Something to hide: If you hide, you must be committing a crime
Category: Blog
By Janice
27/10/2016
Cryptography has a saint and sinner profile just now, with companies like Google pushing forward HTTPs, and governments around the world railing against it. While many countries have been close to forcing companies to add backdoors, few have taken the step of ban its operation. Now, a royal edict from the president of the United Arab Emirates (UAE), His Highness Sheikh Khalifa bin Zayed Al Nahyan (Figure 10), has taken this step the massive step by making it illegal to use a secure tunnel, VPN or secure proxy service. Those who are caught will risk jail and fines between 500,000 and 2,000,000 UAE dirham (US$136,130 and $544,521):
Whoever uses a fraudulent computer network protocol address (IP address) by using a false address or a third-party address by any other means for the purpose of committing a crime or preventing its discovery, shall be punished by temporary imprisonment and a fine of no less than Dhs 500,000 and not exceeding Dhs 2,000,000, or either of these two penalties.
Overall the pronouncement is rather difficult to interpret, both from a legal and a technical point-of-view, but basically it says [here]:
it is illegal to use a system which could hide someone who is committing a crime
So it fits with the scenario above, where the state cannot tell if you are committing a crime or not, so the usage of the system is illegal. If there was ever a Future World Police-state law, it is this one. Some could have a defence that they were not committing a crime, but it would be difficult to show the decrypted data streams, and for law enforcement to understand the traces.
Presently telecoms providers block any Web access which does not fit in with UAE values, including in accessing pornography sites and for VoIP services. Until recently Skype was banned, but has now been allowed due to business pressures. Only Etisalat and Du are, which are two relatively expensive VoIP packages, are official sanctioned to be used. At present, too, the majority of the residents in UAE are from other nations, and where it is often a standard part of their business to use VPNs and proxy systems.
Governments, too, are now trying to find ways to restrict access. In Kazakhstan there are plans for creating a security certificate for every tunnel created, and in France, the government is planning to ban Tor and forbidding free and shared wi-fi connections (as law enforcement often struggle to track individuals who are using public wi-fi networks).
For Tor, the only real way to ban the communications is to examine the gateway node, so that a connection could be made from inside France, but where there would be a list of Tor gateway nodes, which would be banned. While the concept of banning Tor traffic, it is technically difficult to block, as network packets will only show the next hop in the chain, and these would be difficult to block. The exit node is only see at the last hop.
At present China block the entry nodes, which are publicly listed, but it is also possible to use non-public entry nodes, known as “bridges". It would seem that a model that France could use is the one used in China. Overall it is not possible for an ISP to see the destination site within the traffic, and could only determine if Tor was used if there is a known entry node used for the traffic.

Conclusion
The days for the forensics investigator of just running EnCase are over. One of their major challenges is now going to be investigating data in each of the three states: on-the-air; in-process; and at-rest. It's not going to be easy for them, though.
For those who do not commit criminal acts, too, have some rights to privacy too, so the same tools that are used by criminals to hide the tracks, may also be used by individuals who do not want to be spied on.
William Buchanan LinkedIn: http://uk.linkedin.com/in/billatnapier(link is external)(link is external)
Napier University website: http://www.napier.ac.uk/(link is external)
To be featured or find out more:
e-mail us on support@companyconnecting.com
call us on 0845 643 5375
or contact Janice on Linkedin
First published on Company Connecting JOctober 2016
©Company Connecting
