[AusNOG] Assistance and Access Bill moves to PJCIS
Michelle Sullivan
michelle at sorbs.net
Wed Jan 23 13:23:42 EST 2019
Paul Wilkins wrote:
> Obviously this has been in limbo over the Christmas break. There's 2
> really important issues, on hold because of this.
>
> 1 - When or if the PJCIS will call for public comment on the Act as
> passed.
>
> 2 - The appearance of the Labor amendments.
>
> So we probably won't see any developments until Parliament resumes
> 12th February.
I'll lay money there will be no amendments (passed), there will be an
attempt to force Apple etc to write in a weakness which will be
challenged. There will be many people that will not update their
iOS/Andriod anytime soon. Personally I stopped updating the moment this
bill was passed - particularly as there is at least one Apple update
that stated, "No bug/security fixes"...
What you will most likely find (and the idiots over in the ACT haven;'t
worked it out yet) is that the terrorists have some very smart people
"working" for them and they probably already jailbreak their phones and
install their own messaging software on it.. (not that you need to
jailbreak when you can use the 'team' functionality in xcode to install
non apple approved apps on your phone.)
Of course the highly amusing part is how easy it is to plugin to online
services and how easy it is to run your own asymmetric cryptography... I
suspect it would be trivial to put your own encryption over the top of
any of those services/apps that allow such (and some already do -
recently came across a plugin to the mailapp that has a custom
encryption/decryption mechanism which is used by a bank for secure
messaging. This means as posted elsewhere any interception would have
to be by screen capture and keyboard interception on the device, which I
personally would immediately class as a systemic weakness because if I
were doing it i'd be cut/pasting messages into my own non-internet
connected app for encryption/decryption so you can capture what you want
off imessage, facebook messenger etc... you'd still be getting encrypted
blocks of data.. and if you capture everything you have online banking
passwords and everything else that goes with that and there one thinks
about who else can see the captures....
This is what you get when you have people in charge that have interest
in obtaining data they are not entitled to.
At least the Queensland police will not get voice recorded giving out
new locations to abusive ex-husbands, now they can protect themselves by
just accessing the phone of the wife in hiding..
... anyone seen my foil hat today I seem to have misplaced it....? :P
--
Michelle Sullivan
http://www.mhix.org/
More information about the AusNOG
mailing list