back to article Australia's 'snoop minister' wants crypto-busting law probe wound up, proposals back into parliament

Australia's home affairs minister Peter Dutton wants the parliamentary inquiry into his proposed crypto-busting law to wind up its work, and send the draft rules back to legislators to approve, stat. This is the law that will let Aussie cops and intelligence agents pressure communication service providers into coughing up …

  1. Mark 85 Silver badge

    El Reg would think the risk that a country's traffic could be hijacked for espionage would argue for more encryption, not less.

    Ah, but you and the rest of us IT types understand the details. The IiC* only think about what will get them re-elected. They usually don't understand "consequences" unless it applies to themselves personally which is "do as I say, not as I do". A good example is the stink now being raised about a certain President's daughter using her unencrypted equipment to conduct "official" business. We'll have to have a large box of popcorn to watch how this turns out.

    *IiC = Idiots in Charge

  2. Magani
    Unhappy

    Dutton - an ex-cop who is still thinking like one and is just cock-a-hoop at the thought of all the fishing expeditions his 'Home Affairs' ministry could go on if they could read everyone's private mail.

    For those who are not privvy to the machinations that go on in Canberra, this is the person who wanted to be king^H^H^H^H Prime Monster.

    1. ThatOne Silver badge
      Devil

      > the fishing expeditions his 'Home Affairs' ministry could go on if they could read everyone's private mail

      Not to mention the value of personal informations to resell...

    2. Anonymous Coward
      Anonymous Coward

      I suspect that he didn't want to be PM, he just wanted the incumbent narcissist removed. The former PM's actions have just demonstrated he is the nasty petty little turd he actually is.

    3. phuzz Silver badge

      "the person who wanted to be king^H^H^H^H Prime Monster"

      I thought Aussie PMs only lasted about three weeks each, who'd want that job?

      1. Anonymous Coward
        Thumb Up

        I thought Aussie PMs only lasted about three weeks each, who'd want that job?

        Time to bring back good old-fashioned succession-by-regicide? Prime Minister Macbeth?

      2. Mark 85 Silver badge

        Oh.... lots of people. If there's a good pension policy, maybe certain other perks for those being booted out, then PM for a week might not be a bad gig for the resume.

  3. Diogenes

    d. According to the ABC, Victoria Police told a magistrate they will use 15,000 intercepted phone calls and 10,000 text messages as evidence that brothers Ertunc and Samed Eriklioglu and Hanifi Halis were allegedly planning an Islamic State-inspired attack.

    Right on cue, the minister claimed the investigation was hampered by the three using encrypted chat apps, something backed up by Victoria Police's counter-terrorism assistant commissioner Ross Guenther. Something, of course, must be done about it.

    One of these things is not like the other ones

    1. Tom Chiverton 1

      It's likely they have traffic meta data which may be enough to prove conspiracy for instance, even without access to the content.

      Signal just rolled out meta data encryption as a defence - "sealed sender".

      1. DougS Silver badge

        What would they need metadata from encrypted chat apps for when they have 10,000 phone calls and 15,000 text messages?

  4. FozzyBear Silver badge
    Mushroom

    d. According to the ABC, Victoria Police told a magistrate they will use 15,000 intercepted phone calls and 10,000 text messages as evidence that brothers Ertunc and Samed Eriklioglu and Hanifi Halis were allegedly planning an Islamic State-inspired attack.

    Call Charge Records (CCR's) and Reverse CCR's and the ability to wire tap are all available to law enforcement under the right ( read justifiable ) conditions of the warrant application. What would have hampered the investigation is the task of organising and interpreting the 1000's of calls and messages. 10,000 messages and alike for calls is not what i would call a lack of information to support the charges

    Nor should it be used as justification that new draconian laws need to be implemented. Laws that allow law enforcement to intrude on anyone they want because they have a voyeurism fetish.

  5. Winkypop Silver badge
    Facepalm

    Mr Potato Head says what?

    Just more dog whistling from a desperate Government.

    Morrison has the 'immigration issue' covered.

    Dutton is handling the 'terror issue'.

    Asshats

  6. Anonymous Coward
    Anonymous Coward

    "criminals are “going dark,” "

    Imagine that!

    Those naughty criminals!

    How very dare they.

    All criminal activity should be out in the open.

    1. Flywheel Silver badge

      Re: "criminals are “going dark,” "

      All criminal activity should be out in the open

      That'll be the Government - they always do things out in the open.

