[AusNOG] Assistance and Access Bill moves to PJCIS

Robert Hudson hudrob at gmail.com
Fri Nov 23 12:41:54 EST 2018


Absolutely. Once a vulnerability or back door is present, it is available
to anyone who can see the traffic.

The only way to get into well-encrypted traffic without the keys is via a
vulnerability or back door (despite the proposed legislation saying this is
not allowed, it is the only way to achieve their stated goals).

OK, that isn't quite true - time and computational power to brute-force it
can be used, but clearly the government doesn't have the required
combination of time and computational power - if they did, they wouldn't be
pushing for this legislation.

The government cannot achieve their aims without introducing back doors or
vulnerabilities. And once those back doors and vulnerabilities are in
place, they are available for abuse by the very people the government is
trying to make us scared of.

On Fri, 23 Nov. 2018, 11:38 am Alex Samad <alex at samad.com.au wrote:

> Wondering what the implications of this bill and the recent China was
> stealing our traffic....
>
> So in theory could china steal / sniff our traffic and because of these
> weakening of encryption allow china to snope on our stuff
>
> A
>
> On Fri, 23 Nov 2018 at 11:32, Paul Wilkins <paulwilkins369 at gmail.com>
> wrote:
>
>> Unfortunately, we're being played, by the Trumpist rump in the Liberal
>> Party.
>>
>> Problem for the rest of the Liberals is that they're expected to fall
>> into line behind a minority of the party.
>>
>> The PJCIS will hear and consider Human Rights arguments, because they're
>> not all Liberals, and not all the Liberals on the PJCIS are invested in
>> blowing up our democratic institutions.
>>
>> Morrison can't pass this Bill without Labor's support and hopes to wedge
>> them on terrorism.
>>
>> I can't see that Labor are especially invested in this Bill passing. As
>> things look today, it will be a Labor government administering it, and they
>> are more likely to want to pass their own rather than have to deal with the
>> Human Rights gaps, mass surveillance implications, technical anomalies, and
>> broken multi agency framework.
>>
>> Kind regards
>>
>> Paul Wilkins
>>
>>
>>
>> On Thu, 22 Nov 2018 at 16:48, Paul Brooks <pbrooks-ausnog at layer10.com.au>
>> wrote:
>>
>>> Forget Human Rights arguments...or the next few sessions of PJCIS...
>>>
>>> PM urges parliament to pass encryption law (within two weeks)
>>> https://www.9news.com.au/2018/11/22/14/44/pm-urges-parliament-to-pass-encryption-law
>>>
>>> Australian PM insists on encryption-busting Bill being passed in next
>>> sitting fortnight
>>>
>>> https://www.zdnet.com/article/australian-pm-insists-on-encryption-busting-bill-being-passed-in-next-sitting-fortnight/
>>>
>>>
>>> (Paul, FWIW, I raised the Human Rights arguments last time I was in
>>> Canberra. The UN Declarations of Human Rights include paragraphs enabling
>>> governments to curtail those human rights if needed to catch criminals,
>>> prevent crime, protect citizens. They be more what you'd call 'guidelines',
>>> than actual rules. The Govt thinks they are doing this to catch criminals
>>> and protect the public, and that these laws are perfectly compatible with
>>> the UN Human Rights ideas - despite the UN Rapporteur suggesting otherwise)
>>>
>>>
>>>
>>> On 22/11/2018 3:01 PM, Paul Wilkins wrote:
>>>
>>> "And FWIW, I've found arguments that lean towards demonstrating the
>>> measures are impractical, infeasible, risky, or likely to cause
>>> embarassment tend to be more powerful than arguments leaning on philosophy
>>> - arguments like "you shouldn't even be wanting to do this because we're a
>>> liberal democracy" aren't likely to wash as much as 'if thats what you're
>>> trying to achieve, doing like that won't work or is very risky because...'"
>>>
>>> Both technical criticisms and the human rights criticisms are valid,
>>> with perhaps a slight tilt towards the technical, because governments are
>>> less likely to try to do something impossible rather than unlawful. Because
>>> of our status as signatory to the Declaration of Human Rights, there are
>>> limits that invasions of the right to privacy and the right to private
>>> property, must be necessary and proportionate. The Department of Home
>>> Affairs will do themselves no favours to create an evidentiary framework,
>>> only to be thrown out by the courts because the evidentiary chain was
>>> unlawful.
>>>
>>> Kind regards
>>>
>>> Paul Wilkins
>>>
>>> On Thu, 22 Nov 2018 at 14:34, Paul Wilkins <paulwilkins369 at gmail.com>
>>> wrote:
>>>
>>>> *"it's going to our government"*
>>>>
>>>> Well actually no. Not since Wentworth. The government can't pass bills
>>>> without either Labor or the cross benchers, so it's highly risorous the
>>>> Home Affairs Minister thinks this an opportune time to give the PJCIS the
>>>> hurry along.
>>>>
>>>> He also presents himself and department as unanswerable to the PJCHR,
>>>> who go to volumes in their criticisms.
>>>>
