Slashdot Mirror
Australian Government Cracks Down on Net Users
The Australian Government has hastily enacted several measures overnight that should send a shiver down the collective spines of all Net users. Firstly, it passed major legislation that enables the Australian Security and Intelligence Organisation (ASIO), similar to the CIA, to remotely tap into and alter data on any Australian's computer. APC Newswire has the story. Secondly, the Government minister responsible for IT, Senator Richard Alston, has appointed an Internet content censorship advisory board stacked with representatives who support his heavy-handed approach, critics say. Critics of Alston's agenda in the past have included the ACLU and the EFF-affiliated Australian Net-users' group, Electronic Frontiers Australia. Again, APC has the story and a commentary.
If they can do it Down Under, how long do you think it will be before similar measures come to a town near you?
If they can do it Down Under, how long do you think it will be before similar measures come to a town near you?
In many ways this legislation negates itself. For example, if I am brought into court for my pornographic nihlistic blueprint for the destruction of the Australian Way Of Life can any of my computer records be relied on as evidence? Can anyone prove my files are really mine? It won't take an enterprising solicitor long to bring these sorts of problems to light in court. Another problem is how do I handle confidential information with my collaborators located in Australia? Do I recomend to my shareholders that we cease doing buisiness in Australia due to the probable lack of security? It's one thing dealing with script-kiddies, it's an entirely different matter dealing with a government. How far does this go? Do we have to take special care to ensure that none of our communications are routed through Australian servers? What about working with other government contracts? Will I have to restrict my access to Australian based sources simply because of the potential lack of security? This is the kind of dollars and cents (US or Oz or otherwise) argument that politicians understand. I agree entirely that individuals must pay the price for their freedom- but use all the weapons at your disposal. In addition to voting and letter writing as citizens, use your influence with whatever corporation or institution you might be involved with. As IT professionals your views are (presumably) respected by the people that own the politicians. As individual crackpots we are easily ignored.
I know I will get flamed by people with anti-freedom sentiments, but doesn't it seem eerie that this is following so closely behind Australia's virtual complete elimination of private rights to firearm ownership? Seems like Australia and Great Britain are sliding quickly down a slippery slope where virtually all civil rights will be given up permanently in the name of some temporary appearances of safety.
Sadly, there are too many politicians and shortsighted people here in the US that want to bring us the same restrictions on freedom. It seems clear that if the 2nd Amendment is circumvented or eliminated that the 1st Amendment will fall shortly thereafter.
We here in the united states must continue to be on the watch for such legislation sneaking through congress as riders on legitimate bills or as hastily enacted voice vote bills.
I think people in australia should be rioting in the streets over this, especially over the legalization of "altering data" on any users computer. What? We dont have enough evidence to convict this guy? Just plant some evidence on his computer, no problem. After all, he must be guilty or we wouldnt have accused him.
The question is, what would we do if such legislation was enacted here? Would we riot in the streets? Or more likely, would we just start a thread on slashdot and rant for a day or so? The second is much more likely, and worst of all, this is exactly what they want you to do, if you burn yourself out after a day, theres nothing left to keep the protest going. Americas collective attention span is so short that even the most dire problems come on their radar screens after its too late, or darn near ( y2k, global warming, Ozone hole, these are all fixed right, after all i havent heard anything about the last two in awhile, and the first one our government says is fixed, which is exactly what they would say whether it is or not). So, rather than ranting, why dont we come up with some suggestions of what to actually do if and when this actually happens here. Even if it doesnt, its always good to b prepared for any contingency.
EFF and the ACLU are about the most essential agencies out there protecting our freedoms. I hope that all slashdoters out there who enjoy their freedom give them a donation, or beter yet, join them.
Alright, here's my nano-HOWTO for getting to the page referenced above:
Hope this will help whoever's looking for the stuff. :-)
mikre he sophia he tou Mikrosophou.
Another important question -- does this infringe any copyright laws in .au? What if the government was paid off by some large corporation that knew someone in .au was developing the next killer app and they abused the system into allowing them full access to what is on the other company's servers?
Perhaps it's time for someone to start a business in a small country with a very small government where hi-tech companies can headquarter themselves and keep all development servers (the island would need really really fat net pipes to everywhere). That way .au companies can circumvent the possibility of (il)legal search and seizure.
