back to article Australian govt promises to push Five Eyes nations to break encryption

The Australian government looks set to take a hard line on encryption at this week’s Five Eyes meeting, and encourage the other nations in the network to jump on the back-door band wagon. The Five Eyes nations - the UK, United States, Canada, Australia and New Zealand - have an agreement to gather and share intelligence, and …

  1. FuzzyTheBear
    FAIL

    Imminent danger.

    Controlling governments are a danger to the free world. THEY are the enemy of the people. Break encryption and dissidence will be wiped out, it's authors jailed and for the rest of us we'll be under total control of the Governments and we know their intentions : no good. If the so called good guys , i use " good " very very loosely , can break our communications , so can the bad guys. It already is totally insecure and they want to make it worse .. bravo < clap , clap >

    1. NoneSuch Silver badge
      Big Brother

      Re: Imminent danger.

      This is the most ignorant and short sighted policy ever.

      Fight for your rights now, because your government no longer cares about your freedoms.

    2. Anonymous Coward
      Anonymous Coward

      Re: Imminent danger.

      Controlling governments indeed - they're supposed to be our representatives, our servants, not our masters. The intended purpose of these backdoors isn't to tackle terrorism by the few but to forestall rebellion by the masses.

    3. Oh Homer
      Big Brother

      "terrorists and criminals using encryption"

      The most prominent examples of which include our own respective governments.

      As far as I'm concerned, our "five eye" totalitarian rulers can go and jA0EDQMCeXkH6U63OH7e0kgBTAQqbLCijG9IqlKUP1VRu2C4ivk3nDBe+OtRfJIBLWnfBxZtcj2cLkkNHaHY9A646uMF/MT3DKZbGt/FdZokzxDeEoi09Zs=!

    4. staggers
      Thumb Up

      Re: Imminent danger.

      Hear hear. And I refer all readers to the works of M. Bastiat. About what government should be. And should ONLY be. But then, he was a Libertarian, as am I, and as anyone with a brain should be, if they aren't naturally inclined to be dictators.

    5. Adam 1

      Re: Imminent danger.

      I disagree. I have complete confidence that George Brandis is exactly the guy you need when trying to balance personal freedoms against safety.

      1. Mark 65

        Re: Imminent danger.

        Man, I have and will always believe that George Brandis is a fucking despot. One seriously nasty piece of work. He is an absolute stooge for the 3 letter agencies. No doubt they have photos on him.

  2. Anonymous Coward
    Facepalm

    Five eyes...

    And still completely blind to the fact that weakening encryption for law-enforcement would also make life easier for criminals, hackers and oppressive governments...

    1. Infernoz Bronze badge

      Re: Five eyes...

      Also there is nothing to stop anyone from using weaker encryption as camouflage for inner strong encrypted data, or using a different strong encrypted network protocol to frustrate spies.

      I suspect that a lot of fun could be had with HTTPS websockets carrying layered encrypted date.

      1. Anonymous Coward
        Anonymous Coward

        Re: Five eyes...

        I dont think you guys get it. The spooks have been doing this for years, its just they have been found out so in order to maintain their crumbling authority they need to come clean.

        Put simply, would it be logical to use the latest knowledge from all subjects taught at University and to then try to pre-empt future threats? If you kept your eyes and ears open at primary school, you may have been lucky to have had special treatment or witnessed some special treatment, after all what is the ultimate stick or carrot in order to control behaviour?

        Every one has different incentives, everyone had different personalities, everyone is rigid and fluid to some degree or another over a whole multitude of data points, some of which is motivated by the chemicals you ingest beit legal like our under/over cooked standardised food or illegal like drugs, some of it by the events you have previously been exposed to, including conforming to a group be it work, local neighbourhood or national via the news, so the spooks will try and hack each and everyone one of us in order to maintain a degree of control, whilst trying to pre-empt an evolving future threat and learn from existing participants behaviour. Some experts will want to know things like what age are your parents values imprinted in your psyche, what other authority figures in you life has left an impression? Are suicide bombers, mass political demonstrations suffering from varying degrees of cognitive dissonance? Are people really passionate about their privacy and why? What makes someone introverted in the real world, but extroverted in the online world?

