Australian Law Enforcement Pushes Against Encryption, Advocates Data Retention

angry tapir (1463043) writes "Australia is in the middle of a parliamentary inquiry examining telecommunications interception laws. Law enforcement organisations are using this to resurrect the idea of a scheme for mandatory data retention by telcos and ISPs. In addition, an Australian law enforcement body is pushing for rules that would force telcos help with decryption of communications."

nothing new here.

ACC et al always recommend such laws, so far they always get rejected, they aren't practical or cost effective. It would be the same if you asked the FBI or CIA about such laws. I would expect nothing less from them as their goal is to monitor and apprehend criminals and to remove roadblocks from doing that, there job is not to protect privacy, thankfully the privacy advocates are also questioned in the inquiry and they recommend the other extreme, in the end we end up with something in the middle.

Re:nothing new here.

Long term, it will just bite them in the butt. Right now, it is relatively easy to watch traffic. However, once the bad guys know that all packets can be coughed up on demand, they will move to TOR [1] and start encrypting everything at the endpoints. Once everyone (criminals, regular people, businesses) start doing this, it will make law enforcement a lot harder because the only choice is to demand backdoors in every computer [1] by law, and even then, the bad guys will just resort to Al Qaeda-style messengers and dead drops as a last resort.

[1]: Once backdoors on endpoints change to being mandated, this would have a lot of blowback. A bad guy in some country hostile to Australia will eventually find it, and can wreak extreme havoc. This is only a matter of time.

Re:nothing new here.

[1]: Once backdoors on endpoints change to being mandated, this would have a lot of blowback. A bad guy in some country hostile to Australia will eventually find it, and can wreak extreme havoc. This is only a matter of time.

Difficulty: That's precisely what we said about backdoors in the phone network when CALEA was passed 20-30 years ago. There was blowback from the cypherpunks, it got passed anyways, and today it's regarded as the status quo.

Re:nothing new here.

[BiIl_the_Engineer]

thankfully the privacy advocates are also questioned in the inquiry and they recommend the other extreme, in the end we end up with something in the middle.

"the middle" is not always right. When it comes to privacy, it isn't. Annoying how people are so readily willing to sacrifice individual liberties in the name of 'compromise.'

Reason to use end-to-end encryption

[DrYak]

Add this as reason #2'175 on the long list of why one should definitely use end-to-end encryption.

If you use a well designed end-to-end encryption, that has been validated by cryptologist (think OTR for chat, ZRTP for voice), I doesn't matter what the quality of the underlying link is or if telcos are helping breaking the link.

Best part? These technology can work over your already existing systems (though ZRTP can't work over Skype's voice and video. It only works over SIP or XMPP/Jingle - i.e.: the standards that the whole rest of the internet is using).
So you can OTR encrypt your chats over your Google Talk's XMPP session.

And there are clients supporting them either out-of-the-box (jitsi, adium) or with a plugin (pidgin), over your existing accounts (XMPP like Google Talk, or any random SIP provider).

Re:Reason to use end-to-end encryption

[Craefter]

Good idea, it works right up to the moment when it is a crime if you use non-government approved encryption methods.

Re:Reason to use end-to-end encryption

[Znork]

Isn't google dumping XMPP completely in less than a month?

Re:Reason to use end-to-end encryption

[jonwil]

If I know Tony Abbot and co, there are government law drafters who have been given the task of taking the UK RIP act (the one that lets them send you to jail for refusing to hand over encryption keys) and invent a similar law that fits the Australian system.

All in the name of fighting "Terrorism", "Child Pornography" (that TV star who recently went down for being a kiddy fiddler will probably be used as an example of the sort of people these laws are intended to stop), "Organized Crime" (bikie gangs, gun violence, drug rings etc) and whatever else the government and the mainstream media can BS the general public into thinking is a far bigger problem than it actually is and that the only way to stop it is to bring in these new laws.

I cant believe there are people in this country stupid enough to actually vote for these guys after what happened during the Howard years when we got all sorts of stupid laws (quite a few of which Labor repealed and Abbot now wants to bring back)

Re:Reason to use end-to-end encryption

"doesn't matter what the quality of the underlying link is"

= wrong

"your existing accounts (XMPP like Google Talk..."

= you're suggesting end-to-end encryption, and then suggesting a service by a company that forces and guarantees eaves dropping in its EULA? = wrong

Re:Reason to use end-to-end encryption

[DarwinSurvivor]

All I've been able to find is that they are removing it from their video and voice chat (hangout, google voice, etc) systems and that they may disable the federation system (allowing google users to chat with non-google users). Do you have any references to them closing the xmpp chat altogether?

Re:Reason to use end-to-end encryption

[wonkey_monkey]

Isn't google dumping [insert service here] completely in less than a month?

Very probably.

Re:Reason to use end-to-end encryption

[FuzzNugget]

Two words: network effect.

I tried switching over my family to an XMPP setup. I installed an XMPP daemon on a home server and made it as easy as I could to get everyone going.

"Why do I have to do this?"
"What's wrong with Skype?"
"This program doesn't look exactly the same, I'm lost!"
"Oh, you're so paranoid!"
"If this is so secure, what's this certificate warning about?"
"Why, are you doing something illegal?"

Sigh... technology can't fix stupid. Until it "just works", nothing is going to change.

In their defense, Jitsi (the only client with OTR and ZRTP, as far as I know) is pretty buggy.

Re:Reason to use end-to-end encryption

"doesn't matter what the quality of the underlying link is"

= wrong

No, right. Want proof?

2376gvyahgba2567qush345vq34ty

Now, what did I just say? According to you, it should be trivial to decode, since the "quality of the underlying link" I used to post it was completely unencrypted.