-R
O.K. if it just means that I have to go to prison at some point in my life, then fair enough. let me say here and now that any government has no right to demand my passwords or post anything on my machines. I will supply them with my passwords on the day that they aggree to hand to me all of theirs and a copy of all their messages. One of the main arguments that they employ is the idea that they are trustworthy and that we only have anything to fear if we are doing something wrong. Even if they are trustworthy, then I still could not accept this law as the law would still be in place when the opposition are in place and even the government will tell you that they aren't trustworty. The Australian law should be resisted in every way possible. if for no other reason that it makes all computer based evidence in court untennable. any computer fraudster can now claim that 'it wasn't me it was the government'
Allowing the government to read and change all data on computers in a country is something that will lead to abuse eventually if not soon.
It wouldn't be very hard to put some poorly encrypted child porn on an enemy's computer, modify the logs, then bust them. Even should they win the case in court it's not likely they'd ever be able to win political office again after the reputation damage. Of course there are millions of more subtle ways to damage an enemy thru their data.
There seems to be an implicit assumption that a government is an evenhanded institution that would never abuse power or play favorites. Few real governments are that good, most are made up of people with agendas.
How will Australian corporations feel about the government being able to access all their records, and modify them if they so wish? What sort of power will people leaving government and joining private industry have due to having had access to this information? There could be some lobbying power if businesses can be convinced this is not in their interests either.
Does this imply that information temporarily stored on Australian servers is subject to Australian government control even if the source and destination of that data are in other countries? This is of international concern if so.
It would be nice to blackhole all addresses in Australia for a day or so to express the net's displeasure at this legislation. And if they read or change data as it merely passes thru Australia, I'd support making it permanent until they stop. It's a clear and present danger to the integrity of the net.
This is legalised hacking, and its a VERY, very, very badly thought out piece of legislation.
1) The bill allows for intrusion of a computer system and removal of any relevant data.
2) It doesn't allow for trashing of the computer system.
3) It does allow for bugging and tracking of people or equipment.
4) It allows for the "use of any force that is necessary and reasonable" to enter your premises for bugging you.
If you come under the scrutiny of the security services under this law, expect someone to hack your system, break into any premises that yo frequent, copy the hard disks of your computer systems, fit a tracking device to your laptop or your shoes, and bug the telecoms systems that your use.
It's a *really* bad law in my opinion. It's too wide ranging, and leaves too many things open for abuse. I know that the security services need wide ranging rules to allow for "odd" situations, but in the past, if they were careful not to break the law. This law allows for so much that they can do anything, and it's legal.
Now they have the full force of the law behind them, so if you catch them, you can't do anything, but they can do anything they want to you.
This law even allows for spying:
27B Performance of other functions under paragraph 17(1)(e)
If:
(a) the Director-General gives a notice in writing to the Minister requesting the Minister to authorise the Organisation to obtain foreign intelligence in relation to a matter specified in the notice; and
(b) the Minister is satisfied, on the basis of advice received from the relevant Minister, that the collection of foreign intelligence relating to that matter is important in relation to the defence of the Commonwealth or to the conduct of the Commonwealths international affairs;
the Minister may, by writing signed by the Minister, authorise the Organisation to obtain the intelligence in relation to the matter.
So, in theroy, anyones computer could be available it you annoy the aussies enough.
It's frightening that a government can think about passing a law that will allow thier security services to declare cyberwar against people that they don't like.
This law allows for total information gathering. Under this law anywhere you go, anything you say, anything you record on your computer systems, EVEN IN A FOREIGN COUNTY will be recorded.
While I am not quite that paranoid it is a scary situation. I was listening to a Noam Chomsky monograph from a few years ago where he essentially attacked the concepts of multinational corporation, free trade and the idea that the corperation is a legal entity. According to Mr. Chomsky, these very concepts are anti-constitutional in nature as the erode the individuals civil liberties and make that individual subject to another non-elected _individual_ ( since corporations are people now ). In fact, I got the impression that he truly feels such entities are the largest threat to what we call 'democracy' out there today.
He also went into a whole tirade about free trade and how, what we are presented with as free trade, is not really free trade but free flow of capital which is highly detrimental as it essentially releases these 'individuals' into the global eco-political arena with no responsibilities, ethics or mandate.
