Slashdot Mirror
Australian Gov't Seeks To Record Citizens' Web Histories
An anonymous reader writes "If you thought the Australian Government's Internet filter project was bad, think again. They have a new project — they are examining a policy that would require all Internet service providers to log users' web browsing history and email data such as who all emails were sent to and from. And that's just the start. Telephone calls, mobile phone calls, even Internet telephony. It's all in there. Looks like 1984 was a pretty prophetic book." Several readers also point to ZDNet's coverage.
When do we finally make the move to a fully encrypted internet? An unencrypted internet made sense in the days that CPU power was expensive and there were no good encryption libraries. Both these problems were solved a decade ago.
The block seems to be the current idiotically expensive SSL certificate business.
The first step would be for the web browsers to add a "low default security" level : user signed certificates are accepted as "normal" connections without throwing up big errors and don't give much of an additional indication.
Expensive SSL certificates can continue to give the "feel good" level of indication by showing the name of the verified company.
What banner is flying over this huge censorship push? What is the general public's thoughts on all this? Usually with this sort of absolute censorship you have a particularly powerful head of state like in Russia, Iran or North Korea. Australia still has free elections (to my knowlege). Here in the USA we had a bit of tightening here and there security-wise with 9/11, but Australia doesn't seem to have any sort of dictator-to-be, nor do they have any significant terrorist threats or major overarching foreign policy that would require them to keep an eye on dissidents. Usually someone can point to some major speech by a prime minister or president outlining an "improved security policy" for the welfare of the country against some outside boogeyman, but from what I can tell, Australia is tightening it's grip on everything for censorship's sake.
moox. for a new generation.
Why? Given the amount of data involved, this seems like gross overkill. Even for hardcore Big Brother.
Encrypting sender and recipient is hard and in the summary it's clear that it's mostly sender and recipient that's being recorded. Who's talking to who is more important for data mining than what you're actually saying to each other.
Do you mean...
1.) your fear the gov't more than you fear the terrorists and pedophiles
2.) you are more afraid of the government than pedophiles and terrorists are
?
Holy hell, Is this a cybercrime promotion bill? I used to work for an small ISP and if my experience was anything to go by I can say security at common ISPs is pretty lax around emails stored on servers and logs of HTTP traffic. Indeed way too many staff had more access to customer data than was strictly necessary, and there were far to many instances of people poking their noses where they shouldn't.
Oh and despite what you think ISPs are routinely hacked, individual accounts are hacked more frequently, and presumably customers private data was frequently taken. This is systemic to coroporate environments - it's cheaper to manage the fall out of a problem than it is to invest in security in the first place. Worst was that management took the view that too much security would actually attract hackers, and preferred rapid heroic responses to fixing things that get pwned than actually making it more robust in the first place. I spent more than a few late nights nuking compromised servers from orbit. Later there would be a report of a 'technical issue' causing customer data to be lost other than what could be revived from tape.
I wonder how much internet identity theft is actually rooted in this kind of silent theft from ISPs.
Now if ISPs were to log everything going back a long way, and have this data poorly secured (as they may just do), this is set up for a serious clusterfuck.
Abbott has refused to speak out against the net filter. Secretly, I would say he quite likes it and will go along with it.
Secretly? (Disclaimer: I have posted this before, but it's worth restating)
Tony Abbot visited humble Darwin city recently and it was there that I personally got to ask him, in his public question and answer time, the following question (roughly remembered):
"The Internet is an important part of the lives of many young Australians, as well as Australia as a whole in this modern age- what do you think of the Prime Minister Kevin Rudd's plan to censor the Internet?"
His answer began:
"Well, I'm afraid I'm probably going to disappoint you..." and yes, unfortunately, he did.
Paraphrased his answer was: "Stopping child pornography is extremely important to me and the Liberal party and therefore, if we can prove the censorship plan doesn't work, we will oppose it; but only *this particular thing*. We will continue to seek effective means to block 'filth' (his word) from entering our country any way we can. If the filter works, we will support it."
