
Schneier on Australia's encryption laws and CyberCon speaker bans - JayQP
https://www.zdnet.com/article/schneier-slams-australias-encryption-laws-cybercon-speaker-bans/
======
ickwabe
Whenever this conversation appears in the news and I listen to various law
enforcement and political folks defend some sort of need for breakable
encryption, I always jump to the logical end. Or at least one possible one.

In the future there WILL be brain computer interfaces. Memory offloading,
recording of visual and auditory cortex data, and other more mundane uses.
This may seem like fantasy/scifi. But barring some societal/technological
collapse, this will eventually happen. If the precident is set for breakable
encryption/back doors, this will absolutely be used to "supoena" people's
"brain information" in that context. The invasive-ness will have no end.

~~~
xoa
This is the argument I've made to people over the last few years, and I think
is far better and more substantial then the technical based ones that so
typically come up (and have in the comments here already, the whole "well a
key will of course leak thing"). It's risky and unnecessary to go to technical
arguments for something that's a moral matter, because technology changes. If
you base your entire opposition around the key, what if at some point someone
does have an entirely formally verified stack and strong measures and can
reasonably argue that keys aren't going to leak? Apple's master key for
example, it becoming available would be an enormous thing for both criminals
and ordinary owners of iOS devices. Yet while there have been plenty of flaws
that have been exploited to bypass a need for it, the private root key remains
unleaked.

The real question that I would want to see some Congress person put to
agencies is

> _" Do you believe there should be any inherent limits at all? If we
> developed the technology someday to read people's minds, should it be
> permissible to go through their brains with a warrant? It would certainly
> let you find the guilty of some 'crimes', where for 'crimes' we should keep
> in mind that gay sex and interracial relations were felonies in the near
> past."_

I mean that's the real thing, if security agencies could root through people's
brains I see no need to beat around the bush that likely at least a few truly
horrific crimes would be stopped or solved. There would be children saved,
terrorists stopped, murderers caught. But I think not just the abuse of it,
but even the use of it to eliminate any gray area for a human society would be
so horrific that it's just plain not worth it. That yes, some children will be
abused/kill, some murderers will escape, some terrorists succeed, and that
really is the price we need to pay. That we should try to reduce it as much as
possible but only in opposition to strong privacy and an inviolable personal
sphere. And that should include artificial augmentations to our minds, which
typical mobile devices are already arguably at the point of.

The incentive structures right now for law enforcement agencies and intel
agencies remains geared always towards more more more, and paying attention to
singular big harms rather then small harms across enormous swaths of the
population. It hasn't evolved much from decades and centuries in the past
arguably. I think that's the ground to fight on though, will they argue that
total erasure of the private sphere is worth it? Will the public agree? I
think the answer is no, and with that established it's a lot easier to argue
back against "think of the children/terrorists/drugs" typical attack.

~~~
ickwabe
Well put. To wander a bit off topic, but I feel this is a specific example of
a general problem in free societies. There is no perfect safety without
perfect surveillance. In my opinion, it is necessary to be at peace with the
fact that there will be a certain level of bad outcomes in exchange for the
protection of general freedoms. There will be crime, murder, kidnappings,
embezzlement, death by neglect, etc. It is unavoidable absent a perfect
surveillance state. I, for one, am willing to accept risks. Others will
disagree. But I think that in a perfect surveillance society you are also
pefectly stagnant.

~~~
bradknowles
There will be no perfect safety. Period.

There will be no perfect surveillance. Period.

Humans are humans, and inherently imperfect.

Until all humans are eliminated, there will be no perfect ... anything.

------
cookie_monsta
I was at this conference yesterday. The keynote was Kevin Mitnick giving step
by step demos on how to steal gmail session cookies and clone prox access
cards, but apparently discussions of anonymous digital dropboxes are out of
bounds

~~~
LinuxBender
Given how trivial it is to set up anonymous shares, I can not fathom why
discussion would be restricted.

Step 1. Create a file sharing mechanism. (http / https / sftp / rsyncd /
nntp(s) / smtp(s) / whatever)

Step 2. Start Tor.

