Australian ISPs Not Ready For Mandatory Data Retention

ferrisoxide.com writes: October 13 marks the day Australian ISPs are required by law to track all web site visits and emails of their users, but according to an article on the Australian Broadcasting Corporation's news site the majority of ISPs are not ready to begin mandatory data retention. The article's author, Will Ockenden, had previously released his own metadata to readers in an experiment to see how effectively this kind of data reveals personal habits of online users. The majority of Australians appear unconcerned with this level of scrutiny of their lives, given the minimal reaction to this and proposed tougher legislation designed to deal with the threats of crime and terrorism.

october 14th..

marks the day australian internet users start using vpn for everything, and not just netflix and hulu.

Lol

[Njorthbiatr]

This sounds like it will be fun to exploit.

"What do you mean the servers are already full?!"

Re:Lol

totally agree. I have a 1TB/month quota with Telstra. I think I might just download 800GB of /dev/urandom each month.

Re:Lol

No, you need to make 800GB of random web page requests. I suggest google searches for
a list of 'interesting' keywords...

Re:Lol

[Somebody+Is+Using+My]

While it isn't quite at the "800GB of random web page requests", there is a Firefox Add-On that can help with that sort of thing: TrackMeNot. At a user-configurable interval, it sends out semi-random search queries to a number of number of search engines (it pulls the search terms from a variety of RSS feeds of trending topics). It's aimed more at "poisoning the well" of search-engines databases than intelligence-agencies, but it helps ;-)

Re:Lol

[Macgrrl]

We have an unlimited account with out ISP. While it would be fun to mess with this, it's not the fault of the ISPs that this happened. I don't know that punishing them is the best strategy.

Tracking only the stupid people

So who isn't going to VPN out of the country and hosting their emails outside AU after this?

So they will pay millions (through ISP sub fees) to track all the useless noise while maybe catching some really really stupid people?

Re:Tracking only the stupid people

[sd4f]

This isn't even for monitoring. It's so that they have data to sift through after the fact, in other words, if you come to the attention of the police. Maybe at a later date they'll start to automate thingsand go through the metadata as it comes in, but at this stage, it's just requiring ISP's to store it for an extended period of time.

Bottom line is, there's bipartisan support in parliament, so the public literally have no say on the issue.

Re: Tracking only the stupid people

[felixrising]

Petty much sums it up. The only people winning here are the guys selling packet inspection and storage. The other day a BT sales guy was tell me that the Australian government is one of their globally largest customers for packet inspection and mitm SSL packet inspection tools.

Re: Tracking only the stupid people

[AHuxley]

Re 'packet inspection and mitm SSL packet inspection tools"
Yes any connection, search term, site visited is been tracked. The hard part is then to come up with a court friendly story about how that user was discovered.
This logging and searching just gives open court cover for long term parallel construction methods.

Re: Tracking only the stupid people

[felixrising]

Indeed, since metadata collection was first tabled I've firmly believed (educated guess) that this was the government just trying to legalise (or legitimise) what their already doing.

Re:Tracking only the stupid people

BAE Systems Detica, one of the biggest vendors/contractors, paid/pays the ACT Liberal Party $217,800 a year in rent.

Do you think they're getting just the office space for that price?

Re: Tracking only the stupid people

The fuck we do. It goes like this. Australia is Britain's test bed for removing individual rights. When they get their little computers chugging along with all their little whores at the wheel, they'll then try to implement this utter nonsense on everyone everywhere.
It goes like this, fuck you, do I owe you money, go fuck yourself, I dare you, click.

Re: Tracking only the stupid people

Fortunately the ACT Liberal party isn't involved in this. They're too busy complaining about light rail, and hoping no one notices they don't have an alternative.

Re:Tracking only the stupid people

[mjwx]

Bottom line is, there's bipartisan support in parliament, so the public literally have no say on the issue.

That isn't true.

We dont operate on a strict two party system like the US does. All we need to do is get enough votes for the minor parties that oppose it (Primarily the Greens) in order for the major parties to be dependent on them. Things like this will be thrown to the wayside in order to secure minor party support on major policies. Also, don't vote Lib, the Labor party's backbench at least have a history of rebelling against things like this which is why Conroy's filter never came to fruition.

