Skip to content
Science, Maths & Technology
Author:

Theresa May’s new Big Brother powers won’t help catch more criminals

Updated Wednesday, 26th November 2014

Enabling the police to identify who is using a digital device at any time won't catch up with the more advanced criminals, writes Andrew Smith. 

This page was published over five years ago. Please be aware that due to the passage of time, the information provided on this page may be out of date or otherwise inaccurate, and any views or opinions expressed may no longer be relevant. Some technical elements such as audio-visual and interactive media may no longer work. For more detail, see our Archive and Deletion Policy

Computer hacker silhouette of hooded man with binary data and network security terms. Copyrighted  image Icon Copyright: Flynt | Dreamstime.com Home Secretary Theresa May is giving new powers to the police, which will enable them to clearly identify who is using a computer or mobile phone at a given time. Putting the politics of national security and counter-terrorism aside, the proposed act would force all internet data-providers to retain data, linking devices to users.

Due to be announced before Parliament on November 26, the legislation is in effect looking to track the Internet Protocol (IP) addresses of any suspects. This includes, organised crime, cyber-bullies, hackers, terror suspects, suspected child sex offenders and vulnerable people who may be at personal risk.

While this looks good on paper and seems like the right move, as someone who has been teaching network engineers for years, I can see many flaws in this politically noble endeavour.

How does it work?

At the moment your computer, smartphone or tablet connects to the internet, it had to make a connection via a network communication and routing device. The routing device could have been the wireless device at home, 3G or the free wifi in the cafe. When the connection is made, you are issued with a temporary IP address, which temporarily ties down your device and is logged on the network.

With this knowledge, internet service providers can easily record who is using what device and when. This technology has been available for a long time. Corporate networks have been able to log staff computers and their IP addresses for many years. If you connect your laptop to the cafe wifi, it is not difficult to keep a log of each connection, where you visit, your devices MAC address and send this to a remote logging server.

MAC addresses are hard-wired into your devices, in this respect smartphones and computers are alike may have multiple addresses. Therefore each device is effectively unique and means that service providers can keep a track of who is using your home network. If it is insecure, it may result in an unexpected dawn visit.

Will it stop the criminals?

The stark reality is that the people who are the greatest danger are often the most capable, as recent news has proven. Often capable cyber-criminals and other undesirables will have taken the time to learn how to circumvent and avoid being easily spotted.

MAC addresses can be spoofed. Which means that I can trick a network server into thinking that I am using a completely different device. In addition, I could easily create my own proxy (a go-between server), hiding different devices behind another spoofed IP address. If someone was determined, there are many ways of hiding from those who are attempting to record the activities of millions of devices.

The measures announced by the UK government will go some way to help the police gather much needed evidence when they have a clear case. But in the cat and mouse game of keeping up with the more advanced criminals, sadly this measure is years behind the actual skills out there.

The Conversation

Andrew Smith does not work for, consult to, own shares in or receive funding from any company or organisation that would benefit from this article, and has no relevant affiliations.

This article was originally published on The Conversation. Read the original article.

Interested in cyber security? Try our FREE learning tools

 

Author

Ratings

Share

Related content (tags)

Copyright information

For further information, take a look at our frequently asked questions which may give you the support you need.

Have a question?