Slashdot Mirror
Aussie Attorney General's War On Encrypted Web Services
Bismillah writes "If Attorney-General Brandis gets his way in the process of revising Australia's Telecommunications Interception Act, users and providers of VPNs and other encrypted services will by law be required to decrypt government intercepted data. Because, 'sophisticated criminals and terrorists.' New Zealand already has a similar law, the Telecommunications Interception and Computer Security Act. Apparently, large Internet service providers such as Microsoft and Facebook won't be exempt from the TICSA and must facilitate interception of traffic."
or else...
>or else what?
We'll take your pants down.
2 choices. One involves bravery, and integrity.
What is wrong with this world? Seriously. First .uk, now .au. Just move to .kp if you hate freedom so much.
All internet services should be redesigned so that it isn't possible for the ISP or anyone but the recipient to decrypt anything (or at least as little as possible).
microsoft is an ISP? what a shit article
Be funny if everyone said Fuck You and just stopped letting Aussies use their services entirely.
http://publicintelligence.net/
how about the free PDF to image viewer you don't have to download?
http://view.samurajdata.se/
and how Tor can be used to visit A and view at B with all strict settings enabled and nothing relaxed? (no javascript required for example)
I don't think this will stop any terrorista.
The attorney-general can write a law to defy gravity, but putting a signature on such law will not make people fly.
In other words: madness.
To Terminate, or not to Terminate, that's the question - SCSIROB
The question is will this law contain provisions that let government officials use services without backdoors?
How would one claim plausible deniability?
"Your honor, I was simply transmitting random ASCII to a friend! He replied with random PETSCII!"
READY.
PRINT ""+-0
And technology will roll on with a new encryption method that is secure and prevents MITM attacks and allows for a key to be generated on the fly so nothing is required to be kept at either end that can be used to decrypt the traffic. Key what key? I'm not familiar enough with the field to know for sure if that doesn't already exist.
So they would ban the use of Perfect Forward Secrecy. Using PFS it is impossible to decrypt the intercepted content even with the Certificate's private key.
Yes Mr. Contractor, for the new ultra-hardened backdoor with super-duper locks I'd like you to leave the key over there under that rock. No, I'm sure only our RSA, NSA, TLA certified guys will be using it. How would anyone else know it's there?
Look where all this talking got us, baby.
Just once when a bad guy says "2 choices" I'd like the lead character to go "No, that's 1 choice between 2 options!" punching the guy in the face on each number.
The department argues the obligation on service providers would merely "formalise" existing arrangements.
This is fallout from the Snowden leaks.
What was once done in secret is now being brought into the light.
I guess I was hoping they'd just stop, instead of legalizing the invasive spying programs.
[Fuck Beta]
o0t!
This will probably be the next step.
1. Make VPN services illegal in Australia.
2. Stop payment gateways from accepting payments from consumers to overseas 'blacklisted' VPN services.
3. Publishers overseas profit!
This is more of a result of the recent hysteria by the Australian Federal Police and Australian Crime Commission over local criminals using Phantom Secure phones to coordinate contract hits allegedly. http://www.abc.net.au/news/201... Brandis might have good intentions, but he's about as illiterate as they get in the NLP on such technology matters. These gangs don't rollover. Even rivals will not roll on rivals. This is a naive idea and will fail miserably in practice, if it ever sees the light of day. Given the makeup of the current senate, not any time soon.
Area51 - We are watching...
Every time a government forces a company to make or create a back door or hand over keys to them, it makes it easier for countries like China to hack the hell out of our companies. Utter stupidity.
The Department is also advised that sophisticated criminals and terrorists are exploiting encryption and related counter-interception techniques to frustrate law enforcement and security investigations, either by taking advantage of default-encrypted communications services or by adopting advanced encryption solutions. The Department’s current view is that law enforcement, anti-corruption and national security agencies should be permitted to apply to an independent issuing authority for a warrant authorising the agency to issue ‘intelligibility assistance notices’ to service providers or other persons. The issuing authority should be permitted to impose conditions or restrictions on the scope of this authority.
...issuing authorities should be able to authorise an agency to issue ‘intelligibility assistance notices’, requiring a person to provide information or assistance to place previously lawfully accessed communications into an intelligible form, as discussed by the PJCIS at Recommendation 16...
...
Where issued to a service provider, such notices would formalise existing arrangements....
When issued to a person other than a service provider, such as the subject of a warrant, the Department’s preliminary view is that a notice would operate in a similar fashion to orders made under section 3LA of the Crimes Act 1914. Section 3LA permits agencies that have seized physical hardware, such as a computer or an external hard drive, under a search warrant to apply for a further warrant requiring a person to ‘provide any information or assistance that is reasonable and necessary’ to allow information held on the device to be converted into an intelligible form.