However what will happen and is happening here is resistance from ISPs. This data retention thing is going to cost them a lot of money and they'll be damned if its coming out of their bottom line and if they're going to pass it on to customers (things in Oz are expensive enough as they are so it's a lose/lose scenario for ISPs). So what will happen is:
Government: Erm... You're not ready for our spying program.
ISPs: Well you see it's going to cost money.
Government: So what?
ISPs: So here's the invoice for several million dollars per year... each.
Government: We're not paying that. We've made it a law.
ISPs: If we're going to spend money, it'll be on advertisements against your political party.
Government: And...
ISPs: And remember when the Mining industry did this to the other party.
Government: ...
ISPs: Election is in less than 18 months Mal.

I dont trust ISP's like TPG, Optarse, Hellstra and so on to do the right thing by their customers... But I can count on them to do the right thing for their bottom line.

Re:Tracking only the stupid people

[sd4f]

I know what I said is a simplification, but it's true in the context of the real world, and not the idealised parliamentary procedure. Take voting for the greens, they're a fringe party that struggles beyond 10%, they're popularity is also amongst the wealthiest inner city class, whilst deeply unpopular among the poorest classes in Australia. Now, we don't operate strictly in a two party system, but in practice we do. Technically speaking, when our parliaments were first formed, there wasn't a concept of a political party. It was meant to be that each member operated on their own. This was unworkable, as no one could agree to anything, starting parties alleviated this and really did allow political progress. Technically speaking, the constitution still doesn't recognise or allow for political parties. It probably explains why we're having such political turmoil with so many state and federal leaders shuffled along, because there's too many competing interests going on, and no actual vision from our leaders, rather focus group driven policy.

I am extremely dissatisfied with the erosion of personal liberties in Australia. I definitely won't be voting for Labor, Coalition, nor the greens, because they all have the same authoritarian streak in them. The problem is, most people do vote within the two party system, so that's why with preferential voting system, at some point you do have to choose where your vote goes, and pick the lesser of multiple evils. The only choice I have is to either vote informal, or decide where my election funds go with my vote (your upper and lower house votes are worth >$5 in election funds so always pick your most preferred candidate first).

What could be collected?

[AHuxley]

What is in the "significant amount of new data" aspect?
A user had an ip of ... at 6 am until 9am.
Collection covers the given ip connected with a url, domain name, any terms or words that are not encrypted?
The subscriber id, source of a communication, destination of a communication, date, time and duration of a communication, type or relevant service used, equipment used.
Thats a lot of computer searchable data for two years and human readable words been kept :)
Only the contents or substance of a communication gets filtered from the logging :)

Re:What could be collected?

In a country very near me they were thinking of logging all the data. Like running tcpdump on the interface. Somehow this was technically ... difficult ...

Re:What could be collected?

[dwywit]

Don't bet on it. The fuckers, particularly telstra/bigpond aren't ready, or are still fighting it.

I logged a fault (bursts of line sync loss - it was going up and down like a yo-yo) yesterday, only to be told by the first-level droid that I wasn't experiencing dropouts - then he proceeded to the wi-fi troubleshooting script.

To cut a long story short, 2nd level support and the "broadband test team" have both told me that their systems "aren't capable of detecting or logging dropouts". Just let that sink in for a minute.

I don't believe it for a second - they're lying. They want to be able to say that they're unable to log this metadata.

Really bad idea

[fragMasterFlash]

While I'm certain the politicos who came up with this idea had nothing but the best intentions in mind they have in fact mandated sites keep a trove of data that will prove irresistible to blackhats. How many people will be blackmailed or have their lives turned upside down ala Ashley Madison over retained data that falls into nefarious hands before this ill conceived plan meets its Waterloo?

Re:Really bad idea

[AHuxley]

Re "who came up with this idea had nothing but the best intentions in mind they have in fact mandated sites keep a trove of data that will prove irresistible"
Be great for seeing whistleblowers reaching out to journalists :)
Over the years will the views on the destination of a communication change? The look back for every user who connected to a site or device?
Rather than just removing a book chapter at an authors house, why not see who connected to the author too ... and the next connection hops.

