Thanks, it took me nigh on 1/2 an hour though so...
umm, not really. It means the request has a classification level of Secret, that its subject relates to communications intelligence (you got that bit right), and that it may be released to the members of Five Eyes.
My "it means that.." statement was supposed to be a summary of the header in the context of all the facts that have come before it, not a straight translation of what the header meant.
-----BEGIN PGP MESSAGE-----
HenryB: Got it! And thanks!
Second Little Brother. I'm wondering if I need to have a key-signing party sometime.
YES. I'll work something out for my next post.
Not that I do this, but I just thought it was kinda cool. These guys have thought stuff through.
Oh yeah. That's precisely why I'm going to go through Truecrypt. This is from the Police Search Manual:
A specified person may not be required to give any information tending to incriminate themselves. However, this does not prevent you from requiring them to provide information or assistance that is reasonable and necessary to allow you to access data held in, or accessible from, a computer system or other data storage device that contains or may contain information tending to incriminate the person.
In NZ, it's give up your password, or face 3 months in jail.
General comment: Baby steps, folks. Tor, Truecrypt, everything else will come.
I guess the first part of the article nicely disposes of ex-GCSB head Bruce Ferguson's claim that the GCSB only provided assistance to Police by seconding staff to them.
Hang on though - this was not quite the same, in that they believed (genuinely or not) that Kim Dotcom was a foreign national, and therefore there was no need for a firewall between them and the investigation, which is what the secondment process is designed for.
Maybe this is a silly question, but given that I understand encryption that can't be cracked by governments isn't supposed to be publicly available (limit to number of keys) - isn't there a risk with encryption that using it attracts attention in and of itself, and that with small volumes of encrypted traffic, agencies can comfortably handle the processing power to crack it?
a) I don't think this is true yet, and b) this is why we need to increase the volume of encrypted traffic.
I've assumed for years that everything I put on the internet, including email, can be harvested, it's just that nobody cares enough to do it provided I don't stick obvious keywords in there, or correspond with known agitators, or have offline activities that might draw attention. Security by obscurity.
That's not security by obscurity, that's just obscurity.
Of course, if enough people use encryption, the appearance of secrecy doesn't stand out as noteworthy. Another thought - a really good code doesn't look like a code.
Moz & Rich: Yes, will get to that in the next part...
Huzzah! It worked. I'd reply in an encrypted message, but I don't have your public key.