On encryption backdoors: Emergent Harms in the Security Group at the University of Cambridge have put out of a researcher paper around how over half of all cybercrime court cases in the UK are prosecuting UK police officers for abusing systems access […] [Original post on cyberplace.social] - ThreadSky

GossiTheDog.cyberplace.social.ap.brid.gy • 1 day ago

On encryption backdoors:

Emergent Harms in the Security Group
at the University of Cambridge have put out of a researcher paper around how over half of all cybercrime court cases in the UK are prosecuting UK police officers for abusing systems access […] https://cyberplace.social/@GossiTheDog/114077574926727980

Comments

adrianshort.org•11 hours ago

I'm always surprised (not surprised) that online safety advice to the public never includes insider threats from service providers and public authorities.

fivetonsflax.tilde.zone.ap.brid.gy•2 hours ago

@GossiTheDog https://toot.cafe/@baldur All Cops Are Blackhats?

beaj.bsky.social•11 hours ago

I can’t see a date on that paper or where it was published - do you have any details? Thank you

headoffsecurity.bsky.social•7 hours ago

See metadata here:

https://ieeexplore.ieee.org/document/10871227

GossiTheDog.cyberplace.social.ap.brid.gy•6 hours ago

davep.infosec.exchange.ap.brid.gy•6 hours ago

@GossiTheDog They're not the sharpest tools in the box

GossiTheDog.cyberplace.social.ap.brid.gy•6 hours ago

I should say, I’m not offering the opinion that lawful access to encrypted data is bad (at the risk of getting mastocancelled) or good - there’s a lot of nuance in that area.

As with anything, it depends on the implementation.

The very separate UK police database apparently relies on blabby […]

bontchev.infosec.exchange.ap.brid.gy•4 hours ago

@GossiTheDog There is NO WAY of implementing encryption backdoors that are accessible only to the good guys, period. There is no "nuance" about it.

The "good guys organizations" are full of bad guys and powerful foreign actors can hack the means of access too.

bontchev.infosec.exchange.ap.brid.gy•3 hours ago

@GossiTheDog Also, in case you haven't realized it yet, the "good guys" orgs are one election away from turning into "bad guys" orgs.

r-buller.bsky.social•23 hours ago

Image Alt-text:
1/2
Abstract—Police officers and employees misusing access to
police database now account for over half of all cybercrime pros-
ecutions in the UK. The harms this can cause are considerable.
➡️

r-buller.bsky.social•23 hours ago

Yet police continue to call for encryption to be weakened to allow
for greater access to communication data.
Index Terms—Cybercrime, policing, unauthorised access

sambowne.infosec.exchange.ap.brid.gy•19 hours ago

@GossiTheDog That won't happen in the USA, because Trump has shut down all police accountability agencies

Axolotl-Logic.mathstodon.xyz.ap.brid.gy•6 hours ago

@GossiTheDog Thank you for sharing. It boggles my mind that there are people who think it's a good idea to add intentional insecurities to the systems that protect them (though perhaps they do not realize they are endangered by the policies they support).

Comments

Posting Rules

Reply