      1. }{amis}{ Silver badge
        Big Brother

        Re: "That'll be the Government - they always do things out in the open."

        Tell that to the C.I.A. ect.......

  7. sms123

    There's an easy solution to this stupid law

    When someone receives a request for technical assistance the solution is to remove the app from download from Australia or replace it with a dummy app that says that it's been removed because of the Australian government (obviously you cannot say why because the stupid law prevents you from doing so) and give details on who to contact to lodge a complaint (perhaps just the local member) and watch them back down.

    Australia - where the laws of mathematics are apparently not stronger than national laws (stupidity always trumps common sense).

    1. Tom Chiverton 1

      Re: There's an easy solution to this stupid law

      Vs. quietly backdooring it and keep making money?

      What do you trust Facebook or Microsoft to do with Messenger or Skype ?

      1. sms123

        Re: There's an easy solution to this stupid law

        If you're using those apps you are using the wrong apps. Skype already has a backdoor for interception and facebook is under pressure to do the same (if they haven't done so already). You want an app from a company that only does that one app where the reputational loss of caving would end the company if found out.

    2. Someone Else Silver badge

      But...but...but.....

      Australia - where the laws of mathematics are apparently not stronger than national laws (stupidity always trumps common sense).

      Now just you waiddaminnit there young man! Last I heard, Indiana is not in Australia!

  8. Anonymous Coward
    Anonymous Coward

    Encryption - Point-to-Point - Clearly Australians Don't Understand!

    1. Encryption. Even if a government was to get access to the plain text of the encrypted messages created by some public service or another, all they would find is that the bad guys had implemented their own cipher before sending. (See below for a book cipher example.)

    2. Point-to-Point. Most of the uninformed debate seems to ASSUME that bad guys use point-to-point communications (examples would be email, phone calls) where the end points are identifiable. But if a message is published on a web page (e.g. The Register, see below), then the sender will be hard to identify, and the recipient even harder.

    3. Time to Read. Both items above have a useful asymmetry for the bad guys, who get:

    -- real-time communication

    -- anonymity (at least for a while)

    ....while the so-called good guys get:

    -- a delay (perhaps quite a long delay) in reading the message

    -- a delay (perhaps quite a long delay) in identifying the parties communicating

    4. Book Ciphers. I hear lots of chatter about "forcing the bad guy" to hand over the encryption key or keys. This is another assumption that something like PGP is being used. But (for example) book ciphers don't have a "key". Even worse, if the bad guys have an agreed set of one time pads ahead of time, there is NO KEY. In both cases, the asymmetry mentioned above means that by the time you have a bad guy in custody to extract information about the cipher regime, it's almost certainly way too late.

    5. Book Cipher example...feel free to publish the plain text here.

    3650A667A55F13D30C4E5D5145AFA56762C2C951

    36F680338E71E6167EC365D7950D5606EC23456E

    35411033863039606CFF06D472E7D854BB95197B

    1F708202F00D1F21FF5D4E7F166BC55EE870FF73

    012A8286496CFC62B95F2DFEC5F60E5DA236A21C

    41D7E425136643B059816A88D1B5B534D1D64756

    3043E47D160C18E124BA6FD67699535D4F114880

    0ADD8479A3501FC09BC17100D28D0770A8C57D8F

    37A955F46713D0216A1A28E3943E3072D3C13DCB

    48B5504BE8274F81EF510D5912C1B0194964D9DE

    55CC961DF851D524663845C9E26A642CCC15291C

    38A7126965

    1. FooCrypt

      Re: Encryption - Point-to-Point - Clearly Australians Don't Understand!

      There banning and burning books for Xmas... https://pjcis.foocrypt.net/ Feel free to add an addendum.

      The motives and justifications behind AssAccess are over stated, and politicised for all the wrong reasons.

      There are plenty of end point tools available to capture key strokes on any point to point encryption method, along with several Man In The Middle attacks which can be used to circumvent the point to point tunnel.

      Implementing an 'Insecurity by Design' policy will kill the local IT industry and expose Government, Business and Public to zero days leaked from the so called AssAccess assistance requests.

