Australia To Push For Encryption Backdoors At Next 'Five Eyes' Meeting
from the yet-another-forever-war dept
There’s been no unified push for encryption backdoors from world leaders, but the number of those suggesting it might be a good idea has increased in recent months. UK Prime Minister Theresa May recently said terrorists shouldn’t be allowed to use Whatsapp to hide their conversations from law enforcement even as her own party members routinely use the app to engage in secure communications. Newly-elected French president Emmanuel Macron said basically the same thing while campaigning, stating a preference for compelled access to encrypted communications.
Shortly before he was shown the exit door, former FBI director James Comey floated the idea of an “international framework” for encryption backdoors. It appeared Comey realized he wasn’t going to be able to sell this idea at home, so perhaps a little international peer pressure would push US legislators towards mandating lawful access.
Comey may get his wish, even if he won’t be able to take advantage of it himself. Australian Attorney General George Brandis is stating he’ll be pushing for backdoors at the next Five Eyes meetup.
The United States, United Kingdom, Canada, Australia, and New Zealand, will meet in the Canadian city of Ottawa next week, where they will discuss tactics to combat terrorism and border protection, two senior Australian ministers said.
Australia has made it clear it wants tech companies to do much more to give intelligence and law enforcement agencies access to encrypted communications.
“I will raise the need to address ongoing challenges posed by terrorists and criminals using encryption,” Australian Attorney General Senator Brandis said in a joint statement.
“These discussions will focus on the need to cooperate with service providers to ensure reasonable assistance is provided to law enforcement and security agencies.”
Brandis has already rationalized away potential objections to backdooring encryption, reasoning that people’s tendency to overshare on social media indicates they won’t care if the government (or several governments, actually) has access to their private messages.
So far, there’s very little real evidence criminals and terrorists are using encrypted services at a higher rate than non-criminals/terrorists. There have been several statements made to that effect and backed by public displays of devices law enforcement officials claim can’t be unlocked, but most post-attack investigations show terrorists are still mostly using unencrypted communications platforms. Available evidence also shows investigations of normal criminal activity is rarely thwarted by device encryption. At this point, backdoors are a “solution” in need of a problem.
All that’s happening here is a push to compromise personal security in the name of national security. A hole is hole, no matter how it’s pitched in secret spy meetings.
Filed Under: australia, encryption, five eyes, going dark, surveillance
Comments on “Australia To Push For Encryption Backdoors At Next 'Five Eyes' Meeting”
"'No security for anyone not us' is 'reasonable', right?"
“These discussions will focus on the need to cooperate with service providers to ensure reasonable assistance is provided to law enforcement and security agencies.”
Undermining the security of everyone is not even remotely in the same field as ‘reasonable assistance’. Service providers already provide ‘reasonable assistance’, handing over what they can without compromising the security of everyone in the process, which means they’re not asking for ‘reasonable assistance’, they’re asking for ‘anything they might want, at any time, and damn the consequences for the public.’
Re: "'No security for anyone not us' is 'reasonable', right?"
The thing these people don’t seem to get – and I know why: to them technology literally works like magic – is that this would be like building Fort Knox to be the most secure facility ever devised and then leave a giant gate open with a single myopic, easily duped guard on station to let people in.
At this point, short of getting into the actual tech details, we’re running out of analogies to point this out!
In security, ‘backdoor’ is just a euphemism for ‘hole’.
I can’t wait to see whose head will roll when the backdoors are abused by hackers, states and (irony alert!) terrorists…
Re: Re:
Oh you can be sure it won’t be one of the dangerous idiots proposing the idea, as that would suggest that they were at fault for forcing such an insanely stupid idea into practice.
No, instead they’ll heap all the blame on the companies, since clearly if they’d made a proper Unicorn Gate, with real Leprechaun Gold-level security then it wouldn’t have been compromised, and would have only let the ‘Good Guys’ in.
Re: Re:
I’m sure it will be Obama’s fault.
Re: Re: Re:
Nothing was Obama’s fault, it’s all BUSH and now TRUMP fault though.
Re: Re: Re:
I blame Hillary Clinton.
Re: Re:
In Australia the ruling Liberal Party are always using the broken record excuses of “it’s all Labor’s fault” or “it’s all Bill Shorten’s fault” (ex union man now leader of the Labor Party. Which the Mainstream Media owned by members of the Liberal Party are all to happy to push all of the time.
