
How the Australian government plans to access encrypted messages - visural
http://www.theage.com.au/federal-politics/political-news/how-the-turnbull-government-plans-to-access-encrypted-messages-20170609-gwoge0.html
======
nikcub
The story title mentions Australia but this is relevant to all the 5eye
nations, as they're obviously pre-briefing the media on what the agenda will
be and this is the first time that we're getting detail on what they'll be
proposing (the UK proposals were vague)

What they seem to be talking around is implementing an app-level CALEA-like
capability.

What I think how they think it would work: companies would be made to build
lawful targeted intercept capability into their apps, in the same way
telephony and other equipment is today. The app developer receives a warrant
for an identifier and they're required to split off that traffic and change
the keys, or encrypt it twice (the sender/recipient key and an intercept key -
one per warrant (this happens with some net and tele warrants now)).

We all know the downsides of this approach, but it isn't technically
impossible. What would be impossible is enforcing it, as it is more a
regulatory hurdle. It is more possible today because of vertically integrated
walled gardens being used for most app distribution - and backed by two of the
largest companies in the world who may be susceptible to a compromise
(especially as there is the large tax issues hanging over both their heads).

On a scale of how bad things can get - I think warranted targeted surveillance
is better than device backdoors which is better than metadata retention which
is better than the mass surveillance we have today (leading to cable splitting
and DPI, or situations like Lavabit)

I don't see how, even if you're ok with warranted targeted surveillance, how a
compromise is made here that doesn't lead to a wack-a-mole game where
legitimate users are inconvenienced while the 'bad guys' are pushed onto
alternate Android distributions and unofficial apps.

I also don't see how a CALEA-like capability is kept secure and safe -
especially with apps (we saw the NSA use CALEA intercept to surveil political
targets). Clapper et al always vaguely answer "key escrow" to this question
without spelling out how that would work.

With subsequents backdowns in the scope of what these governments are wanting
to do (and this latest proposal is again is a minor backdown) we might be
reaching the finite conclusive point where comms do go dark and the new
reality is that despite all of the tech we have law enforcement mostly relies
on human intelligence and they'll have to scale back up for that. 3,500 terror
suspects in the UK, 4,000 employees at MI5 - and notably in the recent attacks
there were HUMINT warnings.

~~~
markvdb
Following this logic, it's a question of time until GPG gets outlawed.

~~~
Freak_NL
It would mean outlawing _any_ software implementing asymmetric encryption; it
would essentially mean making a specific application of maths illegal. Because
this would also imply outlawing TLS as we know it, a lot of resistance can be
expected from citizens and (parts of) governments and corporations alike.

That doesn't rule out such silliness from happening, but it will be a tough
fight, so for now they'll probably stick to going after the silos (e.g.,
WhatsApp) and simply get them to substitute true end-to-end encryption for
some backdoored solution — it's easier and more effective now.

------
cJ0th
> "I personally want to live in a world where reasonable people and companies
> would say, 'You know what? Under the rule of law, and with the right
> oversight and a warrant, communications can be listened to when it's needed
> to protect us.'"

Yes well, I don't. But hey – why not facilitate foreign actors spying on our
companies so that we may or _may not_ catch any terrorists?

~~~
jarym
I would if it meant:

1\. The rule of law has not been compromised (snowdon has shown it has
already)

2\. warrants are issued by a proper judiciary (not the likes of FISA)

3\. Oversight that protected citizens privacy rights (let's all laugh at this
one since it requires Snowdon to show us that oversight just doesn't exist)

So, agree with you :)

~~~
curun1r
Also important:

\- warrants should have explicit expiration dates...no more indefinite
intercepts. \- cooperating companies should be able to publicly say anything
as soon as the warrant expires. The gag orders are what have allowed the scope
of monitoring to be hidden from public scrutiny and that scrutiny is what's
needed to keep surveillance to reasonable levels.

