Slashdot Mirror
Australian Officials Want Encryption Laws To Fight 'Terrorist Messaging' (arstechnica.com)
An anonymous reader quotes Ars Technica:
Two top Australian government officials said Sunday that they will push for "thwarting the encryption of terrorist messaging" during an upcoming meeting next week of the so-called "Five Eyes" group of English-speaking nations that routinely share intelligence... According to a statement released by Attorney General George Brandis, and Peter Dutton, the country's top immigration official, Australia will press for new laws, pressure private companies, and urge for a new international data sharing agreement amongst the quintet of countries... "Within a short number of years, effectively, 100 per cent of communications are going to use encryption," Brandis told Australian newspaper The Age recently. "This problem is going to degrade if not destroy our capacity to gather and act upon intelligence unless it's addressed"... Many experts say, however, that any method that would allow the government access even during certain situations would weaken overall security for everyone.
America's former American director of national intelligence recently urged Silicon Valley to "apply that same creativity, innovation to figuring out a way that both the interests of privacy as well as security can be guaranteed." Though he also added, "I don't know what the answer is. I'm not an IT geek, but I just don't think we're in a very good place right now."
America's former American director of national intelligence recently urged Silicon Valley to "apply that same creativity, innovation to figuring out a way that both the interests of privacy as well as security can be guaranteed." Though he also added, "I don't know what the answer is. I'm not an IT geek, but I just don't think we're in a very good place right now."
Let them be forced to use weakened encryption, then see how their tune changes when their banks accounts get raided.
They ain't gonna learn on their own, let them pay a heavy price for ignoring what people who know what they're taking about are saying.
"Within a short number of years, effectively, 100 per cent of communications are going to use encryption,"
Gee, I wonder why that is. -_-
Good luck, assholes.
Anons need not reply. Questions end with a question mark.
Officials??
WTF?
We call them politicians. As I believe so do the US, UK, etc.
Peter Dutton is actually the immigration minister, in case anyone here cared about accuracy.
The same crap that UK and France (and several US senators times ago) have been pushing for.
I'm getting so completely tired of this rhetoric that part of me wants for these moronic laws written by people who have no clue on what they are talking about to pass, only to see terrorists using cryptographic technology from other countries, with the only result of this being weakened security for everyone in the country, including politicians who will end up being targeted by hackers, criminals and terrorists for their own stupidity.
It seems some people only learn by digging through their own shit.
that the current World's Leadership are some of the dumbest folks to walk the Earth in our entire history.
The terrorists would do everyone a favor if they aimed their attacks at those whose demise would actually make a difference.
Ramming a crowd at a nightclub is pointless.
Running over a group of idiot World Leaders might actually get them a medal.
To write this here. Because I write it every single time some politician comes up with this bullshit.
There is no such thing as a "backdoor", a "secret key" or any other way to break encryption that only a nation or a group of nations will have. And you don't even have to be a computer geek to understand this. Simply politics explains it fully, no higher brain power necessary, so even politicians should be able to understand this.
1. This is the key to ALL secrets. Because if someone or something is exempt, the terrorists will use that kind of encryption, too. Because someone who plans to kill people and potentially himself doesn't give a fuck about petty laws like this.
2. This also means that all trade secrets of all corporations worldwide have to be vulnerable to this key.
Can you imagine how valuable this key is? Can you see corporations or even nations being interested in acquiring this key, no matter the money or force required?
Or, so even a prime minister can understand it: Everything, every access, you get that way, Iran and North Korea do, too.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Why? For leverage when you beat them with it?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
"We can't be free because we have to be safe."
This is what we get when decisions are made using fear and paranoia...... stupidity.
So, for the Australian MPs, please go and ask the Brits how the IRA was able to function as a terrorist group before the age of the internet and encryption. Please also google "Numbers stations"
Now think real slow here (OK, you are Politicians this part should come naturally to you), if you have a back door, and it gets discovered (which it eventually will by good luck, mismanagement , bad actor, or shear stupidity), how is the end result any different than terrorists getting the Nuclear bomb codes ?