Re:Really bad idea

[HJED]

Yep, Telstra is notorious for losing customer data. I give it 12months from when they actually get it working until someone publishes the whole thing, the biggest technical difficulty would be finding somewhere to host the dump.
That being said the law does require the data to be 'encrypted', which seems kinda stupid if they have thousands of systems writing to this database (which I assume they will if they are logging this amount of data). Just shows how the people who wrote the legislation had no understanding of what they where legislating.

Re:Really bad idea

[MrKaos]

That being said the law does require the data to be 'encrypted',

Not quite. Section 187BA.a specifies that the data is to be encrypted, then in the compliance section later 187F.2.a it lets the provider off the hook with the whole encryption mechanism if it can't get the system to operate with it.

Encryption is optional in the context of this act and was one of the things I suggested amending to be mandatory with the private key being held by the TIO. I did a detailed analysis of the legislation before it passed and whilst I won't include the letters I wrote to the senate, these are the sections of part one I thought needed to be amended to protect the population from fraud and slashdotters will probably get this immediately:

Criticisms of specific sections in Part one:

187AA.3A,3B remove because it introduces the possibility that any e-commerce business that is not a telecommunications provider can be forced to retain data and bare the cost of limiting their business throughput and capacity for expansion. For business this represents a rising linear cost that increases with additional customers.

187B.2 Needs definition of who a CAC (Communications Access Controller) role answers to, which department, and limits to retention demands

187B.2A change 'may' to 'must'

187B.3.c Remove. Additional requirements from the CAC impose incremental infrastructure and capacity restraints on business coupled with forcing them into I.P cost and approval cycles every time infrastructure upgrades are required as a result of demands from the CAC. The business is forced to write for approval for mandatory upgrades to meet retention requirements demanded by the CAC.

187BA.a Specify an minimum standard for encryption of data. Governmental should mandate minimum encryption standards revised regularly to protect consumers from fraud, organised crime, identity theft, harassment and so on. The same standard should control access to the data from all parties.

187BA.c add allow encrypted access to the data by the entity or person that generated it.

187E.2.b,c service providers must never be exempt from section 187BA when storing entity or personally generated data 187F.2.a add ensure adherence to encryption standards in 187BA; and

187F.2.b add: whilst still complying with 187BA

187F.2.f remove for the same reason as 187B.3.c

187G.1 Law enforcement uses a secured access standard under 187BA.a to access the data

187G.2.d change 'may' to 'must'

187G 4,5 Define a criteria for the ACMA's collection requirements

187K.1.d add: not approve an exemption from 187BA

187KA.4 define the ACMA's relation to policing here

187KA.4.f add: input from the PC and T.O

187KA.5 remove: ACMA considerations have nothing to do with policing for terrorists

187LA Should provide protection from abuse from government employees

187M add: Section 187BA(a)(b),

To clue you all in Section 187AA is the meat of the 80 page bill that defines what is captured. Section 187BA(a)(b) define, weakly, how the population will be protected from fraud. Whilst the single word change of 187B.2A is the critical change required to protect people from harassment. 187G.2.d give ISPs an out for complying with 187BA which further weakens the public's protection - as previously mentioned.

Also, if you are an ISP and the CAC says 'hey - collect this as well' the ISP must create a new project plan, submit it for approval, for which can take an unknown time, then once approved the ISP has a limited time to comply or be fined. The insanity of the compliance process for ISPs is truly breathtaking.

I feel sorry for my country and it's people. I work in IT, I understand how people will be defrauded because I've seen it and now I think it is inevitable that these cases will be more common. Our constitution says Australians are guaranteed 'responsible government' however I see this bill as a very

Re:Really bad idea

Hopefully a trove to politician peccadilloes is accessed and used well by the blackmailers - unless they are already acting under external influences.
The act/law is deliberately vague, so the full release of recorded emails/calls is a win/win for the goldhats / blackmailers who direct policy. With TPP declaring 'not on national soil' the seeds for full unfettered recovery are going to exceed the Snowden relations. Forget national security - the outcome will be based on the lowest bidder because there is ZERO mandatory damages for leaks. Amazingly the ISP's are telling their subscribers the cost of this 'to be added to the bill plus taxes' activity. And that is because the I in Independent now stands for Idiot service providers.
Don't worry, after TPP., cozy protections will revert to a race to the bottom, while smarter people seek a VPN provider who is NOT a compromised front

Re:Really bad idea

... notorious for losing customer data.