        The internet makes for an interesting analysis tool of human behaviour.

        Do you believe everything you read online? Do you even believe the dates and time of forum posts or articles you read? When is a sock puppet not a sock puppet but an AI? Your bias maybe given out by the websites you visit, like this agent provocateur site and others. For example, have you noticed a pattern with the news, they play both sides, as do other websites like the guardian, but do you get to see both sides of the argument? For example, take the Grenfell fire tragedy, DM reports the council saved £1.2m by going with cheaper cladding, the Guardian reports a saving of £2/sp mt, very sublte changes in reporting the facts to cater for the bias and typical behaviour of each reader.

        The online media push your buttons, the spooks watch and see how you react, they have even used reverse psychology and lie to simply cover their tracks, but you can get yourself noticed by posting on websites which are not conformist to the mainstream thinking, as well as doing other things both online and offline.

        Theres a reasons some websites are also free, like porn sites. How curious are you? Is transgenderism designed to abate future pedophilia risks, or is it a scientific experiment because humans all start out as female in the womb and its a way to make sections of society infertile who have a certain predilection to sexual experimentation? When is stereotypic behaviour not, and what causes it? Something from your childhood perhaps?

        What else can you do with the internet?

        Can you remember all the things you have read from years ago, if everything you ever searched for was recorded and later used to measure the dementia potential of your brain, along with access to all you have purchased could that not be an innovative scientific experiment for neurosciences? Is someone testing the theory all humans are no different to bonobo monkeys in sexual practices?

        So provoke them, you may not get a response straight away and I mean it could take decades in some cases, but every centralised piece of Govt & big business can be used to build a massive picture about you, everything from your GP & NHS records, your school reports, your tax records, your bank records, every major institution is used to obtain data on you in order to build up a bigger profile about you.

        Just take the PPI claims, who is motivated to put in fake claims, who is motivated to impersonate a former owner, renter, or housemate to make a claim? Whats your limit for obtaining money? Whats your limit for sexual gratification? Whats your limit for obtaining secret knowledge? The security services want to know everything so will hack everything, so what limits will you go to to maintain your privacy?

        So for the IT side of things, ask yourself why doesnt anyone authenticate the validity of the firmware when it can be hacked like a cars engine management system can be chipped to increase performance, with the best car chippers providing taster firmware that deletes itself after a period of time or number of ignition starts so you can see what the performance increase is like before committing permanently to the mod and handing over money?

        So with that technique in mind, how do you also test for a firmware level mesh network operating on your computer and across other devices, perhaps built into things like the Intel IME? Your IDS/IPS isnt going to find it as it goes through an OTA network which your OS can not see, so forget snort or suricata, and a myriad of other security measures like firewalls, anti malware and anti-virus that all operate at the operating system level.

        Time to knock up a RF listening device?

  3. Your alien overlord - fear me

    Good bye online ecommerce and e-banking. No real encryption will kill the economies of these countries. But arseholes have a very blinkered view of the world I find.

    1. Anonymous Coward
      Anonymous Coward

      They don't want back doors in that encryption they just want to spy on everyone's personal communications as a method of control through fear.

  4. John G Imrie

    the rule of law must prevail everywhere

    Who's law?

