Don’t let politicians use the excuse of murderous assholes to scapegoat the internet

Theresa May launches her latest attack on end-to-end encryption.

Don't let politicians use the excuse of murderous assholes to scapegoat the internet

As we’re all aware, a number of people – including children – have been murdered by a bunch of complete arseholes in London and Manchester.

The most recent attack occurred in London on Saturday night, and with a General Election just days away it was inevitable that some politicians would steer the horrific events in an attempt to win some votes or damage the reputation of their rivals.

We even saw the US President try to bring the UK’s tough gun laws into the argument (although clearly the killers would have been able to murder many more people if they had been equipped with machine guns rather than knives and a white van).

Sign up to our free newsletter.
Security news, advice, and tips.

The Conservative party, which is the bookies’ favourites to win the election and return Theresa May as Prime Minister, have taken the opportunity to beat a familiar drum: it’s the internet’s fault.

According to a speech given by Theresa May this weekend, “enough is enough”:

“We cannot allow this ideology the safe space it needs to breed. Yet that is precisely what the internet, and the big companies that provide internet-based services provide.”

“We need to work with allied democratic governments to reach international agreements that regulate cyberspace to prevent the spread of extremist and terrorism planning. And we need to do everything we can at home to reduce the risks of extremism online.”

Notice there is no call for the banning of knives or white vans.

Home Secretary Amber Rudd has predictably chimed in, echoing her leaders’ position, telling the media this weekend that internet companies need to work with the authorities to “limit the amount of end-to-end encryption that otherwise terrorists can use.”

Good luck with legislating the internet, or preventing people from using end-to-end encryption for their online communications. Let me know when you’ve managed that one.

And what is meant by “the amount of end-to-end encryption”? Surely something is either end-to-end encrypted or it’s not?

Even if the UK government was able to force tech giants to weaken the security of their products by incorporating backdoors into their communication services, what does that actually achieve?

Anyone who cares about their online security and privacy would simply use other services to communicate that haven’t given in to the UK government’s demands.

How is the UK going to block Britons from downloading end-to-end messaging software from websites beyond the UK’s control? How will it prevent Brits from compiling free open source apps if they care about their privacy?

And that’s before you raise the spectre that any weakness in end-to-end encryption opens opportunities for organised criminals and state-sponsored hackers to exploit the same backdoor to spy and to steal.

Some British political parties are portraying the internet and encryption as convenient bogey men, blaming them for acts of terrorism rather than asking more difficult questions about whether the country has made mistakes in foreign policy, made too many cut-backs in policing, or been too willing to turn a blind eye to the activities of other countries in the hope of doing business.

Encryption isn’t a bad thing. As I’ve described before, encryption is a good thing, and we shouldn’t be looking for ways to weaken or outlaw it. If anything, we should be encouraging its wider use.

Anyone who tells you different is either ignorant of how end-to-end encryption (and presumably any modern technology) works, or is simply engaged in political grandstanding in a last-minute attempt to appeal to non-technical voters.

Stop press! Woah! A UK politician has actually said something sensible about internet surveillance. Shame that his party is unlikely to win on Thursday.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

22 comments on “Don’t let politicians use the excuse of murderous assholes to scapegoat the internet”

  1. drsolly

    Someone on my blog put it nicely.

    A) Something must be done.
    B) Putting a backdoor into encryption is something.
    C) Therefore, it must be done.

    1. Mark Jacobs · in reply to drsolly

      A) Something must be done.
      B) Arming all known terrorists, funding them and training them is something.
      C) Therefore, it must be done.

  2. Chris Pugson

    Traffic analysis of the Internet would surely yield incredibly useful data without need to decrypt. Gordon Welchman made much use of traffic analysis at Bletchley Park. Traffic analysis was valuable in its own right but especially vital when the decryption data for German communications were temporarily unavailable.

    Someone please say that Internet traffic analysis is already being done on the same lines as 70+ years ago at Bletchley Park but nowadays employing vast modern IT resources. I would be astonished if it is not but I have never heard or read that that is the case.

  3. Roger Leyland

    Good article. This says it clearly for me:

    The politicians just don't understand (or worse)

  4. Mike NI

    I respect this blog but please stick to cyber security and do not claim to have any knowledge of gun control until you know what you are talking about.

    Saying things such as "although clearly the killers would have been able to murder many more people if they had been equipped with machine guns rather than knives and a white van" is ignorant, completely incorrect, and just continues the illusion that we do not need to protect ourselves. We DO need to be able to protect ourselves. It is in our constitution unlike having access to the Internet.

    They will take everything from us if we let them. Stop supporting them when you are talking against them at the same time. Thanks

    1. Graham CluleyGraham Cluley · in reply to Mike NI

      Mike, you've got your view about gun control and I've got mine. I've had my little rant and you've had your opportunity to respond. :)

      We can agree to differ in an amicable way I'm sure, and I hope it doesn't ruin your enjoyment of my computer security content.

      BTW, can you send me a link to the constitution as I'd like to read it.

      1. Steven Richardson · in reply to Graham Cluley

        Very good article Graham, but like Mike I do have to take exception to the gun reference. I do know about the English view of an armed citizenry. What Mike is referring to is the 2nd amendment to our constitution as follows from Wikipedia.