But Telstra provides the smallest storage space of all anonymous email services. Aside: I tried to get a new gmail account and it asked for a phone number. That's the end of anonymous email.

... they actually get it working ...

Maybe this is why they're increasing my mobile phone bill by $10/month. That is, the cost of keeping data and meta-data plus unlimited calls. But I work from home so I don't need the cost of unlimited calls on 2 phones.

Re:Really bad idea

Err... Unless I am mistaken, the I in ISP is short for Internet. ISP == Internet Service Provider.

Unconcerned with this level of scrutiny?

[DrNico]

I don't know that we Australians were "unconcerned with this level of scrutiny of their lives" so much as constantly distracted by horror at the continual appalling actions, stuff ups and general inability to govern of the Abbott government. Given a few moments to think about things other than government officials chartering helicopters to go to party functions, rape and other abuses of asylum speakers in our care, blackmailing of the academic community to support legislation, an incompetent Minister for Defence amongst many others ministers, bashing of the Muslim community, awarding Prince Philip a knighthood, abuse of the Royal Commission system to go after political adversaries, attacks on the state broadcaster for not towing the line, and on and on every week for 2 years, then perhaps we'd have had time to kick up a fuss about data retention. Now that Abbott has been kicked out by his own party we'll have a chance to have a proper think about data retention and what it means, though it's probably too late.

Re:Unconcerned with this level of scrutiny?

[sd4f]

You're so obviously biased. Now that Abbott is gone, do you realise that the mastermind behind this policy is in charge! After all Turnbull was communications minister up until a month ago, this is his policy!

I've mentioned in a previous post though, the issue got bipartisan support, so the public have no say on this. Then the anti-Abbott campaign run by the ABC and fairfax really just shows how the news cycle was dominated by ideologues out for revenge. Meanwhile, important news, I end up reading about on websites generally for a US audience (this isn't the first time, it seems to be a recurring trend actually). Go figure, our media sucks, its just trying to brainwash, as it's definitely not trying to inform.

Re: Unconcerned with this level of scrutiny?

I read that nearly 10% of ten listen to Glenn Beck. That proves they need to have a nuclear bomb shoved down their throats. That proved they are hateful and intolerant, and if we tolerate that then we are intolerant.

Re: Unconcerned with this level of scrutiny?

These policies were created to affect the poor and minotities more because they can't afford to use a VPN like those rich white people.

Re: Unconcerned with this level of scrutiny?

They have so much land and so few people. If the world was fair they would be forced to share it with the Chinese. This spy shit was passed in order to find the people that fight for this fair concept. It isn't fair they have so much land.

Re: Unconcerned with this level of scrutiny?

> if we tolerate that then we are intolerant.

Liberalism is a mental disorder.

Re: Unconcerned with this level of scrutiny?

We have so little, and they have so much. They should share. Of course since they're Xenophobic racists, they have a strong military to prevent that.

Re:Unconcerned with this level of scrutiny?

[stoborrobots]

Lol, Turnbull was the communications minister who said that data retention was pointless!

http://www.theguardian.com/aus...

https://newmatilda.com/2015/10...

https://newmatilda.com/2015/10...

http://www.smh.com.au/federal-...

But then again, he has done nothing to roll anything back now that he's in charge...

Re: Unconcerned with this level of scrutiny?

Then I am disordered.

But seriously, do you repukians ever write your own posts? You people just copy your Rump Lumpballs newsletter as if you think you're saying something.

Re: Unconcerned with this level of scrutiny?

if we tolerate that then we are intolerant.

So in your world, to be tolerant you must intentionally be not tolerant? Wat

Re: Unconcerned with this level of scrutiny?

And the moderators here again prove that they are conservatives. Their kind knows they're so stupid that they don't even try to defend themselves. They just hide behind mod points.