------
aaronmdjones
> Attorney-General George Brandis said the government will not pursue the
> controversial "backdoor" access option by forcing firms to plant flaws in
> their encryption software that would allow it to be cracked by police or
> security agencies

Forcing firms not to implement end-to-end encryption is forcing firms to
implement flaws in their encryption software.

~~~
askvictor
> Forcing firms not to implement end-to-end encryption is forcing firms to
> implement flaws in their encryption software.

Which is why they're not pursuing it presumably.

~~~
amboar
> Given the difficulty of cracking end-to-end encrypted messages during
> transmission, one option would be to improve warrant-based access to
> communications at the sender or receiver ends, Senator Brandis said.

> "At one point or more of that process, access to the encrypted communication
> is essential for intelligence and law enforcement," he said.

> "If there are encryption keys then those encryption keys have to be put at
> the disposal of the authorities."

The last part of the quote muddies the water a bit. Maybe they are interested
in cooperation from companies with control of endpoint software (Apple,
Google, Microsoft) to extract the keys?

~~~
wzdd
Just because it's in your operating system rather than your apps doesn't mean
it's any less of a backdoor.

~~~
amboar
Right, is a different back door, but at least it's not broken crypto. Not that
I'm for compromised endpoints either.

~~~
natch
Building your crypto system with an ability to spit out the keys on demand to
any podunk FBI Director or podunk US President, not to mention any podunk
sheriff, means you have built broken crypto.

------
slang800
> The rapid proliferation of encrypted messaging by terrorist networks has
> prompted...

Giving governments the power to perform mass interception and decryption of
communication doesn't seem like a sensible way to fight terrorists, even if
they say it's only to be used on suspects. Terrorist attacks aren't increasing
because the "bad guys" suddenly got their hands on a copy of OpenSSL.

In the case of the most recent attacks, these people were let into the country
voluntarily.

------
harry8
Fantasy land stuff. Moxie is going to backdoor his encryption because some
Australians he's never heard of tell him to?

The prime minister, Malcolm Turnbull, is a noted user of Signal...

One day these stories will be written by and about people who have a clue. One
day...

~~~
askvictor
It says specifically that the government will _not_ pursue the backdoor
options; seems that they just want to have clearer international protocols
around warrants for information. Seems sensible if you ask me.

~~~
wzdd
How do you think the government will access end-to-end encrypted data without
making use of a backdoor? (Or alerting the user.)

Brandis said warrants should be "sufficiently strong to require companies, if
need be, to assist in response to a warrant to assist law enforcement or
intelligence to decrypt a communication". A company which makes end-to-end
encryption will not be able to assist law enforcement in this way unless they
make a backdoor.

Conclusion: Brandis either doesn't know what a backdoor is, or he does know
but realises that "backdoor" has negative connotations so he is pretending
that that's not what it is. Both possibilities are pretty reprehensible in my
opinion.

~~~
cam_l
I take the second option, this is a man who tried to claim metadata is not
data.

And it took them just a few weeks to breach the 'safe guards' in place for the
warrantless data retention scheme.

Http://www.smh.com.au/federal-politics/political-news/police-illegally-
obtained-journalists-phone-records-under-new-metadata-retention-
regime-20170428-gvutjx.html

------
shakna
> In mid-2013, less than 3 per cent of counter-terrorism investigations
> intercepted communications that were encrypted. Today that figure was more
> than 40 per cent, Senator Brandis said.

