from the governments-are-above-mathematics dept.
The Guardian reports that an "Australian bill to create back door into encrypted apps [is] in 'advanced stages.'" The Australian government is pushing ahead with controversial legislation it says will create "back doors" into encrypted communication services – but still can't say when it will introduce the bill.
After originally aiming to have the legislation before parliament in the first quarter of this year, the government has delayed its introduction. A spokesman for the acting attorney general, Marise Payne, would only say it was in "the advanced stages of development".
[...] "If it is to proceed, Labor calls on the government to release an exposure draft of this legislation, to allow for proper consultation. This is important given the complexities around this novel area of lawmaking."
Greens senator Jordon Steele-John said the whole concept was laughable. "Once the government has a back door into encrypted devices and platforms, everybody has a back door into encrypted devices and platforms," he said.
"That has been proven over and over again. Once it is created, somebody gets in. I wouldn't trust a government that can't keep Medicare information protected to be inserting a back door into a tin shed.
"So I certainly wouldn't be trusting them to do something as serious as this."
(Score: 2) by bob_super on Friday April 13 2018, @04:34PM (5 children)
Yes, the crooks and terrorists will totally avoid downloading encryption tools without backdoors.
(Score: 1, Touché) by Anonymous Coward on Friday April 13 2018, @05:03PM (4 children)
Ordinary people who know the importance of privacy will also download encryption tools without backdoors. I guess that would make them "crooks," but that really just shows that that label has no meaning when so many unjust laws exist.
(Score: 0) by Anonymous Coward on Friday April 13 2018, @06:18PM (3 children)
If you have nothing to hide, you have nothing to fear, citizen! Criminal encryption is only needed by criminals, citizen! Do not worry! You can trust me, citizen!
(Dumb fucks.)
(Score: 1, Funny) by Anonymous Coward on Friday April 13 2018, @08:26PM (1 child)
Look at all the snide comments coming from the anonymous cowards. Find your courage. Put your name on it writ large.
Sincerely,
JOHN HANCOCK
(Score: 0) by Anonymous Coward on Saturday April 14 2018, @10:24AM
We know your real name, Mr. Handcock.
(Score: 2) by Demena on Saturday April 14 2018, @12:05AM
Bullshit. I have things to hide. But they are neither illegal nor immoral nor political. Lots of people have things to hide
(Score: 2, Informative) by dvdmeer on Friday April 13 2018, @04:54PM (4 children)
Since you can already get meta data (who contacted who and at what date/time) what extra information could the messages bring?
If I was a terrorist (which I am not) I would just come together with a few of my terrorist friends and decide on a code for communication.
e.g. The cow has left the barn. Don't forget to bring the milk.
Which could mean anything from "I got a nice cow and need some milk" to "let's blow up this and that building at some specific date/time".
The it doesn't matter if the platform is insecure or not.
So they probably need it to control the population. Like for example prevent protests agains goverment actions from happening or at least figure
out who are responsible for organizing at and the quietly make those people shut up.
(Score: 2) by takyon on Friday April 13 2018, @05:13PM (3 children)
Metadata is no good if you have a working onion routing scheme or if the people involved are not known to be "security threats".
We do a disservice by focusing on metadata too much. It's the contents that will have you hanged. And if messages can be broken into and scanned automatically, then you really will have to play code talker to get your point across secretly.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 1, Informative) by Anonymous Coward on Friday April 13 2018, @05:36PM (2 children)
Both can have you hanged depending on the circumstances and your government. Mass surveillance - whether it 'just' collects metadata or not - should be completely abolished.
(Score: 2) by takyon on Friday April 13 2018, @05:41PM (1 child)
Is it a crime to send a "Hello" message to a known terrorist?
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 5, Insightful) by Virindi on Friday April 13 2018, @06:15PM
It doesn't matter if it is a crime. Do you think these people care about due process?
If it convinces them, that is enough. They will find a way to ruin your life.
(Score: 2) by Snow on Friday April 13 2018, @05:17PM (4 children)
How could you possibly enforce this? Ban all legacy apps? Try decode all encrypted messages in real-time a and if the decode fails, block the message.
I could see some level of success if we are talking about device-level back doors, but application level...
(Score: 4, Insightful) by takyon on Friday April 13 2018, @05:23PM
Enforce it only after the fact. If you have a person of interest with some irresponsibly encrypted data, you try to compel them to decrypt, and when they can't or won't do it, you charge them with a crime [wikipedia.org].
If the evidence needed to convict them of some other heinous crime is encrypted, you get to put them away for violating key disclosure law instead. It's another law on the books that can be used in order to ruin people's lives.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 0, Troll) by fustakrakich on Friday April 13 2018, @05:37PM (2 children)
How could you possibly enforce this?
The ISP will drop all packets containing 'unauthorized' encryption or any other unapproved communications. It's a trivial process. The ISP is the damage we are unable to route around at this time.
La politica e i criminali sono la stessa cosa..
(Score: 3, Insightful) by HiThere on Friday April 13 2018, @05:48PM (1 child)
This, of course, means that binary data cannot be transmitted. Hex dumps cannot be transmitted. Assembler code cannot be transmitted. Source code for Langston's Ant cannot be transmitted.