Re: Reason to use end-to-end encryption

That would be the majority, as it turns out ... Because, that's who we have ruining the country at the moment ...

Re:Reason to use end-to-end encryption

[rdnetto]

If I know Tony Abbot and co, there are government law drafters who have been given the task of taking the UK RIP act (the one that lets them send you to jail for refusing to hand over encryption keys) and invent a similar law that fits the Australian system.

They'd be a bit late.

-- http://en.wikipedia.org/wiki/K...

Invading privacy is the crime

[Craefter]

When will common people realize that invading privacy is a crime? Instead there seems to be an acceptance of it being just collateral damage in the war against child porn and terrorists.

Don't come with "if you have nothing to hide you don't need privacy" tantrum because I think privacy is an emotional necessity for the development of a healthy brain. Too bad so much will have been lost before before the general public realizes what has been lost.

Re:Invading privacy is the crime

Did you know that Australia, unlike US, has no constitutional right to privacy? Their constitution is mostly a skeleton-y framework to have a government going with processes involved (e.g. who can vote), but otherwise leaves everything else out (e.g. there's no right to bear arms). Privacy laws in Australia are very situational, and this is just another thing they're trying to iron out.

Of course, certain parties and bodies will push for it, but eventually it'll settle down and a sane decision is made.

Then again, the fucks in power right now are spending $12b on buying shitty planes while destroying social healthcare and education, so there's that.

Re:Invading privacy is the crime

Did you know that Australia, unlike US, has no constitutional right to privacy?

and yet the privacy laws in Australia are actually significantly better and stronger than the US ones. sadly the US constitution is little more than a piece of paper that doesn't reflect the culture or laws of the country.

Re:Invading privacy is the crime

The US did the same with communism. Only they went way to far with that, they arrested people, and accused them of being sympathizers. They went after the press/media [tv, film, radio, professors, authors, ect...] And after reading what they were accused of I thought, and I seem to be one out of very few, that the US was trying to push its own version on communism onto the American people.

They've tried to blame porn, marijuana/drugs/alcohol, video games, ect, for the ills of society. I remember these far moron right wingers saying if I smoked pot I supported terrorism, if I drive a gas guzzling vehicle I was helping fund terrorism, similar rhedoric nonsense they did with communism.

I do have hope, even tho I continue to blast the average Jane/John public. I believe they care, but what can you do about it? Are you going to vote? Thats been real successful, are you going to join Right groups? Start and Sign the ignored White House Petition web site? Anything and everything these groups have done has failed.

You do have a choice, educate yourself on the internet and try to protect yourself as best as you can. And fuck the politicians and government as a whole, who continue to use propaganda to implement more control. I fear that the government single handily has done more harm and caused more death and destruction to the people then all of the ill willed attacks against us.

I have hope because brainless politicians and other groups that have tried to implement censorship, tried to control the balance of Civil rights have failed, because the enough of the American public actually cared enough to fight back.

Re:Invading privacy is the crime

When will common people realize that invading privacy is a crime?

The simplest answer to that question is when the law is equally applied to both lawmakers and the citizens they wish to control and manipulate.

This is the fundamental problem. Every fucking time.

As long as lawmakers have an escape, they'll bow to the highest bidder, via campaign "contributions", which is nothing more than a legal term for illegal activities. Our votes are not cast anymore. They are bought and paid for.

Re:Invading privacy is the crime

[wonkey_monkey]

But they're not "invading privacy"! They just want the option to invade privacy at any time. Biiig difference.

Re:Invading privacy is the crime

[SuricouRaven]

Armchair psychology aside, there are implications for political debate even in free societies. It's difficult to campaign for the legalisation of X (whatever X is) if you cannot do so anonymously, because most of those campaigning for legalisation probably do X and so would become targets for arrest. This also applies if X is merely very unpopular, to the point that speaking in favor of it would result in protests, possible violence, boycotting of business, etc.

Re:Invading privacy is the crime

[LookIntoTheFuture]

If I had mod points you'd definitely get one. It seems like, over time, people forget why things like this are important. It is worse now because this new privacy invasion is not in your face. No one is pushing their way into your home to rummage through your things. It's invisible, and many people choose not to see it for what it is and for what it will become.

Re:Invading privacy is the crime

[blahplusplus]

"When will common people realize that invading privacy is a crime?"

Probably never, the enlightenment was wrong about how the brain worked, see here:

https://www.youtube.com/watch?...

One of the big boys

Now that Australia is getting involved in the global 'school tie' network, the police have been demanding exceptions to all rules of due process. It's partly a 'war on terror' and the start of an Aussie 'War of drugs'. Unfortunately, the 'war on terror' argument is working.

Re:One of the big boys

[IamTheRealMike]

These sorts of discussions are nothing new. Debates about how to handle modern cryptography have been running since its invention. The police are judged exclusively by their ability to catch criminals. They are not judged on how eloquently they argue for civil rights. Plus, they are exposed to the pointy end of criminal behaviour and its impact on people every single day, so of course they tend to get frustrated when they can't stop it. They are rarely if ever exposed to the pointy end of government abuses of power, partly because it's often them or their colleagues in the national security state doing it.

All the above has been true ever since the modern concept of a police force was created back in Victorian England. The police ask for more powers so they can catch more criminals. The job of the politicians who can give them that power is to weigh the costs and benefits, and try to ascertain the mood of their voters. Sometimes they say yes and other times they say no.

So just because in Australia the police are asking for more powers does not imply anything is wrong or unusual. The real thing to pay attention to is the final outcome.

The real reason these sorts of discussions cause widespread concern, especially on sites like Slashdot, is not the inherent push/pull compromise-based process of making and enforcing law, but rather trust in the whole process has broken down to such an extent that nobody believes the outcomes will be fair or properly enforced.