Of course if it is a home run by the Liberals then they will blame the Contractors for the stuff-up, aka the online 2016 Census debacle was the fault of IBM. Even better for the Born to Rule Liberals when they blame societies poor & weak victims of the social welfare stuffup of Centrelink’s Robo-debt.
Re: Re: Re:Correction here - all political sides are at fault
This idea has bipartisan support of the major political party groups. This is unfortunate as we now don’t have any significant opposition to the undermining of privacy and infrastructure security.
Every dead ANZAC will be spinning in their graves (no matter in the world that grave may be) at the innate cowardice being exhibited by majority of our political parties and representatives at both federal and state level.
Politics in Australia has descended into a complete joke. If you listen closely to them, they are so afraid that they will do anything to protect themselves from the people of Australia.
Courage is not the absence of fear, but doing what is needed in the midst of fear.
Just blaming one political group is a sign that you haven’t actually looked at how bad the situation is. All political parties and their members should hold their heads in shame for the debacle that is Australian politics.
No one party has all the policies needed, but each has a smattering of things that could work. But instead of working together for the good of this nation, they only get together to work for the bad of this nation.
Re: Re: Re: Re:Correction here - all political sides are at fault
Ex Prime Minister Tony Abbott was very proud to outline his plan to toxify Australian Federal politics last decade to his Liberal Party’s financial backers so that replies just like yours become the norm, “Well they’re all as bad as each other, why should we bother paying attention to politics, there’s nothing in it for me”.
This was reinforced last week by the current Treasurer Scott Morrison who is rather happy that people don’t pay attention to what the Far Right Liberal party are doing on behalf of their corporate donors.
When the Liberal Party’s think tank the IPA (Institute of Public Affairs) created a new website just a few days ago called “A Fair Go” to capture the swinging voters it was slammed by 99% of visitors as just total BS, or to use the buzzword of the time “fake news” so much so that all the comments were removed & only by registering your details could you see the BS propaganda brought to you by PR specialists paid for by big business to get the message out that Trickle down economics is still the way to go to prosperity (well for the uber rich anyway, can’t have the great unwashed sharing in any productivity gains now can we?)
Re: Re: Re:2 Re:Correction here - all political sides are at fault
You miss the point, there is bipartisan support for all the bad policies that will destroy the country and no bipartisan support for those policies that might bring about good things for the country.
LNP, Labour, Greens, Sex Party, etc, are all culpable. The only way is for the electorate to hound their representatives, which most don’t have any interest in doing. Mind you, most representatives will ignore their electorate in all matters that are not party aligned anyway.
But still, none of the parties has the good of the nation in hand. We live under the consequences of Rudd, Gilliard, Abbott and whoever the current bloke is (I keep forgetting his name) and the policies espoused by their respective parties that have decimated this nation in recent years.
As I said above, each political party has some potentially positive policies, but because of party politics, these potentially positive policies will never make it. Bad policies, like what is being espoused, will garner bipartisan support.
I am almost at the point of believing that randomly choosing the representative for each electorate from the population of the electorate would be a better method.
Why do they keep paying money to these people who tell them it is possible, who lack any understanding of the systems they claim can be made porous but only to the “good guys ™”?
Are we that far past the latest leak of the secret backdoors that acronym agencies were using?
If there is a backdoor, no matter how much to pay someone to guard the door, some idiot who believe they are untouchable will leak it out there.
The public should really embrace my “crazy” idea of demanding that these leaders be forced to use it before inflicting it on others.
Think law makers are willing to accept a backdoor, that only the good guys can access into their communications?
We are wasting so much time & money on these pipedreams that if we just spend enough we’ll be protected finally. We are ignoring that so often they KNEW of the terrorist beforehand but stopped tracking because the firehose of data doesn’t allow them to follow up.
Its not popular, but we can never ever be 100% safe unless we are all hermetically sealed in boxes & not allowed to interact with others. We need to accept that simple fact, and stop chasing empty promises of tiger repelling rocks.
We need to turn off the firehoses & stop expecting technology to give us the answer. The real answer is in how we did it for centuries, actual interaction with communities & investigation. When members of a religion everyone is worried about, reach out to the authorities & say this guy is over the edge & something is wrong there… and they don’t pay attention to him for more than 2 minutes & expect the secret system to reveal the real bad guy, they have failed to do the most basic things to protect us.
