<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>UK &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/uk/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Wed, 27 Aug 2025 16:02:45 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>The UK May Be Dropping Its Backdoor Mandate</title>
		<link>https://noise.getoto.net/2025/08/28/the-uk-may-be-dropping-its-backdoor-mandate/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 28 Aug 2025 11:00:34 +0000</pubDate>
				<category><![CDATA[Apple]]></category>
		<category><![CDATA[backdoors]]></category>
		<category><![CDATA[crypto wars]]></category>
		<category><![CDATA[iPhone]]></category>
		<category><![CDATA[UK]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70637</guid>

					<description><![CDATA[The US Director of National Intelligence is reporting that the UK government is dropping its backdoor mandate against the Apple iPhone. For now, at least, assuming that Tulsi Gabbard is reporting this accurately.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>NCSC Releases Post-Quantum Cryptography Timeline</title>
		<link>https://noise.getoto.net/2025/03/21/ncsc-releases-post-quantum-cryptography-timeline/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 21 Mar 2025 11:47:32 +0000</pubDate>
				<category><![CDATA[Cryptography]]></category>
		<category><![CDATA[quantum cryptography]]></category>
		<category><![CDATA[UK]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70028</guid>

					<description><![CDATA[The UK&#8217;s National Computer Security Center (part of GCHQ) released a timeline&#8212;also see their blog post&#8212;for migration to quantum-computer-resistant cryptography.
It even made The Guardian.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>UK Demanded Apple Add a Backdoor to iCloud</title>
		<link>https://noise.getoto.net/2025/02/26/an-icloud-backdoor-would-make-our-phones-less-safe/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 26 Feb 2025 12:07:53 +0000</pubDate>
				<category><![CDATA[Apple]]></category>
		<category><![CDATA[backdoors]]></category>
		<category><![CDATA[encryption]]></category>
		<category><![CDATA[UK]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69960</guid>

					<description><![CDATA[<p>Last month, the UK government <a href="https://www.washingtonpost.com/technology/2025/02/07/apple-encryption-backdoor-uk/">demanded</a> that Apple weaken the security of iCloud for users worldwide. On Friday, Apple took steps to comply for users in the United Kingdom. But the British law is written in a way that requires Apple to give its government access to anyone, anywhere in the world. If the government demands Apple weaken its security worldwide, it would increase everyone’s cyber-risk in an already dangerous world.</p>
<p>If you’re an iCloud user, you have the option of turning on something called “<a href="https://support.apple.com/en-us/102651">advanced data protection</a>,” or ADP. In that mode, a majority of your data is end-to-end encrypted. This means that no one, not even anyone at Apple, can read that data. It’s a restriction enforced by mathematics—cryptography—and not policy. Even if someone successfully hacks iCloud, they can’t read ADP-protected data...</p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>UK Is Ordering Apple to Break Its Own Encryption</title>
		<link>https://noise.getoto.net/2025/02/08/uk-is-ordering-apple-to-break-its-own-encryption/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Sat, 08 Feb 2025 15:56:32 +0000</pubDate>
				<category><![CDATA[Apple]]></category>
		<category><![CDATA[backdoors]]></category>
		<category><![CDATA[cloud computing]]></category>
		<category><![CDATA[data privacy]]></category>
		<category><![CDATA[encryption]]></category>
		<category><![CDATA[law enforcement]]></category>
		<category><![CDATA[Privacy]]></category>
		<category><![CDATA[UK]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69891</guid>

					<description><![CDATA[<p>The <i>Washington Post</i> is <a href="https://www.washingtonpost.com/technology/2025/02/07/apple-encryption-backdoor-uk/">reporting</a> that the UK government has served Apple with a “technical capability notice” as defined by the 2016 Investigatory Powers Act, requiring it to break the Advanced Data Protection encryption in iCloud for the benefit of law enforcement.</p>
<p>This is a big deal, and something we in the security community have worried was coming for a while now.</p>
<blockquote><p>The law, known by critics as the Snoopers’ Charter, makes it a criminal offense to reveal that the government has even made such a demand. An Apple spokesman declined to comment...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>The UK Bans Default Passwords</title>
		<link>https://noise.getoto.net/2024/05/02/the-uk-bans-default-passwords/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 02 May 2024 11:05:03 +0000</pubDate>
				<category><![CDATA[botnets]]></category>
		<category><![CDATA[Internet of Things]]></category>
		<category><![CDATA[passwords]]></category>
		<category><![CDATA[UK]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68854</guid>

