[AusNOG] Assistance and Access Bill moves to PJCIS
Michelle Sullivan
michelle at sorbs.net
Wed Dec 5 10:26:22 EST 2018
I suspect this might be something like Apple issuing an update for a specific phone/user... however... considering that Apple stores keys on its specialized chip one has to question how they would do this..? Capture the user’s key upon access so they can unlock the store later? Capture everything in the store when the user unwittingly unlocks it?
Michelle Sullivan
http://www.mhix.org/
Sent from my iPad
> On 05 Dec 2018, at 08:33, Nick Stallman <nick at agentpoint.com> wrote:
>
> Also does this mean that the custom firmware for one or a handful of targets is not a systemic weakness, but if (when) the custom firmware leaks out publicly and can be used criminally, it suddenly does become a systemic weakness?
>
> So a request can become illegal after it's already been executed?
>
> Note: I say "when" because by it's very nature, a copy of the firmware must be provided to the targeted criminals.
> Smart people being targeted could detect and make a copy of it, do a diff and hey presto they know exactly what's going on.
> It's like DVD encryption - you encrypt the content and then hand over the keys so the DVD can be viewed.
>
>> On 5/12/18 7:12 am, Scott Weeks wrote:
>> --- me at chrishawker.com.au wrote:
>> From: Christopher Hawker <me at chrishawker.com.au>
>>
>> https://apple.news/AOnumlAB9THOmg_8mnMS9DA
>> -------------------------------------------------
>>
>>
>> "Custom firmware built to address one notice or request
>> is not a systemic weakness unless it is deployed to
>> users other than the intended targeted user."
>>
>> I don't understand. They're going to write encryption
>> software with a weakness they can exploit and then force
>> the criminal to put it on his computer? How do they get
>> this malware only on "the intended targeted user('s)"
>> computer and no one elses???
>>
>>
>>
>> "So long as the capability is held in reserve it does
>> not jeopardise the security of other users and is not
>> a systemic weakness," the department stated.
>>
>> Um, it compromises "the security of other users" in
>> that any computer interacting with the malware infected
>> computer is compromised by the interaction.
>>
>>
>> scott
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>>>> _______________________________________________
>>>>> AusNOG mailing list
>>>>> AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
>>>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>> _______________________________________________
>>> AusNOG mailing list
>>> AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
> --
> Nick Stallman
> TECNICAL DIRECTOR
> nick at agentpoint.com
> www.agentpoint.com.au
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20181205/c9adddc1/attachment.html>
More information about the AusNOG
mailing list