Re:One of the big boys

[LookIntoTheFuture]

nobody believes the outcomes will be fair or properly enforced.

Over time, they won't be. Power corrupts. That's why it should be forcibly limited on those who have it.

One more reason to give them work

[jupiter126]

If they want to have fun decrypting, lets at least give them a worthy challenge ;)

I send myself files coded with over 10 different algorythms (use of a bash script to automatise crypt/decrypt.
code is there: https://github.com/jupiter126/...

So It Begins !!!

TPTB really want to drive us towards Mesh Networking with encryption.

C'mon. Do it. Do it. Do it.

Re:So It Begins !!!

mod parent up

feels like

[arbiter1]

Content industry probably behind this.

Same as UK

[malx]

Sounds like they're copying the law here in the UK. Which for a five-eyes country isn't that surprising.

POT (Personal Open Terminal) removes pretense

on & open 24/7 (except in the bathroom) everybody knows whois logged on... pretending corepirate nazi digits will somehow secure us from our fake history & heritage is psychotic thinking at least... can you see us {;^)-)-(? remember,, friends don't let friends blog nuts,, share the keys

www.computerworld.com.au site

[gnasher719]

Tried to post a comment on their site without having an account. Got an error 403 (forbidden). In other words, the guys creating their website and/or server software are clueless twats.

And every company wanting to avoid the fate of Lavabit must just make sure that they don't have the capability to decrypt customers' data. That way, the company and the customer are safe from law enforcement. (Hiring a lawyer at the right time also helps, and sending keys to a court in a 4 point font doesn't).

Re:www.computerworld.com.au site

You could just use something like this http://news.softpedia.com/news/Script-of-the-Day-EveryPass-438329.shtml

Remember 911

[Bruce66423]

That's the excuse that is being trotted out by our lords and masters. In that context, these moves make sense in their eyes. The debate is whether (a) whether the threat is real (b) it's enough to justify the intrusions by the state and (c) whether the state actually achieves anything by these intrusions. All these points are disputable, but it's unfair to dismiss them without consideration.

Re:Remember 911

[gnasher719]

That's the excuse that is being trotted out by our lords and masters. In that context, these moves make sense in their eyes. The debate is whether (a) whether the threat is real (b) it's enough to justify the intrusions by the state and (c) whether the state actually achieves anything by these intrusions. All these points are disputable, but it's unfair to dismiss them without consideration.

Fact: If a service provider is capable of giving my information to law enforcement when faced with a legally sound and fully justified search warrant, then they are capable of reading my information without any such warrant. Including information that they have no right or justification to access and that is highly sensitive and could be highly damaging to me if published.

Re:Remember 911

[BiIl_the_Engineer]

No, it isn't, because freedom is more important than safety. Whether the safety is real or not is irrelevant; anyone who would sacrifice such fundamental liberties for safety is a coward who is making their country worse.

Re:Remember 911

[lagomorpha2]

No, it isn't, because freedom is more important than safety.

Not in Australia.

Jail and keys

[DrYak]

If I know Tony Abbot and co, there are government law drafters who have been given the task of taking the UK RIP act (the one that lets them send you to jail for refusing to hand over encryption keys) and invent a similar law that fits the Australian system.

To be "jailed for refusing to reveal keys" requires that there ARE EXISTING keys in the first place.

Modern encryption like OTR and similar are based around "perfect forward secrecy". They DO NOT use stable cryptographic key on purpose, instead they rely on "ephemeral keys" (in the case of OTR, that's DHE).
There's no real key to be handed over.
(Also because there's no real key to be handed over, DHE needs to be paired with something else to authenticate guarantee against MITM attacks.
The web use public keys for that (RSA is a popular thing). In the case of OTR, instead of keys they use "Socialist Millionaire, it doesn't rely on any actual key)

(That's part of the discussion around Lavabit, had they used PFS, they would be able to simply handle their key and switch to newer. The NSA wouldn't be able to decrypt anything with the old keys (if DHE or ECDHE was used instead) and they wouldn't be able to further impersonate Lavabit if the revealed keys was revoked/updated. Saddly Lavabit used classical public key crypto and all communication would have been retro-actively hosed by revealing the key.
It's also part of the discussion around Heartbleed. If heartbleed has been used to retrieve keys, sites using classical PK would be more compromised than sites using DHE/ECDHE : the former had all they communication retro-actively hosed, the latter can only be impersonated in the future until they leak is discovered and the key revoked/changed)

Of course, as mentioned by the parent-poster, this is all shiny and nice in the math/crypto world, but...

it works right up to the moment when it is a crime if you use non-government approved encryption methods.

The Australian government could make a future law making mandatory to use special forms of crypto, that DO use keys (say bye-bye to DHE/ECDHE or at least ECDHE with a secure elliptic curve) and that require the key to be deposited in a government-accessible escrow (like requiring the password to be transmitted crypted with a government-own public key, or requiring ECDHE with government-compromised curve).

Re:Jail and keys

To be "jailed for refusing to reveal keys" requires that there ARE EXISTING keys in the first place.

No. There just needs to be a law that requires you to reveal the keys.
You can claim that there are no keys as much as you want, that will only give the court a reason to add a "destruction of evidence" charge on top of "refusing to reveal keys".
Don't think that unjust laws will ever work in your favor.

Re:Jail and keys

[Immerman]

Quite right. Using software that explicitly makes it impossible for you to comply with the law is not defense against the law. It can potentially be defense against revealing your secrets in the face of "rubber-hose" decryption attempts, but unless your secrets are *really* important you're unlikely to appreciate being unable to reveal them under duress.