In fact, if I strictly interpret "I've got to be able to understand what what you're transmitting means", just about nothing can be transmitted. There's no real way to tell whether is encrypted using some particular protocol without decrypting it, or even whether something is encrypted. Noise cannot be eliminated in transmission, and it also can't be closely predicted. All you can do is set probabilistic bounds.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2, Funny) by fustakrakich on Friday April 13 2018, @06:34PM
This, of course, means that binary data cannot be transmitted. Hex dumps cannot be transmitted. Assembler code cannot be transmitted. Source code for Langston's Ant cannot be transmitted.
That's not true. You just have to fill out Form: SM69/FU in triplicate and fax it to your ISP, DEA, FBI, etc. You should receive a reply in four to six weeks. After which you will be scheduled for an interview with an agent, in Utah, at your own expense of course. Once you get the permit, you will take it to your local DMV to have it stamped, after you pass the written and driving test. Just another day in a bureaucrat's paradise.
La politica e i criminali sono la stessa cosa..
(Score: 0) by Anonymous Coward on Friday April 13 2018, @05:34PM (2 children)
Only criminals will encrypt.
(Score: 1) by fustakrakich on Friday April 13 2018, @05:39PM (1 child)
That's the idea. You get caught using encryption (which is easy to do), and it's off the the hoosegow with you!
La politica e i criminali sono la stessa cosa..
(Score: 1, Informative) by Anonymous Coward on Friday April 13 2018, @06:29PM
From the answers to questions nobody asked department:
I've always wondered what the etymology for hoosegow is. The Online Etymology Dictionary [etymonline.com] saves the day:
(Score: 0) by Anonymous Coward on Friday April 13 2018, @07:44PM
If there was this law and SSL continued to be permitted in .au -- would we not then know that SSL was completely broken?
(Score: 2) by Snospar on Friday April 13 2018, @07:46PM (1 child)
What's that phrase? "Money talks and shit walks", is that it?
The Australian Government is going to tell ALL it's banks and businesses that they MUST use a crypto system with known weaknesses and "legitimate" backdoors... yeah right. The Australian banks and businesses are going to tell them to fuck right off (or whatever the antipodean equivalent is) and withdraw all funding from whichever clueless moron has suggested this.
Wait, I know this will only be for encrypting stuff that doesn't involve financial transactions... one exception to rule them all. Except TerroristA now needs to send his "bank details" securely to TerroristB and he needs that same exemption.
I'm sure that here in the UK things will be much more straight forward, Amber Rudd really seems to have a grip on all the technical details... oh wait, shit.
Huge thanks to all the Soylent volunteers without whom this community (and this post) would not be possible.
(Score: 2) by Dr Spin on Friday April 13 2018, @09:08PM
Surely, if there is a back door, it is a matter of days at most before the keys to the door are on sale at markets in Lagos, Calcutta, Istanbul and various major cities in Russia, to name but a few.
Then, a few days later, money will be leaking from (or possibly to) politicians and political parties all over the place. Banking, not just online banking, will be impossible within a month!
However, crims with average intelligence (which has to be at least 10% of them) will figure out how to use One Time Pads (Grandad will know - they used to be regularly featured in important national newspapers like Beano and Dandy). And as for catching them, I believe Steganography was known to the ancient Greeks, and has nothing whatever to do with Stegasauruses (or should that be Stegasaurii? my spell check doesn't know). Even the elderly Greek woman giving out free samples in Costco seemed to know what it was.
In my experience, renaming binary files to pdf, and then claiming they are corrupt and wont display properly works pretty well. There are other ways, but as I am in the UK, I won't let the cat out of the bag until the horse has bolted.
Warning: Opening your mouth may invalidate your brain!
(Score: 1, Flamebait) by Gaaark on Friday April 13 2018, @09:04PM
Ah, those Aussies love going in the back door, don't they?
Except AC/DC, though. They're Canadian Aussies, lol.
LONG LIVE AC/DC!!!
Long live Bon Scott.
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 2) by legont on Friday April 13 2018, @09:10PM (1 child)
As of today telegram is blocked for not providing the "keys" (which they obviously don't have). Let's see how this battle plays out....
"Wealth is the relentless enemy of understanding" - John Kenneth Galbraith.
(Score: 2) by Demena on Saturday April 14 2018, @12:14AM
Telegram is the application that Prime Minister Turnbull recommended that the entire Liberal party use.
The very epitome on hypocrisy
(Score: 2, Informative) by MostCynical on Friday April 13 2018, @09:15PM (1 child)
unfortunately, the Greens have been painted as loonies by both the major parties, and lots of people (voters) believe the smears.
Both the Labor and Liberal parties are effectively centre rigt, or mid-right wing, with economic rationalism tothe core.
Any legislation leading to more control is considered to be A Good Thing.
Polititicans in Australia are already exempt from the meta-data collection, so I imagine they will also be allowed to use "working" encryption..
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 3, Informative) by c0lo on Saturday April 14 2018, @12:19AM
The bouncycastle.org guys are Aussies. So is the the guy with Codec2 [rowetel.com] (voice codec at 700 and 3200 bit/s).
I don't think putting together an Android app is such a big thing,
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Saturday April 14 2018, @11:08AM
Can't wait to see their faces when ALL major non-Australian web services (by usage) go dark "in protest" because they don't/won't implement backdoors in standard TLS - search engines, social medias, shopping sites like Amazon, CDNs etc.
Bonus points if they coordinate it.