Basically the message I got from his reply is that Tony Abbot believes that the filter will work "well enough" and is too much of a hot potato to oppose politically. The subtext I personally divined from his answer was a little more chilling; that the filter didn't go far *enough* for his tastes, and that he'd personally rather a complete whitelist than a blacklist. Therefore, speaking as a card-carrying Liberal... if you think that voting for the Liberal party in the next election will make the filter go away, you are sadly mistaken.
On a side note, the fact that he himself is an extremely religious man probably doesn't help a great deal, since it seems that too many politicians tend to "trust God about these things" when it's abundantly clear that God knows sweet F-A about the Tubes and how they work.
Check out my sci-fi book "Lacuna" at http://goo.gl/MVxX8
WELCOME!.....pls deposit all yer liberties here
> virtually no-one is interested in developing the technologies neccessary to make a secure web a reality
IPv6. It already exists and would/could cover a large chunk of your legitimate concerns. Problem is...the switch-over is taking ages... But it's something you can advocate/implement from your end without waiting on other's.
RIPA (Regulation of Investigatory Powers Act (2000)) requires encryption keys to be handed over, or plaintext provided, on penalty of up to two years imprisonment.
I've always been curious how this works if you simply respond "I don't remember".
I have a 100gb encrypted container that i don't know the password to. I forgot it two days after making it but decided to keep it around on my harddrive on the basis of "in ten years i can bruteforce this in two hours"
It's like an accidental time capsule and should in no ways be illegal.
Hm, using a a bank on the internet without encryption could be interesting. I almost hope that they do ban encryption. Could be fun. Just give me some warning so that I have time to make popcorn :)
"This message was brought to you by Sarcasm and Troll Feeders United (or STFU, for you un-hip people)."
It will be interesting to see over the next 40-400 years whether the civil liberties model of the US or the more socialist model of the Commonwealth works out better. Both have faults, and at this point it's purely academic which sucks less.
Like most Americans, whenever I think of Aussies I think of Crocodile Dundee or Steve Irwin: rugged, outdoorsy individualists. Australia has a history not unlike that of America's Old West: Guns, deserts, ranchers, rugged individuals with a no-nonsense can-do attitude.
What the hell? How did they end up under the thrall of their Auntie? Is this where the US is headed?
Each expansion of government means more money passing through the business of government, and more power that can be leveraged for the next expansion of government. The larger the business of government, the more lucrative and exploitable the business of government for the elite at the top of the pyramid.
There's a reason why every year government costs more, spends more, borrows more, and seizes more power over the people, and it's certainly not because government is getting better.
Did I just imply that the entire business of government is motivated by profit, just like any other business? You're damn right I did.
Any fellow Aussie slashdoters have good recommendation for way to vote in protest to this kind of legislation?
I'm thinking of voting for the Greens in both houses. But I'm also wondering where to spread my preferences. Other than to the liberals and labor that is...
It's truly a sad period in our nations history when we have choices as abysmal as Tony Abbot and Kevin Rudd.
I don't understand how this doesn't stop ISPs from doing a man in the middle attack on gmail and using their own valid SSL cert - I mean, it's not like I can't register a certificate for mail.google.com, the majority of legitimate authorized SSL cert providers will let me purchase it regardless.
I know that the security of CAs is not as it should be, but requesting forged certificates for *all* major websites will require a lot of work and more importantly, it will be noticed sooner or later. And then, all major browser developers will block the offending CA.
Or they could invest in buying one of Netronome's high performance transparent SSL proxies (What? Did you really think current SSL schemes are that secure these days?).
Please... SSL is not optimal, but is is not circumvented by such devices. SSL proxys work if you accept them as CA. They are designed for corporate scenarios, where it is a realistic assumption that all clients trust the proxy and accept it as CA. In the given scanario, it is not plausible to assume that everybody will blindly accept those certificats. So the proxy will simply not work.
assholes of the internet
keep representing australia, up there with the autocrats and the theocrats in the iron fist department. you're awesome
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it