  5. monty75

    -----BEGIN PGP MESSAGE-----

    Comment: GPGTools - https://gpgtools.org

    hQIMAza+e1EFjAVOAQ/9GuVekcVxp8jEB3d2wgJRefRORL11u0o2EYRmMig7sN9T

    pznMUb270A/WSRWS6C1anLVmhgeVYuEXNSdFc7N/XNMjpVyVzaP8nkjtEYx6Bf8+

    hm3/2/gp0WMimUj3V4ryNN0X0vurML7+C4Ilkbe5ubeoOmwZlByMF2SuCZdYJTCl

    7wicWiMlgPjEjBbjYTbd4WjastdFQpoi+p0w85fZ8hwb1bX+QbndJCAZflAogX5G

    I5Rw/NuN76pNG3+MIDS3GRwV6me0sf6F0jUudPKis9cYRNNViHJNxSEsHg5tZpod

    rNaxzCOl6rrBA64btttehxcSpMoX25BpQl+50RuHsrprOe+X02u7HqktGFEi3fA5

    D070v6WtqGPXU8AX9EDlAv2XqQNnZM5wzNU8tnEaELCpMNCpzQtQ83PgfnxiN7lX

    ucwNL1QRtRcVfrE+3M6XVTwYGqxBwTt9Y76jt/ciLn+F5gBcXi0/y8apn09uLjdB

    dwqqEZ6HhXO/zqGELcr9Hmo/h496GK103yAhWYAaicl8K7pLx3mPAFpioHp8H/4r

    /VCdmdPz5Z8hsE3QCDMetDPnunhVsZHQ+1EAVS/uDmxV3ESVAIJYbFXISZ0apxM5

    J1h2ETg3xh6RO1lyJWzVsjSE3gq4B8sPHhotOQSmF3bSGEGPUvV2MdrLzya++l2F

    AQwDW18KdLm7jckBB/4nCakHEznaXgi2amEMrSjrDAIyZubaAJQfl88PnjUU/aMy

    ww9ltjkfZDJsnCalcS/0V5N0wWZo7HRjN4ud0rGaH2kVsA3dtVV03TnDre74Mc9j

    4KDSv4J4Fb2Y+WagdRVPqFDVlMK3RtAzwdinRwKxVGtc+/sImL1fj/BCFuJ9bAAd

    rpnHnyEjG+UEAbT/iCYhS5n6BlLJTKid2fkiFS9X5KWrXoi4HXt90yzWLAkWFTmn

    aHANzvi6kE/IOwPMfHycydTYaFM3I6n2Mkd/JGfmle3vKJ+sa6I715f2MNXzV/74

    vqzxVRHQwBqIBOw4BleGMg4RCFE+OWJREovLqse90nkBSEr7+uiQoUXu6QkdtbfL

    Sr596ggDstUvUHwCsBCJ1OGofHcuV1O3pxlhFRiawtn+rnHuT+TovE80zeccnL96

    oT9F6To/kgD7ef7DPxp57Pi6Yw7tcuFP0T5VZWZjSGV2KJlyybLd06gMhAOoG+/T

    hAnWQk1zJJ5f

    =k0yG

    -----END PGP MESSAGE-----

    1. Anonymous Coward
      Anonymous Coward

      Credits to milos they'll be able to break that pretty quick with the US's secret quantum computer they keep under the data center in Utah...

      And don't count on post-quantum algorithms to save you, either. All of them have demonstrated significant flaws.

      1. Anonymous Coward
        Anonymous Coward

        There are methods that can be hard to calculate on both traditional computation and quantum. While quantum computing can do the "travelling salesman" type calculations extremely quickly (depending on memory/qbits) there are other types it cannot (as with all things in reality, there are tradeoffs).

        That and I'm not sure how many qbits they have yet, as we can usually do the "1 step ahead" as we have with how many bits of encryption (using 256bit keys etc to make it "take too long" to decrypt, not "impossible" to).

        1. Charles 9

          Except since a working quantum computer would be "black" tech (meaning they'll deny it even exists), we can't predict how far ahead they really are, plus as noted while post-quantum algorithms exists, none have been judged sound enough that it couldn't be attacked better than brute force (all so far have had serious flaws found).

        2. Destroy All Monsters Silver badge

          While quantum computing can do the "travelling salesman" type calculations extremely quickly

          Not it likely cannot.

          Because "travelling salesman" is NP-hard and not likely to be in BQP.

          1. Charles 9

            I thought it was NP-complete. As in solve it in P and you prove P=NP.

