Looks like down under are on the Trump pig-ignorance band-wagon! When will they listen to people who actually know what they're talking about? Madness.
The Australian government has scheduled its “not-a-backdoor” crypto-busting bill to land in parliament in the spring session, and we still don't know what will be in it. The legislation is included in the Department of Prime Minister and Cabinet's schedule of proposed laws to be debated from today (13 August) all the way into …
I don't think Australia is on Trump's pg ignorance bandwagon, the Australian conservatives originated it and Trump is only copying it as best he can.
Search for the illustrious George Brandis trying to answer what metadata is. Pathetic does not do justice. It has not gotten any better since.
The world, well the Western world at least, seems to be in the throws of a severe backlash to 'progress' which is increasingly viewed as abhorrent. Independent reasoning need not apply as we have enough knowledge, thank you very much. This 'closing of the Gates of Itjihad' worked out SO well for Islam (/s). Alvin Toffler seems more and more prescient with his concept of 'Future Shock'. Ah well, the future is, indeed, not evenly distributed.
That's what has enabled them to conduct mass spying on millions of communications simultaneously for decades. They just don't like that progress has continued, and they are losing that ability they became used to - which had caused them to mostly forget older methods they used before they could listen in everything at once.
according to the Australian Prime Minister, in comment about how the government can force access to encrypted data
"The laws of Australia prevail in Australia, I can assure you of that," Turnbull said. "The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia."
Sums up this current government very well.
Once Tony Abbott stops tilting at renewable energy windmills and conquers the great climate change conspiracy, he'll be right onto magic backdoor spells for tech.
Meanwhile, Fizzer-Turnbull just smiles and looks to the sky.
Remember your data is accessible in plaintext form at the VPN gateway
Be aware that if the VPN service has an Australian gateway, they will be subject to the proposed law requiring them to cooperate with law enforcement and security services
So, when visiting Australia, do not use an Australian VPN service, and do not use an Australian gateway of any VPN service
Think France has prior art here ... in early days of email/internet encryption was not legal in France so multinational companies had to carefully construct their network routing tables to ensure that non-french parts of the company could share encrypted data without any danger of packets passing througjh servers in France
Fortunately it's no longer the case.
So maybe, the Ozzies should reconsider if their master plan will really have any impact.
First we had the great barrier reef.
Then we had the great Aussi Firewall.
The we had the amazing Aussi Full Decryption laws.
Then we had a scandal because one of the ministers got caught doing something naughty, one/all of his adversaries could now read the hidden stuff.
Then the great firewall, decryption process was removed as it wasn't in public interest...
What goes around, comes around...
My guess is creating legislation to force companies to give access to encrypted data. If grand poobah, mighty technocrat Malcolm is involved it will be underhanded and dumb.
Our government creates stupid legislation without sufficient discussion or thought. They have created some pretty awful laws to allow themselves to do really nasty shit. They usually end up with a patchwork of bad laws to cover over holes they have created.
Most of their crap still exists because it is too expensive or too difficult to challenge in the high court. I expect a law review somewhere in the future to wipe these bad laws off the books, it will take years and a future Australian government which gives a shit.
Read IBM and the Holocaust by Edwin Black for insight into misuse of technology by business and government, it's fecking chilling.
The paragraph quoted in the article doesn't imply breaking crypto (nor of course does it imply the contrary). It *could be* a perfectly realistic bill dealing with situations like the FBI-Iphone row.
Flat-earth George has now moved on: wikipedia tells us he's now Aussie High Commissioner to Blighty. Damn, he should be a Barry Humphries character!
The intention is to force companies to provide access to data which is encrypted in transit using SSL, but stored in plaintext
and to force companies to provide access where data is stored encrypted, where the company, not the user, controls the encryption key. A lot of cloud storage works this way. The company uses the same key to encrypt everybody's data
I've always taken great comfort in the fact that my pollies were on the whole clueless knobs. It would be much more terrifying and dare I say dangerous if they knew what they were doing and were effective at implementing it. The bumbling fools we have are neither. Yes, it costs money (cough, NBN multi technology mix) but it's no danger to society in any fundamental way.
