New law could turn UK into a hacker’s playground

It looks as if people are at last waking up to a second extraordinarily dangerous requirement buried within a UK government bill designed to promote the nation as a surveillance state. It means bureaucrats can delay or prevent distribution of essential software updates, making every computer user far less secure.

A poor law

This incredibly damaging limitation is just one of the many bad ideas buried in the UKs latest piece of shoddy tech regulation, the Investigatory Powers Act. What makes the law doubly dangerous is that in the online world, you are only ever as secure as your least secure friend, which means UK businesses will likely suffer by being flagged as running insecure versions of operating systems.

I’ve written about the bill before, of course. The proposals are so appalling that Apple, WhatsApp, Meta, and others are quite prepared to shutter messaging services for UK customers if need be.

I expect Apple will make good on this threat; it is not prepared to negotiate the safety of its users. You can read its nine-page statement on the matter for more insights.

The UK becomes a hacker’s playground

Make no mistake, the proposals from the UK Home Office will make the internet less secure. UK users will become magnets for complex attacks as hackers, rogue governments, and well-organized criminals exploit any newly revealed threats in the UK as they know the law will automatically generate a delay before software updates ship.

The rest of the world might have patched any such flaws, but the UK might not. That means if you want to create a botnet, spread phishing attacks, or design complex multi-stage attacks, you’ll target UK computer users first, because they will be less well-protected by design.