      2. Justice
        FAIL

        You're assuming that 5 Eyes will actually know where to look. They appear to have found diddly squat so far and I'm pretty damn sure that the FaceBook group "Death to the Western Infidels" isn't going to contain their master-plan.

      3. Anonymous Coward
        Anonymous Coward

        FIPS 140

        There's a larger problem than just post-quantum-computing cryptography, and that's the fact that NIST hasn't blessed any algorithms. Thus, even if a post-QC algorithm were to exist, the use of it wouldn't be NIST approved, and it would be impossible to get it FIPS 140 certified. Given that, a large number of commercial, military, and government customers wouldn't be able to use it.

        Anon Y. Mus (since I work in the field of cryptography)

        1. Anonymous Coward
          Anonymous Coward

          Re: FIPS 140

          FIPS-140 is mostly a purchasing checkbox, there's nothing to stop people buying FIPS 140-validated crypto to meet the official requirements and then running it in non-FIPS mode where all the extra algorithms are available.

  6. Geoff Campbell Silver badge
    Mushroom

    Bwahahahahahaha!

    Yeah, good luck with that, guys. You're not even fit to carry our floppy disks. If we want encryption, we will have encryption, and there's not a damn thing you can do about it.

    GJC

    1. Charles 9

      Re: Bwahahahahahaha!

      Not even throw you in prison for 20 years for terrorism?

      1. Geoff Campbell Silver badge
        Facepalm

        Re: Bwahahahahahaha!

        All of us? Every single programmer, techie, mathematician, solver of cryptic crosswords, and general nerd?

        They're gonna need a bigger prison.

        GJC

        1. Anonymous Coward
          Anonymous Coward

          Re: Bwahahahahahaha!

          They've got one, it's called The West.

          1. The Man Who Fell To Earth Silver badge
            FAIL

            Re: Bwahahahahahaha!

            They've got one, it's called Russia. FIFY

            1. dmck

              Re: Bwahahahahahaha!

              Forced imprisonment on Mars.

              How to start a colony.

              1. Sir Runcible Spoon

                Re: Bwahahahahahaha!

                If someone was going to start another colony that was comprised of people with a good mind and a good heart they don't need to conscipt me - sign me up now!

              2. Someone Else Silver badge
                Devil

                @dmckRe: Bwahahahahahaha!

                Forced imprisonment on Mars.

                How to start a colony.

                Wasn't that how Australia was started?

            2. vir

              Re: Bwahahahahahaha!

              New New South Wales

  7. Anonymous Coward
    Anonymous Coward

    Wanted: new silver bullets and wooden stakes

    This particularly daft vampire refuses. to. stay. dead. I guess it's a zombie vampire or something.

    There already is evidence aplenty that BACKDOORS DO NOT WORK - it's akin to asking residents to leave their doors unlocked to "help" after a couple of particularly nasty terrorists, child rapist and mass murderers have escaped in the neighbourhood. Sure, it'll be very helpful for law enforcement, but it also amounts to wilfully ignoring the collateral damage that accompanies this sort of idiocy.

    Yet, these people have such a hard on for personal data it almost seems like a fetish - an uncontrolled desire well beyond rhyme or reason. Also note that this demanded openness of the public is NEVER met with a matching commitment to transparency and accountability who want this, which is in itself already a reason to fight this with every possible means.

    Helping law enforcement to catch baddies? Unfortunately, we have seen far too many instances where law enforcement and agencies turn bad themselves, with ZERO consequences. Fix that first to arrive at least at a starting point for discussion.

  8. Yet Another Anonymous coward Silver badge

    Fight terrrism

    Force manufacturers to fit backdoors to transit vans

    1. TheVogon
      Trollface

      Re: Fight terrrism

      And a happy Ramavan to you too...

      1. Yet Another Anonymous coward Silver badge

        Re: Fight terrrism

        Percentage where encryption was used in terrorist attacks in London / Paris / Germany = 0%

        Percentage of attacks where a van was used = 100%

  9. EricM
    Facepalm

    Conservative = tech-illiterate ?