Re:Jail and keys

When it gets to that point, it's time to start working on good steganography schemes..

PGP/GPG

I long to see they efforts with PGP/GPG

Details

[DrYak]

They are dumping the "Google Talk" brand for their chat and moving to the consolidated "Google+ Hangouts" service.
That service, according to its authors, works on a modified XMPP.

Currently:
- pidgin (and other XMPP users) can log with XMPP even if they switch to hangouts.
- Google+ Hangouts doesn't accept server-to-server communication (you can only chat with other Google users. You need a separate account, for example @jabber.org, to be able to chat with the rest of the XMPP network) [*]
- Google+ Hangouts users only receive message that are sent while they are logged into XMPP at the same time (if both end points are online, you receive the message through XMPP). Google+ Hangout has some weird propretary extensions using GMail as a storage for offline communication. (So you won't receive your missed message in pidgin when you log in, they'll appear in your inbox instead) [*]
- As a corrollary of the previous, Google+ Hangout use a "Read up until this point" shared with GMail to handle advertising of who has read what. 3rd party users will by missing that too. [*]

So hangout is currently functional, but service is severely degraded (until Google publish their extension or someone take opportunity to reverse engineer them), and it's again back to "isolated islands of communication" like in the prehistory of internet chat, all in the name of "protecting against SPAM".

Current speculation is that XMPP is a too precious service for Google in the corporate world, and that they'll end-up opening a bit the protocol. (On the other hand, I don't set my hopes high for inter-system communication: given the current trend in both their concurrent [Facebook and Whatsapp, Skype, etc.] and mail system in general [overzealous SPAM filtering tends to shut out small private server] )

----
[*] So basically their level of support of XMPP is degraded back to the level of facebook's: it more or less works, but misses lots of functionality (offline message/history, who-has-read advertising), and is an isolated island (facebook only provide XMPP as an alternative interface for 3rd party clients. They don't accept server-2-server).
The only difference is that Google service actually still run on a XMPP-derivative back-end (according to the other).

Random data

[flyingfsck]

No your honour, it is not encrypted data. My friends and I send random data to each other just for fun... z"dy`e"DG"NkOV83,N:

Re:Random data

[MadKeithV]

Ia! Ia! Cthulhu Fthagn! Ph'nglui mglw'nfah Cthulhu R'lyeh wgah'nagl fhtagn!

Re:Random data

[Charliemopps]

That should work... but the fact that the court can order you to disclose your password, and put you in jail if claim you don't remember it, kind of makes me think they'll just say "fuck it" and you'll be sitting in prison indefinitely.

Re:Random data

That should work... but the fact that the court can order you to disclose your password, and put you in jail if claim you don't remember it, kind of makes me think they'll just say "fuck it" and you'll be sitting in prison indefinitely.

You are required to disclose a password (read: TrueCrypt hidden volume purpose)

And in this case, when you disclose said password, it will reveal exactly what you told the judge in the first place. "See your Honor, I told you my friends and I enjoy sending random bits of data to each other."

It is up to the countries citizens if they wish to accept abuses above and beyond that, such as indefinite incarceration. That is the fault of the voter for allowing such insanity to be voted into office in the first fucking place, and it is the voter's responsibility to remove it.

Re:Random data

That actually sounds like a decent "prank" to play on the spooks. Maintain a heavily encrypted stream of complete garbage between several people. Bonus points for those brave/crazy enough to try to make their traffic look very suspicious while totally legal. Let the bastards eat chaff and hopefully a PHB will start firing people for being unable to do the impossible.

OTR is an overlay

[DrYak]

you're suggesting end-to-end encryption, and then suggesting a service by a company that forces and guarantees eaves dropping in its EULA? = wrong

OTR works as an overlay. It first encrypts message (using perfect forward secrecy with DHE and deniable [=keyless] authentication with Socialist Millionaire).
Then it sends *THAT* message over the network.
The thing which transits through the network is completely useless for any interception.

Want a proof ? Open two clients: open pidgin with OTR enabled, open Gmail's Google Talk at the same time.
Send a message with pidgin to an end-point having OTR enabled too (say a jitsi user).
The other end-point receives a clear mesage (thanks to its copy of OTR), but the message logged on the server (appearing in Gmail) is crypted gibberish.

(For added secrecy, you can also use TOR, then the ISP couldn't even intercept even the metadata).
(And tor is working for adding a OTR-enabled InstantBird into their bundle).

You could even do the same on Skype (which completely close-source) though it would require a lot more hassles.

Maybe

I was thinking reason #2175 that Australia is a lost cause. They seem dead set down there on being just like the UK, which has headed down a very scary path. Any person with any desire to not become a slave to the state should be making plans to leave...

XMPP on Hangout

[DrYak]

Bug post from a user using XMPP with Hangout. It works but offline message aren't supported (as Hangout instead use Gmail for history storage).

I also had a link with a citation from author explaining that hangout is still an XMPP derivative under the hood, but I lost it :-(

Re:XMPP on Hangout

[DarwinSurvivor]

Other than offline messages, that post seems to imply that they are still using XMPP and that things like OTR encryption should still work just fine.

Wanted: Private information refuge.