This is such a monumentally stupid idea that any government official who thinks it is a good idea should be take out the back and shot for treason.
Are you going to give the codes to every government ?
Explain to me if not why not. Are you going to tell me that Jewish lives are worth less than Australian lives ?
Now that you have announced that your future encryption is faulty, please explain why every other government and citizen will not use a different more secure encryption. Oh, "we will make a law".... yeah that works so bloody well for murder, rape, assault, theft, etc etc etc... FFS you can't even get drugs off the street or kiddie porn off the internet or stop priests from sodomising choir boys.
Or perhaps Australian politicians are so bloody racist that they believe only white people can do this stuff ?
So, all you are going to achieve is to put every citizens information at risk for no effing benefit.
And THAT is why you should be taken out and shot for treason, you have put at risk all of your citizens for zero benefit.
Malcolm Turnbull confirms he uses Wickr, WhatsApp instead of unsecure SMS technology
09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
Escrow your keys with the government. They know how to keep a secret.
So, the terrorists are going to obey this law? Or what? How do you tell what encryption a bitstream is using?
"Many experts say, however, that any method that would allow the government access even during certain situations would weaken overall security for everyone."
Why does it matter??? It shouldn't have to weaken security for us to say NO. We don't want to be spied on. Who serves who? Does the government serve its people or the other way around. If its the first then the answer should be no, we don't need a reason just no. If its the latter then I believe it is prime time for a revolution.
Step 1. Don't let them into your country en masse.
Wouldn't that had been great?
Encryption either works or it does not work. There is no middle ground; weakening it is the same as eliminating it's use entirely.
Do they really think that criminals and terrorists aren't going to use their own, non-compromised encryption or cipher techniques, to do their 'business' regardless? Maybe even mislead government officials by planting bullshit on the 'compromised' channels? I'm no criminal or terrorist and I can think of these things, what makes them think that THEY won't think of them and more?
The only possible path to what they want (total and complete surveillance into ALL non-government, non-military communications) is to ban non-government, non-military use of any and all encryption technologies. HOWEVER: Doing so will, in essence, destroy the Internet. No commerce or transfer of funds will be able to take place without being done 'in the clear', where anyone and everyone with the technical chops to do so can tap into it; you'd be nuts to put any banking or personal information of any kind over the Internet if that's the way it worked.
If, here in the U.S., they managed to force legislation requiring so-called 'backdoors' into all encryption, I, for one, would have to go back to getting paper bills in the mail, and mailing paper checks. I'm already back to paying cash for everything I can, because I've reached the point where I'm no longer trusting EFT (Electronic Funds Transfer) for day-to-day expenses (too much hacking going on); destroying encryption or banning it will just make EFT hacking problems that much worse.
Really, seriously, honestly: Why are all these politicians so gods-be-damned retarded when it comes to this subject? Do they not have technical experts that they trust advising them, telling them that what they want is not possible without destroying the value of encryption entirely? Do they not understand the disaster they'd be bringing down on their own heads? Or do they just not care, so long as they can peer into anyone and everyone's private business, regardless of being criminal/terrorist or being innocent of everything?
The total loss of anonymity and privacy counters strong crypto use.
Thats why spies used number stations and other methods to ensure anonymity and privacy. https://en.wikipedia.org/wiki/...
The tracking is of every communication. That removes most anonymity over years.
People looking for or who use crypto that works will be found and their messages will be collected.
XKeyscore https://en.wikipedia.org/wiki/...
"Detect people who use encryption.. " "Showing the usage of virtual private networks (VPNs) and machines that can potentially be hacked via TAO."
So even if the one time pad trade craft is always good, the device creating the message might not stay secure.
