Do GCHQ/MI5 etc need more powers to fight terrorism?

As with Lee Rigby at least one of the Paris attackers Cherif Kouachi, had already been convicted in 2008 of recruiting for, and then himself attempting to join the war in Iraq in support of Islamists against the allied coalition. He was sentenced to 18 months in jail, which was negated by time spent on remand, and allowed to walk free.

His brother Said, who lived with Cherif had a Facebook page full of pictures of himself with assault rifles and responding will "Allahu Ahkbar" to a picture of an exploding building. Not criminal in itself but given his brother and housemate's past you'd think it might raise some questions.

It now seems that both of them had travelled overseas to train with and support Islamist causes since Cherif's conviction.

I found this out in an idle half hour on Google with no special powers, phone records or private emails. It was in the public domain.

Understand the point about resources being spread thinly and you can't monitor everyone who's ever posted a picture of themselves with a gun, but in my opinion someone who is prepared to travel into a warzone to fight allied countries is a very real menace and should have still been in prison. And while it obviously can't be guaranteed it doesn't seem unreasonable to suppose that had this been the case the other two would not have carried out this attack on their own.

^^ I also think it's a case of 'old fashioned police work' as someone once said. I.e. the technology will give you a pointer, but you then have to follow it up with HUMINT. Personally, I think that the services already have the methods needed - they have warrants and RIPA. The rest is up to skilled personnel. Rather, the services are expecting technology to do the job for them and cheaper than skilled individuals, but to do that it needs to invade our every communication. I disagree with this - work with what you have.

It takes at least 4 people in shifts to watch 1 person around the clock, and that's before holidays, illness etc. Plus they would need cars, communication, central control etc. It's no wonder that so few people get watched full time, it would simply cost too much.

Can't be too much trouble to reveal what they WOULD have known from recent events if only they had the ability to read encrypted conversations.

Or perhaps the balance of probability is that is ... nothing.

Not all SSL is equal, plus there has been concerted effort over the preceding years to insert design changes while the encryption technologies were in RFC phase to ensure they could decrypt comms. SSL is not the whole answer.

@musalbas: ISIS guy 1: I know, let's use cryptography to hide our messages!
ISIS guy 2: We can't, it's against the law in the UK.
ISIS guy 1: Oh, OK.

An immigration system with admission based on minimum levels of education, ability to speak English and earning potential would actually have kept out the majority of Muslim immigration since 1970 so not entirely sure what you are basing this on.

This will get misused by power mad little idiots in councils etc, just like everything else that seems a good idea gets misused.

Much better to push them under a bus, off a railway platform, over a bridge parapet, down a stairwell. I always thought that what (properly) secret services did.

Important bit from that article: If your company has set up the proxy correctly you won't know anything is off because they'll have arranged to have the proxy's internal SSL certificate registered on your machine as a valid certificate.

That one relies on the user's machine being compromised, by having the intercept proxy installed as trusted so the browser doesn't spew warnings about the certificate. Now in a corporate environment it may be compromised by the IT department under the direction of management, so they can read your online banking passwords (if they do, they should tell you this to my reading of RIPA).

It's not breaking encryption, it's fooling the user into believing the encryption is using the destination's key pair, not a key pair inserted by a proxy.

GCHQ cannot brute force a modern key pair.