Crikey readers are not taking the government’s impending (and Labor-supported) anti-encryption legislation lying down. Plucking the choice comments from the robust discussion of Bernard Keane’s story on the issue was no easy feat, as readers examined every angle. Meanwhile, the introduction of gas fracking to WA reignited old concerns about the practice.
On the government’s encryption bill
Don_from_Melb writes: It is complete “security theatre”: it seems like the government is “doing something” to make us safer, but in this case all that is happening is that every Australian will be less secure online.
MarcusTheFuturist writes: Oh and let’s not forget that, under the disastrous TPP, foreign companies will be able to sue the Australian government for any action that causes them a loss in current or potential future profits — dealing with a hacking scandal will be paid for by the Australian taxpayer.
AverageAussie writes: As an IT guy for a large Australian company, I can tell you that this will work in the following ways:
Step 1. One of our staff clicks on a dumb link in a phishing email and gets some commodity malware.
Step 2. Some hacker uses that malware to connect to spurious sites flagged by ASIO.
Step 3. The government uses this new law to load Malware throughout all of our company systems.
Step 4. Hackers have full access and send flowers to the Australian government by way of thanks.
Well done government. You’ve just legislated the door to IT hell.
Sean Arthur writes: I am confident that whatever their silly plans about introducing “back doors” or otherwise weakening encryption it will never work. Any company allowing back doors (even if forced to) would become an ex-company very quickly. Apple isn’t the only phone company out there. Messaging apps exist by the bucketful.
Robert Garnett writes: I think that there are two elements that contribute to this behaviour. Firstly, Australians are incredibly insulated from the nastiness of the world by virtue of our small population, our remoteness and the fact that economically we have been very lucky to have things that the world wants — gas, iron ore and coal. We also have a democracy that doesn’t have a president, has bicameral governments and compulsory voting. These things provide for a relatively well fed and complacent population.
The other element is our complete disregard for history. History is completely irrelevant to 99% percent of Australians. History is what happened to other people, not them.
On the fracking push in WA
Dog’s breakfast writes: Even highly regulated, it isn’t a low risk operation, unless you don’t care about fugitive emissions, turning ground water into waste water that always seems to have much higher concentrations of toxic substances than is ever admitted to by industry. Then there are all the examples in the great artesian basin where water despoliation cannot be restricted to the area being mined. The industry is replete with examples of dodgy projects and outcomes, and then not paying any tax just to top it all off.
And for what? Gas we don’t need, spoiling water reserves that we may well do. All at a time when carbon emissions need to be reduced and then eliminated in a hurry. It’s beyond brain dead. It’s callous in its indifference.
Send your comments, corrections, clarifications and cock-ups to boss@crikey.com.au. We reserve the right to edit comments for length and clarity. Please include your full name.
Why has Crikey published articles on Lawyer X with unnecessary details facilitating ID which remain on view but refuses to allow comments?
There was my unicorn friend and I thinking that only corrupt, other countries broke the law to enforce the Law. (Kipling’s “…lesser breeds without the Law”)
It used to be an axiom of British jurisprudence that it was better for 9 guilty to walk than one innocent to be wrongly convicted.
Such naivete.
Lord Acton, as always had some thoughts on the relationship between liberty & authority.
“Despotic power is always accompanied by corruption of morality. All liberty is conditional, limited and therefore unequal. The state can never do what it likes in its own sphere. It is bound by all kinds of law.
Liberty consists in the division of power. Absolutism, is concentration of power.
Political atheism: End justifies the means. This is still the most widespread of all the opinions inimical to liberty.”
