Australia To Push For Encryption Backdoors At Next 'Five Eyes' Meeting
from the yet-another-forever-war dept
There's been no unified push for encryption backdoors from world leaders, but the number of those suggesting it might be a good idea has increased in recent months. UK Prime Minister Theresa May recently said terrorists shouldn't be allowed to use Whatsapp to hide their conversations from law enforcement even as her own party members routinely use the app to engage in secure communications. Newly-elected French president Emmanuel Macron said basically the same thing while campaigning, stating a preference for compelled access to encrypted communications.
Shortly before he was shown the exit door, former FBI director James Comey floated the idea of an "international framework" for encryption backdoors. It appeared Comey realized he wasn't going to be able to sell this idea at home, so perhaps a little international peer pressure would push US legislators towards mandating lawful access.
Comey may get his wish, even if he won't be able to take advantage of it himself. Australian Attorney General George Brandis is stating he'll be pushing for backdoors at the next Five Eyes meetup.
The United States, United Kingdom, Canada, Australia, and New Zealand, will meet in the Canadian city of Ottawa next week, where they will discuss tactics to combat terrorism and border protection, two senior Australian ministers said.
Australia has made it clear it wants tech companies to do much more to give intelligence and law enforcement agencies access to encrypted communications.
“I will raise the need to address ongoing challenges posed by terrorists and criminals using encryption,” Australian Attorney General Senator Brandis said in a joint statement.
“These discussions will focus on the need to cooperate with service providers to ensure reasonable assistance is provided to law enforcement and security agencies.”
Brandis has already rationalized away potential objections to backdooring encryption, reasoning that people's tendency to overshare on social media indicates they won't care if the government (or several governments, actually) has access to their private messages.
So far, there's very little real evidence criminals and terrorists are using encrypted services at a higher rate than non-criminals/terrorists. There have been several statements made to that effect and backed by public displays of devices law enforcement officials claim can't be unlocked, but most post-attack investigations show terrorists are still mostly using unencrypted communications platforms. Available evidence also shows investigations of normal criminal activity is rarely thwarted by device encryption. At this point, backdoors are a "solution" in need of a problem.
All that's happening here is a push to compromise personal security in the name of national security. A hole is hole, no matter how it's pitched in secret spy meetings.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: australia, encryption, five eyes, going dark, surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
"'No security for anyone not us' is 'reasonable', right?"
“These discussions will focus on the need to cooperate with service providers to ensure reasonable assistance is provided to law enforcement and security agencies.”
Undermining the security of everyone is not even remotely in the same field as 'reasonable assistance'. Service providers already provide 'reasonable assistance', handing over what they can without compromising the security of everyone in the process, which means they're not asking for 'reasonable assistance', they're asking for 'anything they might want, at any time, and damn the consequences for the public.'
[ link to this | view in chronology ]
Re: "'No security for anyone not us' is 'reasonable', right?"
At this point, short of getting into the actual tech details, we're running out of analogies to point this out!
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Oh you can be sure it won't be one of the dangerous idiots proposing the idea, as that would suggest that they were at fault for forcing such an insanely stupid idea into practice.
No, instead they'll heap all the blame on the companies, since clearly if they'd made a proper Unicorn Gate, with real Leprechaun Gold-level security then it wouldn't have been compromised, and would have only let the 'Good Guys' in.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
Of course if it is a home run by the Liberals then they will blame the Contractors for the stuff-up, aka the online 2016 Census debacle was the fault of IBM. Even better for the Born to Rule Liberals when they blame societies poor & weak victims of the social welfare stuffup of Centrelink's Robo-debt.
[ link to this | view in chronology ]
Re: Re:Correction here - all political sides are at fault
Every dead ANZAC will be spinning in their graves (no matter in the world that grave may be) at the innate cowardice being exhibited by majority of our political parties and representatives at both federal and state level.
Politics in Australia has descended into a complete joke. If you listen closely to them, they are so afraid that they will do anything to protect themselves from the people of Australia.
Courage is not the absence of fear, but doing what is needed in the midst of fear.
Just blaming one political group is a sign that you haven't actually looked at how bad the situation is. All political parties and their members should hold their heads in shame for the debacle that is Australian politics.
No one party has all the policies needed, but each has a smattering of things that could work. But instead of working together for the good of this nation, they only get together to work for the bad of this nation.
