[cooky560]

CCDP is essentially plans to install monitoring devices at the servers of each major ISP which records real-time information about the sites their customers are visiting, and hands the data straight over to GHCQ, eventually this will just result in the round up of people who visits like this one. Despite their doing nothing wrong, and without their consent.

http://wiki.openrightsgroup.org/wiki/Communications_Capabilities_Development_Programme

[rebelwithoutaclue]

Fuck them! They can't lock all of us up all of the time. Never fear the bastards

[cooky560]

The good news is that the system isn't impossible to circumvent.

Data that is encrypted with TLS encryption (it typically says https:// in the address bar instead of http://) is designed to be impossible to read. Even the companies that store the data received in this format cannot read it, it is merely compared with a similarly encrypted version of a model result and if the two match, is accepted.

It works by padding each letter of genuine data with 255 letters of garbage data. So an 8 digit account number comes out as a 2048 digit collection of letters numbers and symbols, only 8 of which are actually needed and none match the original data entered by the user. Imagine therefor the size of a an entire page sent over this format! If we take this "Post reply" page as an example, which is just under 5000 characters long (not including the data I've typed) and is a fairly short page compared with a thread page. If we assume that a 5000 letter page is 5kb in standard format, it would become 1,2800,000 characters long and over 1200kb in size, all of which is unreadable! if every single page was stored in this way, by all the millions of internet users, the boxes would be bought to their knees in massive amounts of unreadable data in a few days. There is no extra storage cost to the web host as the padding process takes place on the fly as the data is sent. Since the system is usually used to store confidential account information by online stores, it's designed so that it can't be decoded, many people have tried to beat TLS software, and none have succeeded (although this does not mean it's impervious to destruction it may provide an answer)

So what does this mean?
Well in essence it means data transferred over https:// will be received by the as complete garbage that cannot be recovered by the CCDP boxes, meaning it becomes a simple matter of viewing every page by a secure proxy.

What is a proxy?
A proxy is a computer, preferably outside of the sphere the user in, which receives the data the user requests, and forwards it on to the user as if it arrived from the proxies address. Since proxies are rarely blocked, they are typically used in non TLS format to obtain access to restricted webpages at work or school, or if you wish, to the newly blocked Pirate Bay website.

What is a secure proxy?
A secure proxy works in a similar manner to a standard proxy, apart from it encrypts the data into TLS (unreadable format) before sending it to the recipient, hence if the secure proxy is located anywhere outside of the UK, the CCDP system is essentially defeated by it's usage.

Can this system be beaten?
If the proxy is blocked by the government's internet censorship system yes. However some secure proxies such as Tor are deliberately designed using a wide network of computers to be impossible to block, since if one gateway is blocked, the system simply switches to another.

Can I connect to things like Tor for free?
Very much yes, simply install the Tor application on your computer, configure it to use TLS and then browse the internet as normal. Tor is written using Open Source meaning the system is constantly improved (since there is no commercial gain, the project authors are more interested in improving the product itself, not their profits) and will likely be free forever.

What will CCDP see in this secure proxy configuration?
Essentially huge amounts of garbage data which cannot be read either by their human operators, or by the machines themselves. While this may trigger suspicions of your operations, without being able to view what data you have sent and received, they will not have a strong enough case to warrant a visit from the plod. Some ISPs have said they don't want their customers using Tor specifically, however there again is no way for them to discover the garbage data is or isn't Tor.

Costs to the user
•Each page you visit will use considerably more bandwidth, consider an ISP that doesn't restrict what you can download
•Due to the complex process that TLS uses to mess with the pages so much, the internet will be considerably slower (25 or 30% slower in worst cases), this may badly affect youtube or on-line games if your connection is slow.
•Some websites are designed to defeat proxies and you'll not be able to visit them while your using Tor, unless they are coded sloppily
•Websites are no longer able to auto-detect your location, so you may find that news sites show news for the country your proxy is in, rather than your own, although some may consider this a benefit
•Increased demands on your own CPU as the Tor software on your end works out what the page was meant to say.

Benefits to the user
•The system defeats all known ISP and State level filters
•The system defeats both URL Logging under the Digital Economy Act, and Data Logging under the CCDP proposal
•The system defeats Facebook's location systems
•Due to the nature of Tor's design, even the makers wouldn't be able to work out what you've visited
•Increased security since some proxies also filter out viruses

Misc Points to Note
Unless you install Tor on every computer in your home, not all you computers (or devices which it cannot be installed on, such as phones and consoles) will enjoy the protection, to solve this, consider purchasing a router with Tor installed into it's firmware.

The system does not make it impossible for authorities to discover your browsing habits if they have physical access to your computer

[diasan]

The good news is that the system isn't impossible to circumvent.

Data that is encrypted with TLS encryption (it typically says https:// in the address bar instead of http://) is designed to be impossible to read. Even the companies that store the data received in this format cannot read it, it is merely compared with a similarly encrypted version of a model result and if the two match, is accepted.

and the weak point with SSL/TLS encrypted connections is the key negotiation.

Since most people do not have a known identity (key or certificate) for the far end, they end up performing having to trust that the connection is direct to their intended end point.

The classic attack being known as 'man in the middle'. So don't assume that https: connections are any more secure, there have been a number of recent instances of fake certificates being generated.

As to payment transactions, protection when paying by credit card is actually a function of the consumer credit act, not the use of SSL.

