EU santioned hacking without warrents

#1
I had a quick look and couldnt see this posted.

The EU (something i dont hate as much as some people) has increased the powers for intrusion into peoples computers. Essentially the police here when they feel the need, or at the request of other EU members, can hack into peoples computers to search for incriminating evidence without warrants, all for crimes that could result in as little as 3 years in jail.

Telegraph link

THE Home Office has quietly adopted a new plan to allow police across Britain routinely to hack into people’s personal computers without a warrant.

The move, which follows a decision by the European Union’s council of ministers in Brussels, has angered civil liberties groups and opposition MPs. They described it as a sinister extension of the surveillance state which drives “a coach and horses” through privacy laws.

The hacking is known as “remote searching”. It allows police or MI5 officers who may be hundreds of miles away to examine covertly the hard drive of someone’s PC at his home, office or hotel room.

Material gathered in this way includes the content of all e-mails, web-browsing habits and instant messaging.
Related Links

Under the Brussels edict, police across the EU have been given the green light to expand the implementation of a rarely used power involving warrantless intrusive surveillance of private property. The strategy will allow French, German and other EU forces to ask British officers to hack into someone’s UK computer and pass over any material gleaned.

A remote search can be granted if a senior officer says he “believes” that it is “proportionate” and necessary to prevent or detect serious crime — defined as any offence attracting a jail sentence of more than three years.

However, opposition MPs and civil liberties groups say that the broadening of such intrusive surveillance powers should be regulated by a new act of parliament and court warrants.

They point out that in contrast to the legal safeguards for searching a suspect’s home, police undertaking a remote search do not need to apply to a magistrates’ court for a warrant.

Shami Chakrabarti, director of Liberty, the human rights group, said she would challenge the legal basis of the move. “These are very intrusive powers – as intrusive as someone busting down your door and coming into your home,” she said.

“The public will want this to be controlled by new legislation and judicial authorisation. Without those safeguards it’s a devastating blow to any notion of personal privacy.”

She said the move had parallels with the warrantless police search of the House of Commons office of Damian Green, the Tory MP: “It’s like giving police the power to do a Damian Green every day but to do it without anyone even knowing you were doing it.”

Richard Clayton, a researcher at Cambridge University’s computer laboratory, said that remote searches had been possible since 1994, although they were very rare. An amendment to the Computer Misuse Act 1990 made hacking legal if it was authorised and carried out by the state.

He said the authorities could break into a suspect’s home or office and insert a “key-logging” device into an individual’s computer. This would collect and, if necessary, transmit details of all the suspect’s keystrokes. “It’s just like putting a secret camera in someone’s living room,” he said.

Police might also send an e-mail to a suspect’s computer. The message would include an attachment that contained a virus or “malware”. If the attachment was opened, the remote search facility would be covertly activated. Alternatively, police could park outside a suspect’s home and hack into his or her hard drive using the wireless network.

Police say that such methods are necessary to investigate suspects who use cyberspace to carry out crimes. These include paedophiles, internet fraudsters, identity thieves and terrorists.

The Association of Chief Police Officers (Acpo) said such intrusive surveillance was closely regulated under the Regulation of Investigatory Powers Act. A spokesman said police were already carrying out a small number of these operations which were among 194 clandestine searches last year of people’s homes, offices and hotel bedrooms.

“To be a valid authorisation, the officer giving it must believe that when it is given it is necessary to prevent or detect serious crime and [the] action is proportionate to what it seeks to achieve,” Acpo said.

Dominic Grieve, the shadow home secretary, agreed that the development may benefit law enforcement. But he added: “The exercise of such intrusive powers raises serious privacy issues. The government must explain how they would work in practice and what safeguards will be in place to prevent abuse.”

The Home Office said it was working with other EU states to develop details of the proposals.
 
#2
Let me save the spooks the trouble. My surfing consists of

1. Arrse
2. Vintage Airplanes
3. All the News and Current Affairs I can assimilate
4. Porn , particularly the late 80's early 90's and in particular the collected works of Ms. Alicyn Sterling.

I'd hate to see resources wasted when I can give them a head start.
 
#3
PTP those are the same attributes they would find from my web searching too!

Seriously though this is a major intrusion into our lives, I dont doubt that our internet bank accounts may be hacked by dishonest inspections of our PC's. I think also that those who wish to keep their activities under cover will develop "safeguards".
 