[ link to this | view in chronology ]
Re: Re: Re:Correction here - all political sides are at fault
This was reinforced last week by the current Treasurer Scott Morrison who is rather happy that people don't pay attention to what the Far Right Liberal party are doing on behalf of their corporate donors.
When the Liberal Party's think tank the IPA (Institute of Public Affairs) created a new website just a few days ago called "A Fair Go" to capture the swinging voters it was slammed by 99% of visitors as just total BS, or to use the buzzword of the time "fake news" so much so that all the comments were removed & only by registering your details could you see the BS propaganda brought to you by PR specialists paid for by big business to get the message out that Trickle down economics is still the way to go to prosperity (well for the uber rich anyway, can't have the great unwashed sharing in any productivity gains now can we?)
[ link to this | view in chronology ]
Re: Re: Re: Re:Correction here - all political sides are at fault
LNP, Labour, Greens, Sex Party, etc, are all culpable. The only way is for the electorate to hound their representatives, which most don't have any interest in doing. Mind you, most representatives will ignore their electorate in all matters that are not party aligned anyway.
But still, none of the parties has the good of the nation in hand. We live under the consequences of Rudd, Gilliard, Abbott and whoever the current bloke is (I keep forgetting his name) and the policies espoused by their respective parties that have decimated this nation in recent years.
As I said above, each political party has some potentially positive policies, but because of party politics, these potentially positive policies will never make it. Bad policies, like what is being espoused, will garner bipartisan support.
I am almost at the point of believing that randomly choosing the representative for each electorate from the population of the electorate would be a better method.
[ link to this | view in chronology ]
Are we that far past the latest leak of the secret backdoors that acronym agencies were using?
If there is a backdoor, no matter how much to pay someone to guard the door, some idiot who believe they are untouchable will leak it out there.
The public should really embrace my "crazy" idea of demanding that these leaders be forced to use it before inflicting it on others.
Think law makers are willing to accept a backdoor, that only the good guys can access into their communications?
We are wasting so much time & money on these pipedreams that if we just spend enough we'll be protected finally. We are ignoring that so often they KNEW of the terrorist beforehand but stopped tracking because the firehose of data doesn't allow them to follow up.
Its not popular, but we can never ever be 100% safe unless we are all hermetically sealed in boxes & not allowed to interact with others. We need to accept that simple fact, and stop chasing empty promises of tiger repelling rocks.
We need to turn off the firehoses & stop expecting technology to give us the answer. The real answer is in how we did it for centuries, actual interaction with communities & investigation. When members of a religion everyone is worried about, reach out to the authorities & say this guy is over the edge & something is wrong there... and they don't pay attention to him for more than 2 minutes & expect the secret system to reveal the real bad guy, they have failed to do the most basic things to protect us.
Its not pretty, its not glamorous, its hard work.
Bad guys don't wear black hats to identify themselves.
When the country with the most 24/7 surveillance manages to miss bad actors they were directly told about, perhaps the magic firehose isn't repelling the tigers.
[ link to this | view in chronology ]
Re:
Because they are so arrogant that they only listen to people who tell them what they want to hear.
[ link to this | view in chronology ]
Re: Re: - Grenfell fire
Because they are so arrogant that they only listen to people who tell them what they want to hear.
Someone should point out to these people that this is exactly the same kind of stupidity that led to the Grenfell Fire disaster. The experts and the public warned those in power that the cladding/insulation/lack of sprinklers/incorrect evacuation procedures/lack of adequate staircases to allow escape aded up to a disaster waiting to happen but they ignored it - right up to the point when it did.
[ link to this | view in chronology ]
Re: Re: Re: - Grenfell fire
[ link to this | view in chronology ]
Re: Re: Re: Re: - Grenfell fire
[ link to this | view in chronology ]
Re: Re: Re: - Grenfell fire
There's a pervasive, hard and fast rule - which bears all the hallmarks of racism - prevalent in the American [not-]intelligentsia, that mandates that any idea which did not originate in the USA, no matter smart it is, can't even be up for consideration.
If it wasn't the case, you'd have smart incarceration polices and universal medicare by now.