Step 3. Share link.

~~~
angry_octet
You might have heard of Snowden? The CIA whistleblower on soliciting electoral
interference from Ukraine? These are hot topics in the US Govt, and having a
talk about whistleblower technologies at an ASD/ACSC sponsored talk was
obviously seen as too touchy by some 1/2/3 star at ASD.

They obviously don't understand the Streisand effect though, because it was
completely hamfisted. They should have just arranged to schedule a bunch of
other interesting talks at the same time, or put them late in the day in a
small and distant meeting room during the cocktail hour. Amateurs.

------
Silhouette
I wish more non-technical people understood the fundamental point that many
security measures are binary. Either they are secure and no-one has a back
door that can compromise them, or they are not and anyone could have a back
door that can compromise them, but there is no middle ground where only a
politician's preferred government agents have a back door.

When I see comments like former Australian PM Malcolm Turnbull's "Well the
laws of Australia prevail in Australia, I can assure you of that. The laws of
mathematics are very commendable, but the only law that applies in Australia
is the law of Australia", I despair. Such profound ignorance should be kept
well away from any sort of power. Regrettably, we haven't yet found a modern
King Canute who can demonstrate the principle to our politicians and leave
them without any doubt.

~~~
zmmmmm
> Either they are secure and no-one has a back door that can compromise them,
> or they are not and anyone could have a back door that can compromise them,
> but there is no middle ground where only a politician's preferred government
> agents have a back door

Can you clarify? Wouldn't just having a second key which the government keeps
in escrow in case they need to decrypt a message achieve exactly what you are
saying is impossible?

(Note: I don't agree with the laws being created to undermine encryption ...
but I think it undermines the argument against it to overstate the case.)

~~~
missosoup
> Wouldn't just having a second key which the government keeps in escrow

Imagine being an outspoken left-wing blogger in America that votes for this.
Imagine then Trump gets elected and 'the government' is now an entity that
actively breaks established laws and targets outspoken critics.

Imagine someone even worse than Trump is elected after that.

Imagine the key is leaked.

Imagine China makes a trade with your government for your key.

There is no taking back that key now, whoever becomes 'the government' at any
point in the future has it.

~~~
redler
The fact that governments change, sometimes radically, is an important point
in arguing against escrow. For example, in the current supreme court case R.G.
& G.R. Harris Funeral Homes Inc. v. EEOC, the case was brought under the Obama
administration BY THE EOC ITSELF, arguing for the plaintiff. Then Trump was
elected, and the Department of Justice switched sides -- they now argue
against the government's own original case.

------
notreall1238123
Private citizens should have a right to private conversations with one
another, regardless of the channel. Why is this so hard to grasp?

~~~
SkyBelow
But they may say something illegal, and there are enough people who want to
make that impossible that they are willing to sacrifice their rights to ensure
the laws on illegal information are enforced.

Some people are fundamentally willing to sacrifice rights they don't view as
necessary for some temporary gain, and trying to oppose this in any more
direct way can result in having one's own moral standing challenged.

~~~
jecxjo
>they are willing to sacrifice their rights to ensure the laws on illegal
information are enforced.

I think you meant to say "sacrifice everyone's rights." This isn't an opt in
scenario, it would be your right to privacy being forcibly taken away.

------
LinuxBender
The conclusion I always reach in these discussions is that if people truly
want encryption, they will have to do it themselves and not rely on others.
Others can always be forced or otherwise coerced, legally or otherwise.

