Blog

Podcast – quick history of encryption

I did a quick video of a very short history of encryption for a friend who was putting on a screening of Citizen Four. I tried to put the film into some context, including the crypto wars. Hard to do in ~10 minutes but I think I managed it.

Please accept YouTube cookies to play this video. By accepting you will be accessing content from YouTube, a service provided by an external third party.

YouTube privacy policy

If you accept this notice, your choice will be saved and the page will refresh.

Investigatory Powers Bill

The video below is a recording of Teresa May answering questions on the draft Investigatory Powers Bill. some interesting highlights (or low lights) for me where the following:

  • She essentially didn’t answer the question on why it is unhelpful to compare the retention of web history with that of an itemised phone bill. The two things are not the same. An itemised phone bill doesn’t record a version of the conversation that took place. Now, although I believe that the retention is not include the exact pages visited, it does include the IP address of the website. So even though that is not exact pages visited, it does give some idea of the content that might have been viewed as they could go and retrospectively visit the site. Importantly, this doesn’t include whether the site has changed in the meantime. Also it is not clear to me whether the IP address and the site are recorded. Obviously this is important as you can host a large number of websites on a single server… In short this comparison is supposed to be there for clarification, it doesn’t clarify anything.
  • Some of the wording seems to be vague to say the least. This is of some concern as it could allow for a degree of ‘mission creep’. Where the legislation is used for things that it was not really intended for. We have already seen the government use terrorism laws for strange things, the most obvious of which was them being used to freeze Icelandic bank accounts during the financial crash.
  • No sunset clause. So the bill will not time out on its own, and realistically unless the attitude of a future government is very difference from today. We might well be stuck with it forever.
  • I will also point out that there seems to be some scope for the weakening of encryption in the bill. We haven’t seen this since the May 2000 Electronic Communications Act, in which the Home Office left in a vestigial power to create a registration regime for encryption services. Basically the capacity to weaken/back door encryption. This did have a sunset clause which expired.

Security Algorithms Need to be More Transparent

I wrote a piece for The Conversation, “It’s time to shine a light on the unseen algorithms that power ‘Big Brother’”. I try to make the point that we as citizens know very little about the algorithms that power the security services (not to mention all sorts of other things too). Which is troubling as there is a great potential for them to discriminate, or plane get things wrong. This is both potentially damaging to us, but it also makes them less useful. I also draw a comparison between these analytical algorithms and cryptographic algorithms, which are often deliberately opened up to ensure there strength. Analytical algorithms that have the power to refuse someone entry to a country, or potentially assist with putting someone behind bars, should also be open.It’s time to shine a light on the unseen algorithms that power ‘Big Brother’

 

 

 

 

 

 

 

RGS Panel: Risk and Complexity in Finance and Beyond

Our Royal Geographical Society panel, “Risk and Complexity in Finance and Beyond” has been accepted for this years RGS annual conference!

Some details below:

Session organiser/s: Philip Garnett, The University of York, UK; John H. Morris, Durham University, UK
Session chair/s: Philip Garnett, The University of York, UK; John H. Morris, Durham University, UK

Session authors and presenters: Louise Amoore, Durham University, UK; David Chandler, University of Westminster, UK; Nat O’Grady, University of Southampton, UK; John H. Morris, Durham University, UK; Spencer Cox, University of Minnesota, USA; Philip Garnett, The University of York, UK; Eli Lazarus, Cardiff University, UK; Vanessa Schofield, Durham University, UK

The conference takes place at the University of Exeter from Tuesday 1 September 2015 (when registration opens from midday and there will be pre-conference workshops and an evening plenary/welcome event), through to Friday 4 September 2015. Sessions may be scheduled at any time between 9am and 6:30pm on Wednesday 2 and Thursday 3 September, or between 9am and 4.20pm on Friday 4 September 2015.

Complex Beyond Regulation – Global Policy Journal Event

I gave a talk on the 18th of June for a event co-hosted by the Global Policy Journal and Durham University. The title of the talk was “Complex Beyond Regulation”, and its major theme was that the global financial system is now so complex that it is beyond our skill to regulate. I took this position (that some would say is a bit extreme) partly to provoke some debate around the topic, but also because it might not be as far from the truth as we would like. The global financial system is truly complex; it is a complex network of networks governed by numerous rules and regulations. How do we regulate such a system, and how do we overcome its inertia and cope with emergent properties? Talk slides Complex Beyond Regulation WebV.