Russian Internet users are still in the dark over whether they country is planning to impose restrictions on the use of Skype, Gmail and Hotmail after an official expressed concerns that the services’ use of encryption hampers police surveillance.
Reports in the country earlier last week suggested that the FSB had been campaigning either to block the services or to ask for access to the cryptographic technology that underlies them.
“The uncontrollable use of such services can lead to a major threat to Russia's security,” FSB official, Alexander Andreyechkin, was quoted as saying by the RIA Novosti Agency.
However, several statements since then appear to have rowed back from that option."Quite the contrary - the development of advanced technology is a natural process that should be welcomed," an unnamed security services official was quoted as telling Russian news agencies on Saturday.
Confusing matters still further, according to Deputy Communications and Press Minister Ilya Massukh a special intra-agency meeting held on Friday drew up plans to introduce new legislation to regulate the services as soon as October.
An outright ban seems technologically unworkable as does asking the services to hand over encryption keys. None of the companies involved would be likely to comply and will all probably point out that users could anyway still apply their own encryption using other tools if they chose to.
The idea of a service block is considered an old-fashioned solution in western countries where the debate over encryption technology has long since moved beyond tricky and time-consuming attempts to extract keys.
Various approaches have been tried to battle the spread encryption, starting with Trojan software and old-fashioned taps to gain access to information ‘in the clear’, before it is encrypted. This is known to have been tried and is the prime weakness of any type of encryption system.
A second tactic adopted by the UK under the Regulation of Investigatory Powers Act 2000 (RIPA), activated in 2007, is that police can demand a suspect hand over an encryption key on pain of imprisonment.
One counter-tactic has been plausible deniability, in effect a way of hiding encrypted data so as to avoid the possibility of self-incrimination by refusing to divulge passwords.
This forms one of the features of the popular Open Source encryption program TrueCrypt, which last year resisted even the FBI which had been asked to crack passwords in a case being pursued by the Brazilian police.
Find your next job with techworld jobs