    Why do especially conservative governments (my own German one fully included) tend to act completely incompetent and/or illiterate with regard to technology in gerneral and encryption in particular? At the same time the urge to observe everyone and everything seems to be very strong with his group. So they just wish something that is not attainable. Encryption technology today is the public domain. So everyone considering themselves a terrorist or even only a criminal is free to use it. Even banning it for the general population or major service providers will NOT change this. Regardless of what the 5 eye states or any other national government body feel about that. What a waste of energy ..

    1. Peter2 Silver badge

      Re: Conservative = tech-illiterate ?

      At the same time the urge to observe everyone and everything seems to be very strong with his group.

      If I was feeling snippy, I'd point out that these programs really got underway while liberals were in government in most countries. But look, breaking it down into political groups just leads to both groups throwing buns at each other pointing out which is more repressive and worse than the other and that doesn't get anybody anywhere.

      The problem is authoritarianism versus liberalism, and pretty much all politicians are massively authoritarian or else they wouldn't be trying to persuade people to elect them as their rulers for a few years.

      1. staggers
        Trollface

        Re: Conservative = tech-illiterate ?

        @Peter2

        'Rulers'

        Surely you mean 'humble elected representatives'?

        I think you need re-education. I know this nice little archipelago.

    2. Tom 7

      Re: Conservative = tech-illiterate ?

      I must admit a large number of the conservatives I know seem to want things to be simple, even though the evidence shows that simple is not the possible answer.

      1. Someone Else Silver badge
        Coat

        Re: Conservative = tech-illiterate ?

        I must admit a large number of the conservatives I know seem to want things to be simple, even though the evidence shows that simple is not the possible answer.

        The best possible outcome from this would be for such people to take Occam's Razor and slit their own throats with it.

    3. Doctor Syntax Silver badge

      Re: Conservative = tech-illiterate ?

      Why do especially conservative governments tend to act completely incompetent and/or illiterate with regard to technology in gerneral and encryption in particular?

      FTFY. Conservative governments have no monopoly in this respect. We've had plenty of experience with Labour govts. being just as bad whilst paying lip-service to technology (the white heat of this scientific revolution etc).

  10. mark l 2 Silver badge

    Do politicians not have technical advisers to tell them why this is such a bad idea? Or do the politicians just choose to ignore the facts anyway and push on with their own agenda which is all about staying in power.

    1. Anonymous Coward
      Anonymous Coward

      Do politicians not have technical advisers to tell them why this is such a bad idea?

      In my experience, it's exactly when they are technical advisers that they won't be listened to. If you want a politician to pay attention, you should call yourself "publicity" or "vote improvement" adviser.

      In my experience, the word "technical" is like an immediate off-switch for political or boardroom attention.

    2. Anonymous Coward
      Anonymous Coward

      going by the scientific & police views on drug laws vs the government views on drug laws, it's already an established fact that newspapers decide on government policy.

    3. Anonymous Coward
      Anonymous Coward

      They have lots of clever mathematicians and computer scientists in Cheltenham who will be able to explain in great deal why you can't backdoor encryption without compromising security.

      However, they will also have plenty of shiny-suited, newly-minted PPE graduates telling them that speeches promising to end terrorism and crime are polling viagra. And in the end, everything boils down to clinging to power.

      1. ExtraQueso

        They'll figure out why encryption matters when the backdoor leaks and someone hacks a few missile silos. Of course, it'll be too late for all of us by then, but hey, votes!!

    4. Doctor Syntax Silver badge

      "Do politicians not have technical advisers to tell them why this is such a bad idea?"

      No they have advisers who tell them what they want to hear.

    5. Adrian 4

      No, they only employ technical advisors who say what they want to hear.

      For evidence, just look at the history of drug laws. When the scientists gave the 'wrong' answer, they just sacked them and got some more amenable ones.

  11. Anonymous Coward
    Anonymous Coward

    Current Aus Government

    Self-destructing as we speak.

    Malcolm in the muddle is losing control.

    And he's the only one with half an ounce of a clue when it comes to tech.