This comment from Esme on The Register comment thread regarding the mooted UK version of our govt’s idiotic legislation:
If anyone from GCHQ is reading this – I have no sympathy for your current position. As a result of your past actions, the UK population now finds itself wanting to be kept safe from bad actors, but regarding GCHQ as being amongst the bad actors we want protection from. You’ve effectively turned yourselves into a state-salaried criminal gang. Were it down to me, I’d fire the bulk of you, cut the salaries of those remaining by ten percent, and make it clear to those remaining that any future blatant disregard of the law and unfettered snooping would result in serious personal fines and jail sentences for everyone involved in those actions. I’m well aware of the need for intelligence agencies to sometimes transgress societal norms – but only in limited circumstances. Damn you for taking the piss, breaching our trust and then having the gall to lie about it. Damn you for being a security service we are ashamed of, rather than proud of.
Unfortunately for us, our pollies listened to our spooks and allowed this to pass.
And this from Milton on same thread. Best comment ever, wish Labor would take note. Is it too late…?
Self-serving loss of perspective
If avoiding the arrival of a Maverick missile depends on your crypto, you’re most likely not relying upon any of the standard P2P encrypted apps, because you know (a) every effort will have been made, using nation-state resources, to compromise them, and (b) you die if you trust third parties.
So my question to seemingly backward-looking spooks—who are so full of their self-righteousness and -importance that they apparently cannot even understand why a free democracy must have strong civil liberties if it is even to deserve to exist: and are, therefore, perhaps nowhere near as clever as they think they are—are fairly simple ones.
1. Have you, comfortable suited eavesdroppers, acquired an algorithm which can with more than 50% reliability identify large, dirty, noisy images which have very low-order, low-density steganography within them? How many of the 2,000,000,000 images shared every day are you managing to identify as having secret content? To the nearest ten?
2. Have you access to any reliable method of breaking a modern encryption standard such as AES256, or Blowfish or similar? What would be your success rate against messages, even allowing a crib phrase, of say 2kB in size? (Quite enough for decent Atrocity-Time-and-Date instructions.)
3. Alternatively, have you managed to compromise the world’s open-source codebase of crypto algos so that no one, not even the designers, will notice? So that none of the world’s several million competent coders could write a homebuild, effective crypto app?
4. Have you found a method of ensuring that Black Hats cannot access two computing devices with encrypted drives (whether tiny phone or workstation), one of which is never, ever connected to the net?
5. Have you found a way of ensuring that the BHs can’t run whatever software they like on these devices?
Given that the answers are most certainly No, No (<1:1×10^6), Not a Chance, No and No, isn't it true that actually, sigint is pretty much uesless against a well-disciplined, intelligent, well-equipped enemy (i.e. the very kind you should be most worried about)?
Isn't it true, in fact, that against your most serious adversaries, you need to infiltrate, blackmail, cajole, observe, corrupt, befriend, compromise—what we, back in the day, used to call humint: a version of tired old plodding shoe leather and nasty, grubby risks? Have you considered how many Arabic speakers you could recruit for the cost of Latest Billion Dollar SuperSexy MegaHarvesting Computer? (You know, the one that pointlessly stores petabytes of innocent civilians' data obsessively logging shopping habits, personal interests, porn preferences and extramarital dalliances)?
Isn't it true that your gasping appetite for code-breaking is actually peripheral grandstanding, with a big dose of laziness? That the appeal of sitting cosily in your pyjamas, sipping cocoa and reading Ahmed's email, is rather selfishly idle? That while you are begging for ever more budget, power and self-importance to spend on ever bigger aerials and computers, your neglect of the difficult, gritty, risky business of humint is most likely killing people?
You can sip cocoa at the keyboard, and yes, we need a few of those; but if you weren't so deep into deluded self-serving groupthink about crypto, you'd understand that if you were doing your jobs properly, you'd be risking your lives drinking gritty tea in a dusty back street somewhere far away. Not quite so appealing, eh?
One wonders whether GCHQ and NSA and their Five Eyes ilk have really been so dim and unself-aware as to fall into one of the oldest of psychological traps: for them, owning a hammer, every problem becomes a nail. It certainly sounds that way.
Thanks for the heads-up re that site – I’ve now included it on my reading list.