[ link to this | view in chronology ]
Re: Re: Re: Re: - Grenfell fire
The Grenfell fire in London, UK has prompted Australian authorities to finally get their act together 3 years after a similar non-fatal incident in Melbourne, the only difference being that the construction union was shouting loud about it at the same time the Federal Liberal government was having a 2 year $50 million Royal Commission into the same nasty construction union to divert union funds into lawyers fees instead of going into the campaign funds of the opposition Labor Party for the previous 2 Federal elections. Also hoping some of the dirt would stick to some of the Labor party MP's who surprise, surprise were once union officials.
[ link to this | view in chronology ]
Re: Re: Re: Re: - Grenfell fire
I hear you, but I'd categorise it as a peculiar mix of hubris and dumb arrogance rather than racism. Seventy years ago the USA rode sky-high on a wave of gratitude for helping rid the world of Hitler and Hirohito. Now, after decades of boasting, bullying and making shitty films, Americans struggle to escape this near universal world-view of "The Ugly American" (apologies to Lederer and Burdick). Electing Trump was the icing on the cake.
As for the Australians calling for encryption backdoors, perversely I see an upside. These are the same clowns and buffoons that degrade our privacy by permitting blanket snooping on our electronic communications, thinking it yields anything even remotely useful. This story makes it crystal clear how clueless they are, and not just about technology. They are completely incapable in combating a handful of idiots armed with Twitter accounts, rusty vans, and bags of nails, and they know it. There is no overarching plan. They are not smart. They are desperate.
[ link to this | view in chronology ]
Alright, pretend I'm George Brandis:
What I want our intelligence agencies to be able to do, is to look at that first part of the key, and be able to figure out the shape of the second part of the key, so that we can decode the terrorists messages. That or we just get the second part of the key by hacking into the terrorist's phone.
Now, in order to do any of that, we need to have backdoors into their messaging software, so we can take a look at the keys they're using. I do believe that criminals can be stopped from using these backdoors for their own ends, if it requires an authentication key, like a long password, that only we have, that's itself encrypted so it can't be read during a man-in-the-middle attack.
And, I really would like an explanation of how the crooks and the terrorists can beat that."
[ link to this | view in chronology ]
Re: Alright, pretend I'm George Brandis:
Also, either that key is made available to all governments, or the Internet and software industry is fractured into country based islands, as no government will allow foreign spying on their citizens unless that are also granted the same power.
[ link to this | view in chronology ]
Re: Re: Alright, pretend I'm George Brandis:
(Bonus points if any example/s you can point to took place in Australia.)
[ link to this | view in chronology ]
Re: Re: Re: Alright, pretend I'm George Brandis:
They don't even have to leak, once you know there's a backdoor, now you have groups trying to find and crack that backdoor. In the end you've solved nothing. Anyone can use a 3rd party Open Encryption program and use that if they really care and there's would be no backdoor and no way to stop it. So the criminals are secure, a very tiny percentage group, and everyone else has a backdoor which can lead to all kinds of security issues for most all of the population.
[ link to this | view in chronology ]
Re: Re: Re: Alright, pretend I'm George Brandis:
How many bonus points for that one?
[ link to this | view in chronology ]
Re: Alright, pretend I'm George Brandis:
What I want our intelligence agencies to be able to do, is to look at that first part of the key, and be able to figure out the shape of the second part of the key,
The WHOLE point of modern (two key) encryption techniques is that you can't do that. The moment you can do that the encryption is broken or at best reduced to the security level of single key encryption. Worse still that key is either a master key or part of a huge database of keys.
Neither of these is likely to be easy to defend against the bad guys.
That or we just get the second part of the key by hacking into the terrorist's phone.
Which again boils down to the existence of a "master key" or a large database.
[ link to this | view in chronology ]
Re: Alright, pretend I'm George Brandis:
None of that makes any sense.
[ link to this | view in chronology ]
Re: Alright, pretend I'm George Brandis:
Every single Digital Right Management (DRM) system build has been cracked, and Hollywood movie studios have spend many millions and had "the best brains money can buy" working on this, all for nought.
We use TSA compliant locks on our baggage, this is the same principle, the government believed it could keep the master keys secure, a quick search will show their folly.
Lets not forget the AACS master key 32 hex digits that unlocks Blu-Ray disks (09 F9 key) and the belief that copyright and take down notices could prevent it from spreading.
Just recently the NSA's toolkit of zero day exploits leaked (was left on a server accidentally, found and sold on the darknet), repurposed as the "wanna cry" ransomware.