Recommendation 16
The Committee recommends that, should the Government decide to develop an offence for failure to assist in decrypting communications, the offence be developed in consultation with the telecommunications industry, the Department of Broadband Communications and the Digital Economy, and the Australian Communications and Media Authority. It is important that any such offence be expressed with sufficient specificity so that telecommunications providers are left with a clear understanding of their obligations.
The Department’s preliminary view is to support recommendation 16 in principle.
- Comprehensive revision of the Telecommunications (Interception and Access) Act 1979, Submission 26
No more need be siad.
I can't even imagine what someone less compassionate than him is like.
I seem to recall the Joker having a better sense of morals...
What about firm which communicate using VPN ? No entities are in Australia , just maybe a worker or two communicating with a german firm for example.
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
This is pretty stupid, for two reasons: First, there are enough cases where keys exist temporarily and cannot be reconstructed (e.g. all DH-established keys) and second, it allows users to find out what exactly was intercepted, by using a new key for every unit of data.
That it is also completely unethical and only worthy of a totalitarian regime (where the "sophisticated criminals and terrorists" have taken over the government) is just the icing.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Land of the seriously fucked.
Your wildlife all wants to kill you, your government wants to turn you back into one big penal colony.
Viva la revolution!
God save the Queen and the fascist regime.
Tony Abbott and his strong arm tactics.
He uses secrecy for the governments actions
and is pushing his conservative, fascist agenda.
Go well
Abbott and his mates can legislate Pi to be 22/7 for all I care though they will have to convince the senate. Anyone who depends on modern technology to conduct business will just move elsewhere just as manufacturing has. The poor bastards like me who are too tied down to consider moving will just work around their stupidity as we always have. Fortunately unless my fellow Australians have gone completely insane he will be out after one term and the Libs can take a broom to the arsehole conservatives who have poisoned their party and get back to their core values of individual liberty, free from the tyranny of government interference.
New Zealand is going (maybe) to get a new flag (new FLAG, I said, oh what this isnt 4chan, nevermind) well anyway the Enzedders are planning a nice black flag with a silver fern leaf. Like the logo of their football team, the All Blacks. Classy.Very nice.
I would like to see as new Australian flag which replaces the English cross (the combination of wales england and scotland crosses) (oh there's a thought... what if Scotland _does_ leave the United Kingdom. Does this mean all the ex-commonwealth countries have to remove the scottish part of the english cross that would make it a standard double cross rather than the superb triple cross that says 'UK - once we had an empire but we still own all the banks').
So lets put a red kangaroo up there instead, makes it very friendly a la Qantas (Tony, if you are on slashdot tonight for policy ideas, how about licensing the red roo logo from Qantas say $250m per year. Joycey is awaiting your call...)
Yes a nice friendly welcoming kangaroo (unless you're trying to sneak passed the Abbot drones. Refugees: "Nobody wants us, because we didn't come by Qantas")....
OK where were we? that flag idea? The way this mob of sheeple here are so insipid, probably they'll go for a upgrade on the Southern Cross to the Southern Swastika (subtle eh?). Rupert would LOVE it.
Cryonics - Keep cool and carry on.
He never said anything about this before the election. This isn't about terrorism. Its about finding whistleblowers and critics of his government. Fascist.
..that this is basically whats happening already? Only you don't share the common secret before the trip, but use some other form of encryption to do so remotely. Just cut this phase out, share the key beforehand, no need to be 2 terabytes, 256 bits is well enough, that's what block ciphers basically do anyways; generate random data that's messed up with the data. The random data is generated from the key.
I mean at least it would be consistent.
I find both equally appalling.
"One of the penalties for refusing to participate in politics is that you end up being governed by your inferiors." ~ Plato
Well, would they really need to ban SSH?
More than likely all they need to do is force the VPN provider to log. Incoming and outgoing connections, the times at which they were made and the credit card information attached to the account - it's all they'll need to prosecute in Australia anyway. If the VPN provider doesn't cooperate and they're in Australia they're prosecuted. If the VPN provider doesn't cooperate and they're outside of Australia then their blacklisted at the payment gateways*.
I'm not saying it's going to be perfect, but it'll be a big step towards stopping people who use these services to avoid geographic blocks or use them as an anonymising service. With the TPP looming as well, it's just going to get worse in Australia.
