Australia Becomes First Western Nation to Ban Secure Encryption

Neoprod

Honorary Master
Joined
May 21, 2004
Messages
16,083
#1
https://www.extremetech.com/interne...first-western-nation-to-ban-secure-encryption

Australia is now the first Western nation to ban security, following a decision by its parliament to pass a bill forcing companies to hand over encrypted data to police upon demand. The government will be allowed to demand this without judicial review or oversight of any kind, beyond the requirement to get a warrant in the first place. Furthermore, the law requires corporations to build tools to give them the ability to intercept data sought by police when such tools do not already exist. While the bill has only passed Australia’s lower chamber, the upper chamber has indicated it will pass the legislation provided there are later votes on unspecified amendments to the current bill.

Australia has become the first nation to enact into legislation what both the UK and US governments very much want — government-mandated backdoors into encryption systems that require corporations to hand over data on demand. The response of the tech industry has been straightforward: There is no way to perform this task that does not fundamentally weaken security. And for all that journalism is often the process of laying out multiple sides to an argument or debate, there’s no actual debate to be had, here — not, at least, as far as the security principles are concerned. We can certainly debate whether people should be entitled to privacy, or if the governments of nominally free countries should have access to this information in the first place. But as to whether it’s actually possible to build secret backdoors into security systems without fundamentally weakening them, the evidence is simple: No.

As Cindy Cohn wrote in a recent post on Lawfare Blog:
Even without compromising the cryptography, there is no way to allow access for only the good guys (for instance, law enforcement with a Title III warrant) and not for the bad guys (hostile governments, commercial spies, thieves, harassers, bad cops and more). The NSA has had several incidents in just the past few years where it lost control of its bag of tricks, so the old government idea called NOBUS—that “nobody but us” could use these attacks—isn’t grounded in reality. Putting the keys in the hands of technology companies instead of governments just moves the target for hostile actors. And it’s unrealistic to expect companies to both protect the keys and get it right each time in their responses to hundreds of thousands of law enforcement and national security requests per year from local, state, federal and foreign jurisdictions. History has shown that it’s only a matter of time before bad actors figure out how to co-opt the same mechanisms that good guys use—whether corporate or governmental—and become “stalkers” themselves.​
 

The_Librarian

Another MyBB
Super Moderator
Joined
Nov 20, 2015
Messages
19,449
#7
What about Internet banking? Or is that exempt from this law?

edit : nevermind, having read the article it seems you can still use encryption, but the guavamint reserves the right to be able to see what you've got/transmitted/etc. Not exactly confidence-inspiring, especially if bad guys get hold of the decryption programs/keys/etc.
 

who.dat

Expert Member
Joined
Feb 18, 2010
Messages
2,323
#9
I totally disagree with this sort of legislation.

I do have a question though @Neoprod and other knowledgeable members. Did Arsetralia actually "ban encryption" or did they legislate that companies must provide a backdoor to encrypted communication?

Not being funny/sarcastic, I really want to understand what is actually happening without the FUD.
 
Joined
Jul 1, 2015
Messages
609
#11
Sad news. Saw this a month or two ago but still sad.
I totally disagree with this sort of legislation.

I do have a question though @Neoprod and other knowledgeable members. Did Arsetralia actually "ban encryption" or did they legislate that companies must provide a backdoor to encrypted communication?

Not being funny/sarcastic, I really want to understand what is actually happening without the FUD.
Backdoors. Encryption is allowed.
When you msg via whatsapp it usually states "this chat is secured with end to end ecryption to you, all participants and the australian goverment and whoever else paid us enough"
 

The_Librarian

Another MyBB
Super Moderator
Joined
Nov 20, 2015
Messages
19,449
#13
I totally disagree with this sort of legislation.

I do have a question though @Neoprod and other knowledgeable members. Did Arsetralia actually "ban encryption" or did they legislate that companies must provide a backdoor to encrypted communication?

Not being funny/sarcastic, I really want to understand what is actually happening without the FUD.
Seems more like you can still use encryption, but if the guavamint comes a-calling, you'll have to hand them the decryption key.
 

Neoprod

Honorary Master
Joined
May 21, 2004
Messages
16,083
#14
The media doesn't count China as a western nation.
I wasn't referencing the article when I made that post...I was referencing world powers that are heavily invested in "surveilling" their citizenry and got one-upped by the Aussies.

Of course, one could argue that China don't particularly need legislation to enable this for themselves :whistling:
 

ghoti

Karmic Sangoma
Joined
Jan 17, 2005
Messages
45,162
#15
Only criminals have something to hide.

Be more concerned that people with no oversight can absolutely destroy your life with this, even if you have nothing to hide. Even in countries with checks and balances, there are human rights abuses with this tech.
 

ArtyLoop

Expert Member
Joined
Dec 18, 2017
Messages
3,818
#16
Be more concerned that people with no oversight can absolutely destroy your life with this, even if you have nothing to hide. Even in countries with checks and balances, there are human rights abuses with this tech.
We are well aware, hence I will encrypt, the government can come and suck my arse, and if they want to apply pressure, then I will just drop the hard disk into hydroflouric acid.

Also this is Arsetralia, that place where saffas who are "tired of the ANC" run to
 

ghoti

Karmic Sangoma
Joined
Jan 17, 2005
Messages
45,162
#17
We are well aware, hence I will encrypt, the government can come and suck my arse, and if they want to apply pressure, then I will just drop the hard disk into hydroflouric acid.

Also this is Arsetralia, that place where saffas who are "tired of the ANC" run to
Lately I try encrypt more of my stuff, even my backups.

Not that it helps much from some of the threats out there, but it gives me a small piece of mind.
 

ArtyLoop

Expert Member
Joined
Dec 18, 2017
Messages
3,818
#19
Lately I try encrypt more of my stuff, even my backups.

Not that it helps much from some of the threats out there, but it gives me a small piece of mind.
I've started encrypting everything about 2 years ago. Now, save for small blobs of OSS I contribute to, and work blobs i.e. works of art, everything else is encrypted with schemes that are currently not broken AFAIK. I do review the security of known ciphers from time to time.

But yeah, wanna make yourself less of a target? Get rid of that effing FACEBOOK, TWATTER, and INSTAGRAM
 
Top