Both of these concepts are new entities formed in the last 50-75 years. I wish i remember the title of this lecture, it was really awesome listening. Gotta love public radio while we still have it.. you may or may not agree but its still interesting thinking from a brillant man.
Call for actions - all /.'ers........
Seriously speaking, I think we see more and more of these "issues": Censorship, govermental approved and required intrusions (and now even legal modifications) without the peoples knowing, requirements of "backdoors" to the government in cryptography, restricions on publication (americans call it 'export' and 'matter of national security') of cryptography etc. etc. etc.
The Australians do it.....(obviously)
The Americans do it.....
The Europeans do it.....
Or if they haven't yet passed laws or bills, they are about to and have such in the process. Gee, I am told that if you are in France, using 'ssh' is in fact forbidden......That makes me a criminal, since I dislike the idea of transmitting cleartext root-passwords on any network.
This is an issue, which in my mind is more and more beginning to turning into a "people of the world" vs "the collective governments of the world".
My guess is, that unless action is taken SOON, then it will be too late. As soon as one major country/government makes precedense, preventing others from following will be hard. Remember, people, that the issues at stake are ultimately - as many others have pointed out - the "freedom of speech" and the "right for privacy".
I think it is time for action. The question is WHAT action can/should be taken? And how? Take this as an "Ask Slashdot", btw....I would like to hear more knowledgeable peoples take on this....
Slashdot represents - in my mind - an opportunity to unite briliant minds across the world. Slashdot COULD become a MAJOR GLOBAL POLITICAL PLAYER on such issues - if used in the right way. After all, I the average Slashdotter (whos posts get a score >0) is equiped with a cirtain level of technical expertise and common sense.
I'd say "slashdotters unite" - let's figure out how to play the game right, and prevent insanity of government control, restrictions and supervision.
I will end by saying as Evita does in Andrew Lloyd Webber's musical "Evita":
"...true power is YOURS, not the government, unles it represents the people!"
Somehow I feel that there are many governments who do not - at least on this issue.
(Sorry for being emotional on this. But I am deeply concirned over the current development)
-- "Life is a bitch - and she hates me..."
What is the state of encryption laws Down Under? If they don't have Britain-esque laws regarding encoding your data, then at least they can download GnuPG or PGP and protect the contents of their computers.
Also, do the laws give the government permission to break into your computer, or do you have to install software that opens the door for them. If the later, ugh, seems like a big security risk. *I* wouldn't want to store my company's financial data on a computer where I have to have a backdoor that lefts government (or criminals using the backdoor) come in and snoop around. Conversely, if they merely have permission to break in, I would be doing everything in my power to prevent it. If the Feds can get in, so can criminals or just nosey people.
Canada still seems friendly to privacy issues, but it scares me because the more countries that adopt measures like this, the more likely our government is to jump on the bandwagon.
Dana
Nor let us underreact.
The worst thing an advocate of freedom can do is to discredit the cause by not having his facts straight.
The link to information on the proposed legislation is stale, does anyone have a newer one?
I searched for "ASIO data" and my only hit was a piece of testimony from April about cryptography.
It seems to me that the "Right to remotely access and alter" data on private computers can cover a lot of ground, running from policies that many people would find reasonable to highly unreasonable policies. A lot depends on what the legislation says about the scope of those rights. A carte blanche is obviously a bad thing, and if that is whasis being granted I'd say we should treat Austrailia as a pariah government the way we did South Africa. But how about the equivalent of a wire tap with judicial overview?
Example: suppose a person can credibly be shown to be taking part in a conspiracy to commit a bombing; the extent of the conspiracy is not known, however. In such cases, a court might grant a wiretap or bug, which would involve modifying some of a subject's property in a way that the tap was invisible. Likewise, suppose the persons were believed to be using the internet with strong encryption to coordinate the bombing. Perhaps the court could authorize putting BO2K on the user's computer to capture keystrokes. The intelligence agency may not have such a legal right, and I'd say that the fact they feel the need to get legal authority to do such things is a good sign. I'd doubt very much that the CIA or NSA would let a little thing like illegality stop them.
So, a lot depends on exactly was is being granted. Anyone have any facts to offer?
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.