Cameron to Ban End-to-End Encryption?

It seems that every time we have a high profile terrorist attack, politicians, with alarming alacrity, seize on the opportunity to demand extra snooping powers. This used to be New Labour’s domain, but now it’s the turn of David Cameron. Our esteemed PM wants to allow our security services to view the content of encrypted messaging services:

Mr Cameron told ITV News: “I think we cannot allow modern forms of communication to be exempt from the ability, in extremis, with a warrant signed by the Home Secretary, to be exempt from being listened to.”

(That is very nearly a coherent sentence)

On the same day, The Independent spun similar comments made by Cameron into the following article:

WhatsApp and iMessage could be banned under new surveillance plans

David Cameron could block WhatsApp and Snapchat if he wins the next election, as part of his plans for new surveillance powers announced in the wake of the shootings in Paris.

The Prime Minister said today that he would stop the use of methods of communication that cannot be read by the security services even if they have a warrant. But that could include popular chat and social apps that encrypt their data, such as WhatsApp.

Apple’s iMessage and FaceTime also encrypt their data, and could fall under the ban along with other encrypted chat apps like Telegram.

The Guardian was kind enough to supply the original quote:

In extremis, it has been possible to read someone’s letter, to listen to someone’s call, to mobile communications,” Cameron said. “The question remains: are we going to allow a means of communications where it simply is not possible to do that? My answer to that question is: no, we must not.”

David, you are not the Prime Minister of North Korea. Policies like this will only lose you votes.

There are dozens of encrypted chat clients out there. Do you really want the security service spending all of their time play Whack-a-Mole with the online development community? The government and security services will be chasing their own tails for eternity trying to solve this problem. It is stupid idea, unenforcible, futile, and counter-productive.

Any half baked measure to introduce back door access or lower encryption standards will be an open invitation to hackers. It might give the government what they want, but we will all be worse off for it.

Also, as Guido points out:

However, Dave can take heart that he’s not in this fight alone, the other countries where there are known domestic controls on the use of encryption are Russia, China, Mongolia, Vietnam, Pakistan, Iran, Kazakhstan, Belarus, Ukraine, Moldova, Israel, Tunisia and Morocco.

That’s one hell of a club Dave’s trying to sign us up to…

View comments.

more ...

A Necessary Storm

A few days ago, prominent Apple developer, podcaster and blogger, Marco Arment published a strongly written article, voicing his frustration at the decline in quality of Apple’s latest software offerings:

Apple’s hardware today is amazing - it has never been better. But the software quality has fallen so much in the last few years that I’m deeply concerned for its future.

Strong words indeed. The resulting media storm forced Marco into in a follow up post where he admits he probably went too far:

Instead of what was intended to be constructive criticism of the most influential company in my life, I handed the press more poorly written fuel to hamfistedly stab Apple with my name and reputation behind it. And my name will be on that forever.

Had I known that it would go as far as it did, I never would have written it.

He had unintentionally fed the great “Apple is Doomed” internet troll.

The thing is, whilst Marco could be criticised for his choice of language, the basis of his article was not wrong. He might regret his temporary notoriety, but the attention that his article garnered means that his message has surely made its way to the ears of the influencers inside Apple. If Apple still value their age worn “It just works” credo, they should sit up, take notice and do something about it.

Apple have done this before. The Snow Leopard (10.6) release of OSX was heavy on bug fixes and performance improvements, and light on new features. As a result it was (and remains) the most stable release of OSX to date.

The problem that Apple face now is compounded because their OS footprint is getting significantly bigger: Mac OSX, iOS, Apple TV and now Apple Watch. I buy and recommend a lot of these products on the basis that perceived quality. My kids went through university with Macbooks and iPhones and I can count the number of support issues I had to resolve on the fingers of one hand. Apple set that standard and it is all the more frustrating when they fail to meet it. I buy Apple at home so that I don’t have to deal with same crap I have to put up with in work, supporting Windows systems.

One of my favourite sub £100 gadgets is the Apple TV. Every now and then it cannot find my iTunes content hosted on the Mac Pro upstairs - easily resolved with a reboot, but still bloody annoying. It will happily stream content via Airplay from an iPhone 4 or 5, but the same content from an iPhone 6 takes ages to stream. Whiny First World problems for sure, but hey, like I said, Apple set the bar.

It is time for Apple slow down a bit and repeat the Snow Leopard exercise across all of their current platforms. As Gruber says:

It’s not that Apple has lost the “it just works” crown to a competitor, but rather that they’ve seeded a perception that Apple’s stuff doesn’t work, either.

View comments.

more ...

Static blogging with Pelican - Part 1

I have used a number of blogging engines over the years. I started off with Blogger, moved onto a self hosted Wordpress site and then onto the fully hosted solution offered by Squarespace (which is excellent btw).

Each solution had upsides and drawbacks. It was easy to outgrow Blogger. Wordpress was powerful but earlier versions were susceptible to hacking, plus managing plug-ins, MySQL and backups became a drag. Squarespace is superb, but the programmer in me yearned for more control.

I decided to look at some static blogging engines. My goals being:

  • All content should be pre-compiled to static web pages making the end result portable and quick to load
  • As much as possible, remove reliance on the server side web technology stack (PHP, MySQL etc.)
  • All content to be written using plain text Markdown files
  • The ability to perform staging and testing off-line

On top of these requirements, I also wanted to:

  • Keep my existing photo pages (imported from Flickr albums)
  • Import the comments from my existing blog

After digging around for a bit, I finally settled on Pelican - a static blog generator written in Python.

If you can find your way around the Unix command line, you can be up and running in minutes using the following:

sudo pip install pelican
sudo pip install Markdown
pelican-quickstart

This will create the folder structure for your Pelican project:

yourproject/
├── content
│   └── (pages)
├── output
├── develop_server.sh
├── fabfile.py
├── Makefile
├── pelicanconf.py       # Main settings file
└── publishconf.py       # Settings to use when ready to publish

Creating content is easy. Simply create a markdown file in the content folder using the following metadata syntax at the top of the file:

Title: Static blogging with Pelican - Part 1
Date: 2014-10-27 18:02
Author: Allan Scullion
Category: Blogging
Tags: Blogging,Pelican,Python
Slug: pelican-1

Page content goes here

Save the file, then use the following command1:

make clean && make html DEBUG=1 && make serve

Open your browser to http://localhost:8000 and behold your new creation.

The output folder contains all of the generated HTML files and other assets. The Makefile also has a number of commands to publish these using a number of methods, including FTP and rsync+ssh.

In follow up posts, I will cover:

  • Site Templates (you will no doubt hate the standard template)
  • Adding comments using Disqus
  • Plug-ins
  • Automated publishing using Github and Codeship

  1. Better still, save it as a shell script, because you will be using it a lot 

View comments.

more ...