It's so sad to see my adopted country, Australia, going down the same drain as the country our family sought economic refuge from, England! At any moment, the AFP could break down the door, nick the disk drives, and put me in the clanger until I hand over the crypto passphrases. Information security is under threat in Australia. Knowing my luck, the NSA has read the IP address for this AC post, given it to their Australian mates at the DSD, and the AFP (Australian Federal Police) are on their way with sledgehammers. Well maybe it's not quite that bad (for me) this year, but in a few years I will be looking overseas for some sort of private information refuge. I can imagine that in 5 to 10 years from now, people will immigrate to get information freedom. The freedom to think aloud with being eavesdropped and videoed. Please mod this item down immediately so that no one notices it.... (By the way, NSA, I'm not really at this HTTP client IP address. I hacked into someone else's computer so that I could use their IP address for this AC post!)

so they can be more like the NSA

[FudRucker]

and steal data so they can help their criminal friends on wallstreet to get richer

It's not about porn or terrorism

[matbury]

The police and security agencies I've read about, e.g. FBI, MI5, Scotland Yard, have long and shady histories when it comes to infiltrating legitimate political organisations and trade unions and undermining them, or outright intimidating and/or ttacking them.

I've also read that the regimes in N. Korea, Iran, Saudi Arabia, etc., do more than just this. Why not develop and use technology that protects political engagement and democratic paricipation?

Letters ~= end-to-end encryption

[davecb]

We used to use paper envelopes with glued or wax seals, and the government guaranteed they would deliver the letter unopened. You could verify both in the era when that was current technology. For the king's spymaster to read your mail, he had to get an order from a judge to authorize it, and employ a fair bit of skill to replace the broken seal or envelope. Similarly, "pen registers" of who you communicated with also required judicial permission, but weren't detectable.

Over time the technology changed, but the guarantees held. They hold to this day.

Today we need the same guarantees for email, that a security service needs a court order, and that you can detect non-deliver or opening. This suggests a B>very different law than proposed here. The ACC should be saying

Because of changes in technology, the ACC has obtained access to a windfall of information without judicial oversight, in direct contradiction to existing law concerning the postal service.

While this has aided us in the investigation of serious and organised crime, it is arguably a breach of at least the spirit of the law. The ACC request the TIA act be amendeded to provide the same protections to Australian citizens as they have for postal mail.

ACC will, effective immediately, apply to the courts for retention orders for material it wishes to be kept, production orders for information which it wishes produced, currently called "metadata", and wiretap orders for information which is the content of messages. We understand this will have an effect on investigations which are proceeding illegally, but as guardians of the public, it behooves us to obey the law"

E-Mail ~= Post-cards vs. Modern day crypto.

[DrYak]

Title: "Letters ~= end-to-end encryption" - We used to use paper envelopes with glued or wax seals, and the government guaranteed they would deliver the letter unopened. You could verify both in the era when that was current technology.

There's a difference though. In the "wax seal" era you mention, the whole thing still rely on trust. You would need to trust the government, and the government neet to guarantee that the letter gets through unopened.
The only thing you could hope for is being able to *detect* tampering. Not *prevent* tampering.

Modern day cryptography is based around a no trust paradigm. The lesser number of people you need to trust, the better.
(And in the case of OTR, you don't even trust your correspondent. The protocol is designed on purpose to not have provable authenticity. You can ephemerally secure an on-going discussion with Socialist Millionaire. But nothing afterward could be used as proof as any log could have been tampered with).

The historical era closest to this isn't the "wax seal" but the lock (with a self destuction anti-tamper mecanism built in). No one but the person having the key could do anything. With a suffisently complex lock and self-destruct system, it could even thrwat the most advanced locksmists of their time. It would require a lockpick that isn't available yet. (Modern day equivalent: with a secure enough crypto and a long enough key, it's not possible to brute force before the heat death of the universe with the current knowledge of mathematics and physics. It would require some advance in science like the mythical quantum computer, or new breakthrough in cryptanalysis though the latter seems less probable as crypto technologies advance). Even if the government decided not to follow its promises it wouldn't do anything. (Whereas a wax seal could be broken. End point would notice the tamper, but not be able to prevent it).

Over time the technology changed, but the guarantees held. They hold to this day.

Again, you must make the distinction between a system that relies on guarantees (I trust that the post isn't going to open my letters vs. my letters are based on a technology that is not technically breakable in the current state of knowledge in the current universe).

Today we need the same guarantees for email, that a security service needs a court order, and that you can detect non-deliver or opening.

The problem is that the fundamental technology behind e-mail is AS SECURE AS a POST-CARD.
Even if everyone along the chain guaranteed to uphold promises of not peeking in unlawfully, there's still ton of risks of spilling out sensitive data just by accident.
What if the post card fell on the ground and was seen before the postman manage to pick the post-card back (What if any data packets end up where it shouldn't?)

The only way to be secure is using modern trusted crypto.
The only way to be able to trust your crypto is if the trusted end-point (you and your correspondant) are in charge of it.
You encrypt your information locally, on a machine you trust, using a piece of crypto that you trust.
Then send it with whichever technology you want, even if it's an unsecure one (like e-mail) or an untrusted one.
Your correspondant take that message, and then decrypts it on a trusted machine using trusted crypto.

The end-point are in charge of the security. Nobody inbetween needs to be trusted.
Hence end-to-end crypto.

Re:E-Mail ~= Post-cards vs. Modern day crypto.

[davecb]

I quite agree, the technology changed, and we need to both change with it, and take advantage of it to create stronger guarantees. At the same time, we don't want to depend on a single point of failure.

I actually think we need a defence in depth. Guarantees offered by an arms-length postal service, technical means of testing the protections, legal protection from the law where the guarantees are breached, and enforcement of the law by independent, arms-lengths police under the oversight of a string court system. Add to that a technology that makes it impractical for a middleman to leak one's information, and protection against a security service demanding your keys without laying a 20-page "information to obtain" before a non-trusting judge.

We're not just protecting ourselves against the watchmen: we're also protecting against plain ordinary villains, ones who will snatch your letter out of your hand and go belting off down the street with the "Bow Street Runners" in hot pursuit!