[cooky560]

Sorry to burst your bubble here, but SSL is the very technology that makes this protection available.

Think of it like a safe, a safe allows a person to safety protect real world items within the realm of the law, if I had confidential papers about you, but no safe, claiming "the statute" protects you just as the wind blows them all out the window and over the garden for any-one to pick up, you'd be unhappy and the statute has provided no protection whatsoever. SSL is very similar, SSL is a mechanism that provides the privacy needed to conform not only to statute law, but also to create a bond of trust between the customer and the business, it's like an online safe. Further, might I suggest you read the protections the act actually provides, it's largely against fraud rather than secure storage of details, which is what's being discussed here. Data Storage and the usage of things like SSL for what it's worth are more involved with the Data Protection Act, a statute that is well known for being open to abuse.

The credit act without the technology in place to enforce it (be it a safe, SSL, or any other secure form of storing information) is merely words that have no effect whatsoever. Much like the Human Rights Act 1689 is only useful while people are willing to enforce it. There is nothing physically stopping me from intentionally (or by error) breaching any act (not that I would, I prefer peace to violence), merely technology and security products which attempt to enforce them.

Key negotiation can be an issue but I highly doubt that the govt boxes will perform such an attack, the result would be too damaging to the online economy, which right now is one of the few where the UK is exporting more than it imports.

[diasan]

Sorry to burst your bubble here, but SSL is the very technology that makes this protection available.

Think of it like a safe, a safe allows a person to safety protect real world items within the realm of the law, if I had confidential papers about you, but no safe, claiming "the statute" protects you just as the wind blows them all out the window and over the garden for any-one to pick up, you'd be unhappy and the statute has provided no protection whatsoever. SSL is very similar, SSL is a mechanism that provides the privacy needed to conform not only to statute law, but also to create a bond of trust between the customer and the business, it's like an online safe. Further, might I suggest you read the protections the act actually provides, it's largely against fraud rather than secure storage of details, which is what's being discussed here. Data Storage and the usage of things like SSL for what it's worth are more involved with the Data Protection Act, a statute that is well known for being open to abuse.

The reason I referred to the CCA, is that the most common use for SSL/TLS at the moment is online purchasing made with a credit card.
There people seem to believe (or vendors claim) that SSL makes such transactions safe. However, it does not.
Safety comes from ones ability to repudiate the transaction, and the CCA then places obligations upon the card issuer which are generally to the advantage of the holder if there was actual fraud. So basically conducting the transaction over an encrypted link is irrelevant. Further discussion of CCA applicability to this thread is a distraction.

For other uses of SSL/TLS, i.e. the context of this thread; the way browsers generally operate also makes it moot when the adversary is the government.
Especially with CCDP (which is Labour's IMP rehashed). I've not checked the details of CCDP, but what of what was necessary for IMP was actually the installation of middle boxes, i.e. inherently a man-in-the-middle. Just what those middle boxes would do is the subject of some current interest.

However, given that it is quite easy to defeat common browser use of SSL/TLS by use of fake CA certificates and DNS poisoning, any supposed protection against an adversary with greater capabilities (mandating that ISPs install middle boxes) is rather hopeful.

Key negotiation can be an issue but I highly doubt that the govt boxes will perform such an attack, the result would be too damaging to the online economy, which right now is one of the few where the UK is exporting more than it imports.

Easily handled. The mechanism is already there for selective blocking of locations, instead of blocking this can be used to redirect selective traffic to a middle box.

So all that is necessary is to detect such SSL/TLS utilising TCP connections, and shove via a transparent proxy. This can be avoided for certain well known sites
(addressing the above commercial concern), and is made even easier by the fact that most people have NATed connections already.

However, I do agree that it is (still) unlikely here.
But one needs to be aware that SSL/TSL without having previous knowledge of the expected public key is not providing real privacy.
A similar situation pertains with how SSH is commonly used, but at least there is caches the key and complains when it is seen to change.

Simply put, SSL/TLS is not a privacy panacea, it has to be used properly. I would also suggest that use via a proxy is improper.

Finally, on a technical note, SSL/TSL does not operate as you suggest. While it is block oriented, this does not necessarily result in a data expansion.
It is possible for compression to be negotiated along with encryption, such that less data is sent than would be over a plain TCP connection.
Even in the absence of compression, the expansion will at most be a few percent (each block can have up to 16384 bytes, with up to around 20 bytes of overhead).
The wikipedia article gives a good overview, and has references to the appropriate RFCs with all of the details.

[cooky560]

Selective blocking of boxes is very possible but does not solve the issue of trust in e-commerce considering new e-commerce sites are created on a daily basis, not to mention the fact that companies move their commerce sites, and change their certificates from time to time.

I never said that TLS is a panacea, more that using a secure proxy as a pipe behind CCDP and filtering systems is a method to circumvent the policy. Networks like Tor operate using this basic principle with a series of distributed computers to provide the content.

I think the saddest part of all this however is that such measures, usually reserved for highly private transactions are being considered by the innocent to avoid what is ludicrous and invasive government policy.

http://en.wikipedia.org/wiki/Secure_Socket_Layer#TLS_record_protocol states that data is padded, meaning that it's impossible for the data to not grow in size by the size of the padding, while there is a limit of bytes in each block, this does not prevent more blocks being used, hence it does increase the amount of data they must wade through somewhat.

[knowledgeispower-uk]

The Internet IS A Dangerous Place.

[knightron]

The Internet IS A Dangerous Place.