#4
... and I am berated for referring to the European SOVIET Union.

I suspect most people now expect Brown and his gang to reduce personal freedoms and increase the power of the State at every opportunity. In line with this view I would not be surprised at all if, before May 2010, Brown declares it would be "...imprudent in the current state of financial difficulties..." to hold a General Election.
 
#5
There are ways around this new scheme. The really serious, high-tech criminals will develop new and cutting-edge methods of preventing hacking by, say, unplugging the ethernet cable when they aren't using the computer, or keeping all their data on a removable hard drive stored away from the computer, or if they're really clever, turning the computer off at the wall (no power means no hard drive movement means no reading the hard drive, surely?)
 
#6
Another step closer to Personal Bar-Coding.

But still they'll vote for Labour, as they have to, as Labour pays there wages. It's no longer the UK, IT's Mongnation.

Here goes. We can blow up there servers by using all the so-called key words in every email, post or text message:
:D :D :D :D

Terrorist
Bomb
Extremists
Steal
Murder
Fraud
AK-47

That should keep them busy :D :D :D
 
#7
There are so many ways around this it's ridiculous to even suggest that plod is remotely capable of accessing someone's hard drive. A simple router with an in built firewall will be enough to give them a severe headache because they automatically block all incoming connections. WPA2 would take them ages to crack sitting outside your house in a van that you'd notice. Infact I'd bring them tea and coffee in the morning and wish them luck. Suggesting they send you malware in an email hoping that you will open it is hilarious! The thing is the technologically illiterate Times Online swallow this crap as gospel and then spread it around. It spooks people because they assume that the police or the state have the ability to do it or have the competence.

No I don't agree that they should be allowed to attempt to hack a users PC without a warrant any more so than they have a right to open your mail or enter your house and that's why we should fight such poor legislation. However, without direct access to your router or PC they have got such a slim chance of achieving anything. So what's the point?

If you were looking to keep your data safe because you were waging jihad you'd take more precaution than the average dolt who walks into PCWorld. There's plenty of wifi hotspots around that give you web access and things like SSL, an encrypted VPN with servers in another country would be impossible for them to trace or access.
 
#8
Garhwal said:
A simple router with an in built firewall will be enough to give them a severe headache because they automatically block all incoming connections.
However, a simple firmware update and they would have complete contol of all the routers.
 

BuggerAll

LE
Kit Reviewer
Book Reviewer
#9
One begins to have sympathy with the Mountain men survivalist types in some of the more inaccessible places in the US.

I could see a point when there could be anti Festung Europa terrorism. Hopefully I will have emigrated by then.
 
#10
Garhwal said:
Suggesting they send you malware in an email hoping that you will open it is hilarious!
It may be hilarious, or even sad, but targeted malware linked to web-pages of interest to the target organisation - say, for ARRSE members, a faked report of the sacking of Bob Ainsworth for breaking of the new extreme porn law - would get a lot of the people clicking the link. Creating malware that is, temporarily, going to get through most desktop security is not impossible.

It has happened, and the military are not immune. Harder to get a specific individual but, if you don't need a warrant then you haven't necessarily got the restrictions requiring you to minimise collateral intrusion.

Frankly, if you have time, most computers have security holes. Hence the suggestions about disconnecting the computer from the hinterweb and keeping your sensitive data on removable media would be the best way to minimise any exposure. Or, alternatively, keeping your seditious activities quiet from the Stasi.
 
#11
Keyboards give off electronic emissions which travel tens of yards. If plod wanted to then all they have to do is sit outside and read said emissions to get what you e typing. The suggestion of breaking in and planting a keystroke reader is really rather silly.
 
#12
Sven said:
Keyboards give off electronic emissions which travel tens of yards. If plod wanted to then all they have to do is sit outside and read said emissions to get what you e typing. The suggestion of breaking in and planting a keystroke reader is really rather silly.
Under laboratory conditions, scientists have so far managed to successfully achieve this to a distance of about 10 feet. Get you facts straight Sven. Far more efficient to send a spoof email with keylogging software attached.
 