        The Second Amendment (Amendment II) to the United States Constitution protects the right of the people to keep and bear arms and was adopted on December 15, 1791, as part of the first ten amendments contained in the Bill of Rights. The Supreme Court of the United States has ruled that the right belongs to individuals, while also ruling that the right is not unlimited and does not prohibit all regulation of either firearms or similar devices. State and local governments are limited to the same extent as the federal government from infringing this right per the incorporation of the Bill of Rights.
        The Second Amendment was based partially on the right to keep and bear arms in English common law and was influenced by the English Bill of Rights of 1689. Sir William Blackstone described this right as an auxiliary right, supporting the natural rights of self-defense, resistance to oppression, and the civic duty to act in concert in defense of the state.
        In United States v. Cruikshank (1876), the Supreme Court of the United States ruled that, "The right to bear arms is not granted by the Constitution; neither is it in any manner dependent upon that instrument for its existence" and limited the scope of the Second Amendment's protections to the federal government. In United States v. Miller (1939), the Supreme Court ruled that the Second Amendment did not protect weapon types not having a "reasonable relationship to the preservation or efficiency of a well regulated militia."
        In the twenty-first century, the amendment has been subjected to renewed academic inquiry and judicial interest. In District of Columbia v. Heller (2008), the Supreme Court handed down a landmark decision that held the amendment protects an individual right to possess and carry firearms. In McDonald v. Chicago (2010), the Court clarified its earlier decisions that limited the amendment's impact to a restriction on the federal government, expressly holding that the Due Process Clause of the Fourteenth Amendment incorporates the Second Amendment against state and local governments. In Caetano v. Massachusetts (2016), the Supreme Court reiterated its earlier rulings that "the Second Amendment extends, prima facie, to all instruments that constitute bearable arms, even those that were not in existence at the time of the founding" and that its protection is not limited to "only those weapons useful in warfare".
        Basically, if that had happened in say Houston, more than likely there would have been an armed citizen amongst the crowd that would have limited the amount of carnage by taking out the terrorists before the police even arrived.
        Just for the record, not everyone carries a gun in America, but those of us that do are vetted by the FBI, State, and local police and have been trained. Criminals by definition will always be able to get the arms they want despite any laws.
        Now let us agree to disagree and continue on with your great content.

  5. Erich Honecker

    While doing some computer related work, I was streaming the PM's press statement and it immediately struck me: "she's actually asking for a crackdown on liberties!".

    Well said, Graham!

    Tim Farron put it exactly the right way: “The alternative is a government that monitors and controls the internet in the way that China or North Korea does. If we turn the internet into a tool for censorship and surveillance, the terrorists will have won. We won’t make ourselves safer by making ourselves less free.”

    Theresa May shouldn't be wishing for a system the Stasi could have only dreamed of. We would be giving up our way of life, period.

  6. Simon

    I enjoy your blog but please don't try to get involved in British politics or try to influence people away from voting for the Tories. There is much more at stake right now and whilst encryption is very important to me (I work in cyber ops), other issues such as Brexit are extremely important and other parties are simply not capable of taking on that task. We know the parties are using this to push their unwanted policies but we're left with little real choice. We've all got difficult decisions to make right now and could do without outside influence please.

    1. Graham CluleyGraham Cluley · in reply to Simon

      I'm not telling people which way to vote.

      But I will tell folks when I believe politicians of any side are talking nonsense about computer security and privacy. I've done it about American politicians, and I don't see why I shouldn't do the same with British politicians.

      I know it upsets some people, and I'm sorry about that.

      1. drsolly · in reply to Graham Cluley

        You shouldn't be sorry about upsetting some people. Because whatever you say, or fail to say, you will upset some people.

      2. Steven Richardson · in reply to Graham Cluley

        Graham, I think the time for Political Correctness is passed. Please continue on.

  7. Michael Ponzani

    I don't believe in gun control, though I'll admit unrestricted ownership of guns is self limiting due to the costs of the more exotic weapons. If most people had guns many of these terrorist attacks could have been prevented or nipped in the bud. Terrorists never seem to attack police firing ranges or military bases engaged in live firing exercises.

    1. drsolly · in reply to Michael Ponzani

      Universal gun ownership hasn't yet stopped the daily mass-shoootings in the USA.

      Perhaps you need even more guns.

      1. Steven Richardson · in reply to drsolly

        If you will notice, most of the attacks in the US have taken place in "gun free" zones and places where we as legal carriers cannot go, schools, etc. And please be aware that thankfully we do not have "daily" mass shootings.

        1. drsolly · in reply to Steven Richardson

          You're right! Children in schools should be issued with firearms as they enter the school, and part of the curriculum should be "How to identify and kill the bad guys."

    2. Arnold Schmidt · in reply to Michael Ponzani

      The problem with more people carrying weapons is twofold: first, how do you tell the good guys from the bad guys; second, where do you draw the line- no weapon larger than a machine gun, or maybe a bazooka are allowed? Once you open the door to unrestricted carrying of weapons, you will eventually have to deal with more violent, unprovoked incidents, causing more injury and death, not fewer ones.

      1. Steven Richardson · in reply to Arnold Schmidt

        The bad guy is the one waving his weapon around and screaming "give me your money" and the good guy is the one taking him out. As to your second statement, there are laws restricting automatic weapons, explosives, RPG's, etc., but a criminal by definition does not follow the law.
        Many of our anti-gun people have used the same argument and have been proved very wrong by crime statistics dropping in states that are favorable to gun owners.
        The common criminal is going to use a weapon easily available and will not/cannot get it through legal means, ie. stolen.

  8. drsolly

    Your headline is wrong. They aren't assholes, they are arseholes.

    1. Steven Richardson · in reply to drsolly

      I can think of many more references for these type of people, but the one I most prefer is DEAD.

  9. Kwaz


    Don't use the internet as the excuse for the behaviors of hair triggered murderous azzholes. If you claim reading something off a computer screen triggers murder then they were long ago radicalized.

  10. Jim

    I would have thought the monitoring of the internet by security would be a better solution, rather then warning terrorists in advance that their communications are going to be monitored.

    Correct me if I'm wrong but Britain had bombings from IRA and their wasn't much internet then.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.