Re: Unconcerned with this level of scrutiny?

Exactly. That is why the CONservatives always do these sort of things. Like with their global warming, they're willing to hurt themselves if it means hurting the poor and minorities more.

Re: Unconcerned with this level of scrutiny?

No. It appears that making money required a mental disorder. Poor people are always nicer and more honest. It is the rich that have decided to destroy out lives with this data retention.

Re: Unconcerned with this level of scrutiny?

Why do you lie about "towing the line." That is something racists say. They are generally bad people that don't toe the line. Instead, they do what they want.

Re: Unconcerned with this level of scrutiny?

Generally bad? No, they are all bad. Obviously this Nico guy is a troll. We all know no one is stupid enough to say "tow" the line. He is a fucking troll. These trolls have destroyed this site. I wish his kind would die.

Re:Unconcerned with this level of scrutiny?

As you say, it's not that we are 'unconcerned with this level of scrutiny of their lives'. More that this is just another in a litany of Government attempts to monitor, block and otherwise screw with the internet in this country. The wishes of the people who have complained have been ignored or sidestepped every time a protest has been made. Given that this won't stop crimes or terrorist attacks, but just help the various agencies do the searching afterward, I'm more inclined to think that this project has been set up to help us comply with the requirements to better track naughty downloaders that will be hoisted onto us by the TPP.

Re: Unconcerned with this level of scrutiny?

Rump Lumpballs

Liberals are so mature.

Re: Unconcerned with this level of scrutiny?

He is not toeing the line for the spelling Nazis.

Re: Unconcerned with this level of scrutiny?

Where is he going to tow that line to? The white teach dump?

Re:Unconcerned with this level of scrutiny?

[dbIII]

do you realise that the mastermind behind this policy is in charge! After all Turnbull was communications minister up until a month ago

He was the minister of "just shut up and destroy the NBN so we can pretend that every policy before us was shit". "You can have my good mate Ziggy to help you empty the bank with no result".

He had very little leeway to do anything unlike ministers in previous governments - which is why so little has been done at all by the government in a couple of years.

Re:Unconcerned with this level of scrutiny?

Sad time to be an Australian with Human Rights going out the window and the Economy in free fall.

Re:Unconcerned with this level of scrutiny?

... so much as constantly distracted by horror at the continual appalling actions

I notice the media has plenty of time to tell us what to think about the execution of Australians in Indonesia, or the rights of the pro-gun advocates. But most Australians think the outcome was approximately fair in Indonesia and if Indonesia doesn't care about rehabilitation, that is, rightly or wrongly, the criminal's problem. The anti-gun lobby has changed their rhetoric from "No guns means no crimes" (because that shit ain't gonna work anymore), to "No guns means no school massacres".

... we'd have had time to kick up a fuss ...

It's the job of the opposition party to oppose laws that don't assist all Australians. The opposition party has backed every war on terror/drugs/pedophiles/pirates law passed in the last 2 years. The most they achieved was making minor changes to one law. A small part of this is the opposition leader is more of an administrator than a leader. A large part is the opposition leader likes the conservative party passing laws impinging on Australian freedoms: It means he doesn't have to fight his own socialist politicians to pass the laws.

Re:Unconcerned with this level of scrutiny?

"You're so obviously biased. Now that Abbott is gone, do you realise that the mastermind behind this policy is in charge! After all Turnbull was communications minister up until a month ago, this is his policy!"

False. Turnbull was forced to implement the policy as a member of the Abbott government. Turnbull watered down the policy and added safeguards, while also giving public interviews describing what tools can be used to get around the system. Hardly the mastermind behind the policy.

Re:Unconcerned with this level of scrutiny?

[bug1]

the issue got bipartisan support

Not because the center-left party agreed with the policy (or even understood it), they supported it because they have a policy of supporting all right wing security policies.

They opposed a lot of other stuff and had to agree with the government on something so they were not labelled as obstructionist. A tactic that was used successfully against them when they where in government.

Agreeing with the right wing government blindly on all security was also seen as a good strategy for the left as they had earnt a reputation of being more tolerant than the right wing party, and that really wasnt popular with right wing voters, whom the center-left wing party want to win over so they could compete against the far-left minor party.

