[AusNOG] Assistance and Access Bill moves to PJCIS

Mark Andrews marka at isc.org
Wed Dec 5 09:24:16 EST 2018 


> On 5 Dec 2018, at 7:12 am, Scott Weeks <surfer at mauigateway.com> wrote:
> 
> 
> 
> --- me at chrishawker.com.au wrote:
> From: Christopher Hawker <me at chrishawker.com.au>
> 
> https://apple.news/AOnumlAB9THOmg_8mnMS9DA
> -------------------------------------------------
> 
> 
> "Custom firmware built to address one notice or request 
> is not a systemic weakness unless it is deployed to 
> users other than the intended targeted user."
> 
> I don't understand.  They're going to write encryption 
> software with a weakness they can exploit and then force 
> the criminal to put it on his computer?  How do they get 
> this malware only on "the intended targeted user('s)" 
> computer and no one elses???

More than likely they will get the app developer to make
a custom version, then they will get the App store to send the
customised version when updating specific devices.  Give app
stores sell applications there is a credential exchange already
happening even for free apps.  Most people will update when they
are told the app is out of date.  We are training people to
update regularly to close security holes.

Alternatively they will covertly install the updated version
on the device.

> "So long as the capability is held in reserve it does 
> not jeopardise the security of other users and is not 
> a systemic weakness," the department stated.
> 
> Um, it compromises "the security of other users" in 
> that any computer interacting with the malware infected 
> computer is compromised by the interaction.
> 
> 
> scott
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
>>>> _______________________________________________
>>>> AusNOG mailing list
>>>> AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
>>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>> 
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
>> http://lists.ausnog.net/mailman/listinfo/ausnog
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
> http://lists.ausnog.net/mailman/listinfo/ausnog
> 
> 
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
> 
> 
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at isc.org

More information about the AusNOG mailing list