Domestic spying is now "Benign Information Gathering"
Dutton is a potato on a neck who can't understand why people say mean things when he lies about whether refugees have been tortured or even exist at all, and who managed to get himself kicked out of one of the most corrupt police forces in Australia's history (which is really saying something). Also he owns a chain of childcare centres in Queensland and nobody can quite work out how he got the money to buy them.
Brandis is the jerkwad who thought other people wouldn't understand the term 'metadata' because he heard it from actual spies & then later revealed that what he actually meant by 'metadata' was 'i don't understand the term' and also 'actually, all the data'. He's the one directly responsible for fucking Australia's crypto laws & making resale of Aus Bureau of Statistics data legal. His nickname is 'Soapy'. Interpret that how you will.
Yes they don't understand encryption, but also they hire people to tell them how encryption works and then berate them until they don't actually remember themselves.
I'm looking at you, MacGibbon.
Muggles should not be allowed to create laws pertaining to magic.
linquendum tondere
Sadly, Australia's Attorney General George Brandis is an embarrassment, and now he wants to proselytize about the correct use of encryption. Sheeeesh! See his description of metadata here: https://www.youtube.com/watch?...
Why is it that it must always be us versus them? Are we not all just humans? When will we learn that sharing this planet will is the only way to save this planet and our species from extinction. If encryption is a tool that causes us to try another way then I am all for terrorists to use military grade encryption.
>"urged Silicon Valley to "apply that same creativity, innovation to figuring out a way that both the interests of privacy as well as security can be guaranteed." "
Um, impossible. Pick one. Either encryption is broken or it works as designed. There is no in-between. I hope we pick that it will continue to work.
No, it's One Time iPad®. You use it once and toss it in the shredder.
“He’s not deformed, he’s just drunk!”
How about the power grids? What havoc could be done to them?
Governments are really good at tracking short flash messages on any devices that never show up again. Its not a normal usage pattern. Lots of private, gov and mil software looks for just that attempt in real time.
To connect to a network one or both accounts might need to pass a 100 point check https://en.wikipedia.org/wiki/... out of habit or just to seem like a normal chat.
If one or both sides of that connection have real accounts tracking will be more easy.
If not both One Time iPad used would be of interest to the network and be collected on as they are not registered.
That would get hardware location details and allows for CCTV collection. Busy street? Park in a car? Walk? Look up?
Online shopping for that iPad? Paid in cash months ago at some store? CCTV will still exist. Second hand, paid for cash? Who was the last or first real owner?
New or second hand that first network connection will give up hardware information.
The next time two new devices with no legal status on the network try to connect? Gov malware will be ready.
Are both people creating their code in real time by entering a plain message in on the iPad? Thats plain text to collect on. Activate the camera or mic. GPS.
Get both faces and GPS.
Or swapping photographing preprepared encrypted text? Sloppy trade craft and decide to type in a longer message just one time?
Use the device more often to hide the traffic in more normal usage pattern for a short time? Just more unique data created to find the users.
Domestic spying is now "Benign Information Gathering"
Move on to develop new means of surveilling criminals and terrorists.
They sound like a buggy whip salesmen trying to pass a statute forcing people to buy buggy whips regardless of need.
Chas - The one, the only.
THANK GOD!!!
Oh, for that purpose.
You think they are more pussies and assholes than dicks?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
when elsewhere in australia, the government can't even keep a camera, a camera that isn't even on the internet, safe from malware. https://yro.slashdot.org/story...
while in america, government web sites are getting hacked left-and-right. https://news.slashdot.org/stor...
and this is just what's reported in the NEXT TWO stories on this one web site.
nope. you ain't getting them. sorry, boys.
If this goes ahead then how do you enforce it effectively and fairly? /dev/null on the receiving end.
Say a group gets together and, for the sake of art, to test bandwidth speeds, packet routes, fragmentation, whatever your excuse, you arrange to open up some TCP ports between your group members and, down these pipes, stuff random bytes of no value which go straight to
Mr Spook is going to sniff that and flag it as encrypted.