I want to hear more on this, because so far as reporting has gone on terrorist
attacks since 2013... The use of encrypted messaging systems seems
conspicuously absent.

~~~
angry_octet
In fact, it is notorious that they didn't use any such system, just regular
SMS, speaking sometimes in Arabic or using very weak coded language. In
general, these guys are morons.

However, ISIS overseas is different. They or an allied group have offensive
cyber capability and an appreciation of opsec. They are known to have taken
advantage of weak opposition opsec for disinformation and tactical advantage
(hacking opposition command cellular devices via phishing and social
engineering to get tactical planning information). I don't know if they use
good encrypted comms, but it seems likely.

Would these skills migrate back to be use by local wanna be terrorists? I
doubt it.

So the bigger problem is not deliberate use but accidental. If they were all
using imessage by default it is going to be much harder. No easy meta data, no
mass scanning of SMS. You're left with physical surveillance, phone calls,
rough cell location data and HUMINT. If you can't get their Facebook messenger
calls or messages you are stumped.

Of course, this is as intended -- no effective mass surveillance. But how do
we enable supervised targeted electronic surveillance without it getting out
of control?

If fb/google gave into to a CALEA type enforcement regime there are no limits
on how much government surveillance would occur, at a level the Stasi would
drool over.

------
white-flame
None of any of this ever makes any sense. There will always be communication
styles that are inaccessible to authorities. And if we ever get "spooky action
at a distance" style communication that does not rely on an interposing medium
(regardless of speed), then all this becomes even more moot.

------
andrewstuart
Once again politicians making decisions about stuff they fundamentally
misunderstand.

~~~
askvictor
What do you mean? The article basically boils down to Brandis wanting
international intelligence agency protocols for warrants to get access to info
like this.

~~~
fungi
> "get access to info like this"

end to end encryption means only the end points (users) have the data.

the afp can't ask the fbi to ask facebook to ask whatsapp to hand over the
content of your messages if whatsapp don't have the content.

~~~
angry_octet
Well they can if fb include a copy of the session key, encrypted with the
public key of the escrow authority, appended to the ciphertext. The crypto is
done by the fb app, so it is within their ability.

Big companies are easier to coerce than e.g. the pgp developers. There is no
way for you to wrap your own encryption layer around the one used by
WhatsApp/etc. You can post pgp messages on those systems but that is something
very few will do.

~~~
apk-d
The developers of Signal and similar privacy-oriented apps will probably
rather shut down than compromise the security of the app. As long as at least
one secure app remains, the policy is pointless. And even then there's other
ways to communicate securely. There's no viable way to enforce this.

~~~
angry_octet
OWS probably wouldn't comply, but have you noticed how hard it is to install
something Apple/Google don't want on their platform? Side loading is feasible
but improbable on Android, totally impractical on iOS. In place of well
engineered solutions from principled developers there would be apps from
collaborators. I'm thinking WhatsApp/Facebook will fold pretty soon. 99% of
users won't care, and we'll be back to where we were with PGP: most messages
are in the clear, the only encrypted ones are huge red flags for further
tracking.

------
nine_k
Obviously, either encryption works flawlessly for both legal and criminal
purposes, or it works for neither.

What the proposal seems to concentrate is endpoints, where plaintext
inevitably exists, and legal protocols for accessing it.

OTOH any sane implementation would only generate plaintext for display
purposes, and would clear the RAM as soon as display (or input) is done, so
finding the plaintext anywhere may be honestly impossible. At least, without
tampering with the software on either end.

~~~
drdaeman
For the phones, that can be pulled regardless of the app's security.

If the legal framework is laid out, government can tell Google or Apple (or
phone vendor) to push a system-level update. It is trivial for both to push
code that can run without any restrictions, have full access to screen, audio,
camera and network.

Not sure why they bother, though. Wasn't it said many times almost every
baseband module is already a black box with possibility of undetectable access
to the main CPU/memory?

------
pserwylo
For those who are unfamiliar with the Attorney General George Brandis, this is
one of the people instrumental in implementing two year mandatory data
retention.

This is a famous interview he gave which is shows how little he understands
about the concept of metadata, and is mandatory viewing for all who are not
familiar with him:

[https://www.youtube.com/watch?v=Hw1ryLGs2ws](https://www.youtube.com/watch?v=Hw1ryLGs2ws)

His utter inability to understand the issues that he is legislating is
distrubing.

"What people are viewing on the internet is not going to get caught ... What
people are viewing on the internet while they surf is not going to get caught.
What will get caught is the web address".

The legislation ended up retaining the IP address that you visit, but not the
host or URL. I suspect this is the distinction he was trying to make, but
nevertheless, it is still disturbing.