------
alexnewman
Is china better or worse than Australia on this issue?

~~~
harry8
There is no meaningful comparison to make.

The "censored" talks immediately had their slides put online and were
extensively advertised with Schneier in particular, stating it's your duty to
read them now. Nobody was arrested because the courts would not even allow a
prosecution as there's no law that has been broken. The rule of law, while
imperfect, means something in Australia.

Let's be very critical of what has happened here by all means, that's how we
preserve a rule of law and equality before it.

------
jhare
CyberCon ran by their Australian shillery; glad he stuck it to them

Conferences are nearly all in-person live ads, cloud ads disguised as talks,
or tutorial talks so shallow a Googling is better.

Triple that for infosec industry.

------
draugadrotten
Doesn't Schneier miss the mark here. Even if the US, Australia or all of the
Five Eyes nations stop spying, that does not ensure encryption is unbroken or
safe from spying eyes. If it is possible to break encryption, it will be
broken by someone. It better be by us...

As far as designing in weaknesses and/or golded keys. Well, it does not add to
security, but assuming that the other nation states are already able to break
encryption and read what they want, it does not weaken it either for national
security reasons. What it does provide however are easy means to stop
terrorists, pedos and drug dealers from conducting business. That power in the
right hands is good for society, just like having people with lethal weapons
in law enforcement is good for society.

Remains the risk that some bad guys could get their hands on the golden keys.
Yes, design to handle that?

What else?

~~~
shakna
> Remains the risk that some bad guys could get their hands on the golden
> keys. Yes, design to handle that?

You can't. That's pretty simple and solid.

If you have design a master key, then it's the master key. Once it's out, it's
out.

~~~
chopin
To play devils advocate: what about the keys with which Apple or Microsoft
signs their updates? It's analogous to a master key, yet they didn't leak so
far although the stakes are high.

~~~
cookie_monsta
Apple/Microsoft have a master key to one product which is held by one private
company. What you're talking about is a master key to all communications
accessible by every government agency of every country provided (maybe) that
they can demonstrate "just cause" (or some other nebulous concept). Surely you
can see the difference in magnitude?

~~~
chopin
In theory, the key could stay at the company and the communications is handed
over upon lawful request.

To be clear, I am not supporting this. But this will be an argument being made
by the other side thus a good reply should be prepared. NOTPetya already
demonstrated that malware can come with software updates. But up to now there
is no hard evidence that keys of big players have been leaked.

And even for professionals it's hard to keep up. I am using Signal. From time-
to-time I am reminded by Signal (on Android) that I need to update taking me
even to an update screen. How would I know that it is genuine? No other app I
have does this.

~~~
GhettoMaestro
> In theory, the key could stay at the company and the communications is
> handed over upon lawful request.

What is a "lawful request"? Does that include legitimate court orders
originating from China, Russia, Syria, Sudan, etc?

That's why this will never fly. It's a horribly stupid idea.

~~~
chopin
It's either a lawful request from any country or none. Should corporations get
to decide what a lawful request is? That's a horrible idea either.

FWIW, I am appalled by this constant call to weaken encryption. This is not
worthy of any country who deems themselves under the "rule of law". It's even
more appalling that they do the dirty work for the countries you listed...

~~~
GhettoMaestro
> It's either a lawful request from any country or none.

My preference would be to group countries into categories that respect users
and their privacy, and those who don't. And then don't pursue selling into
countries that don't respect privacy. And no one gets "gold key" or "backdoor
access". It is only a legal front door to the data the provider possesses in
plaintext. Specifically, data residing SOLELY on the device would NEVER be in
said provider's possession in plaintext form, if the user desired that.

But that will never happen. Because, growth markets, amirite? (Sad face)

> Should corporations get to decide what a lawful request is? That's a
> horrible idea either.

Agreed. Corporations don't get to 2nd-level guess the law (ignoring lobbing in
this example). They either get to choose to operate within laws of the
territories they do business in, or they don't do business in a said
territory. This is my EXACT complaint against Uber, AirBNB, etc.

> FWIW, I am appalled by this constant call to weaken encryption. This is not
> worthy of any country who deems themselves under the "rule of law". It's
> even more appalling that they do the dirty work for the countries you
> listed...

In total agreement. Furthermore it is what is view as extremely easy. Of
course the NSA/CSS/CIA/ABC/DEF whatever will always target and crack-open the
endpoints. To do a double-duty and attack the crypto itself is just fucking
annoying to me due to the collateral damage said efforts bring. They already
own the endpoints. Just focus on that. Don't attack the math operations.