--dave
I once took a safety-critical-systems course: from it's point of view, our email system is at least as horrible as post-cards, and perhaps even worse

Take the thing into your own hands

[DrYak]

When will common people realize that invading privacy is a crime? Instead there seems to be an acceptance of it being just collateral damage in the war against child porn and terrorists.

Then take the things into your own hands. The technology is already here, it's called "Cryptography".
Well designed end-to-end cryptography make so you don't even need to trust your government or anyone else.
And using ephermal key negociation (like DHE or ECDHE) means that there are no key to be handed over in case someone would like to obtain key through coertion.

Then you don't need to count on government realizing anything about privacy. They can still think whatever they want, they might think that mass surveillance is the golden bullet against the "Evil Pedo-Terrorist-Pirates of Communism", your privacy won't be invaded.

just stupid, and for whatever reason.

Why? who the fuck wants to terrorize Australia? This global war on terror is complete bullshit and it's about taking the last remaining rights the regular joe has. It never ends, those with money and power will always want control(slavery) to feed their ego's or fetishes. When a government fails to be for and by the people it's no longer legit it's a criminal organization, or mafia. Monarchy systems, dictatorships, feudal systems are all criminal organizations and these ideological systems seems to slowly leak into our current governments.

Re:just stupid, and for whatever reason.

[flyingfsck]

It is to keep those wild billabong camping Aussies from terrorizing everybody else I suppose.

Ephemeral encryption to the rescue

[DrYak]

but the fact that the court can order you to disclose your password, and put you in jail if claim you don't remember it, kind of makes me think they'll just say "fuck it" and you'll be sitting in prison indefinitely.

Then use modern day crypto like OTR.

OTR use ephemeral keys (in this case it's DHE), so there's no permanent key to begin with that could be disclosed (also no retro-active decryption possible. There doesn't exist any piece of information following whose disclosure, law enforcement could suddenly retro-actively decrypt all the intercepted communication that they have logged during the past years).
OTR use a key-less authentication system (Socialist millionaire), so there's not even an authetication key, and also no retro-active possible authentication proof (They can't prove that the intercepted communication from the past years is yours. It could be forged, and that's provable by design).

So the court can't order you to disclose a password.
It's not a matter of "Oh my gosh I happen to have forgotten the password that you want".
It's a matter of "There doesn't exist any password. That provable by the design of the thing itself".

DHE and ECDHE (at least, as long as you use a secure curve for the latter) don't have passwords and by design can't retro-actively be decrypted.

Re:Ephemeral encryption to the rescue

[Immerman]

Exactly, because using software that makes it impossible for you to comply with the law means you get a "Get Out of Jail Free" card, right? Just wait until the bankers get ahold of this idea!

Re:Ephemeral encryption to the rescue

[gnasher719]

Exactly, because using software that makes it impossible for you to comply with the law means you get a "Get Out of Jail Free" card, right? Just wait until the bankers get ahold of this idea!

But you comply with the law. The law can require a service provider (like Lavabit) to give all the information that they have, even if it means being in breach of contract with their customer apparently. If you can't decrypt the information, then you complied with the law. If you can decrypt information, then you must decrypt it to comply with the law.

It's like two shops, one with a video camera running and one without. The shop with the video camera must hand recordings over to the police if there was a crime in front of the camera. The shop without the video camera doesn't need to do anything, and doesn't have to install a camera just in case someone gets stabbed in front of the shop.

Crypotgraphy

[DrYak]

Why not develop and use technology that protects political engagement and democratic paricipation?

You mean, like modern-day cryptography ?

Specially things like OTR ?
That have perfect foward secrecy, thanks to DHE ? (i.e.: there's no key that could be disclosed to enable decryption of past intercepted communication) ?
That use authentication through Socialist Millionaire (which is keyless, meaning that there's no way to proof that past intercepted communication is authentic) ?
Which simply functions as an overlay, meaning that you can use it as up today above any chat system that you currently already have (Google Talk for example, huh no sorry "Google+ Hangouts" is the name now) so you don't need to sign-up a new chat and ask all your contacts to move to a new service?
Which already available out-of-the-box in a big number of software (like jitsi, adium) or as a plugin in others (like pidgin) ?

And there are numerous other technologies for also protecting e-mail (GPG is an often mentioned example), for protecting voice/video communication (the above mentioned jitsi implements them too), etc.

The tools are there. Some have very easy forms. You just need to get the users used to them.

Google+ Hangouts and OTR

[DrYak]

Extra note:

One of the things that don't work with Facebook and the new Google Hangout's, namely lack of history, doesn't make that much sens with OTR anyway.
OTR use ephermeral encryption. There's no permanent key.
If you access old encrypted history (what would be contained in GMail and visible in the full blown Hangout+ app, for example) there's no way to decypher it, the information doesn't exist anymore.
(That's the whole point of Diffie-Hellman used in OTR and the whole Perfect Forward Secrecy: there doesn't exist any piece of information that make it possible to decipher past stored encrypted information).

So you aren't losing much from that point of view.
Now the other things (lack of sever-2-server protocol support, meaning that Google+ Hangouts and Facebook chat are basically isolated islands) is still a sad problem.

Can we reject this crap preemptively?

[Immerman]

It'd be really nice if we could respond to these various laws that keep getting proposed and shot down by passing a preemptive rejection of all future laws in the same vein, requiring say a supermajority vote to pass any legislation containing rejected provisions. It wouldn't be a perfect solution, but it would mostly shut down the "maybe we can buy enough votes *this* year" folks, as well as the "let's sneak a surveillance provision in as a rider on this agricultural bill" shenanigans.

Re:Can we reject this crap preemptively?

