Australian Police Given Power To Use Spyware

← Back to Stories (view on slashdot.org)

Australian Police Given Power To Use Spyware

Posted by CmdrTaco on Monday December 13, 2004 @07:44AM from the big-brother-actually-is-watching-now dept.

reek writes "An Australian newspaper has reported> that the contentious Surveillance Devices Act has been passed. The act will (according to the article) allow Federal Police to obtain warrants to secretly install spyware onto users computers enabling them to "monitor email, online chats, word processor and spreadsheets entries and even bank personal identification numbers and passwords.""

15 of 450 comments (clear)

Min score:

Reason:

Sort:

A Good Thing? by fembots · 2004-12-13 07:45 · Score: 5, Interesting

Now that this Surveillance Devices Act allows police to obtain a warrant, does that mean that information obtained unlawfully won't stand in the court?

I vaguely remember there's a country where it is illegal to obstruct surveillance by way of encryption. And you may be required to hand over all your passwords (if some are protecting legal documents like a Will) if the police decided to take a good look at you.

I can imagine a police listening to a phone conversation interrupts the suspects and requests them to speak in plain English.

--
Rock that crushes, Paper & Scissors that don't matter.
1. Re:A Good Thing? by Tackhead · 2004-12-13 07:52 · Score: 4, Interesting
  
  > Now that this Surveillance Devices Act allows police to obtain a warrant, does that mean that information obtained unlawfully won't stand in the court?
  Information obtained unlawfully never stands in court. Because the Constitution is a living document that must be updated to take into account changing technologies, however, the definition of "unlawful" must change.
  In brief, "Anything not nailed down is ours. Anything we can pry loose is not nailed down!"
  Meantime, the US has had this since 2001, so it's not like Australia's move towards normalizing law enforcement techniques to modern standards is anything new.
2. Re:A Good Thing? by zfusion · 2004-12-13 08:16 · Score: 5, Interesting
  
  I personally don't like the idea of the government using spyware but it is similar to wiretapping. My concerns are the following:
  
  a. Would a corporation (MS) work with the feds to allow this software a backdoor to bypass security and be easily automatically installed on the system?
  
  b. What precautions would be made to make sure this software didn't end up in the hands of others and spyware companies?
  
  c. How are they going to get around more savvy users if firewalls are installed on the systems being monitored?
  
  Not that I am looking to commit any crimes, but from things I've seen in the news lately, I worry about the future US government or any government abusing it's powers. On another note .. from what I hear about China, I could imagine hearing about the government there trying to implement this on all systems to try to make sure the average citizen isn't exposed to anti-communistic web material.
3. Re:A Good Thing? by MasterOfMagic · 2004-12-13 08:32 · Score: 3, Interesting
  
  a. Would a corporation (MS) work with the feds to allow this software a backdoor to bypass security and be easily automatically installed on the system?
  
  If the Feds came to them and said, "You know, if you want to keep doing buisness, we need this from you," you can bet that they would do it. Microsoft is a corporation, and corporations exist to make money, so it's safe to assume that they would cooperate. (One side note: It's not like these sort of hooks need to be added. Internet Explorer seems to pick up spyware just fine.)
  
  b. What precautions would be made to make sure this software didn't end up in the hands of others and spyware companies?
  
  There wouldn't be any precautions taken. My guess would be that the security holes that are exploited to install and setup this spyware would be the same as any other spyware - meaning that the police are learning from existing spyware authors, not the other way around.
  
  c. How are they going to get around more savvy users if firewalls are installed on the systems being monitored?
  
  They'll install backdoors on the firewalls, of course. The same tactic that might get Microsoft on board would get major network companies on board and software firewall makers on board. Rinse and repeat.
  
  I've said this before, and I'll say it again. The only computer that can't be spyed on is one that is turned off, unplugged from everything (including the wall), and buried under three square kilometers of concrete.
  
  (Note: I'm not saying that there aren't secrets you'd like to hide, but a computer connected to the Internet is not the place to hide them.)
Someone please tell me... by WIAKywbfatw · 2004-12-13 07:46 · Score: 4, Interesting

...that having software that (knowingly or unknowingly) blocks or removes this spyware isn't a crime...

--

"Accept that some days you are the pigeon, and some days you are the statue." - David Brent, Wernham Hogg
1. Re:Someone please tell me... by TeraCo · 2004-12-13 08:09 · Score: 4, Interesting
  
  I know some guys in the computer crimes squad of the NSW police, they aren't idiots, and they aren't scared of linux.
  One of the parents is correct that they're likely to just get a warrant, pull your PC/laptop apart and put some kind of wacky hardware keylogger in there instead.
  
  --
  Not Meta-modding due to apathy.
2. Re:Someone please tell me... by Frymaster · 2004-12-13 08:31 · Score: 4, Interesting
  
  If they have a warrant, and access to your computer, what the fuck are they messing around keeping it running for anyway, why haven't they just arrested you?
  because they're looking to get enough evidence to arrest you. all that is needed to get a warrant in most oecd countries is "probable cause". basically, the cops go to a judge and say "we have a guy who says a guy told him that person a might be a drug dealer. can we get a warrant?" and more often than not, the warrant is issued.
  depending on the type of warrant, they can get a one time search and seizure, a wiretap on your phone or a passive listening device in your room. all this law in australia does is just add computer traffic to that list.
  if you are concerned about your privacy and protecting it from the warrant system, you're about two hundred years late in complaining.
  