					<description><![CDATA[<p>The UK is the first country to <a href="https://therecord.media/united-kingdom-bans-defalt-passwords-iot-devices">ban default passwords</a> on IoT devices.</p>
<blockquote><p>On Monday, the United Kingdom became the first country in the world to ban default guessable usernames and passwords from these IoT devices. Unique passwords installed by default are still permitted.</p>
<p>The <a href="https://www.legislation.gov.uk/ukpga/2022/46/contents/enacted">Product Security and Telecommunications Infrastructure Act 2022</a> (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for.</p></blockquote>
<p>The UK may be the first country, but as far as I know, California is the first jurisdiction. It ...</p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>UK Threatens End-to-End Encryption</title>
		<link>https://noise.getoto.net/2023/04/24/uk-threatens-end-to-end-encryption/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 24 Apr 2023 10:39:33 +0000</pubDate>
				<category><![CDATA[encryption]]></category>
		<category><![CDATA[laws]]></category>
		<category><![CDATA[Privacy]]></category>
		<category><![CDATA[signal]]></category>
		<category><![CDATA[UK]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[whatsapp]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67261</guid>

					<description><![CDATA[<p>In an <a href="https://blog.whatsapp.com/an-open-letter">open letter</a>, seven secure messaging apps—including Signal and WhatsApp—point out that the UK’s <a href="https://www.gov.uk/guidance/a-guide-to-the-online-safety-bill">Online Safety Bill</a> could destroy end-to-end encryption:</p>
<blockquote><p>As currently drafted, the Bill could break end-to-end encryption,opening the door to routine, general and indiscriminate surveillance of personal messages of friends, family members, employees, executives, journalists, human rights activists and even politicians themselves, which would fundamentally undermine everyone’s ability to communicate securely.</p>
<p>The Bill provides no explicit protection for encryption, and if implemented as written, could empower OFCOM to try to force the proactive scanning of private messages on end-to-end encrypted communication services—nullifying the purpose of end-to-end encryption as a result and compromising the privacy of all users...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>UK Runs Fake DDoS-for-Hire Sites</title>
		<link>https://noise.getoto.net/2023/04/03/uk-runs-fake-ddos-for-hire-sites/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 03 Apr 2023 11:05:07 +0000</pubDate>
				<category><![CDATA[cybercrime]]></category>
		<category><![CDATA[denial-of-service]]></category>
		<category><![CDATA[UK]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67139</guid>

					<description><![CDATA[<p>Brian Krebs is <a href="https://krebsonsecurity.com/2023/03/uk-sets-up-fake-booter-sites-to-muddy-ddos-market/">reporting</a> that the UK’s National Crime Agency is setting up fake DDoS-for-hire sites as part of a sting operation:</p>
<blockquote><p>The NCA says all of its fake so-called “booter” or “stresser” sites -­ which have so far been accessed by several thousand people—have been created to look like they offer the tools and services that enable cyber criminals to execute these attacks.</p>
<p>“However, after users register, rather than being given access to cyber crime tools, their data is collated by investigators,” reads an NCA advisory on the program. “Users based in the UK will be contacted by the National Crime Agency or police and warned about engaging in cyber crime. Information relating to those based overseas is being passed to international law enforcement.”...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>AWS and the UK rules on operational resilience and outsourcing</title>
		<link>https://noise.getoto.net/2022/06/14/aws-and-the-uk-rules-on-operational-resilience-and-outsourcing/</link>
		