      The FooKey METHOD :

      http://foocrypt.net/the-fookey-method

      The common flaws in ALL encryption technologies to date are :

      1. Typing on a KeyBoard to enter the password

      2. Clicking on the Mouse / Pointer device that controls the location of the cursor

      3. Some person or device looking / recording your screen as you type the password

      4. The human developing a password that is easily guess, or can be brute forced due to its length

      5. Sharing the password with a third party to decrypt the data

      6. Storing the encrypted data in a secure location so no unauthorised access can be made to either the key(s) to decrypt the data or the encrypted data itself

    2. eldakka Silver badge

      Re: Encryption - Point-to-Point - Clearly Australians Don't Understand!

      4. Book Ciphers. I hear lots of chatter about "forcing the bad guy" to hand over the encryption key or keys. This is another assumption that something like PGP is being used. But (for example) book ciphers don't have a "key". Even worse, if the bad guys have an agreed set of one time pads ahead of time, there is NO KEY.

      A one-time-pad that I believe you are referring to does have a key. The pad itself is the key. A key doesn't have to be a subset of the message, an element less than the size of the message:

      Wikipedia:

      requires the use of a one-time pre-shared key the same size as, or longer than, the message being sent. In this technique, a plaintext is paired with a random secret key (also referred to as a one-time pad).

  9. A.P. Veening
    Joke

    Encryption?

    I don't see any problems with this, those decypted blueprints of the newest Australian submarine are absolutely fascinating. And my pals in Moscow are very happy with them as well.

    1. Giovani Tapini
      Trollface

      Re: Encryption?

      Re: And my pals in Moscow are very happy with them as well.

      The Russians don't need any more broken sub designs.... they are just trolling...

      1. John Brown (no body) Silver badge

        Re: Encryption?

        "... they are just trolling..."

        No, that's the Russian spy ships.

        1. Jack of Shadows Silver badge

          Re: Encryption?

          Naw, they were supposedly "trawling," not quite the same thing, if you believe the hardware on deck while they were following us around.

          1. John Brown (no body) Silver badge

            Re: Encryption?

            "Naw, they were supposedly "trawling," not quite the same thing, if you believe the hardware on deck while they were following us around.

            I know, it was a play on words :-) IIRC, trolling is what left pondians call long line fishing.

  10. Herring` Silver badge

    Hmm

    End-to-end encrypted messaging isn't exactly brain science. Put together something that works and open-source it. I would, but I have stuff to do.

    1. Tom Chiverton 1

      Re: Hmm

      Ahh, the Zimmerman method.

  11. }{amis}{ Silver badge
    Big Brother

    F@~*&g Morons

    Given that its possible to print the open source code of a robust encryption algorithm on a T-shirt I fail to see how this kind of thing can ever work the USA lost this argument in the 90s Wiki : Crypt Wars...

    Those who don't learn from history are doomed to repeat it.

  12. stevo42

    They're barking up the wrong tree. Getting round end to end encryption is easy. Just ask the OS to do it. https://www.macworld.com/article/3070767/ios/googles-gboard-doesnt-send-your-keystrokes-but-it-does-leak-chicken-and-noodles.html

  13. Anonymous Coward
    Anonymous Coward

    15,000 intercepted phone calls and 10,000 text messages as evidence

    The upside is that stupidy is indiscriminate, affects both good and evil-doers and all those in between. Now, for those who are not stupid...

  14. Long John Silver
    Pirate

    Evolutionary backwater

    The continent of Australia is an evolutionary backwater: hence marsupials. Add to that displacement of its native human population by many of the worst England had to offer and a pattern emerges. An island continent truly habitable only around its seaboard. An imported population with a trophy opera house but really only interested in surfing, team sports, beer consumption, and 'shielas' (sic), in that order; a nation infested by acquired cane toads, the dumbest animals on earth (koala bears have a head start on human citizens), a plethora of nasty spiders one of which is a bum-biter for people foolish enough to defaecate sitting down, and little more need be said about why encryption is a mystery to Australia's inhabitants.

    1. Long John Brass Silver badge

      Re: Evolutionary backwater

      Cuz! Been a while :)

  15. Anonymous Coward
    Anonymous Coward

    But, but, but.....

    .....you fools, you forget the Laws of Mathematics don't apply in Australia, anything is possible.

    https://www.telegraph.co.uk/technology/2017/07/14/malcolm-turnbull-says-laws-australia-trump-laws-mathematics/

  16. sinsi

    “I want to get it through as quickly as possible”

    Damn the torpedoes, full speed ahead!

  17. DerekCurrie Bronze badge
    FAIL

    100% Certainty Of Government Abuse Of Surveillance

    My privacy rights beat your TWAT, everywhere, all over our planet.

