Australian Politics, Mark II


#4845

BSD always considers all the information, carefully assesses it, and then believes what the ALP tells him to believe.


#4846

I just added more


#4847

That’s not fair, I have seen him be pragmatic on refugee laws contrary to the party position before.


#4848

So apparently nothing got passed today.


#4849

You’ve lost me buddy,… I’ve never been near an Apple product or Itunes. :smirk:

Never will.

Does this only effect Apple folk btw, … is that what you’re saying here? If so, … all good.:wink:


#4850

no, pretty much every device in the country that accesses the internet


#4851

You keep saying this, but you don’t say how.

Corrupted Aplle dudes posting it on the Dark web for bucks? How?


#4852

But mine will be no more vulnerable than it is now,… right?

I don’t have whattsapp. Facebook etc on my phone,… so I won’t have any backdoors, right?


#4853

Do you only care about how it affects you specifically? That’s somewhat strange

And if you want the nitty gritty explained to you, why don’t you go read the submissions to the Senate Inquiry? They are all public. Including one from the encryption company that provides services to almost all arms of the Federal government (Senetas) which is screaming that the current legislation is unworkable and makes everyone less safe.


#4854

And now for a bit of champagne comedy from the Libs; (cropped article from the ABC website)

As the surviving Liberals entered Parliament today, many offered analysis of what went wrong during the campaign, but Mr Guy avoided questions about the election loss, saying it was a matter for the new leader.

Upper House MP Bernie Finn said the campaign was “disgraceful” because it failed to properly communicate with voters.

He also lashed out at criticism from Labor about the lack of women in Liberal ranks.

“If the Labor Party and the Greens want to have more women in the Liberal Party, what they should have done is not defeated them, that would have been a very good thing if they hadn’t run against our women,” Mr Finn said.

:rofl: I have no words. Plonkers.


#4855

BSD is your classic one-eyed Lim Dem voter :stuck_out_tongue_winking_eye:


#4856

How much tech security stuff have you read?


#4857

Do ALP press release count?


#4858

From Kaspersky’s submission
“Specifically, in case of encryption there is a broad industry agreement that a third party
access to encryption keys weakens encryption for all users, including those not targeted by
the encryption agency. This argument has been explored in more details by the Citizen Lab
and the Canadian Internet Policy and Public Interest Clinic (CIPPIC) reporti and in our view it
is applicable to other technologies.”


#4859

Best-practise security is two factor. You generate a code key, then split it apart into what is called a key-pair - two separate code keys that are mathematically intertwined. You give one to your partner and keep one for yourself. When sending a message, your partner will encrypt their data with their half of the pair, then you will decrypt it with yours. But (and this is important) you cannot decrypt data with the key used to encrypt it. No, I don’t understand the maths behind this either, but that’s how it works, functionally.

The accessor and the accessed have to match. So that means you can’t have continually randomly generated keys (leaving aside the question of how ‘random’ these things can be from a mathematical & computational point of view), because your key at one end won’t correspond with the key at the other end.

And of course, if the key is NOT randomly generated, and you’re relying on deterministic generation (here’s a hint - don’t do this ever if you want a vaguely secure code), anyone can tear apart the software on a phone to find out the key-generation function and crack it, and then reverse-engineer its counterpart. In order to function, both parts of the keypair must be generated TOGETHER.

Nope. The thing is that even apple doesn’t have access to the stuff that the cops want, it’s encrypted out of their view as well (especially if it’s in a third-party transient message app like snapchat, that deliberately doesn’t store its own message history). What the govt is proposing is that they should be allowed to get a court order to force Apple to code a weakness in their own security (which will apply to EVERYONE, not just the target) so that the cops can exploit this weakness to monitor the target’s communications.


#4860

It doesn’t happen. Not even Tim Cook himself can access it. It’s not how the code works, if it did it’s violating the terms of service. Apple would go from the most profitable company in the world to broke over night.

I’ll explain it another way.

Everyone remembers the fappening, that happened not because the encryption of icloud got hacked, but because the hackers where able to reverse engineer the victims passwords with small pieces of personal information.

An encryption key is called a cipher and encrypting a file only generates one cipher. If you where to encrypt a file in such a way to generate more than one cipher it more than halves the decryption integrity. Currently for an encryption to be hacked it only needs a 1/12 weakening to be deciphered. Halfing it makes it 1995 level of vulnerable.

I hope that makes sense


#4861

The cops aren’t going to be going to snapchat to order them to install a backdoor. They’re going to go to apple (or whoever) and get them to put the backdoor in the OS level so they can monitor every obscure app you might ever want to use. So the compromised security will apply to everything on your phone, from your email to your internet backing app. And to everything on everyone else’s phone too.


#4862

Correct, except that the ‘targets’ don’t even use that software, they use their own bespoke messaging software that they design, as a general rule.

So actually, the changes will apply to everyone except the persons whom the legislation is supposedly targeting. Genius


#4863

Aus Industry group basically agree

https://www.aph.gov.au/DocumentStore.ashx?id=380bde7a-b4e5-4f35-9217-85207381a140&subId=660760

Actually, all of the submissions basically say the same thing
There’s 105 of them
Knock yourself out:

https://www.aph.gov.au/Parliamentary_Business/Committees/Joint/Intelligence_and_Security/TelcoAmendmentBill2018/Submissions

The bill is very careful to include language saying they don’t want a backdoor. They just want something that looks, acts and sounds like a backdoor. Politician weaselwank. And bad policy.


#4864

A bit, but I’ve watched more. Plenty of Docos on the subject, and every ep of Vice’s Cyberwar they’ve shown.

At any rate, no one here knows enough to give straight factual informed answers to questions I’ve raised, so I’m guessing they know as little as I do.

How will hackers access this backdoor?, would seem a fairly relevant and simple question for those worried about this to answer if they had any idea how encryption, and backdoors actually worked.