See, its really not their fault, they had no choice !

Re:Unconcerned with this level of scrutiny?

[MrKaos]

we'll have a chance to have a proper think about data retention and what it means, though it's probably too late.

No, it isn't too late and if you are really sincere about doing something just copy the amendments the bill requires into a letter to your local MP. Feel free to copy my work - this is a problem that needs to be fixed and I am happy for anyone to use it.

Re:Unconcerned with this level of scrutiny?

[thegarbz]

Re-read the comment. Abbott was the mastermind of incompetence and distraction. Now that he's gone people may have time to care about things such as data retention. Though in reality Abbott was just a face on which to lay blame. The problems in the government run deep on all sides of the political spectrum and it isn't solved by removing the figure head.

Re: Unconcerned with this level of scrutiny?

[Coren22]

I am sure the Australians would be more than happy to let the Chinese live in the desert. They are on their own for food, water, electricity, and data though.

Re:Unconcerned with this level of scrutiny?

[fredgiblet]

But...I've been told by Australians that their country is a shining beacon of democracy! How can things be bad if that's true?!

Re:Unconcerned with this level of scrutiny?

[fredgiblet]

Man, here in America we label the Republicans obstructionist and they wear the label like a badge of honor.

Re:Unconcerned with this level of scrutiny?

[KGIII]

To be fair, I often go to sites based in other countries and get my news there when it concerns certain topics. Journalism is now, and has always been, biased. There is no true fair and balanced journalism really - there probably never will be. I've taken a look into the history of "yellow journalism" and, yeah, it might actually be better today than it has ever been. At least we can, today, get our news from a wider group of sources which gives those interested some chance of actually finding out the truth.

Re:Unconcerned with this level of scrutiny?

[KGIII]

Maybe if you'd not let them take the firearms away in the first place that sort of question might not seriously be up for debate. I'll never understand why citizens willingly disarm themselves and I'm sure that's due to my cultural bias. However, I've tried to think about it logically and reason my way to understanding. The only conclusion I can make is that those citizens did not use logic and reason their way to understanding. Fear will do that, I suppose.

Me? I'm willing to accept that some violence occurs. I don't want a government that can't be removed by the force of the people when the will is not enough. For those who say that it can't be done because of the military, I'd suggest they try a little more of my favorite breakfast cereal - Reason Bran. An insurgency is pretty effective and many of those enlisted will take up arms with the insurgents (and bring equipment and expertise) if the cause is just. That and, well, the ruling parties aren't going to destroy their infrastructure but will likely seek a quick and speedy remedy that enables them to keep their wealth and a modicum of power.

Reason Bran, now with two scoops of logic and an extra 20% critical thinking.

Re:Unconcerned with this level of scrutiny?

[bug1]

In our case, the leader of the obstructionists (Tony Abbott) won the election, but struggled to move to a more constructive mode when in power and became deeply unpopular. The center left party didnt want to be associated with tactics that failed once in power.

Tony Abbott recently got dumped by his own party and was one of the shortest serving prime ministers in recent times.

Ironically, he was replaced by a moderate within the right wing party, one of the few people who spoke out against data retention, was involved with an ISP some time ago, and has talked up apps the bypass data retention.

It remains to be seen if our new prime minister personal values will be reflected in policy.

Politics is crazy down here.

Re:Unconcerned with this level of scrutiny?

[fredgiblet]

Psh, politics are crazy everywhere. We're looking at possibly having our first actually socialist president here. Also we're likely on the verge of a massive re-alignment as the Republican party is losing voters on some critical wedge issues they've been using for a long time, their party is dying off and unless they figure out a way to attract more young people they're kinda screwed.

Re:Unconcerned with this level of scrutiny?

[mjwx]

You're so obviously biased. Now that Abbott is gone, do you realise that the mastermind behind this policy is in charge! After all Turnbull was communications minister up until a month ago, this is his policy!

This.

As well as the mastermind behind killing the NBN (RIP NBN).

The problem is, replacing Abbott with Turnbull is just putting a new coat of paint on a rotting, termite infested house. We've still got Bernardi, Brandis, Abetz and the rest of the miscreants. The sickness in the LNP is at its core. Putting a new frontman there isn't going to change that.