#13
whitecity said:
Sven said:
Keyboards give off electronic emissions which travel tens of yards. If plod wanted to then all they have to do is sit outside and read said emissions to get what you e typing. The suggestion of breaking in and planting a keystroke reader is really rather silly.
Under laboratory conditions, scientists have so far managed to successfully achieve this to a distance of about 10 feet. Get you facts straight Sven. Far more efficient to send a spoof email with keylogging software attached.
You are talking bollox WC - unless you have proof. I have my facts right. As for spoof email, any good bit of software will pick up spyware or malware.
 
#14
Sven said:
As for spoof email, any good bit of software will pick up spyware or malware.
Any reliable program will pick up common malware and most recent stuff. As the Virus Bulletin tests (and others) regularly show, many commercial and trusted programs are not 'reliable' in that sense and many people do not keep their protection up to date.

However, specifically targeted malware that is only sent to a few targets will not be caught, except via effective behavioural detection engines (which don't exist yet but they are getting better - Kaspersky's is good but irritating to use). Where the attachment or link is benign and the malware is hidden on the web page, then you have an even better scenario for your attack.

People rely too much on AV and anti-spyware tools to protect them from the consequences of their own deliberate acts and the errors and compromises of the operating system developers.
 
#15
All_I_Want said:
Garhwal said:
A simple router with an in built firewall will be enough to give them a severe headache because they automatically block all incoming connections.
However, a simple firmware update and they would have complete contol of all the routers.
But they need to know what router you are using and secondly they would need to go through the manufacturer in order to get a firmware update.
 
#16
Change to a Nix distribution of some kind you can even run off a live CD or VmWare in windows or use colinux which is designed to cohabit with windows when browsing or checking mail and that would stymie most if not all spyware.
 
#17
Garhwal said:
All_I_Want said:
Garhwal said:
A simple router with an in built firewall will be enough to give them a severe headache because they automatically block all incoming connections.
However, a simple firmware update and they would have complete contol of all the routers.
But they need to know what router you are using and secondly they would need to go through the manufacturer in order to get a firmware update.
And of course you'll need to authorise the firmware update. I haven't updated mine since I installed it 18 months ago, if it isn't broken don't fix it applies here.....
 
#18
Garhwal said:
There are so many ways around this it's ridiculous to even suggest that plod is remotely capable of accessing someone's hard drive. A simple router with an in built firewall will be enough to give them a severe headache because they automatically block all incoming connections. WPA2 would take them ages to crack sitting outside your house in a van that you'd notice.
...

If you were looking to keep your data safe because you were waging jihad you'd take more precaution than the average dolt who walks into PCWorld.
You would be surprised how many people have computers with firewall/anti-virus packages that are seriously out of date or just not there to begin with. The same with anti-spyware programs. I fixed a friend computer before christmas that had over 500 spyware infection of various degress and about 25 viruses, this is a normally smart person who has never thought of doing basic PC security. So you would be surprised how easy this could be for the plod.

Also this is not aimed purely at terrorists, if it was it would say so in order to sugar coat the pill. But its aimed at all offences that would (according to the book not judge reality) bring as little as 3 years in jail, not exactly another bang in the tube material.
 
#19
Firewalls allow traffic in that has been requested by devices on the inside of their protected zone. They do this by examining the ports and scockets that have been requested by the PC making the information request, ie http is port 80, so a response to a device on port 80 would be allowed in. Its a process called Stateful Packet Inspection. The "trojan" that would be implanted by the LEA would likely be sent on commonly used ports ie 80 or 21. Once its on your PC it can report back using any port and the firewall will allow it through. Its quite simple to get it to your PC. Alternately it could be part of a Windows release, or update. Have you looked at what windows is doing in the background?

No doubt someone will bring out measures to detect this type of activity, but like the radar detector for speed cameras in Europe, the radar detector is banned in all countries apart from UK, and legislation is being passed to ban them here.
 
#20
Simple, turn off your computer when not in use. I personnay only turn the moden on when i am on the t'ínternet.

No virus or malware can pass an airgap.

Regardless of the ins and outs of protection though, this is a breach of personal security, in the same way a police officer couldn´t just walk in to your home and start having a poke about.

How long before the Police (British side of it anyway) sell the "rights" to a civvie, say, Microsoft or one of the big music or film industry names. And the number of people copping for "pirateing" rockets?
 
Thread starter Similar threads Forum Replies Date
polar Royal Signals 0
Forces_Sweetheart The Intelligence Cell 6
Good CO ARRSE: Site Issues 0

Similar threads

Top