    If Australia wants to become a '1984' surveillance state, that's their hell. Not mine.

    The US NSA have zero right to surveil US citizen communications inside the USA without a warrant. Zero. But they did it anyway. (keyword: Snowden) Therefore, hand over backdoor keys to everything to ANY government? We know exactly what will happen with 100% certainty:

    1) That surveillance ability will be abused constantly and consistently by those with the keys. It's human nature, sad to say.

    2) Those backdoor keys will IMMEDIATELY be either leaked to or hacked by non-governmental criminals for their own nefarious purposes, that being the extraction of money and induction of FUD (Fear, Uncertainty and Doubt).

    So NO Australia. I won't ever honor any attempt to take away my right to privacy, no matter how many bad guys dement you into thinking THEY are more important than I AM.

  18. The Central Scrutinizer

    Ah yes, Dutton, the guy who is so tech savvy that he once demanded

    an unflattering picture of him be deleted from the internet.

    If criminals are "going dark" how come the police have 1000s of intercepted texts and ph calls?

    You can't have it both ways Pete old sport. Stop lying to us.

    1. A.P. Veening

      Stop lying

      "Stop lying to us."

      If only, the problem is that he is lying to himself and believing it. There is a sure fire cure to make his brain work a bit less erroneous, but it is both illegal and medically not approved.

      1. The Central Scrutinizer

        Re: Stop lying

        Sadly, you may be right about the lying bit.

        Every single expert has called out this crap, but lalalala not listening!

    2. eldakka Silver badge

      Stop lying to us.

      The only way that's gonna happen is if countries introduce involuntary euthanasia of politicians...

      1. A.P. Veening

        Involuntary euthanasia

        How is that involuntary? Nobody forces them to become politicians.

  19. Big_Boomer

    WooooOOOooooooo,.,.. Boogeyman!!!

    Be afraid of everything! Your fear gives me power,... power to control THE DARK SIDE OF THE FORCE!!!

    But then the morons of the world do seem to keep on electing these manipulative self-centred scumbag ass-feeders into government. And no, it's not just Australia/USA/UK, it's everywhere!!

  20. FooCrypt

    ASD AISEP Evaluation process still under the liberal hammer for backdoors.....

    Australian Government continues its 5 month long campaign to piss off encryption developers by sending enquires to a 404 error page.

    ‘If you would like further clarification or guidance, please ( a href="../../contact.htm")contact ASD(/a). ASD will assist recommending government agencies who need clarification on how to answer the questions. ASD will also assist product developers in understanding the evaluation process and requirements.’(sic)

    (=< & )=>

    Feel free to log a cyber incident regarding the ASD website being hacked by subversive liberal party members trying to influence encryption policies by denying access to government resources.

    https://www.acsc.gov.au/infosec/aisep/evaluation.htm

    1. FooCrypt

      Re: ASD AISEP Evaluation process still under the liberal hammer for backdoors.....

      Six months ago, I put forward a submission to Dr Vivian Thom ( Former Inspector General of Intelligence ) regarding the DSGL fit for purpose review. As part of that response, several case studies were provided, including some on the ASD AISE(F|P) process highlighting deficiencies and confusion in what ASD where communicating to software developers who work in the encryption space. [ http://www.defence.gov.au/publications/reviews/tradecontrols/Docs/Mark_Lane.pdf ]

      In the 6 months following to date, the Australian Cyber Security Centre has taken over the roles regarding the AISE(F|P) and has been since its launch proving the information via its website ( www.acsc.gov.au )

      <——>

      https://www.acsc.gov.au/infosec/aisep/evaluation.htm

      contact.htm goes to a 404 error page.

      ‘If you would like further clarification or guidance, please (a href="../../contact.htm">contact ASD(/a). ASD will assist recommending government agencies who need clarification on how to answer the questions. ASD will also assist product developers in understanding the evaluation process and requirements.’(sic)

      (=< & )=>

      <——>

      Apart from the humour aspects of the ACSC committing a denial of service attack against Australian Government Departments and Australian based encryption software developers who seek to secure Australian Government departments by providing greater encryption methods via the AESI(F|P) process ( definitely sponsored by the liberal party ),

      What User Acceptance Testing, ongoing website validation testing does the ACSC actually do to verify its own websites without the need of users having to log a cyber security incident against the ACSC ????

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019