[MrNaz]

What you describe is a "law above laws", that serves as a guide to legislative actions and that reflects the underlying values of the society that we don't want legislated away by the whims of the parliament of the day.

This is the role of the constitution. And yes, the modern world does need a right to private communications or something similar to be included, because the current protections included in it just don't cover the manners in which modern abuses of power can manifest.

Provable

[DrYak]

that will only give the court a reason to add a "destruction of evidence" charge on top of "refusing to reveal keys".

It is clearly provable that the required key DO NOT EXIST in PFS (like DHE or ECDHE).

What you mention would be recieving a court order requiring you to bring a *pink unicorn* in court, and get subsequently jailed for "destruction of evidence" when you claim that no pink unicorn exist.
Just like no pink unicorn doesn't exist, it's simply provable by math and crypto science that no key exist that you could reveal (that the whole point of this class of algorithms).

It's not that the law is unjust, it's that it can be scientifically proved that the law is impossible to follow.
Jailing for "destuction of evidence" make exactly as much sense as jailing for "failing to bring the required pink unicorn".
NO PINK UNICORN EXIST, NEITHER DO EXIST ANY PERMANENT DISCLOSABLE KEY IN P.F.S (as proved by math and crypto science)

Any defense attorney worth its salary should be able to defend this in court.

But, as I've said above and as the previous poster said:

it works right up to the moment when it is a crime if you use non-government approved encryption methods.

The Australian government could make a future law making mandatory to use special forms of crypto, that DO use keys (say bye-bye to DHE/ECDHE or at least ECDHE with a secure elliptic curve) and that require the key to be deposited in a government-accessible escrow (like requiring the password to be transmitted crypted with a government-own public key, or requiring ECDHE with government-compromised curve).

The australian government just needs to make perfect forward secrecy illegal.
And then, they can jail you on the ground that you've been using a crypto that doesn't involve key and that can't be court-ordered into revealing. End of problem for them. Start of immigration to a better country for you.

Re:Provable

[fustakrakich]

Start of immigration to a better country for you.

Better than Australia? I don't know...

Re:Provable

[whoever57]

Just like no pink unicorn doesn't exist, it's simply provable by math and crypto science that no key exist that you could reveal (that the whole point of this class of algorithms).

Unfortunately many judges and jury members have the same level of belief in pink unicorns as they have in complex math. They will simply discard the testimony of a math expert.

Re:Provable

[DMUTPeregrine]

PFS does have a key. It's ephemeral, and is ordinarily deleted after use, but the government can certainly require people to store all ephemeral keys.

And the rest

[DrYak]

I long to see they efforts with PGP/GPG

and with OTR, and with ZRTP, etc.

Crypto vs. all.

[DrYak]

I quite agree, the technology changed, and we need to both change with it, and take advantage of it to create stronger guarantees.

And my point of view is that by using decent, suddenly we don't rely on anything else.

I actually think we need a defence in depth. Guarantees offered by an arms-length postal service, technical means of testing the protections, legal protection from the law where the guarantees are breached, and enforcement of the law by independent, arms-lengths police under the oversight of a string court system. Add to that a technology that makes it impractical for a middleman to leak one's information, and protection against a security service demanding your keys without laying a 20-page "information to obtain" before a non-trusting judge.

And all this is unneeded in case of good crypto.
All this would require long pollitical adventure until its finally accepted in law and enacted.
Meanwhile crypto works as of tofay in the current environment.

To take again a metaphor: imagine that you want to protect your car against act of vandalism from the government.
You could either push for the acceptance for a legislation forbiden the government to behave as vandals, and that exception to this need thorough justification filed with a judge (asking for guarnatee in law).
Or you could just lock your car into your garage (just use crypto). That's something you can already do today, and that's already efficient even if there's a law that makes it mandatory for the government to trash any car that they happen to encounter on the public road (= the current state of mass surveillance).

We're not just protecting ourselves against the watchmen: we're also protecting against plain ordinary villains, ones who will snatch your letter out of your hand and go belting off down the street with the "Bow Street Runners" in hot pursuit!

That's why I'm not so much in favor of legal guarantee.
Although government could be forced to comply by law (i.e.: guarantee not to do mass surveillance), criminal won't abide the law and they would still try to violate your privacy even if it's illegal.
Meanwhile, by using technical means, not only government is prevented (even if current law would have allowed them to. it's just not technically possible for them) but criminals to (no matter if do or don't follow law forbiding them. It's just plain not technically possible).

At the same time, we don't want to depend on a single point of failure.

...well, we could add an extra legal layer, as long as the technical (cryptographic) layer is here.

our email system is at least as horrible as post-cards, and perhaps even worse

At least post-cards aren't as trivial to duplicate as digital data like e-mails. And at least handwritting gives some minor form of identification and tamper-proofing.
(And the writing of some MDs like me should straigh go into the "undecipherable crypto" category :-D )

Re:Crypto vs. all.

[davecb]

I think we'll disagree on the sufficiency of crypto, but we definitely agree on the necessity!

Would you say they're ordered? I so I'd want crypto first and laws second, if only because crypto takes less time to write (:-))

Reuse as much as possible

[DrYak]

Two words: network effect. {...} I installed an XMPP daemon on a home server and made it as easy as I could to get everyone going.

Baby steps. Having them use an existing facility like XMPP interface to GoogleTalk/Google+Hangouts, or the XMPP interface into Facebook would have been a smaller jump, or the SIP provider to their home telephony (if they use a combined "Internet + IPTV + VoIP" package).
(Though some would have complained that facebook sticker don't work currently over XMPP)

Then start handling separately the cryptographic issue.
(Once everyone is used to have Adium on their Mac to chat with Google Talk and Facebook contacts, its easier to "just turn on" crypto).