[ link to this | view in chronology ]
Re: Alright, pretend I'm George Brandis:
"That only we have" is incompatible with pervasive use. This may work for things like presidential-level launch codes. It doesn't work for something that is intended to be employed routinely at ten thousands of different locations and is of monetary interest. Just look how well it works for Hollywood to keep every single new movie release from being distributed before the official release.
This will be worse.
[ link to this | view in chronology ]
Re: Alright, pretend I'm George Brandis:
Why not ask all the experts who have already testified, to a one, to Congress to this effect? Their testimony is public and free to download.
[ link to this | view in chronology ]
National or personal?
All that's happening here is a push to compromise personal security in the name of national security. A hole is hole, no matter how it's pitched in secret spy meetings.
Actually
All that's happening here is a push to compromise national security in the name of national security. A hole is hole, no matter how it's pitched in secret spy meetings.
FTFY
[ link to this | view in chronology ]
If they did a 24 hour protest by shutting down services, it would send a clear message that this kind of action by governments would not be accepted.
[ link to this | view in chronology ]
Response to: Anonymous Coward on Jun 26th, 2017 @ 4:59am
[ link to this | view in chronology ]
Correction
Actually this solution does have a definite problem. It's just not terrorist communications. The real problem is that if politicians don't find someone/something to blame after a tragedy, their constituents might just blame them.
[ link to this | view in chronology ]
Re: Correction
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Just say no!
Aren't those guys supposed to represent their constituents? What's wrong with them?
[ link to this | view in chronology ]
“I will raise the need to address ongoing challenges posed by terrorists and criminals using encryption,” Australian Attorney General Senator Brandis said in a joint statement.
"I will raise the need to address ongoing challenges posed by people."
[ link to this | view in chronology ]
Noughty sources hints that New Zealanders have been throving all native Drop Bears to Australia, Fox News have not been able to confirm the accusations.
Anonymous sources at goverments deny all accusations as a heresy.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
look up ISIS hacking
and all your doing is opening massive doors to all of us
AND WE WILL FIND THOSE WHOLES
[ link to this | view in chronology ]
USA software is already massively comprimised
and when you see cracked software or games 99% of time it means that said software is also vulnerable to malware or exploitation
i can guarantee everyone of you is using exploitable software and that will not change. WHAT you say has changed?
OH if i need a message sent to another part of the world i stopped using the internet ten years ago.
all your back doors do is open up everyone else to us again jsut like that so called SONY ROOTKIT that actually existed 3 years before SONY got hold of it....
[ link to this | view in chronology ]
Re: lets just say if you cant protect a video game you cant protect anything in transit
[ link to this | view in chronology ]
adlib so i am 100% clear
all crackers know this, and yes as a true hacker i learned it a long long long time ago
[ link to this | view in chronology ]
[ link to this | view in chronology ]
here is your crime
when reading is a crime when you have exploited it so much for fame and money you forget what humanity is truly about
we are a curious species and thus this route you travel will make us all terrorists one day
i highly dislike isil isis daesh what ever you call it
but tell me a convincing reason why if you penalize me and my brothers and sisters we should help you and the answer is they dont want us too....they want utter domination and control of everyhting and everyone....
if this does not make my grand fatehr whom fought in 2 world wars and north korea turn in his grave and send alarm bells to you all then i think we are all doomed
i leave you now to your fate and remember once we did fight agaisnt russians and chinese and we won...you treated us all like shit we stepped back and now look at you all whine
china this russia that
pussies the lot of you to not find the courage to say you were wrong....this is more directed at those that write tons a shit and do nothing in real world
this is written to those that could have taken a stand when it mattered....
I will get old and die and then i am removed from this....
mentors manifesto ...go really read it...
so much bad stuff is soon to happen
good bye
[ link to this | view in chronology ]
@NINJA
and when you could claim 4000 hackers around the world and there friends and there friends
and so on ask yourself just who you are ...i know what i am
i am a man
[ link to this | view in chronology ]
It's not like they actually think they can eliminate secure encryption tools, right? That kind of wilful stupidity is just too much.
[ link to this | view in chronology ]
Why Don’t The NSA Do It?
Maybe President Trump can issue an Executive Order to that effect—could that be the missing sprinkling of magic pixie dust that is needed to kick-start the process?
[ link to this | view in chronology ]
Criminals aren't going to submit their software for review
[ link to this | view in chronology ]
No need for comma between subject and predicate.
[ link to this | view in chronology ]