		<dc:creator><![CDATA[Arvind Kannan]]></dc:creator>
		<pubDate>Tue, 14 Jun 2022 19:20:31 +0000</pubDate>
				<category><![CDATA[announcements]]></category>
		<category><![CDATA[AWS Compliance]]></category>
		<category><![CDATA[AWS Financial Services Guide]]></category>
		<category><![CDATA[Bank of England]]></category>
		<category><![CDATA[FCA]]></category>
		<category><![CDATA[Foundational (100)]]></category>
		<category><![CDATA[operational resilience]]></category>
		<category><![CDATA[Outsourcing Guidelines]]></category>
		<category><![CDATA[PRA]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[UK]]></category>
		<category><![CDATA[United Kingdom]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=dae2cb2ab398234796086d9ccb5c3839</guid>

					<description><![CDATA[Financial institutions across the globe use Amazon Web Services (AWS) to transform the way they do business. Regulations continue to evolve in this space, and we’re working hard to help customers proactively respond to new rules and guidelines. In many cases, the AWS Cloud makes it simpler than ever before to assist customers with their compliance […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Proposed UK Law Bans Default Passwords</title>
		<link>https://noise.getoto.net/2021/11/26/proposed-uk-law-bans-default-passwords/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 26 Nov 2021 13:43:33 +0000</pubDate>
				<category><![CDATA[courts]]></category>
		<category><![CDATA[passwords]]></category>
		<category><![CDATA[UK]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=64587</guid>

					<description><![CDATA[Following California&#8217;s lead, a new UK law would ban default passwords in IoT devices.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Brexit Deal Mandates Old Insecure Crypto Algorithms</title>
		<link>https://noise.getoto.net/2020/12/31/brexit-deal-mandates-old-insecure-crypto-algorithms/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 31 Dec 2020 12:19:14 +0000</pubDate>
				<category><![CDATA[aes]]></category>
		<category><![CDATA[algorithms]]></category>
		<category><![CDATA[Cryptography]]></category>
		<category><![CDATA[e-mail]]></category>
		<category><![CDATA[encryption]]></category>
		<category><![CDATA[hashes]]></category>
		<category><![CDATA[rsa]]></category>
		<category><![CDATA[UK]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=60696</guid>

					<description><![CDATA[<p>In what is surely an unthinking cut-and-paste issue, page 921 of the Brexit deal <a href="https://www.theverge.com/2020/12/29/22204624/brexit-eu-uk-netscape-communicator-4-crytography-email-data-dna-trade-deal">mandates</a> <a href="https://www.bbc.com/news/technology-55475433">the</a> use of SHA-1 and 1024-bit RSA:</p>
<blockquote><p>The open standard s/MIME as extension to de facto e-mail standard SMTP will be deployed to encrypt messages containing DNA profile information. The protocol s/MIME (V3) allows signed receipts, security labels, and secure mailing lists&#8230; The underlying certificate used by s/MIME mechanism has to be in compliance with X.509 standard&#8230;. The processing rules for s/MIME encryption operations&#8230; are as follows:</p>
<ol>
<li>the sequence of the operations is: first encryption and then signing,
...</li></ol></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Configuring AWS VPN for UK public sector use</title>
		<link>https://noise.getoto.net/2020/12/02/configuring-aws-vpn-for-uk-public-sector-use/</link>
		
		<dc:creator><![CDATA[Charlie Llewellyn]]></dc:creator>
		<pubDate>Tue, 01 Dec 2020 22:50:10 +0000</pubDate>
				<category><![CDATA[AWS VPN]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[ipsec VPN]]></category>
		<category><![CDATA[NCSC]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[UK]]></category>
		<category><![CDATA[vpn]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=3052bf5f49aa509e256aa57fbd0bd0fb</guid>

					<description><![CDATA[In this post, we explain the United Kingdom (UK) National Cyber Security Centre (NCSC)&#8217;s guidance on VPN profiles configuration, and how the configuration parameters for the AWS Virtual Private Network (AWS VPN) align with the NCSC guidance. At the end of the post, there are links to code to deploy the AWS VPN in line [&#8230;]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 39/235 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-05 14:32:04 by W3 Total Cache
-->