For the Americans playing along at home, the Prime Minister does not have any real power. They're a figurehead meant to keep the party together (or to cop the blame when things go pair shaped), the PM cannot do anything without the support of parliament. This is why in Australia we don't vote for the Prime Minister, we vote for parties and individual members and also why parties can change leaders in the middle of a term. It is the party who wields the true power in Parliament. The only ones who voted for Malcolm Turnbull are ones who are registered to vote in the electorate of Wentworth.

Re:Unconcerned with this level of scrutiny?

[sd4f]

Trust me they won't get any less distraction now without Abbott, and it's because the media is running the narrative of public discourse, and the media is filled to the brim with ideologues. They're too busy spreading their doctrine on their holy trinity of refugees, gay marriage and climate change.

I just look at their coverage, when they do, of tech things, and on topics that I'm knowledgeable about, the Australian media is invariably hopelessly wrong.

VPN is here

[emmalopez245]

VPN's are cheap. Thank goodness terrorists and criminals don't know they exist. http://bit.do/australian-vpn

Re:VPN is here

Christ, you can't even just keep your linkspamming to one site, can you!

Thankful

[theshowmecanuck]

Thankful I'm not Australian. Worse than America almost. Maybe they're trying to be like Britain.

Re:Thankful

lol nice try, we are trying to be like the trainwreck USA, some areas we may surpass but many of the attempted dismantling of socialism and increasing of inequality failed with this government and one more leader was again bumped off before their first term finished.

Re:Thankful

[MrKaos]

Thankful I'm not Australian. Worse than America almost. Maybe they're trying to be like Britain.

Because there is a stronger bill of rights in UK and the US, the bill is tested in Australia, then cut down, applied in the US, cut down again and applied to the UK. You can see that pattern of legislation around the western world. If it is not in conflict with the constitution they will attempt to pass it.

Estonia has 7 y mandatory data retention for Telec

For some reason, Estonia is heralded as something special and progressive when it comes to IT. It's far form it, when it come to privacy and basic human rights.
Telcos are forced to keep EVERYTHING for 7 years. All your activities in the web are logged and so are all your phone calls and mobile data activities.
If you look close, Estonia is a fucking privacy nightmare.

Reminds me ex EG

Didint know Australia has such huge issues with terrorism that it forces them to spy all their citizens... Sounds more like something East-Germany might have had in place to enforce conforming with official truth.

Disaster waiting to happen

[Gumbercules!!]

The biggest problem is shown in the ABC article in the summary. At this time, ISPs are starting to do it but in a grace period (until April 2017). 84% of ISPs are storing data in plain text, right now, because of the "costs" of encryption. 61% of ISPs have applied to be permanently exempt from encrypting this data. Just looking at this, you already know this shit is going to get stolen. You just know it. Some ISPs will certainly have this data directly accessible from their corporate LANs and some will even have it accessible from the internet. You know it without even needing to be told. Because this shit happens all the time. Many of these ISPs will not have done much to get ready and they'll have shoddily made, inhouse systems that were made as quickly and cheaply as possible. So it's a certainty that this data is going to get stolen. And when that happens, who knows what information will be leaked, that someone really didn't want leaked. It'll make Ashley Madison look trivial.

Re:Disaster waiting to happen

[Sir_Eptishous]

Mod Insightful +++5

Yes, you are absolutely correct, and the fact that the dipshits who conceived of this idea can't see that is astounding.
The stored data will end up on pastebin or somesuch. Its only a matter of time.

Really what all this scrutiny will do is just enhance the ever growing sense of paranoia in the First World, and lead to greater self censorship.

Re:Disaster waiting to happen

This makes a VPN cloud host in another country look pretty much mandatory now for you Ozzies.

What if every ISP said no?

[Coditor]

What would the government do then? Shut down the internet by forcing the ISPs to shut down? Put the owners in prison? Torture? Murder? It seems to be that unless the government is able and willing to supply internet service to the entire population there isn't much they can do to everyone.

Re:What if every ISP said no?

What would the government do then?