  12. frank ly

    Oh wow!

    "... preparing a new law that would allow authorities to decipher and read private encrypted messages."

    So, this would enable them to read the encrypted attachments that real terrorists and criminals send, or the encrypted contents of any usb sticks, etc. that they manage to obtain.

    1. Charles 9

      Re: Oh wow!

      Possibly. Think a "Black"-classified working quantum computer.

      If they can hide the existence of stealth aircraft for several decades, keeping secret a working quantum computer hidden under a data center in Utah is possible, too.

  13. I am the liquor

    The legislator's fallacy

    There's a large dose of the legislator's fallacy going on with this encryption business.

    The legislators imagine that the choice before them is whether to allow the thing, or put a stop to the thing.

    But they don't have that power. They're law-makers, not gods. They can't make encryption not exist, any more than they can make drugs or prostitution cease to exist by passing laws against them.

    The choice they actually have is whether everyone should have access to the thing, or whether control of the thing should handed over to the criminal underworld. Which of those two choices is better or worse for society, is what they should be asking themselves.

    1. Anonymous Coward
      Anonymous Coward

      Re: The legislator's fallacy

      I'm pretty sure the fact of reality, possibility or impossibility, is not very effective on human laws when it comes to people deciding what to pass.

      The natural laws mind, care not what we "think" of them, they are, and we cannot break them.

      Then there are the laws of consequence, which is like a mix of the two. We can decide to go with or ignore a law, but the consequence is out of our control. I wonder if they even know of the consequences of following or breaking these laws.

    2. Paul

      Re: The legislator's fallacy

      whilst they're banning strong crypto, please can they redefine Pi to be 3, because that would make things more convenient for everybody?

      Oh, wait, you're telling me that governments can't change maths? Has somebody tried telling them?

      1. Rich 11

        Re: The legislator's fallacy

        Oh, wait, you're telling me that governments can't change maths? Has somebody tried telling them?

        Every now and again some elected idiot listens to a loon. But you can't rely on politicians learning from history either, can you? Just look at how often some self-serving bastard tries to bring back trickle-down economics.

        1. John G Imrie

          Re: The legislator's fallacy

          Economics is not a true science and will one day in the not to distant future be proven to have as much relevance to the real world as Astrology.

          1. Sir Runcible Spoon

            Re: The legislator's fallacy

            "proven to have as much relevance to the real world as Astrology."

            Tony Blairs' wife, who might have had some influence over his decisions, was well into that stuff.

            So I agree it might not have much relevance, but that doesn't mean it doesn't have an impact.

      2. Anonymous Coward
        Headmaster

        Re: The legislator's fallacy

        "Refine pi to be 3", is actually more sense than most things. Why? You can calculate the size of the observable universe to *within the size of a Hydrogen atom" with just 40 odd decimal places of pie.

        https://www.youtube.com/watch?v=FpyrF_Ci2TQ

        So if it's only "3" then does it matter? If measuring by hand, we don't need the calculation, we go with the actual measurements... and if calculating it, we can do so with better degrees than learning it by wrote (though of cause, writing shorthand, someone could just say "3" and save on space on paper ;) ).

        In the grand scheme of things, there are more important things to worry about... (as people believing 2+2=5 is not a legislative problem...)

        1. Sir Runcible Spoon

          Re: The legislator's fallacy

          Ah, the curse of the grammar nazi icon strikes again..

          "learning it by wrote "

          should be

          "learning it by rote "

          and

          "though of cause"

          should be

          "though of course"

  14. tiggity Silver badge

    Farenheit 451

    After all, the next "logical" step is to burn ALL the books to stop us using book codes

    1. Anonymous Coward
      Anonymous Coward

      Re: Farenheit 451

      No, the next logical step would be to ban literacy courses. You can't use a book code if you don't know how to READ. Plus people don't have the level of recall the troubadors once did; that'll take a while to get back if at all, by which time countermeasures for that can be developed.