"If this is so secure, what's this certificate warning about?"

Oh, common. Do some effort on your side. It's not that difficult to use a free CA like CACert.org.
It's even a recognized certificate in some browsers.

"Why do I have to do this?"
"What's wrong with Skype?"
"Oh, you're so paranoid!"

Big thanks to Snowden for making this a tiny bit more obvious to the avrage sheeple.

Until it "just works", nothing is going to change.

In their defense, Jitsi (the only client with OTR and ZRTP, as far as I know) is pretty buggy.

Yup, we need more efforts to have a wider choice of crypto-enabled clients.
Adium and Pidgin are nice alternative (but only support OTR, and only support Skype through some extra 3rd party plugin).
Tor is working into adding Instant Bird (XUL powered) with OTR to their bundle.

Switzerland

[DrYak]

And unlike you, we DO have snow here around.

Camera vs. Password

[DrYak]

It's like two shops, one with a video camera running and one without. The shop with the video camera must hand recordings over to the police if there was a crime in front of the camera. The shop without the video camera doesn't need to do anything, and doesn't have to install a camera just in case someone gets stabbed in front of the shop.

Yup, nice image. The second doesn't have any record to disclose if ordered by the court. There just don't exist any recording that they could hand over. There security relies on some completely different scheme (say, a heavily armed bouncer/guard) which doesn't involve any camera nor any recording.

OTR relies on a completely different form of encryption (perfect forward secrecy, powered by ephemeral diffie-hellman) that doesn't involve permanently stored passwords.

Re:Camera vs. Password

[DMUTPeregrine]

But the law can still require you to permanently store any ephemeral keys. PFS only works if the ephemeral keys are ephemeral.

Does not exist

[DrYak]

Using software that explicitly makes it impossible for you to comply with the law is not defense against the law.

It's not that the software doesn't comply with the law. It's just that the things that your are asked to provide in the first place simply DOESN'T EXIST (provably, per math and crypto science).

Like said by gnasher719 somewhere else among the comments on this /. entry :

It's like two shops, one with a video camera running and one without. The shop with the video camera must hand recordings over to the police if there was a crime in front of the camera. The shop without the video camera doesn't need to do anything, and doesn't have to install a camera just in case someone gets stabbed in front of the shop.

The second doesn't have any record to disclose if ordered by the court. There just don't exist any recording that they could hand over. There security relies on some completely different scheme (say, a heavily armed bouncer/guard) which doesn't involve any camera nor any recording that could be handed over.

OTR relies on a completely different form of encryption (perfect forward secrecy, powered by ephemeral diffie-hellman) that doesn't involve permanently stored passwords. So there's nothing that you could hand over, even if asked by court.

It can potentially be defense against revealing your secrets in the face of "rubber-hose" decryption attempts, but unless your secrets are *really* important you're unlikely to appreciate being unable to reveal them under duress.

The goons who are going to beat you, to obtain a password, even if no password exists, are probably going the same goons who are beating you into revealing a password to get access to your huge stash of monney, even if you're actually broke. You know, just beat you in case there's a slight chance to get some money. Don't listen that you don't have a password, or that you don't have money. Maybe they should beat you a bit more. You know, in case you're bluffin and you actually have a password, or actually have money (hidden by another password that you haven't caugh up yet). Or maybe you gave them money, and they'll beat a bit more just to see if you don't have more of it. Who knows what they are going to get if they keep beating you? More money? Or plain more fun while beating you ?
There's no point of anything. Brutal goons who have decided to beat are going to beat your poor soul out, no matter what. Either you have a password or not. Either you already gave a couple of passwords or not. Either you have money or not. Either you already gave some money or not. They'll make you miserable even a bit more just in case.

Cryptography is only a defence against lawful individual. Who follow law and have to follow due process. They can't require you to provide something that provably doesn't exist. And modern day cryptography helps you bring irrefutable proof that the password doesn't exist.
(gnasher719's camera doesn't exist, so you provably don't have any records to bring to court).

Re:Does not exist

[Bob+the+Super+Hamste]

My only qualm is getting computer illiterate judges to realize that there isn't a key and thus not throw you in jail until you cough up something that doesn't exist. I would imagine that there would be similar issues with a jury as well.

Re:Does not exist

The fact you used a system which impedes acquisition of your data would be used against you. Why did you do something that makes what the court wants impossble?

Re:Does not exist

[rtb61]

The requirement to provide the encryption key would face a major legal hurdle in the high court as it extends the search and seizure well beyond the person or persons being investigated to every person whose data could be decrypted by that key and thus compromised, well and truly beyond the scope of the investigation. It would be similar to getting a search warrant to search all the mail at a particular post office to in order to access one person email, or getting a search warrant to search every house on a city block when just one person and their property is under investigation, so overreach.

Issuing a search warrant or wire tapping warrant should not be cause to make said search, easy, simple, cheap and convenient, it should just make it legally possible. The difficulties, time effort and expense in exercising is not the provision of the law and logically it should remain difficult, require considerable effort and be expensive to ensure it is not abused and only done when necessary. The easier it is to do, the far more likely it will be abused, the more effort that is required the more carefully and accurately it will be done and the less likely the evidence will be purely circumstantial and readily faked.

Privacy and data retention

[paleoflatus]

I'm an Australian and I'd be really pissed off if the government opened, read, copied and kept a record of all my mail as it passed through the post office. I'd be just as pissed off if the elite political class did the same to my phone and internet communications. Of course, we can fight back with encryption, steganography etc., but life's tedious enough already.

Noooo!!

[Marquis231]

Noooooo!!! Malcolm Turnbull is a bloody inept cunt!! Muh torrents! ~ Perth