What the government/police always do: Make an example of someone, or in this case, some CEO. It's difficult to be united when you're the only one sitting in a jail cell. The government will threaten the replacement CEO with identical punishment and once he starts grovelling, all other CEOs in the country will 'toe the line'.

... there isn't much they can do to everyone.

True, but beating the government depends on the rich suffering for the benefit of the poor. They should of course, because of the "When they came for ... " slippery slope but they won't.

Re:What if every ISP said no?

Its better to fight Government on its on terms and rely on loopholes e.g.
e.g. We do have collect email metadata because we do not have an email service (We have an SMTP transport), or out email service is off-shore.

What a silly thing to do.

I mean, everyone in Australia was already using a VPN so that they'd actually have something to watch on Netflix, so I can't see how this new law would work at all.

Small ISP

[jellomizer]

My real issue is globally the loss of the small ISP. Back in the dialup days even outside major cities, we had access to dozens of ISP's we could pick the big global names just as AOL, Prodigy and Compuserve. But we we had access to a bunch of smaller ISP's who may have offered less services, but also were more affordable. 56.6k dial up for $8.50 a month was a good deal, or $20 for 100 Megabytes with no backout, there was also pricing like $25 for 50 hours. There were a lot of options and we could pick a style that was best for us. The ISP could offer these low prices (at the time) because they needed to cover the cost of a T1 line (about $1,000 a month) and x amount of LAN Lines, usually between 8-24. They could run the ISP with a small business of 1 person. They were not responsible for what their users did, or what they viewed. Nor did they really care to try, as logging all such traffic would fill up expensive Drive storage, which they often would rather keep for email and personal web hosting.

Today ISP also own the infrastructure and have increasing requirements which makes them more expensive and worse customer experience.

Re:Small ISP

[KGIII]

Back home, in my state, DSL is able to be provisioned by any company willing to service the area. I paid a small company to run my lines and put in a CO. That company was purchased by Fairpoint. For a while, well outside of their region, I got my services from GWI. I went back to Fairpoint when they sent me a mailing offering a higher speed. They're not allowed to limit GWI's access but GWI didn't offer the increased speed. Fairpoint has since raised my speeds frequently and always sends me new hardware (that I don't actually use).

In theory, I could use your ISP if they wanted to pay Fairpoint's access fees.

Sad. Just sad.

[AndyKron]

"Australians appear unconcerned with this level of scrutiny of their lives" Sad. Just sad.

Re:Sad. Just sad.

[quenda]

"Australians appear unconcerned with this level of scrutiny of their lives" Sad. Just sad.

If you have ever seen how much people post on Facebook, it is hardly surprising.

Stockholm syndrome

Why are the Aussies so hell bent in turning back into a prison colony? Must be Stockholm syndrome

Helpful hint for Australian ISPs

[WaffleMonster]

Block all non-encrypted traffic and record per-flow stats into a compressed store. It may be a little difficult for customers to find secure alternatives at first... helpful hints in an information packet snail mailed to your customers could go a long way to making the arrangement workable for your users.

In the mean time Australian ISP associations should use every second they have left to make it clear to the world non-encrypted communications will no longer be accepted by Australian ISPs. If the world does not want to be cut off from Australia it should stop using insecure protocols.

Help an ISP and use a VPN

[Bringer128]

The metadata retention scheme requires the storage of:
- Connection open time and duration
- Your location
- Total amount of data sent/received during the connection
- Your IP address
- * Does not require collecting the destination IP address, but it will be more effort to strip this out with lots of tools

So if you're web browsing lots from home or making lots of connections to servers an ISP has to store lots of records. However, they only need one database row for your VPN connection!

Then ISPs could offer discounts to VPN users as they reduce the amount of metadata needing to be collected.

Community

[Badooleoo]

Want communications without data retention? Join a community network like the wireless groups.

https://en.wikipedia.org/wiki/...

Air-Stream in South Australia http://air-stream.org/
WACAN in Western Australia http://www.wacan.asn.au/
Melbourne Wireless in Victoria http://melbourne.wireless.org....
Canberra Wireless http://www.cwn.net.au/

If there isn't one near you start your own and put up an access point for others to see.