Partial amnesty over Northern Ireland for security forces ‘hard to administer’
A partial amnesty for police and soldiers’ actions during the Northern Ireland conflict would be difficult to administer, the country’s top prosecutor said. https://www.belfasttelegraph.co.uk/news/northern-ireland/partial-amnesty-over-northern-ireland-for-security-forces-hard-to-administer-36369190.html
A partial amnesty for police and soldiers’ actions during the Northern Ireland conflict would be difficult to administer, the country’s top prosecutor said. Sinn Fein and the Irish government have objected after some MPs called for a “statute of limitations” law . Proposals on addressing the legacy of deaths and injuries during Northern Ireland’s 30 years of violence have not yet been published.
Departing Director of Public Prosecutions Barra McGrory QC said a partial safeguard from prosecution favouring the security forces would be legally questionable. He said: “As DPP, a partial amnesty would be difficult to administer . I t would certainly invite challenges but it is not for me to say whether it is legal or not.
“If it is a statute, it is a statute so it will have gone through parliament.
“In terms of the international legality of it, it would be questionable.”
MPs from the House of Commons Defence Committee have called for the blocking of prosecutions. Veterans have argued that it was unfair to charge pensioners over crimes committed early in the conflict.
The UK Government has said its preferred option for addressing the past is the 2014 Stormont House Agreement between the local parties, which did not include the proposal envisaged by some Conservative MPs. Their opinions are well-known, including within Government. Stormont House included a range of measures to address the past, including an Historical Investigations Unit (HIU) to search for new opportunities to prosecute.
It also envisaged a Commission on Information Retrieval whereby relatives of the dead and injured could privately receive information about the deaths of their loved ones . Its information would be inadmissible for criminal legal proceedings. Mr McGrory said around a quarter of his total workload was taken up with dealing with legacy issues.
He added: “The last 18 months the legal landscape from a prosecutorial perspective has become increasingly dominated by legacy, it is taking up a significant amount of time.”
He said as part of any implementation of the Stormont House Agreement resources would be made available to his successor to deal with the flow of cases referred by HIU investigators.
“That will very significantly increase the workload on the PPS as far as legacy is concerned.
“It would be utterly unsustainable under the current resource pot.
“I would expect that of the pot of money set aside to implement the Stormont House Agreement a significant amount of it would come our way but it will still nevertheless be a significant burden on the prosecutor’s office.”
Each of Spain’s DNIe ID cards has a chip containing two certificates, one for identification and one for electronic signing.
Each of Spain’s DNIe ID cards has a chip containing two certificates, one for identification and one for electronic signing.Image: Cuerpo Nacional de Polic a
When security researchers discovered last month that secure hardware made by Germany’s Infineon Technologies was not so secure after all1, it was clear that there would be major implications. There are a lot of smartcards and other devices out there with Infineon’s chips in them, and the ‘ROCA’ flaw2 in Infineon’s key pair-generation algorithm made it possible for someone to discover a target’s private key just by knowing what their public key was. Now, in an analogous situation to that recently experienced in Estonia3, Spain seems to be having a tough — and arguably more chaotic — time dealing with the implications for its national identity smartcards. Estonia’s big security flaw only affected around 760,000 cards, although Estonians genuinely use their cards for a great variety of public and private services. Against that figure, there are around 60 million identity smartcards in Spain . However, according to an El Pa s article4, Spaniards were only using theirs in 0.02 percent of public-service engagements when surveyed a few years back. Dan Cvrcek is the CEO at security firm Enigma Bridge, which was co-founded by researchers who identified the ROCA flaw.
He told ZDNet that exploitation of the flaw could allow attackers to revert or invalidate contracts that people have signed, in part because the Spanish don’t use timestamps for very important signatures. “I still don’t think you can do a large-scale attack that would target a lot of people,” Cvrcek said. However, he added, the cost of an individual attack has “rapidly decreased” . The assumption used to be that an attack cost between $20,000 and $40,000, but now it’s “realistically $2,000”. Each card, known as the DNIe, has a chip that contains two certificates, one for identification and one for electronically signing things. According to El Diario5, the authorities responded to Infineon’s October vulnerability disclosure by revoking, on November 6, all certificates issued since April 2015. What’s more, the authorities have stopped letting people sign things with the card at the self-service terminals found at many police stations.
That decision affects every card, not only those that have the flaw . However, people can still digitally sign documents online, using a small card reader that connects to their PCs. The readers are needed to update the affected cards . But there is as yet no indication of when the affected cards will be updated . Indeed, there doesn’t seem to be much official information out there at all, something which has not gone unnoticed in the Spanish tech press. “Neither the police nor other public bodies have given more information through their social media accounts about the impact of the vulnerability and how to act if affected,” said Xataka6. At least the Basque certificate authority Izenpe, which has revoked 30,000 certificates, has given information7 about how to replace them, the blog added. Amid all that chaos, it also seems that some people with recently issued DNIe cards are still able to use them, despite the supposed revocation of their certificates. “I would not mind if it continued like this until there are new certificates,” tweeted8 one user. Toomas Ilves, the former president of Estonia, said earlier this week that he believed millions of people in countries had been affected by the ROCA flaw, but their authorities were remaining “silent”.
Previous and related coverage
Estonia is built on secure state e-systems, so the world was watching when it hit a huge ID-card problem
A new security flaw has placed the security of RSA encryption in jeopardy.
- ^ not so secure after all (www.zdnet.com)
- ^ the ‘ROCA’ flaw (www.infineon.com)
- ^ experienced in Estonia (www.zdnet.com)
- ^ El Pa s article (cincodias.elpais.com)
- ^ El Diario (www.eldiario.es)
- ^ Xataka (www.xataka.com)
- ^ given information (www.izenpe.eus)
- ^ tweeted (twitter.com)
- ^ Estonia’s ID card crisis: How e-state’s poster child got into and out of trouble (www.zdnet.com)
- ^ As devastating as KRACK: New vulnerability undermines RSA encryption keys (www.zdnet.com)