[AusNOG] Assistance and Access Bill moves to PJCIS

Mark Smith markzzzsmith at gmail.com
Fri Nov 23 17:20:45 EST 2018


On Fri., 23 Nov. 2018, 16:46 Robert Hudson <hudrob at gmail.com wrote:

>
>
> On Fri, 23 Nov 2018 at 14:47, Paul Brooks <pbrooks-ausnog at layer10.com.au>
> wrote:
>
>> On 23/11/2018 11:37 AM, Alex Samad wrote:
>> > Wondering what the implications of this bill and the recent China was
>> stealing our
>> > traffic....
>> >
>> > So in theory could china steal / sniff our traffic and because of these
>> weakening of
>> > encryption allow china to snope on our stuff
>> >
>> > A
>> In theory no - this bill doesn't weaken encryption, and explicitly
>> doesn't allow any
>> changes that would weaken encryption.
>>
>
> They say that - but I don't believe them.  I don't think they even
> understand what they're suggesting (or if they do understand, they're
> relying on others not understanding, or not caring).
>
>>
>> This bill seeks to bypass encryption entirely by giving the agencies
>> easier access to
>> get into devices and the back-end databases of apps and websites, to see
>> what is
>> stored in there -bypassing unlock codes, PINS, thumbprint readers etc on
>> devices for
>> example. So for traffic being sniffed 'in the middle' the information is
>> still
>> sent/received as fully encrypted - and man-in-the-middle snooper won't
>> see anything.
>> But if the authorities get hold of your phone or PC, they'll have easier
>> access to
>> look into your sent/received message stores and read whats in there,
>> which is stored
>> in your device un-encrypted.
>>
>
> The tools the authorities have access to will invariably fall into the
> hands of others.
>


Or be abused by those who have official access to them.


"Queensland in court fight with domestic violence victim whose details
leaked by policeman"
https://www.theguardian.com/australia-news/2018/aug/21/queensland-in-court-fight-with-domestic-violence-victim-whose-details-leaked-by-policeman


"NSA SEXINT IS THE ABUSE YOU’VE ALL BEEN WAITING FOR"

http://cyberlaw.stanford.edu/blog/2013/11/nsa-sexint-abuse-you
’ve-all-been-waiting



>
>>
>> In practice, if they balls-up the change request given to the device
>> manufacturer or
>> app/website developer, anything could happen.
>>
>
> Yep.  Aside from the direct ramifications, it's the indirect and
> unintended consequences that REALLY have the potential to be damaging.
>
>>
>> P.
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20181123/ecc9ffdb/attachment.html>


More information about the AusNOG mailing list