* As an example, IIRC, Visa, Mastercard and Paypal blocked payments to iPredator recently. I'm sure that they'll accept other payment methods (bitcoin, etc.) but it's going to make business for the VPN provider and their potential customers more difficult, potentially enough so that they'll decide it's not worth it.
Before any jackass says the NSA can decrypt anything, this is proof that they can't.
... that 256-bit block ciphers are not equivalent to one-time pads, right? 256-bit block ciphers are merely difficult to attack. One-time pads are impossible to attack, if the pad is not physically compromised. SHA-256 etc. do not generate random data, they generate pseudo-random data. Random data is something like the LSB of a live microphone sent through arithmetic coding, and cannot be reverse engineered by anyone ever.
If you're prepared to go to the expense of meeting the other party and exchanging physical material, you can swap a USB keydrive full of random bits just as easily as you can swap a 256-bit PRNG seed. The only issue then is, do you trust the other party hasn't been compromised?
> "Because, 'sophisticated criminals and terrorists.'"
When speaking in post-l33tspeak, one wouldn't put a comma between "because" and the unqualified phrase because stupid.
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
He wishes.
These efforts are a call to arms for private citizens to build their own networks far away from the prying eyes of government. The technology is now a commodity. Anyone who wants to do this, has the ability.
Seems to me that would prevent decryption, just just tunnel over top of the VPN. If the provider would decrypt the data, but it would still be encrypted with your private key.
encrypt your message, send it in clear, no one but no one can decrypt it unless you give up the key. Never heard of one time pads? Google it.
What about VPNs hosted outside of Australia? I'm guessing that this is pushback by the Aussie branches of content providers. Too many people are bypassing their local high prices by getting iTunes and Netflix from the USA over VPNs.
If they think that 'bad guys' are going to rely upon a service's key management for nefarious communication, they are nuts. All the criminals/terrorists are going to use end to end encryption on top of any other transport service.
Have gnu, will travel.
He gets away with it because he has no threat that the Ausies could revolt, because they don't have any guns on the most part. So he has no fear.
Never give up your guns.
COMING SOON TO THE UK(TM)!
Freedom from choice!
...then you make it easy for the not-law enforcement people to decipher. Repeat that until it sticks.
"Oh, but the Australian security services will hold the keys. Everything will be fine. Look away!" No, then the 'sophisticated criminals and terrorists' will target the security services, trying to get hold of those keys. And odds are they will be successful, eventually.
A-G Brandis, and others of his persuasion, continually trip-up on the notion that there are short-cuts, easy ways out, and national security trumps all other considerations. However the iron-clad rule of security always holds true. Someone who does not know something, cannot reveal that something. This is the basis of Need To Know.
Even A-G Brandis ought to understand that. Perhaps he doesn't want to?
The crack smoking is strong in this one.
Really, you shouldn't take what Georgio says too seriously, after all America passed a law that effectively made VPNs illegal (exact language was it was illegal to obscure the source and destination of a transmission). The result of which was absolutely bugger all. The reason for that being that today, without VPNs, everything would fall apart. Georgio takes it a little differently saying that you have to let us in to your VPN so we can unencrypt your transmission. This is also patently stupid and shows a complete lack of understanding of technology. Georgio mate, the thing is with encryption, that the keys changed frequently to prevent morons (like you) cracking the encryption by brute force. Those keys are usually not recorded anywhere, so if you're intercepting our transmissions you're shit out of luck. If you want to legislate that all those keys must be recorded then you are doing that which Snowden was so critical of: undermining the security that protects the digital age.
Incompetence, they name is government.
If you use Dropbox, Box, Google Drive, OneDrive or Egnyte, you should try nCrypted Cloud www.ncryptedcloud.com. We allow Secure Collaboration as well as data revocation even after the data has been shared with others.
This is not a problem as long as law enforcement needs probable cause and a warrant issued by the courts that can be challenged.
That is no different from routine procedures.With a warrant they can arrest you, strip-search you and lock you up in a cage until they find enough evidence to charge you. They can tap your phone and communications, get access to your online accounts and go through, use GPS trackers, search your house or possession and take anything relevant, take your computer and decrypt what is on it, take your bank records or even your medical records if they have grounds.
The idea that criminals have the right to conceal information from law enforcement just because it is in digital form is nonsense. The problems are that government agencies have found ways to collect private information without warrants and safeguards, and that courts have been OKing far too many dodgie searches. There needs to be reform to keep up with technological change and changing standards of privacy so that you can protect people's privacy, but still protect them from criminal acts and deliver justice.
The main flaw in this proposal is the extent that criminals are smart enough to securely encrypt stuff and obliterate the plaintext before sending it over any wires or airwaves. Fortunately most criminals are still stupid.