Hey, If they want a magical black box with a flashing led on it. Then I'll get busy in the shed.
I have a feeling the magical device may cost an equally magical amount of money....$20Mill outa cover it
Watch the led, if it stops blinking then it's stopped decrypting and you need to say the incantation
Now that Retro Computers Ltd has cracked the ZX Spectrum Vega+ problem and have got it into production <giggle>
they must be an excellent candidate to design and construct a DecryptoBox (TM) for the Oz pollies with NFI.
you're missng the Point, thats $20million each,
and you need to attach one to every device you want to decrypt traffic on, that means Every PC, every tablet, every smarphone and everydumb one too
/me gets out calculator
/me visits James McCormick to find how to scam the bid system
hmm... so sell them for $20million, make them for $5
Everyone is assuming that these politicians really want to help law enforcement. Politicians have but one goal -- re-election. They need to be saying to the voters, "We did everything we could, look at this law." They can't afford to say nothing can be done -- that is suicide for a politician. Someone else will immediately say they can fix things and they will be replaced.
Besides -- the ongoing war on terror is the greatest watershed since the Iron Curtain,
It's not so much about votes as about giving the security services everything they ask for without question. This ABC article has some clues about motivations ...
"In the last 12 months, 200 cases have arisen where our investigations for serious crimes have been impacted by our inability to access that data under the existing legislation"
Of course, "We're protecting Australians" is a vote winner, regardless of individual liberties
> Telcos (although not companies like Apple or Google) already provide plenty of assistance – lawful intercept, metadata, and the like
Stop calling it Metadata damnit! Whom I call, when I call, which cell tower is used, what device I have, what date, what time, what duration, all this is DATA. Just because the contents is unknown doesn't mean the rest is not data.
Stop spreading the BS!
That they no longer want to do business down there? As they will likely lose customers if they don't. And as others have alluded to this isn't just Aussie affecting. You can't break it for one country it would be necessity be world wide for Facebook and all the others. Given some of the big American companies do actually seem to care about their users they may simply ignore them and then withdraw service when threatened. Never thought I would be glad of people like Zuckerberg (assuming he is willing to fight this of course.)
Apple recently introduced their ‘iMessages in the Cloud’ feature - and I think it’s aimed specifically at satisfying this type of legislation.
The iMessages are still encrypted end to end, but a copy is sent to Apple and stored on their iCloud server to which they have a master key and can respond to warrants etc.
To satisfy the Australian legislation all they need to do is ensure it’s turned on and can’t be turned off. Either explicitly or implicitly eg: by forcing it on for ‘australian’ sold devices, or when on an ‘Australian network’ or by allowing command and control to enable that remotely on specific devices.
The Cloud is convenient for sure - but your cloud provider (anywhere) must respond to warrants and must be able to decrypt your data. On a public cloud there is nothing stopping you ensuring that the data you store on a cloud is already encrypted with a key only you have - but as soon as you use things like iMessages in the Cloud then that’s not an option available to you.
While their argument of “We need access to digital networks and devices, and to the data on them, when there are reasonable grounds to do so" might be laudable, if the government has access, then regardless of how altruistic their intent might be, then so do the bad guys. This is completely leaving aside any issue of corruption within the government itself, which is also a possibility. Invariably, the methods that the government uses to access such information will get leaked, or else somebody else will figure it out and suddenly everybody's at risk.
And, in fact, this will make law enforcement's job much harder, not easier, because they will additionally have to defend the public from the nefarious people that use the exact same measures the government would use to access otherwise personal and private information.
And while, sure, you can go and say that doing that would be illegal, catching the perpetrators for this sort of thing can be effectively impossible because there's no guarantee that they are even in their jurisdiction, so bad guys could continue to access the public's private information with impunity and the damages to completely innocent parties would be incalculable.
So no..... just no. This is a BAD IDEA (tm) all the way around and the entire concept should be aborted immediately. Regardless of how good their intentions might be for something like this, it opens up a can of worms that absolutely nobody will ever be able to fix.
Biting the hand that feeds IT © 1998–2019