      1. Steve Kerr

        Re: Farenheit 451

        I'm sure you've seen the way successive governments on both sides are dumbing down education for the masses whilst keeping the elite schools for their own ilk and rich bodies.

        They already ARE producing a nation of illiterates that watch rehashed reality TV and other bilge and are addicted to putting out their inane ramblings on twitter, fkucbook, or whatever the current favourite is.

        Politicians are living in cloud cuckoo land if they think they can back door encryption, they'd have to make everyone use key escrow where they (and their global friends and the criminals - hard to say which is which) have the keys. They are bound to produce a law that says, any other type of encryption is a WMD and therefore life imprisonment regardless of why you had - no doubt, this will include security researchers being the first to be investigated and probably imprisoned without trial secretly.

        </rant over - got called out last night and in a bad mood!>

      2. Anonymous Coward
        Big Brother

        Re: Farenheit 451

        And just as naturally, we few eidetics will be on the first probable dissident collection run by our civil masters. Can't have people out there that've memorized the "wrong material," can we?

      3. The_Idiot

        Re: Farenheit 451

        "You can't use a book code if you don't know how to READ."

        Well, technically I'd suggest you _can_. A 'book code' could be based on collection of characters, 'readable' or not. You just have to know how to count, point and copy. Id suggest the concept of a 'book code' based on a 'readable' book is more directly relevant to not having to carry big volumes full of random characters across border, but rather being able to walk into a nearby book store or library for your 'master sheet'.

        1. Sir Runcible Spoon

          Re: Farenheit 451

          You might be able to use a code, but what message would you transmit if you couldn't read? :)

  15. Anonymous Coward
    Anonymous Coward

    “raise the need to address ongoing challenges posed by terrorists and criminals using encryption”

    ...whilst completely ignoring the ongoing challenges posed by terrorists and criminals to those who DON'T use encryption.

  16. Anonymous Coward
    Anonymous Coward

    Backdoor Bandwagon

    Thats an excellent name for a pornsite.

  17. Anonymous Coward
    Anonymous Coward

    Fuck sake

    For the last time Aussies, the documents arent encrypted they're upside down. We read and write the other way round in this hemisphere. Turn the page 180 degrees.

    Nope now you're looking at the back because you rotated 180 degrees. I said turn.

    Seriously.

  18. genghis_uk

    I was watching a BBC news programme a few weeks ago (after the London Bridge attack I think) and the presenter was pushing the 'terrorists using encryption so all encryption is bad' line. She had a couple of expert guests on from mathematical and technical backgrounds that explained the problem simply.

    1) A backdoor in an encryption system breaks it - no more online banking or purchases. This is maths and cannot be worked around

    2) The authorities already have legal ability to hack pc's and phones of known suspects which allows them to read the plain text version of the messages. Encryption only stops the spooks reading the message while it is in transit

    3) Making something illegal does only prevents legitimate use. Criminals do not take much notice

    It was interesting that the presenter completely changed her mind (around point 2) when she realised what the proposals meant. She suddenly understood that this brings no new power other than the ability to spy on everyone instead of targeted spying on known or suspected bad guys. She thanked the experts for educating her on something she had not understood previously...

    Now if this was repeated at 6 and 10pm instead of 10:30am maybe a few more people would be educated too!

    1. This post has been deleted by its author

    2. Destroy All Monsters Silver badge

      So was she reassigned to cover foxterrier contests in Snowdonia for the next ten years?

  19. Anonymous Coward
    Anonymous Coward

    "illegal" apps

    The article suggests that any non-backdoored app will be illegal, but this isn't quite right.

    It is legal for me to make it (I am not in a 5 eyes country), it is legal for me to publish it (google and apple both operate their app stores in many countries). What may be illegal is for you to keep it installed once you travel to a 5 eyes country, or install it from a 5 eyes country.

    1) Is every phone going to be checked for apps on entry to the country (maybe, USA wants all that).

    2) Can you download stuff you aren't supposed to in 5 eyes countries.... um, yep!

    3) Is any central server sufficient distributed to avoid a single point of failure (ala Pirate Bay).

