Slashdot Mirror

← Back to Stories (view on slashdot.org)

Australian Officials Want Encryption Laws To Fight 'Terrorist Messaging' (arstechnica.com)

Posted by EditorDavid on from the Aussie-encryption dept.

An anonymous reader quotes Ars Technica: Two top Australian government officials said Sunday that they will push for "thwarting the encryption of terrorist messaging" during an upcoming meeting next week of the so-called "Five Eyes" group of English-speaking nations that routinely share intelligence... According to a statement released by Attorney General George Brandis, and Peter Dutton, the country's top immigration official, Australia will press for new laws, pressure private companies, and urge for a new international data sharing agreement amongst the quintet of countries... "Within a short number of years, effectively, 100 per cent of communications are going to use encryption," Brandis told Australian newspaper The Age recently. "This problem is going to degrade if not destroy our capacity to gather and act upon intelligence unless it's addressed"... Many experts say, however, that any method that would allow the government access even during certain situations would weaken overall security for everyone.
America's former American director of national intelligence recently urged Silicon Valley to "apply that same creativity, innovation to figuring out a way that both the interests of privacy as well as security can be guaranteed." Though he also added, "I don't know what the answer is. I'm not an IT geek, but I just don't think we're in a very good place right now."

29 of 195 comments (clear)

  1. Again, let the Leaders Lead by Snotnose · · Score: 5, Insightful

    Let them be forced to use weakened encryption, then see how their tune changes when their banks accounts get raided.

    They ain't gonna learn on their own, let them pay a heavy price for ignoring what people who know what they're taking about are saying.

    1. Re:Again, let the Leaders Lead by Rick+Schumann · · Score: 5, Insightful

      I agree with you, except you're not aware of how this would actually work: The politicians (and the rich, of course) would be allowed to use totally unbreakable encryption to protect themselves. It's us filthy common citizens who would have to go back to paying cash and mailing paper checks for things, or risk having our lives ruined by criminals.

    2. Re: Again, let the Leaders Lead by infolation · · Score: 2

      My VPN blocked your Rickroll because Rick Astley isn't allowed in 'Sweden' (youtube: 'sorry about that').

      Yayz 4 fully-legal cryptographic Point-to-Point Tunneling Protocol.

    3. Re:Again, let the Leaders Lead by AmiMoJo · · Score: 2

      You are not wrong, but we need to move past this simple argument and make a more realistic one that helps politicians see the practical results of their proposed actions.

      They are not proposing banning strong encryption, merely starting a game of whack-a-mole with encrypted chat services. As can be seen with P2P, if they start that game they might score a few early victories but ultimately the providers of such software will make sure they can't be forced to weaken their security.

      Even so, they could simply make having certain apps installed illegal and then prosecute people for merely having them. The list would have to be continually updated and they would likely force Apple and Google to remove those apps from the Australian app stores.

      All of which is pointless because terrorists don't bother with encrypted apps when operating inside their target countries. They know that they are being watched and that the metadata, e.g. the time and people involved in a communication, is more valuable than the content, so they meet in person or use code phrases over unencrypted text message/email.

      So the only result will be making Australia waste money and become a worse place to live with less privacy.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  2. cause and effect by Gravis+Zero · · Score: 4, Insightful

    "Within a short number of years, effectively, 100 per cent of communications are going to use encryption,"

    Gee, I wonder why that is. -_-

    Good luck, assholes.

    --
    Anons need not reply. Questions end with a question mark.
  3. Peter Dutton by Anonymous Coward · · Score: 5, Informative

    Peter Dutton is actually the immigration minister, in case anyone here cared about accuracy.

    1. Re:Peter Dutton by muphin · · Score: 2

      Accuracy?
      this is the internet dude, where opinions matter!

      --
      It's not a typo if you understood the meaning!
  4. I think I should create a macro by Opportunist · · Score: 5, Insightful

    To write this here. Because I write it every single time some politician comes up with this bullshit.

    There is no such thing as a "backdoor", a "secret key" or any other way to break encryption that only a nation or a group of nations will have. And you don't even have to be a computer geek to understand this. Simply politics explains it fully, no higher brain power necessary, so even politicians should be able to understand this.

    1. This is the key to ALL secrets. Because if someone or something is exempt, the terrorists will use that kind of encryption, too. Because someone who plans to kill people and potentially himself doesn't give a fuck about petty laws like this.
    2. This also means that all trade secrets of all corporations worldwide have to be vulnerable to this key.

    Can you imagine how valuable this key is? Can you see corporations or even nations being interested in acquiring this key, no matter the money or force required?

