UK Police planning to hack citizens' PCs

Published: 2009-01-05. Last Updated: 2009-01-06 13:44:10 UTC
by Toby Kohlenberg (Version: 1)
3 comment(s)

An interesting article from the TimesOnline - http://www.timesonline.co.uk/tol/news/politics/article5439604.ece

I'm curious what ISC readers think of this. Here's a short quote from the article to pique your interest:

"THE Home Office has quietly adopted a new plan to allow police across Britain routinely to hack into people’s personal computers without a warrant.

The move, which follows a decision by the European Union’s council of ministers in Brussels, has angered civil liberties groups and opposition MPs. They described it as a sinister extension of the surveillance state which drives “a coach and horses” through privacy laws.

The hacking is known as “remote searching”. It allows police or MI5 officers who may be hundreds of miles away to examine covertly the hard drive of someone’s PC at his home, office or hotel room."

Keywords:
3 comment(s)

Comments

This is a paranoid abuse, most of the people don't know what this could mean, maybe the beginning of a new "protection", like in the "Brave New World" or "V for Vendetta", where a few take decision for others without privacy at all.
This dark comment is clearly an exaggeration, because this upset me. In the other hand it would be fun to see if I my home's perimeter protection could stop them or at least detect them :)
I don't know how this can be accomplished without installing some sort of agent on every British subjects' computer. If they try to dig in remotely, they will be relying on exploiting unpatched vulnerabilities (I guess) or spear phishing. These things can be blocked and detected by savvy users, which are likely the very users they are most interested in. It will let them spy on regular Joes with nothing to hide but the real crooks will stop them cold.
I would be very interested in knowing exacly how they plan to accomplish this 'remote search'. If a user is connected to the Internet without at least a NAT device in between, then the connection is wide open to scrutiny by anyone, and it's only a slight stretch to use that availablity for surveillance; if, however, it requires a client/agent then the user must agree to its isntallation, otherwise it violates not only privacy laws, but several computer crime laws as well.

Diary Archives