>>>> On Thu, 22 Nov 2018 at 10:43, Bradley Silverman <
>>>> bsilverman at staff.ventraip.com> wrote:
>>>>
>>>>> *"no thinking person" - *That's the problem, it's not going to
>>>>> thinking people, it's going to our government...
>>>>> [image: VentraIP Australia logo]
>>>>>
>>>>>
>>>>> *Bradley Silverman *Technical Operations \\ VentraIP Australia
>>>>> *M: *+61 418 641 103 | *P:* +61 3 9013 8464 | ventraip.com.au
>>>>>
>>>>>
>>>>> On Thu, Nov 22, 2018 at 10:17 AM Paul Wilkins <
>>>>> paulwilkins369 at gmail.com> wrote:
>>>>>
>>>>>> I can't agree that whether the Bill passes at this stage comes down
>>>>>> to simple numbers along party lines.
>>>>>>
>>>>>> 1 - The Bill is simply too far reaching in consequences for
>>>>>> parliament to wave it through. With power comes responsibility. The Bill is
>>>>>> attracting huge condemnation internationally, and those supporting the Bill
>>>>>> risk looking like chumps. It's a bit like global warming, no one who knows
>>>>>> what they're talking about thinks this is a good idea.
>>>>>>
>>>>>> 2 - The Department for Home Affairs put this Bill together, and
>>>>>> Dutton arrived at the tail end of the process. Although he might like to
>>>>>> distance himself from the legislation, the buck ultimately stops with him
>>>>>> as he introduced and commended the Bill to the House.
>>>>>>
>>>>>> 3 - The Bill is more Trumpist than Liberal. Even if it's bad law and
>>>>>> bad for Liberal Democracy, it's good politics for the Liberal Trumpists.
>>>>>>
>>>>>> 4 - If Labor knocks it back in the Lower House, I can't see it
>>>>>> getting through without some sort of deal being struck with one of the
>>>>>> cross benchers. Because no thinking person sees this Bill as a good move,
>>>>>> there will be no Lower House deal without a serious quid pro quo. Then
>>>>>> there would need to be another deal in the Upper House, with differently
>>>>>> aligned cross benchers.
>>>>>>
>>>>>> Kind regards
>>>>>>
>>>>>> Paul Wilkins
>>>>>>
>>>>>>
>>>>>> On Wed, 21 Nov 2018 at 22:44, Bryan O'Reilly <
>>>>>> bryan at telcoindependent.com.au> wrote:
>>>>>>
>>>>>>> Hi Paul,
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> I’m looking forward to your Lunchtime Lecture next week on this
>>>>>>> topic!
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Kind regards,
>>>>>>>
>>>>>>> Bryan O'Reilly
>>>>>>> Founder - Telco Independent Consulting
>>>>>>> www.telcoindependent.com.au
>>>>>>>
>>>>>>> 0419 632 098
>>>>>>>
>>>>>>> 30+ years experience to provide YOUR business with independent
>>>>>>> advice.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> FaceBook; https://www.facebook.com/TelcoIndependent/
>>>>>>>
>>>>>>> LinkedIN; https://www.linkedin.com/in/bryanoreilly/
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> [image: rsz_rsz_1rsz_screen_shot_2016-11-03_at_33423_pm]
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Important:
>>>>>>> This message may contain confidential or privileged information. If
>>>>>>> you are not the intended recipient of this message, you must not take any
>>>>>>> action based on the contents herein, except to advise us of the error and
>>>>>>> destroy the message.
>>>>>>>
>>>>>>> Any documents or other information that may be in this email is
>>>>>>> copyright © Telco Independent Consulting 2018.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> *From:* AusNOG <ausnog-bounces at lists.ausnog.net> *On Behalf Of *Paul
>>>>>>> Brooks
>>>>>>> *Sent:* Wednesday, 21 November 2018 5:18 PM
>>>>>>> *To:* ausnog at lists.ausnog.net
>>>>>>> *Subject:* Re: [AusNOG] Assistance and Access Bill moves to PJCIS
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Thanks Rob.
>>>>>>> In the latest, Dutton wants to speed up the Bill and have it passed
>>>>>>> "next week", and has apparently asked the PJCIS to cut short its
>>>>>>> evaluation, according to reporting of an interview on Sky News.
>>>>>>>
>>>>>>> Dutton tries to speed up encryption bill
>>>>>>> <https://www.itnews.com.au/news/dutton-tries-to-speed-up-encryption-bill-515862>
>>>>>>>
>>>>>>> (Point of clarification - that bit about smart and dumb criminals
>>>>>>> was while trying to explain the difference between a system having a
>>>>>>> capability that can be used by the operator to implement a "act or thing",
>>>>>>> and an operator actually using that capability in a particular instance
>>>>>>> against a particular target - and that the existence of the capability
>>>>>>> isn't and shouldn't be secret, even if the actual use in response to a
>>>>>>> warrant was still kept a secret.  That distinction has been difficult for
>>>>>>> the committee to understand without a simple illustration.)
>>>>>>>
>>>>>>>
>>>>>>> Paul.
>>>>>>>
>>>>>>>
>>>>>>> On 21/11/2018 2:00 PM, Robert Hudson wrote:
>>>>>>>
>>>>>>> (Not necessarily a direct response to Paul's email, just additional
>>>>>>> data for the thread).
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Traditional media are starting to pick this up, and they're just