    Or, so even a prime minister can understand it: Everything, every access, you get that way, Iran and North Korea do, too.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    1. Re:I think I should create a macro by Rick+Schumann · · Score: 2

      You're totally and 100% correct. Also, anyone who watches any number of TV shows knows this one: Book encryption. Unless you know what book(s) are being used, you'll never decrypt the message being sent. Anyone can use it, doesn't require a computer, doesn't even require a high IQ to implement, and it's highly effective. This is just one example of ways around a world without digital encryption or with compromised encryption, there are many more I'm sure. What these morons want is stupid and pointless and I am at a complete loss to understand how any number of experts that they must trust enough to consult haven't managed to get it through their apparently thick skulls that what they want is inviting disaster and will not accomplish anything more than disaster.

    2. Re:I think I should create a macro by Nemyst · · Score: 2

      Moreover, there's also another issue these politicians don't seem to take into account: non-backdoored encryption is already out there. Do they really think terrorists or criminals will sheepishly move to backdoored encryption when you can whip up something now that authorities can't break? They'll just end up with even less visible software, more obscure channels, and communication will still happen. They'll resort to sharing the software by mailing USB keys if need be, but they'll do it.

      All of this is essentially wishful thinking. Figure out another way to get information, it's too late for this one.

    3. Re:I think I should create a macro by Gavin+Rogers · · Score: 4, Interesting

      I'm loathe to give good advice to a bad idea, but one possible way to "break the encryption" for Government wouldn't be a direct attack on the cryptography, but a sanctioned attack on the client:

      "Hey, Facebook. Government agency here. Could you silently instruct the Messenger app on target X or all users in Y area to encrypt using this escrow key for Z days? Tnx."

    4. Re:I think I should create a macro by smallfries · · Score: 2

      Unless some company built a huge database of all the books...

      --
      Slashdot: where don knuth is an idiot because he cant grasp the awesome power of php
    5. Re:I think I should create a macro by smallfries · · Score: 2

      But in a world where DPI is running on all the routers those users have now highlighted what they are doing. If everyone uses the same strong encryption: needle in a haystack problem. If almost everyone uses weak encryption: whack a mole. Every single strongly encrypted stream is now a crime: warrants available for more intense scrutiny, just like any other authoritarian regime.

      --
      Slashdot: where don knuth is an idiot because he cant grasp the awesome power of php
    6. Re:I think I should create a macro by gweihir · · Score: 2

      The sheer stupidity of this politicretins is astonishing. But I guess until we find a way to deal with really stupid people (maybe do stop putting them in power?), this will have to be repeated over and over again.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  5. Here it is again by willoughby · · Score: 5, Insightful

    "We can't be free because we have to be safe."

  6. FFS... by sit1963nz · · Score: 2

    This is what we get when decisions are made using fear and paranoia...... stupidity.

    So, for the Australian MPs, please go and ask the Brits how the IRA was able to function as a terrorist group before the age of the internet and encryption. Please also google "Numbers stations"

    Now think real slow here (OK, you are Politicians this part should come naturally to you), if you have a back door, and it gets discovered (which it eventually will by good luck, mismanagement , bad actor, or shear stupidity), how is the end result any different than terrorists getting the Nuclear bomb codes ?

    This is such a monumentally stupid idea that any government official who thinks it is a good idea should be take out the back and shot for treason.

    Are you going to give the codes to every government ?
    Explain to me if not why not. Are you going to tell me that Jewish lives are worth less than Australian lives ?

    Now that you have announced that your future encryption is faulty, please explain why every other government and citizen will not use a different more secure encryption. Oh, "we will make a law".... yeah that works so bloody well for murder, rape, assault, theft, etc etc etc... FFS you can't even get drugs off the street or kiddie porn off the internet or stop priests from sodomising choir boys.
    Or perhaps Australian politicians are so bloody racist that they believe only white people can do this stuff ?

    So, all you are going to achieve is to put every citizens information at risk for no effing benefit.

    And THAT is why you should be taken out and shot for treason, you have put at risk all of your citizens for zero benefit.

  7. Except for us of course.... by complete+loony · · Score: 3, Interesting

    Malcolm Turnbull confirms he uses Wickr, WhatsApp instead of unsecure SMS technology

    --
    09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
    1. Re:Except for us of course.... by johnjones · · Score: 4, Interesting

      exactly

      The Australian Prime Minister like the President of the United States of America actively avoids being recorded for offical purposes (laws enacted to keep a record)

      Australia has some of the most bizarre privacy laws and data retention laws, china and the rest of the Asia is quite clear, the state can own your data and can compel that data to be released or you will face charges (jail).

      The onus has been pushed onto private sector to retain meta data and grants provided to do so (the ISP's collect the meta data basically).

      The hilarious bit is the proliferation of Certificate Authorities (CA). Previously the government and agents could simply compel the CA to be compromised however with the built in keys for entities beyond their control they can no longer intercept this traffic and worry more importantly that others are doing what they do (compromising the CA/keys and reading the data of the wire which is a preferred tactic of the PLA via the firewall ).

      The solution to this is to secure the DNS root and have each service use their own key (equivalent to DANE) and have laws to allow interception.
      (that way each service is secure and the gov can intercept if they compel the service provider) the days of being able to read everything off the wire are over and the agents need to realise that and modify their behaviour to be selective.