Its not pretty, its not glamorous, its hard work.
Bad guys don’t wear black hats to identify themselves.
When the country with the most 24/7 surveillance manages to miss bad actors they were directly told about, perhaps the magic firehose isn’t repelling the tigers.
Re: Re:
Re: Re: - Grenfell fire
Because they are so arrogant that they only listen to people who tell them what they want to hear.
Someone should point out to these people that this is exactly the same kind of stupidity that led to the Grenfell Fire disaster. The experts and the public warned those in power that the cladding/insulation/lack of sprinklers/incorrect evacuation procedures/lack of adequate staircases to allow escape aded up to a disaster waiting to happen but they ignored it – right up to the point when it did.
Re: Re: Re: - Grenfell fire
In the US, it’s the same kind of stupidity that leads to a job in the White House.
Re: Re: Re:2 - Grenfell fire
I haven’t yet heard Trump’s foreign policy characterized as flammable insulation. But there are worse characterizations.
Re: Re: Re: - Grenfell fire
I don’t think referring to things that have happened outside the USA would do any good.
There’s a pervasive, hard and fast rule – which bears all the hallmarks of racism – prevalent in the American [not-]intelligentsia, that mandates that any idea which did not originate in the USA, no matter smart it is, can’t even be up for consideration.
If it wasn’t the case, you’d have smart incarceration polices and universal medicare by now.
Re: Re: Re:2 - Grenfell fire
This whole story is about something that is happening outside of the USA, a place called Australia & it’s Federal Attorney General.
The Grenfell fire in London, UK has prompted Australian authorities to finally get their act together 3 years after a similar non-fatal incident in Melbourne, the only difference being that the construction union was shouting loud about it at the same time the Federal Liberal government was having a 2 year $50 million Royal Commission into the same nasty construction union to divert union funds into lawyers fees instead of going into the campaign funds of the opposition Labor Party for the previous 2 Federal elections. Also hoping some of the dirt would stick to some of the Labor party MP’s who surprise, surprise were once union officials.
Re: Re: Re:2 - Grenfell fire
I hear you, but I’d categorise it as a peculiar mix of hubris and dumb arrogance rather than racism. Seventy years ago the USA rode sky-high on a wave of gratitude for helping rid the world of Hitler and Hirohito. Now, after decades of boasting, bullying and making shitty films, Americans struggle to escape this near universal world-view of "The Ugly American" (apologies to Lederer and Burdick). Electing Trump was the icing on the cake.
As for the Australians calling for encryption backdoors, perversely I see an upside. These are the same clowns and buffoons that degrade our privacy by permitting blanket snooping on our electronic communications, thinking it yields anything even remotely useful. This story makes it crystal clear how clueless they are, and not just about technology. They are completely incapable in combating a handful of idiots armed with Twitter accounts, rusty vans, and bags of nails, and they know it. There is no overarching plan. They are not smart. They are desperate.
Alright, pretend I'm George Brandis:
“As I understand it, with encrypted communications, well, you have someone write a message, then they turn it into a code using the first half of a key, then they send it to the recipient, who un-codes it using their half of the key.
What I want our intelligence agencies to be able to do, is to look at that first part of the key, and be able to figure out the shape of the second part of the key, so that we can decode the terrorists messages. That or we just get the second part of the key by hacking into the terrorist’s phone.
Now, in order to do any of that, we need to have backdoors into their messaging software, so we can take a look at the keys they’re using. I do believe that criminals can be stopped from using these backdoors for their own ends, if it requires an authentication key, like a long password, that only we have, that’s itself encrypted so it can’t be read during a man-in-the-middle attack.
And, I really would like an explanation of how the crooks and the terrorists can beat that.”
Re: Alright, pretend I'm George Brandis:
It is a bad idea because the keys needed to break in will become widely distributed and will leak to the bad guys sooner or latter. Once such a key is created, the bad guys will use bribery,blackmail and direct hacking to try and obtain it.
Also, either that key is made available to all governments, or the Internet and software industry is fractured into country based islands, as no government will allow foreign spying on their citizens unless that are also granted the same power.
Re: Re: Alright, pretend I'm George Brandis:
“I’ve never heard of an incident where a criminal entity has successfully broken into a government database.”
(Bonus points if any example/s you can point to took place in Australia.)