~~~
siddboots
I think he was trying to make a distinction between an ip address and the
request/response content.

------
ldp01
Our governments appear to be pursuing mutually contradictory aims. On one hand
there are increasingly frequent and powerful cyber attacks which can only be
resisted through superior cyber-security and encryption. Then on the other
hand we get this rubbish.

Is it even possible to solve both these problems at once in a way which
preserves the freedom of the net and doesn't involve some crippling PRC style
regulation?

------
mtgx
I wonder if Facebook/WhatsApp have already been testing this type of access
under this current "feature" that's supposed to make it more "convenient" for
users who switch phones:

[https://www.theguardian.com/technology/2017/jan/13/whatsapp-...](https://www.theguardian.com/technology/2017/jan/13/whatsapp-
backdoor-allows-snooping-on-encrypted-messages)

Most in the crypto community seem to have sided with WhatsApp at the time, but
I wonder if they were taken for fools, too, by buying WhatsApp's argument.

If I were to implement a backdoor, then implementing it as a "feature" that
"makes sense" is definitely the way I'd go, especially if my app were to get a
lot of attention. That way I won't have to hide it (much) or worry about it
getting discovered because I could just "explain away" the critiques.

------
justinclift
One thing that seems to be left out of most discussions around this, is "proof
of sender" would likely be compromised.

For example with PGP/GPG, if some "magical" approach was added so messages
could be intercepted and then decrypted and read by intelligence/law-
enforcement/(etc), it seems feasible those same people may be able to spoof
the sender's signature.

eg create falsely signed, encrypted messages that verify as being from the
real sender. Extremely good for blackmail/framing/similar. :(

It would depend upon the capabilities of the "magical" implementation approach
of course, but it fits the scenario. PGP/GPG is regarded as pretty strong, but
SSL/TLS certs already aren't so seem like they'd be much more prone to this.

------
gumby
The 9/11 attackers discussed their plans through email. Good thing they didn't
use encryption, or it would have been a tragedy.

Wikipedia says the United States Capitol/The White House was called "The
Faculty of Law". The Pentagon was dubbed "The Faculty of Fine Arts". Atta
codenamed the World Trade Center "The Faculty of Town Planning". I remember
reading they had also use terms such as "birthday cake" and "candles".

I don't know if ASIO (and the US agencies pushing this agenda) are lazy or if
they have some different agenda. Clearly this isn't a make-or-break issue in
policing.

------
mechanik
Hilarious given that he is very attached his Wickr account.

I happen to know he uses it quite extensively.

------
caf
_" I think we've got to take a common position [among the five eyes] on the
extent of the legally imposed obligations on the device-makers and the social
media companies to co-operate," Senator Brandis said._

He's got to realise that any such agreement will inevitably end up being the
lowest common denominator of what each of the nations think they can
reasonably get away with legislating, which in this case probably means that
US (with the strongest device-maker and social-network lobby) will drive what
is possible.

------
TazeTSchnitzel
Are they following Theresa May's lead?

Worrying.

------
gleenn
I am a strong proponent of E2E encryption and the right for people to be able
to communicate privately, however I thing Brandis is saying generally positive
things. If Australia thinks someone is a criminal, and there is an agreed
process to obtain a warrant (hopefully from a judge), I think that's fine. The
NSA mass-surveiling Americans is entirely different, as are other similar
tactics to spy on presumably innocent people. Warrants are good, especially
with people actively making calls.

~~~
ENGNR
He's saying they'll use warrants... issued by Brandis. Which is the same as no
warrants from a 'judicial vs government' point of view.

~~~
angry_octet
Yep, Brandi's is as slimy as they come.

~~~
gleenn
Sad to hear. Do you think he's actually going to hand-approve all the
warrants? Hopefully it's still better than what the USA had with all the
warrantless phone data aggregation.

