into production that does what’s required and then forget about it?
What we’re talking about is a data store that does nothing for the company’s business model, makes them no money, and is a cost to build and maintain. It’ll also be a treasure trove that hackers will want to target, if only to say they did. I have very little doubt that the whole thing will furnish me with a sequel to my talk on massive cockups in IT.
And this data store does what? It allows you to pin some extra evidence on the sloppy who, lets face it, probably have made enough mistakes to be convicted anyway. Anyone with half a clue and nefarious intentions can easily sidestep this store, flood it with spurious data, or both. Incidentally, anyone with half a clue and perfectly honest intentions can also sidestep the store. It’s very hard to tell the difference.
But it’s just metadata! Yeah… putting the word “meta” in front of it doesn’t make it OK. Happy for me to see your browsing history? Of course you are, you’ve got nothing to hide! What if I told you I could also see all those sites you went to in that incognito window you had open last night? Not so great any more is it? Still happy to hand over “metadata”? Then consider this: if the data is the results of your STD test, then the metadata is that you’ve had a test in the first place. I could go on.
It’s also dangerous. So perhaps your browser connects to a compromised server because someone has injected a malicious advert into an innocuous page you’re browsing. Perhaps that server also contains material the authorities deem to be something you shouldn’t be looking at. They now have proof that you were looking at it, but no context as to why. You’re simply the victim of a drive-by download, but the metadata convicts you of viewing forbidden data. Don’t try to argue, it’s all there in the logs, we know you’re guilty.
But it stops the terrorists! Ah yes, that old chestnut. We must all make sacrifices to our liberties, and to our rights so that we can Maintain Our Way Of Life, because otherwise The Terrorists Win. There is a brutal irony there. The only way it could get more ironic is if it’s the terrorists who hack all this data and use it for nefarious purposes… you honestly couldn’t make this stuff up.
Anyway, on a totally unrelated topic, who can recommend me a good VPN and some strong cryptography packages?