
Ask HN: Will doors start slamming shut for Australia around the world? - andrewstuart
Australia&#x27;s new encryption laws make it probably more of a security risk than Huawei.<p>Will the world start closing its doors to Australia?
======
steve_taylor
If I was working at Atlassian in the Australian office, I would be very
worried about Atlassian pulling out of Australia. A lot of companies use
Bitbucket. Atlassian could be compelled to sneak backdoors into other
conpanies’ code. There would be issues around incorrect hashes, but most devs
would put it down to a mistake on their part and just re-clone the repo. Some
backdoors will go indetected and some won’t.

If you’re using Bitbucket, consider migrating to your own Gitlab instance,
hosted in a country whose government values privacy.

~~~
andrewstuart
What about the AWS Sydney region, and for that matter Google and Microsoft
Australia?

~~~
bigiain
Amazon Google and Microsoft all definitely have enough business interests in
Australia to have become untrustworthy due to these laws.

I wonder how long it’ll be until someone like Digital Ocean starts advertising
“we have no Australian office, and we’ve let go all our Australian staff!”?

(Having said that, DO are at least as susceptible to NSLs. I wonder who the
most reliable non five eyes cloud hosting provider is?)

------
tlb
Governments have been trying to thwart crypto for a long time, with limited
impact on people who seriously care about security.

In the mid-90s, it was illegal to export strong crypto developed in the US
outside. So for quite a while programs would come with dummy crypto, and
before building you'd download the actual crypto libraries from Finland and
link them in instead.

Also for a time, RSA had a patent on public key cryptography and enforced it
against companies using it (say, for running a secure webserver) unless they
used their closed-source library.

So using crypto in the US was made difficult, and yet the internet was fine
and most people got the crypto they wanted (except, ironically, defense
contractors.)

Although the new law sucks, everything will probably be fine there too. The
Internet is pretty resistant to the sort of damage this law could create.

~~~
tptacek
Export regulation had a lasting impact on everyone's security, because the
mechanisms used to support it, even for people who had strong crypto available
to them, were themselves vulnerable. See for instance FREAK.

------
simonblack
When the Clipper fiasco happened in the States about 30 years ago, it didn't
take long before the US started being left behind in crypto work by the rest
of the world, especially by open-source crypto like PGP.

[https://en.wikipedia.org/wiki/Clipper_chip](https://en.wikipedia.org/wiki/Clipper_chip)

------
phendrenad2
Needs an "ask HN" in the title...

~~~
tlb
Added