  --
  2 1337 4 u!
3. Re:Someone please tell me... by Nogami_Saeko · 2004-12-13 09:28 · Score: 2, Interesting
  
  This is why it makes a LOT of sense to install strong encryption software that's loaded BEFORE the OS, making the computer totally inaccessible if you don't know the password.
  
  They can have all of the spyware they want, but if they can't even get the system to boot, they'll never manage to install it, and if the software also logs/displays failed or incomplete access attempts, it'll be tipping the owner off that someone was trying to tinker.
  
  For "secure" computing, I'd be picking a laptop with a bootable encryption system (ala the now-defunct safeboot solo, drivecrypt plus pack, etc). If you were especially paranoid, you could even epoxy the case and peripheral access panels shut to make sure that nobody was going to get inside and add a hardware keylogger.
  
  I suppose you could also sleep with it, and take it everywhere with you, but that may be overkill unless you're especially guilty ;P
  
  On the subject of passwords, it would probably be a good idea to remember half the passphrase as something you can easily remember, and put another 10 or 12 random characters/digits on something easily destroy-able like a stick of chewing gum. If you're ever grabbed by unfriendly agents, pop the gum in your mouth, chew a few times, and all possibility of data being recovered is gone. And you have some extremely good plausible denyability for the password.
  
  N.
  
  --
  "Nothing strengthens authority so much as silence." - Charles de Gaulle
Re:Nice by amrust · 2004-12-13 07:48 · Score: 4, Interesting

I just hope they don't get Ad-Aware and Spybot "on board with the program", to where they won't detect them.

--
VOTE!
Whatever by the_mad_poster · 2004-12-13 07:50 · Score: 4, Interesting

Yea, OK. Because as the software companies have learned from their massively successful bout with game pirates (assuming you use "successful" to mean "it wasn't warezed before it even hit the bloody store shelf") you can effectively use a person's PC against them.

Whatever. Looks to me like the computer geek is just going to become a staple of the successful organized crime family in Kangaroo-land, that's all. You cannot put a skilled person in front of a computer and not have them figure out how to break your stupid protections and spyware and whatever else you want to try and pull over on them. If it's on my computer, and I have a reason to go looking for it, I'll find it, and I'll break it. Guaranteed. You cannot hide things from someone on their own computer.

Yet another technology that will have absolutely no effect on the big time criminals and will waste money catching the little guys that weren't really capable of getting away in the first place. In fact, I'm now taking bets on how long until someone figures out how to sniff out the signature and disable it.

--
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
1. Re:Whatever by ajs · 2004-12-13 08:13 · Score: 4, Interesting
  
  "If it's on my computer, and I have a reason to go looking for it, I'll find it, and I'll break it. Guaranteed. You cannot hide things from someone on their own computer."
  
  I disagree. Bad intrusion software is easy to detect. Good intrusion software is difficult to detect. Top notch intrusion software can exist for years under the nose of skilled people who are looking for it.
  
  Also, what makes you think that the good stuff will be software? Ever wonder what all of that firmware on your video card does? If it just detected certain kinds trigger conditions (perhaps on the bus from certain kinds of ethernet packets being latched off of the network card) and responded by taking a screenshot and saving it into some unused header space in outgoing HTTP requests (hard to grab and re-write from the bus, but I'll bet you could do it)... how would you know? No disk activity. No increase in network usage. No software running on the main CPU...
  
  Better yet, just put it in the network card... that market is totally cut-throat, so I'll bet that anyone who offered a network card manufacturer a large sale or two in exchange for some extra firmware... well...
  
  "Yet another technology that will have absolutely no effect on the big time criminals and will waste money catching the little guys that weren't really capable of getting away in the first place."
  
  Well, it will enforce a kind of evolution, right? The guys who manage (however they do it) to survive this kind of attack will win. That might not be the biggest fish.
Easy fix, sort of. by Gerdia · 2004-12-13 08:04 · Score: 2, Interesting

Use a laptop... use OpenBSD... encrypt your entire drive... carry it with you everywhere, sleep with it under your pillow.
Look ma, no hard drive! by kfg · 2004-12-13 08:26 · Score: 2, Interesting

Knoppix rides again.

KFG
Re:The passed a law but what now... by Anonymous Coward · 2004-12-13 08:28 · Score: 1, Interesting

Somehow I don't beleive this act really relates to software. There are keystroke loggers that are hardware based and do not require logging into the machine to install. Between that and monitoring your communications link, they've pretty much got all the data they need, don't they? Again, it is the same as installing a listening device -- they need to sneak in and install it when you're not there. Now, if you're REALLY paranoid, you could install a camera with a motion detector to detect whether anyone has been tampering with your computer whilst you're not there...
Re:what's the big deal? by dorsey · 2004-12-13 10:47 · Score: 3, Interesting

The only thing you can reasonably conclude from that is that cops aren't in the habit of asking for warrants they know they won't get.

Come back when you have info about how many were later found to have been issued improperly.

--
hinderfreude ('hin-dur-"froi-d&), n. The feeling of joy derived from being in the way.