
Breaking US Encryption: The Australian Test Case - justsee
https://blog.dogooder.co/breaking-us-encryption-the-australian-test-case/
======
stephen_g
I believe the answer to the question is that the Government wants to be able
to compel anyone providing a service to be able to ship malware to anybody
they choose, with huge fines for refusing or informing anybody about it.

So, say if Snapchat was end-to-end encrypted - they would then tell Snapchat
to create a special version with a backdoor that streams any messages to the
Government, and then compel, say, Apple to provide it to a certain Apple ID as
an update. The user would happily go on using it not realising he was
compromised.

I think the idea is that a 'systemic weakness' would be getting a backdoor
that is distributed to all Snapchat users, whereas they feel that delivering
malware with backdoors to specific people is fine.

At the end of the day, it's pretty ridiculous, and it should just be scrapped.
We unfortunately have massive overreach in intelligence though unfortunately -
it's literally legal for intelligence services to break into anybody's
property and copy documents, implant listening devices, etc... We don't have a
bill of rights or anything to prevent such overreach.

~~~
chopin
But this would come to light quickly and mean that nobody installs updates any
longer. I wouldn't. It would erode trust in software companies very quickly
making everybody _less_ safe.

Furthermore, for the case cited, this wouldn't help. For that you'd need a
backdoor for at least installing software without being the device owner. With
that, you'll be mugged for your iPhone again.

------
7000skeletons
I know Australians like to joke about how they have an Old Man Government that
likes to pass legislation about things it doesn't really understand, but even
by the lofty standards it's set this is ridiculous. And I shouldn't act too
smug, either, given some of the chatter that's come from a number of different
Home Secretaries here in the UK.

At what point are these people going to wrap their heads around the concept
that there's no way to implement these sorts of policies without compromising
security?

~~~
mmjaa
>At what point are these people going to wrap their heads around the concept
that there's no way to implement these sorts of policies without compromising
security?

You make the mistake in thinking they're ignorant of how much security they
are compromising. The language of these bills is not designed to cover up
incompetence - its designed to cover up competence.

You see, the Australian government knows full well what it's doing. What it is
depending on, is that the Australian people don't have a clue - and really,
they don't. Sure, a few sectors are well enough educated on the subjects to
raise objections - but Australian politics has never allowed minority voices
to be heard, and people raising objections to heinous Australian policies are
easily silenced - Australian politics is _designed_ to disallow such from
happening.

The way to view this whole episode, is with much cynicism and disgust at the
way the Australian people are manipulated. It is one of the most captive
western audiences, most easily influenced by a powerful media industry, and
everything that is being done in Australia to make forced decryption possible
is just a test for the broader market - the USA and Europe - that will be
attacked next.

~~~
7000skeletons
Yeah, I'm probably giving them the benefit of the doubt in assuming that
they're being stupid rather than outright malicious. The same is likely true
here in the UK, given that they've had tech experts yelling at them for years
about how you can't add some sort of exclusive backdoor access to software.
Still hasn't stopped the last two Home Secretaries (one of whom is now the
Prime Minister, at least for now) trying to force companies to create them.

------
esotericn
> These are high victim impact crimes that are being hindered by the inability
> of law enforcement to access encrypted communications.

Consider that, on some time scale, we (or at least, some actor) will
eventually possess the technology required in order to read minds.

At that point it will be possible to determine passcodes from suspects; to
determine the content of previous conversations (subject to the limitations of
human memory); essentially, to extract testimony from an unwilling
participant.

Will we allow that? Because, by this token; one could just as easily state
that law enforcement are being hindered by their inability to access ....

------
bigbluedots
I have no idea how the Australian government expects to enable to compel US
companies to do anything at all, aside from threatening their access to the
(tiny) Australian market. I'm hopeful that this bill will result in the
withdrawal of said companies from the Australian market, and maybe then the
government will realize this bill was a bad idea.

~~~
jazoom
The government won't care if those companies withdraw. Our citizens will
absolutely care they can no longer Gmail and Whatsapp and will vote them out
at the next election. But that happens every 3 years anyway, so it won't make
a difference to the politicians.

------
senectus1
i really dont see this getting any purchase.

Its utterly ridiculous.

~~~
brokenmachine
What is actually preventing it from happening? Serious question.

------
CodeWriter23
In their teen rapist scenario, why is the parolee permitted to even have a
smartphone? Should be limited to a flip phone with easily-tapped SMS and no
apps.

~~~
brokenmachine
Also, if they are sure he sent messages, then why can't they obtain those
messages from the recipients?

And what actually happened to the presumption of innocence? Sounds
suspiciously like they have decided someone is guilty without actual evidence.

It's just a stupid story that makes no sense. They want the ability to spy on
any citizen with no judicial oversight, and this is the best argument they can
come up with for such a massive overreach? I'm honestly insulted. These are
the people who are meant to be looking after our interests?

~~~
CodeWriter23
That’s my point. The child rapist on parole scenario is a straw man. They
don’t need breakable encryption to address that problem. Parole requires the
parolee to sign a contract. Put a no smartphones clause in there and they’re
done. Then they can rearrest on that basis alone if he has a smartphone, and
let him serve the rest of his original sentence.

