On 01/08/2019 11:36, newshound wrote:
On 01/08/2019 10:56, Gareth's was W7 now W10 Downstairs Computer wrote:
I've been giving some thought as to how to
protect one's privacy from the ever growing
snoopings of the Brit monarchy and all its
lapdogs and subordinate dogs' dinners
such as GCHQ, the MIxs and the po lice,
and to kill off RIPA and the sending of innocent
people to jail for not revealing their
passwords and security keys to the plodderies.

1. In case of computers being seized, you have to
guard against previous data being scattered around
the disk in various deletions. The solution here would
be to store all data in an indexed data base file of
such a size that it won't be moved willy nilly by
the OS. Then, by overwriting records at fixed and
known locations, previous data can be guaranteed
to be deleted.

2. When receiving encyphered messages, the one-time key
is to be the previously received message, giving only
one opportunity to read your message before it takes the
place of the previously received message at the fixed
location in the indexed data base.

3. Still working on data that has to be kept indefinitely,
watch this space.

Not answering the above, but on an associated topic there must be many
people, like myself, who do some consultancy work that is wholy
dependent on computers. There's a small but finite chance that innocent
people might get their systems seized and my understanding is that it
may take months or years to get the hardware and data back. In such a
case, they are instantly out of business *unless* they have all their
data backed up in the cloud, in which case it is just a case of buying a
new laptop and carrying on.

Some years ago a friend of mine, who was an Independent Financial
Advisor, heard a knock at the door and a dozen or more police burst in.
They confiscated his computers, excorted him to his business premises
and confiscated the ones there.

He had backups and was able to buy a few more machines and get
everything up and running again, but it cost him days of lost work.

The regulator then banned him and his company from most of his work,
relaxing it after a few weeks, but leaving him banned from dealing with
pensions - the main part of his business.

He was questioned under caution and remained on police bail for 18
months, although the regulator allowed him to start dealing with
pensions again after about four months.

Eventually the regulator and police agreed he'd done nothing wrong.

What had happened was that he and another company had been recommending
a third company for private pensions, but unknown to them, the third
company was involved in a kick-back deal with some other financial
advice companies and so they were suspected of being part of it.

It is as easy as that to be accused and have vital computers and data
taken away.

Now, I don't mind having my contacts and calendar together with my
spotify playlist in the cloud. Email is already there. But *some* of my
client data can't go there.

Gareth's stuff above is a bit tinfoil hat to me, but my scenario seems
to me to be a real (if low probability) threat. If you keep an off-site
backup that you don't declare to the police, presumably you are
committing an offence.

That probably depends upon the data. You don't have to answer any
questions the police ask, so you don't have to reveal the whereabouts or
even the existence of a backup. However you are open to having new
machines immediately confiscated if the data itself is suspected of
being illegal.

SteveW