Re: Re: Re: Alright, pretend I'm George Brandis:
Why does a Criminal need to break into a Government Database? For a backdoor to be of any use, the FBI, the Police and others would need access to the Keys. The police and other countries agency’s. Basically the Keys would be in millions of hands around the world. You really think the keys won’t leak someplace? That’s just laughable.
They don’t even have to leak, once you know there’s a backdoor, now you have groups trying to find and crack that backdoor. In the end you’ve solved nothing. Anyone can use a 3rd party Open Encryption program and use that if they really care and there’s would be no backdoor and no way to stop it. So the criminals are secure, a very tiny percentage group, and everyone else has a backdoor which can lead to all kinds of security issues for most all of the population.
Re: Re: Re: Alright, pretend I'm George Brandis:
Hacking into the Australian Bureau of Meteorology computers to get access to DoD computers by foreign criminals.
How many bonus points for that one?
Re: Alright, pretend I'm George Brandis:
What I want our intelligence agencies to be able to do, is to look at that first part of the key, and be able to figure out the shape of the second part of the key,
The WHOLE point of modern (two key) encryption techniques is that you can’t do that. The moment you can do that the encryption is broken or at best reduced to the security level of single key encryption. Worse still that key is either a master key or part of a huge database of keys.
Neither of these is likely to be easy to defend against the bad guys.
That or we just get the second part of the key by hacking into the terrorist’s phone.
Which again boils down to the existence of a "master key" or a large database.
Re: Alright, pretend I'm George Brandis:
wth are you talking about?
None of that makes any sense.
Re: Alright, pretend I'm George Brandis:
Think of it this way, there is no knot that can be tied in a piece of string, that, given time behind a closed door, I will eventually not be able to untie.
Every single Digital Right Management (DRM) system build has been cracked, and Hollywood movie studios have spend many millions and had “the best brains money can buy” working on this, all for nought.
We use TSA compliant locks on our baggage, this is the same principle, the government believed it could keep the master keys secure, a quick search will show their folly.
Lets not forget the AACS master key 32 hex digits that unlocks Blu-Ray disks (09 F9 key) and the belief that copyright and take down notices could prevent it from spreading.
Just recently the NSA’s toolkit of zero day exploits leaked (was left on a server accidentally, found and sold on the darknet), repurposed as the “wanna cry” ransomware.
Re: Alright, pretend I'm George Brandis:
"That only we have" is incompatible with pervasive use. This may work for things like presidential-level launch codes. It doesn’t work for something that is intended to be employed routinely at ten thousands of different locations and is of monetary interest. Just look how well it works for Hollywood to keep every single new movie release from being distributed before the official release.
This will be worse.
Re: Alright, pretend I'm George Brandis:
Why ask commenters on TechDirt as to why backdoors don’t work?
Why not ask all the experts who have already testified, to a one, to Congress to this effect? Their testimony is public and free to download.
National or personal?
All that’s happening here is a push to compromise personal security in the name of national security. A hole is hole, no matter how it’s pitched in secret spy meetings.
Actually
All that’s happening here is a push to compromise national security in the name of national security. A hole is hole, no matter how it’s pitched in secret spy meetings.
FTFY
Wouldn’t it be the biggest slap in the face if every wireless carrier decided to say “screw it” and shut down services for 24 hours as a protest against this? Every government on the planet relies on wireless cell phone services and it would seriously harm every country on the planet if the wireless telecoms decided to show these governments the kind of backlash they would receive if they pushed through such a required mandate.
If they did a 24 hour protest by shutting down services, it would send a clear message that this kind of action by governments would not be accepted.
Re: Response to: Anonymous Coward on Jun 26th, 2017 @ 4:59am
Great idea but we all know that the self same idiots are executives at those companies.
Correction
Actually this solution does have a definite problem. It’s just not terrorist communications. The real problem is that if politicians don’t find someone/something to blame after a tragedy, their constituents might just blame them.
Re: Correction
Example of UK PM Teresa May whilst Home Secretary sacking 20,000 police for austerity measures, then finds out that those same police may have been able to prevent the recent attacks in the UK and being partly blamed for the attacks due to her previous actions.
lets just backdoor English. that would solve most of the problems
Just say no!
To the Clipper chip and the Clapper chap and all the claptrap that want to be their ilk.
Aren’t those guys supposed to represent their constituents? What’s wrong with them?
