Slashdot Mirror

← Back to Stories (view on slashdot.org)

Australian Officials Want Encryption Laws To Fight 'Terrorist Messaging' (arstechnica.com)

Posted by EditorDavid on from the Aussie-encryption dept.

An anonymous reader quotes Ars Technica: Two top Australian government officials said Sunday that they will push for "thwarting the encryption of terrorist messaging" during an upcoming meeting next week of the so-called "Five Eyes" group of English-speaking nations that routinely share intelligence... According to a statement released by Attorney General George Brandis, and Peter Dutton, the country's top immigration official, Australia will press for new laws, pressure private companies, and urge for a new international data sharing agreement amongst the quintet of countries... "Within a short number of years, effectively, 100 per cent of communications are going to use encryption," Brandis told Australian newspaper The Age recently. "This problem is going to degrade if not destroy our capacity to gather and act upon intelligence unless it's addressed"... Many experts say, however, that any method that would allow the government access even during certain situations would weaken overall security for everyone.
America's former American director of national intelligence recently urged Silicon Valley to "apply that same creativity, innovation to figuring out a way that both the interests of privacy as well as security can be guaranteed." Though he also added, "I don't know what the answer is. I'm not an IT geek, but I just don't think we're in a very good place right now."

11 of 195 comments (clear)

  1. Again, let the Leaders Lead by Snotnose · · Score: 5, Insightful

    Let them be forced to use weakened encryption, then see how their tune changes when their banks accounts get raided.

    They ain't gonna learn on their own, let them pay a heavy price for ignoring what people who know what they're taking about are saying.

    1. Re:Again, let the Leaders Lead by Rick+Schumann · · Score: 5, Insightful

      I agree with you, except you're not aware of how this would actually work: The politicians (and the rich, of course) would be allowed to use totally unbreakable encryption to protect themselves. It's us filthy common citizens who would have to go back to paying cash and mailing paper checks for things, or risk having our lives ruined by criminals.

  2. cause and effect by Gravis+Zero · · Score: 4, Insightful

    "Within a short number of years, effectively, 100 per cent of communications are going to use encryption,"

    Gee, I wonder why that is. -_-

    Good luck, assholes.

    --
    Anons need not reply. Questions end with a question mark.
  3. Peter Dutton by Anonymous Coward · · Score: 5, Informative

    Peter Dutton is actually the immigration minister, in case anyone here cared about accuracy.

  4. I think I should create a macro by Opportunist · · Score: 5, Insightful

    To write this here. Because I write it every single time some politician comes up with this bullshit.

    There is no such thing as a "backdoor", a "secret key" or any other way to break encryption that only a nation or a group of nations will have. And you don't even have to be a computer geek to understand this. Simply politics explains it fully, no higher brain power necessary, so even politicians should be able to understand this.

    1. This is the key to ALL secrets. Because if someone or something is exempt, the terrorists will use that kind of encryption, too. Because someone who plans to kill people and potentially himself doesn't give a fuck about petty laws like this.
    2. This also means that all trade secrets of all corporations worldwide have to be vulnerable to this key.

    Can you imagine how valuable this key is? Can you see corporations or even nations being interested in acquiring this key, no matter the money or force required?

    Or, so even a prime minister can understand it: Everything, every access, you get that way, Iran and North Korea do, too.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    1. Re:I think I should create a macro by Gavin+Rogers · · Score: 4, Interesting

      I'm loathe to give good advice to a bad idea, but one possible way to "break the encryption" for Government wouldn't be a direct attack on the cryptography, but a sanctioned attack on the client:

      "Hey, Facebook. Government agency here. Could you silently instruct the Messenger app on target X or all users in Y area to encrypt using this escrow key for Z days? Tnx."

  5. Here it is again by willoughby · · Score: 5, Insightful

    "We can't be free because we have to be safe."

  6. Except for us of course.... by complete+loony · · Score: 3, Interesting

    Malcolm Turnbull confirms he uses Wickr, WhatsApp instead of unsecure SMS technology

    --
    09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
    1. Re:Except for us of course.... by johnjones · · Score: 4, Interesting

      exactly

      The Australian Prime Minister like the President of the United States of America actively avoids being recorded for offical purposes (laws enacted to keep a record)

      Australia has some of the most bizarre privacy laws and data retention laws, china and the rest of the Asia is quite clear, the state can own your data and can compel that data to be released or you will face charges (jail).

      The onus has been pushed onto private sector to retain meta data and grants provided to do so (the ISP's collect the meta data basically).

      The hilarious bit is the proliferation of Certificate Authorities (CA). Previously the government and agents could simply compel the CA to be compromised however with the built in keys for entities beyond their control they can no longer intercept this traffic and worry more importantly that others are doing what they do (compromising the CA/keys and reading the data of the wire which is a preferred tactic of the PLA via the firewall ).

      The solution to this is to secure the DNS root and have each service use their own key (equivalent to DANE) and have laws to allow interception.
      (that way each service is secure and the gov can intercept if they compel the service provider) the days of being able to read everything off the wire are over and the agents need to realise that and modify their behaviour to be selective.

      They are never going to get all the signed traffic any more, the real worry is that others are collecting data and how to secure that while still allowing for interception. They need to agree on a compromise solution and Fast.

      Regards

      John Jones

  7. Secret, top secret, fouo by Anonymous Coward · · Score: 4, Funny

    Escrow your keys with the government. They know how to keep a secret.

  8. Encryption is a binary proposition by Rick+Schumann · · Score: 5, Interesting

    Encryption either works or it does not work. There is no middle ground; weakening it is the same as eliminating it's use entirely.

    Do they really think that criminals and terrorists aren't going to use their own, non-compromised encryption or cipher techniques, to do their 'business' regardless? Maybe even mislead government officials by planting bullshit on the 'compromised' channels? I'm no criminal or terrorist and I can think of these things, what makes them think that THEY won't think of them and more?

    The only possible path to what they want (total and complete surveillance into ALL non-government, non-military communications) is to ban non-government, non-military use of any and all encryption technologies. HOWEVER: Doing so will, in essence, destroy the Internet. No commerce or transfer of funds will be able to take place without being done 'in the clear', where anyone and everyone with the technical chops to do so can tap into it; you'd be nuts to put any banking or personal information of any kind over the Internet if that's the way it worked.

    If, here in the U.S., they managed to force legislation requiring so-called 'backdoors' into all encryption, I, for one, would have to go back to getting paper bills in the mail, and mailing paper checks. I'm already back to paying cash for everything I can, because I've reached the point where I'm no longer trusting EFT (Electronic Funds Transfer) for day-to-day expenses (too much hacking going on); destroying encryption or banning it will just make EFT hacking problems that much worse.

    Really, seriously, honestly: Why are all these politicians so gods-be-damned retarded when it comes to this subject? Do they not have technical experts that they trust advising them, telling them that what they want is not possible without destroying the value of encryption entirely? Do they not understand the disaster they'd be bringing down on their own heads? Or do they just not care, so long as they can peer into anyone and everyone's private business, regardless of being criminal/terrorist or being innocent of everything?