Then they are going to round up the group and demand keys, which is when you hand them the terminal and let them see they've been watching nothing but white noise generated by a random byte generator.
Repeat. Be a pest. Disrupt.
Since this legislative lunacy is driven by paranoia (and if anything proves we have a ruling elite this does) then they'll need to tighten the laws to prevent "network noise" online and make it illegal too.
Because how do they know that somewhere in the noise you aren't sending secret messages to one and other?
Paranoia has no end and this nonsense is just the beginning. Look at Kim Yong Un
In fact it has been so quite a while ago and repeatedly. These people are clueless. Nonetheless they are demanding more power and more intrusion into citizen's privacy.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
That about sums it up. Looks like we are currently getting rid of our highest achievers on the stupidity+arrogance-scale by moving them into politics. That needs to stop.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Many experts say, however, that any method that would allow the government access even during certain situations would weaken overall security for everyone.
Why is this even expressed like it's an opinion?
Because it is an attempt to manipulate public opinion. The same can be observed, for example, when climate change is discussed. In both cases, all experts uniformly have the same take on things, only their take on details differs somewhat. So the facts are extremely clear. But if you are a politicretin that does not understand what a "fact" is and thinks there is wiggle-room, then you look for ways to muddy the waters, and that is one of them.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Have a look into any introductory text on crypto: The one-time-pad is impractical due to key-management except when very high effort is acceptable. That means terrorists that exchange short messages to coordinate can likely use it, but for most other cases it is too much effort.
I am just waiting for this to happen. In that case some politicretins will have "mathematically unbreakable" explained to them. Not that they will have the capacity to understand that.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
+5 insightful
Wanna buy a shirt?
https://www.redbubble.com/people/stealthfinger/shop?asc=u
Before we begin, please listen to some personal messages.
Jean has a long moustache
I repeat : Jean has a long moustache
Also :
Aunt Emma is getting well. I repeat : Aunt Emma is getting well.
These where the messages from Radio Free London.
Don't fight for your country, if your country does not fight for you.
"Guaranteed" is too strong a word. "Protected" maybe. "Made a bit more difficult to violate" at least.
Secure one avenue of attack, and attackers will simply concentrate on the next-easiest weakness. Still, the ability to easily collect and analyze all online communication is an incredibly potent and easily abused tool that I'd just as soon see denied to anyone authoritarian enough to want it.
--- Most topics have many sides worth arguing, allow me to take one opposite you.
Seriously, I just don't get how Australia thinks it can censor the posting of comments from America, just because we're a nation of law-avoiding terrorists?
-- Tigger warning: This post may contain tiggers! --
The point is, whether or not "terrorists" are using or have used encryption is unimportant. Weakening crypto by law won't affect terrorist use of crypto at all. They'll do what most security-minded folks will do: keep using the uncompromised stuff.
I've been thinking that this latest round of politicians asking for encryption backdoors is running on "Ask for a pony to get a dog" logic. If you ask for a dog, you get a hamster.
They know backdoors are impractical to impossible. But if they push for backdoors, tech companies will step up their censorship and user screening efforts. When they ask for greater censorship and screening, they get a "meh we're already doing that" response.
I've been thinking about setting up a GPLed encrypted chat client (maybe just a quick fork of Signal) explicitly for terrorists so we can put a stop to this crap. Call it Talkorrist maybe. Spread copies of it on torrent and darknet sites. Then we can say "No matter what laws you pass, Talkorrist will still be there, so quit it." It's more in-your-face than the fact that the PGP source code is printed in books out there. That's probably a bunch of useless Cody Wilson-type thinking but it would be satisfying. Society does need to accept the fact that unbreakable secret communication is now possible and we're all better off for it.
"When information is power, privacy is freedom" - Jah-Wren Ryel
Or they'll do what subversive types have been doing for the last ten thousand years: Talk about it down the pub, or at someone's house, or in a side-room off the temple.