      They are never going to get all the signed traffic any more, the real worry is that others are collecting data and how to secure that while still allowing for interception. They need to agree on a compromise solution and Fast.

      Regards

      John Jones

    2. Re:Except for us of course.... by stealth_finger · · Score: 2

      Irregardless, they are using it.

      --
      Wanna buy a shirt?
      https://www.redbubble.com/people/stealthfinger/shop?asc=u
  8. Secret, top secret, fouo by Anonymous Coward · · Score: 4, Funny

    Escrow your keys with the government. They know how to keep a secret.

  9. Or we could have had borders by aliquis · · Score: 2

    Wouldn't that had been great?

    1. Re:Or we could have had borders by sound+vision · · Score: 2

      I preferred Barnes & Noble myself, but with today's technology, that sort of thing seems to be on the way out.

  10. Encryption is a binary proposition by Rick+Schumann · · Score: 5, Interesting

    Encryption either works or it does not work. There is no middle ground; weakening it is the same as eliminating it's use entirely.

    Do they really think that criminals and terrorists aren't going to use their own, non-compromised encryption or cipher techniques, to do their 'business' regardless? Maybe even mislead government officials by planting bullshit on the 'compromised' channels? I'm no criminal or terrorist and I can think of these things, what makes them think that THEY won't think of them and more?

    The only possible path to what they want (total and complete surveillance into ALL non-government, non-military communications) is to ban non-government, non-military use of any and all encryption technologies. HOWEVER: Doing so will, in essence, destroy the Internet. No commerce or transfer of funds will be able to take place without being done 'in the clear', where anyone and everyone with the technical chops to do so can tap into it; you'd be nuts to put any banking or personal information of any kind over the Internet if that's the way it worked.

    If, here in the U.S., they managed to force legislation requiring so-called 'backdoors' into all encryption, I, for one, would have to go back to getting paper bills in the mail, and mailing paper checks. I'm already back to paying cash for everything I can, because I've reached the point where I'm no longer trusting EFT (Electronic Funds Transfer) for day-to-day expenses (too much hacking going on); destroying encryption or banning it will just make EFT hacking problems that much worse.

    Really, seriously, honestly: Why are all these politicians so gods-be-damned retarded when it comes to this subject? Do they not have technical experts that they trust advising them, telling them that what they want is not possible without destroying the value of encryption entirely? Do they not understand the disaster they'd be bringing down on their own heads? Or do they just not care, so long as they can peer into anyone and everyone's private business, regardless of being criminal/terrorist or being innocent of everything?

  11. Re:How to fight terrorists by DeathElk · · Score: 2

    Step 0.5. Stop bombing men, women and children in their home country, leaving survivors angry and desperate with no where to go and no options.

  12. For those who don't know by Anonymous Coward · · Score: 2, Interesting

    Dutton is a potato on a neck who can't understand why people say mean things when he lies about whether refugees have been tortured or even exist at all, and who managed to get himself kicked out of one of the most corrupt police forces in Australia's history (which is really saying something). Also he owns a chain of childcare centres in Queensland and nobody can quite work out how he got the money to buy them.

    Brandis is the jerkwad who thought other people wouldn't understand the term 'metadata' because he heard it from actual spies & then later revealed that what he actually meant by 'metadata' was 'i don't understand the term' and also 'actually, all the data'. He's the one directly responsible for fucking Australia's crypto laws & making resale of Aus Bureau of Statistics data legal. His nickname is 'Soapy'. Interpret that how you will.

    Yes they don't understand encryption, but also they hire people to tell them how encryption works and then berate them until they don't actually remember themselves.

    I'm looking at you, MacGibbon.

  13. George Brandis is an embarrassment by chrism238 · · Score: 2

    Sadly, Australia's Attorney General George Brandis is an embarrassment, and now he wants to proselytize about the correct use of encryption. Sheeeesh! See his description of metadata here: https://www.youtube.com/watch?...

  14. Re:Muggles by BlueStrat · · Score: 2

    Muggles should not be allowed to create laws pertaining to magic.

    That'll only happen when you can 'magic'-away bullets.

    Strat

    --
    Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
  15. Then they are degraded/destroyed. by Chas · · Score: 2

    Move on to develop new means of surveilling criminals and terrorists.

    They sound like a buggy whip salesmen trying to pass a statute forcing people to buy buggy whips regardless of need.

    --


    Chas - The one, the only.
    THANK GOD!!!
  16. Some personal messages by houghi · · Score: 2

    Before we begin, please listen to some personal messages.
    Jean has a long moustache
    I repeat : Jean has a long moustache
    Also :
    Aunt Emma is getting well. I repeat : Aunt Emma is getting well.

    These where the messages from Radio Free London.

    --
    Don't fight for your country, if your country does not fight for you.