>>>>>>> parroting the govt position. Macquarie Radio news at 8am ran a story on it
>>>>>>> this morning, and it was all about Dutton saying he wants the legislation
>>>>>>> passed quickly so they can catch more terrorists.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Other than the point well made by Paul Brooks that the only
>>>>>>> criminals who will be caught by this are the dumb ones (there was a link
>>>>>>> made between this proposed legislation and three potential terrorists were
>>>>>>> were arrested - without this legislation in place), and the smarter
>>>>>>> criminals (ie those capable of tieing their own shoe laces) will simply use
>>>>>>> software that is not subject to the legislation, there is an extension - to
>>>>>>> break the encryption WILL involve creating vulnerabilities (there's simply
>>>>>>> no way around this), and those vulnerabilities will then be available for
>>>>>>> criminals (the bar may be higher than shoelaces, maybe they can button
>>>>>>> their own shirts as well) to exploit and compromise data that is
>>>>>>> legitimately encrypted.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> In summary - there is no upside to this proposed legislation as far
>>>>>>> as encryption goes, and there is a significant potential downside.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> It cannot be allowed to pass.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Wed, 21 Nov. 2018, 12:09 pm Paul Wilkins <
>>>>>>> paulwilkins369 at gmail.com wrote:
>>>>>>>
>>>>>>> I'm wondering when the other shoe will drop that the Bill enables
>>>>>>> mass collection and analysis of metadata without any further legislation
>>>>>>> needed. Or the implications that metadata from multiple sources (phone
>>>>>>> towers/CCTV/Social Media), lays the foundations for the establishment of
>>>>>>> the machinery of a police state. Of course, this will make prosecution of
>>>>>>> crime straightforward (the police will only need to correlate crime against
>>>>>>> a database of the public's electronic fingerprints). However, such powerful
>>>>>>> machinery can be used for oppressive purposes, and the Bill is absent the
>>>>>>> checks and balances consistent with the traditions and institutions of
>>>>>>> Liberal Democracy.
>>>>>>>
>>>>>>> If one were cynical you might think the Bill's outrageous overreach
>>>>>>> is deliberate, a Trumpist ploy to enrage the unthinking. And when we see
>>>>>>> critics of the Bill slandered for being weak on terrorism, maybe not so
>>>>>>> wide of the mark or so cynical.
>>>>>>>
>>>>>>> Kind regards
>>>>>>>
>>>>>>> Paul Wilkins
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Wed, 21 Nov 2018 at 04:15, Scott Weeks <surfer at mauigateway.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Tue, 20 Nov 2018 at 18:12, Christian Heinrich
>>>>>>> <christian.heinrich at cmlh.id.au> wrote:
>>>>>>> >
>>>>>>> https://www.news.com.au/national/victoria/news/victoria-police-arrest-three-people-allegedly-planning-a-terror-attack-in-melbourne/news-story/e6a92273b37dce750937e1e0f86a7dcd
>>>>>>> > has quoted Mr Dutton on WhatsApp again but from my reading WhatsApp
>>>>>>> > was not used in this specific case?
>>>>>>>
>>>>>>> This has now been alleged within
>>>>>>>
>>>>>>> https://www.news.com.au/technology/gadgets/mobile-phones/unacceptable-risk-the-secret-way-terrorists-and-criminals-are-communicating/news-story/731ca32e7432601d6b3ce5ca4f34bf80
>>>>>>> -----------------------------------------------------
>>>>>>>
>>>>>>>
>>>>>>> These stories read like gov't scare tactics.  Scare people
>>>>>>> enough and they'll 'give up liberty for a little safety'.
>>>>>>> They do not read like objective journalism.'
>>>>>>>
>>>>>>> How did they catch everyone without eliminating privacy
>>>>>>> anyway?  Good ol' police work?
>>>>>>>
>>>>>>> scott
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> AusNOG mailing list
>>>>>>> AusNOG at lists.ausnog.net
>>>>>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> AusNOG mailing list
>>>>>>> AusNOG at lists.ausnog.net
>>>>>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> AusNOG mailing list
>>>>>>> AusNOG at lists.ausnog.net
>>>>>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>>
>>>>>>> AusNOG mailing list
>>>>>>>
>>>>>>> AusNOG at lists.ausnog.net
>>>>>>>
>>>>>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> AusNOG mailing list
>>>>>>> AusNOG at lists.ausnog.net
>>>>>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>>>>>
>>>>>> _______________________________________________
>>>>>> AusNOG mailing list
>>>>>> AusNOG at lists.ausnog.net
>>>>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>>>>
>>>>>
>>>
>>> _______________________________________________
>>> AusNOG mailing listAusNOG at lists.ausnog.nethttp://lists.ausnog.net/mailman/listinfo/ausnog
>>>
>>>
>>> _______________________________________________
>>> AusNOG mailing list
>>> AusNOG at lists.ausnog.net
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20181123/cbe1ffac/attachment.html>


More information about the AusNOG mailing list