Australian government looks to force tech companies decrypt customer data Less of a 'backdoor,' and more of a 'side gate' August 14, 2018 https://www.techspot.com/news/75965...ks-force-tech-companies-decrypt-customer.html Australia Hopes to Strong-Arm Tech Companies Into Giving Up That Precious Encrypted Data August 14, 2018 https://gizmodo.com/australia-hopes-to-strong-arm-tech-companies-into-givin-1828333553 Assistance and Access Bill 2018 (PDF): https://www.homeaffairs.gov.au/consultations/Documents/the-assistance-access-bill-2018.pdf Assistance and Access Bill 2018 (Explanatory Document) (PDF): https://www.homeaffairs.gov.au/consultations/Documents/explanatory-document.pdf
They can legislate as much as they want, laws of physics and math don't care. Only effect will be that bad guys will change to some other platform or cook their own. And everyone else in Australia will be left to mercy of not only their own government but also to foreign hackers and spies.
I wonder how will tech companies that operate worldwide comply with this law. Will they have separate (less secure) products for AU market? I'm also interested how lawmaker is going to solve a "problem" with end-to-end encryption solution. Will they prohibit them?
Well, let's say that some tech company complies with the Australian government demand and makes a crippled version of their end-to-end encryption product X. Let's say they code a built-in backdoor listening say port 6666 with password hackmeplease1234 or something equivalently stupid. It's literally one nmap scan away for any hacker to get inerested ("Gee what is this open port 6666 in application X doing?"), get a copy of the app, reverse engineer it and find a backdoor literally built-in into app X that otherwise would do end-to-end encryption. Result? Massiwe p0wnage and bankruptcy for company making that app X. And how would government force people to use product X ? People could just use product Y made by organization/company/individual who does not give one ****** what Australian government wants. Heck, they could even just use older, non crippled version of product X. Banning non-backdoored products by law won't catch any criminals because, they are, well criminals and won't give one *** of laws in the first place...
https://nakedsecurity.sophos.com/20...ock-their-phones-could-face-10-years-in-jail/ Damn. But on the other hand, there's apparently no limit in the US for jail time for contempt of court.
Yea... That's really crazy thing in US law system and not good one (already overpopulated jails fill with people needlesly) But I do like the way US gives sentences for horrid crimes for some monsters (several lifetimes or at the very least, many many maaaaany decades) compared to ninny-winny sentences in my country ... Heh...from that article: "No backdoors The government’s explanatory note says that the Bill could force a manufacturer to hand over detailed specs of a device, install government software on it, help agencies develop their own “systems and capabilities”, and notify agencies of major changes to their systems. In short, it would force communications providers to work extensively with the government to gain access to a target’s data where it was in their power to do so, and it would also compel them to keep all of this secret." Yeah...nooooooo backdoors here (or at least don't call it "backdoor") ... Memo to self: Never use any laptop/phone/router etc. or service made in Australia.
New tech surveillance laws more a 'side gate' than 'back door' into Australian phones Tech surveillance laws proposed by Australian Government 'aggressive', critics say
Telstra and Optus call for clarity in anti-encryption laws The big telcos don't want their operations disrupted. They want more consultation, and protection for their downstream customers. September 24, 2018 https://www.zdnet.com/article/telstra-and-optus-call-for-clarity-in-anti-encryption-laws/ Optus [...] the company's submission [PDF]: https://www.homeaffairs.gov.au/consultations/Documents/optus.pdf