“I will raise the need to address ongoing challenges posed by terrorists and criminals using encryption,” Australian Attorney General Senator Brandis said in a joint statement.
"I will raise the need to address ongoing challenges posed by people."
Scientist are exited about new discovery. Finally they have a first possible victim of dreaded Drop Bears. Scientists asked grants to verify the discovery.
Noughty sources hints that New Zealanders have been throving all native Drop Bears to Australia, Fox News have not been able to confirm the accusations.
Anonymous sources at goverments deny all accusations as a heresy.
Can’t wait till some idiot politician suffers a financial loss due to forcing their stupid backdoor policies upon the industry. I’m sure it will be spun as not at all related to the legislation they forced upon an unwilling populace. I’m not sure if there is enough tissue to support such a catastrophic event.
look up ISIS hacking
look up ISIS hacking and how bad its getting cause the govts made all the rest of us jsut want to say screw them too
and all your doing is opening massive doors to all of us
AND WE WILL FIND THOSE WHOLES
USA software is already massively comprimised
not going to say how much i know but lets just say if you cant protect a video game you cant protect anything in transit
and when you see cracked software or games 99% of time it means that said software is also vulnerable to malware or exploitation
i can guarantee everyone of you is using exploitable software and that will not change. WHAT you say has changed?
OH if i need a message sent to another part of the world i stopped using the internet ten years ago.
all your back doors do is open up everyone else to us again jsut like that so called SONY ROOTKIT that actually existed 3 years before SONY got hold of it….
Re: lets just say if you cant protect a video game you cant protect anything in transit
Do you understand what a “security boundary” is?
adlib so i am 100% clear
p.s. by exploitable i mean in non cracked form it is vulnerable
all crackers know this, and yes as a true hacker i learned it a long long long time ago
Gotta love those megalomaniacs that made to power thinking they are omniscient and know what people think…
here is your crime
https://torrentfreak.com/cybercrime-officials-shutdown-large-ebook-portal-three-arrested-170626/
when reading is a crime when you have exploited it so much for fame and money you forget what humanity is truly about
we are a curious species and thus this route you travel will make us all terrorists one day
i highly dislike isil isis daesh what ever you call it
but tell me a convincing reason why if you penalize me and my brothers and sisters we should help you and the answer is they dont want us too….they want utter domination and control of everyhting and everyone….
if this does not make my grand fatehr whom fought in 2 world wars and north korea turn in his grave and send alarm bells to you all then i think we are all doomed
i leave you now to your fate and remember once we did fight agaisnt russians and chinese and we won…you treated us all like shit we stepped back and now look at you all whine
china this russia that
pussies the lot of you to not find the courage to say you were wrong….this is more directed at those that write tons a shit and do nothing in real world
this is written to those that could have taken a stand when it mattered….
I will get old and die and then i am removed from this….
mentors manifesto …go really read it…
so much bad stuff is soon to happen
good bye
@NINJA
or those keyboard warriors that claim to be something they are not
and when you could claim 4000 hackers around the world and there friends and there friends
and so on ask yourself just who you are …i know what i am
i am a man
Please inform me if I’m being crazy here, but isn’t all this pushing against encryption just going to make any related problems worse? If I was a criminal who did not use encrypted communication tools to conspire with my fellow hoodlums, I feel I sure as beans would look into it after repeatedly hearing how much governments are complaining it’s such a problem for them.
It’s not like they actually think they can eliminate secure encryption tools, right? That kind of wilful stupidity is just too much.
Why Don’t The NSA Do It?
If the intelligence community is so keen on a workable back-doored encryption system, why don’t they come up with one? The US Government employs the NSA, which (allegedly) has the largest and brightest pool of crypto talent on the planet. If anybody has the necessary hashtags to come up with such a scheme, wouldn’t it be them?
Maybe President Trump can issue an Executive Order to that effect—could that be the missing sprinkling of magic pixie dust that is needed to kick-start the process?
Criminals aren't going to submit their software for review
I find this debate futile as criminals are going to use software not produced or controlled in any country that will implement these spying laws. They will go to Russia or North Korea and buy or steal software that meets their purpose. The government must know this so they are probably just looking to catch the dumb criminal and to spy on every non-criminal citizen. It has very little to do with terror.
“The United States, United Kingdom, Canada, Australia, and New Zealand, will meet”
No need for comma between subject and predicate.