    So...end result, software out there but who is the government calling illegal... only the users, and that is going to be very big game of cat and mouse... especially in Australia.. maybe it's like government pokemon?

  20. Milton

    Ahmed the Terrifying Terrorist

    Ahmed has a neat little program he knocked up using freely available algorithms, created originally by the best encryption experts on the planet—downloaded off the net: it took ten minutes. He's smart and careful and encrypts the shortest possible messages using a decent scheme like (say) Blowfish with a 448-byte key.

    Ahmed can coordinate his latest atrocity with at most a few dozen messages, none of which exceed a few hundred characters. For each message, once it's encrypted, he snaps a photo of his current favourite goat (Habibi, today), and buggers around with sampling and resolution and compression until the image is a bit rubbish and Habibi's formerly enticing hindquarters are a soggy mess of artefacts and pixelation. He uses a simple steganographic program to introduce the encrypted bytes into the image, which as we have noted, is so messy that it will be a complete bastard for a cryptanalyst to figure out whether it's even *got* a payload or not. Ahmed does all this on a device that is never connected to anything. Not even Bluetooth headphones. And yes, of course, all the steps just discussed could be sequenced into one nifty little program though, note well, Ahmed does not store the long and complex key phrases on this device.

    Once Habibi is pregnant with the latest Atrocity #101 Plan, the image is SD'd or similar to Ahmed's latest burner phone, and he sends it as a social message to the Evil Cohort. The chip goes onto the campfire.

    Tomorrow, Ahmed will have another idea, and will be eyeing up a new cloven-footed friend for his Cryptic Gallery.

    Even if the Five Idiots' politicians decided to concrete over the whole of Utah to support NSA silicon, there isn't the faintest chance in hell that short steganograms in sloppy pictures exchanged among anonymous cellphones will stand out from the daily total of 1,700,000,000 pictures uploaded, exchanged, sideloaded, published, forwarded, Liked, downloaded, Hated, reloaded, retwatted etc etc and etc (that's about 600 billion per year, and increasing).

    And let's not even get started about all the other ways there are for encrypting, hiding and exchanging information—ways which cannot even be identified as encryption in the first place. (You could hide Britannica in a low-bitrate copy of Sam Smith's strangulated squealing and no one would suspect a thing.)

    As is so often said by those who actually understand this shit, backdoors cannot and will not work. They will make everyone less safe. Reading the inconsequential mail and trifling sins of seven billion people is not just pointless, it sucks resources from where they are really needed: infiltrating Ahmed's Terrifying Tent City (Camp Terrible, Northern Waziristan), which you *will* need to do because the Bad Guys will be the ones successfully using the encryption you were stupid enough to think you could ban.

    1. Charles 9

      Re: Ahmed the Terrifying Terrorist

      Except the moment the picture reaches the social network, the image can (and usually does for the very reason you describe) get resized, flattened, and otherwise mangled to squelch any steganography you may have put into the image. About the only way you could convey a message that's mangle-resistant is to make it part of the image itself (which (a) requires previous coordination which may have been moled, and (b) may stand out enough for the plods to realize it for what it is).

      1. DJO Silver badge

        Re: Ahmed the Terrifying Terrorist

        mangled to squelch any steganography you may have put into the image.

        With a bit of imagination that is a surprisingly easy problem to circumvent especially if you know it's going to happen, it will lower the amount of data that can be encoded per picture but they only need to send a few code words not an annotated copy of War and Peace.

      2. patrickstar

        Re: Ahmed the Terrifying Terrorist

        You should study some information theory. Information can be added to images in a way that would survive all that.

        1. Charles 9

          Re: Ahmed the Terrifying Terrorist

          But very little at that. Reduce the information flow to a trickle and you make it riskier to send since if you push things too hard you can reveal yourself. Plus you can't be sure WHICH methods are being used, and some methods can squelch methods others don't.

  21. WonkoTheSane
    Trollface

    Obligatory Australian Government statement (Audio is NSFW):-

    https://www.youtube.com/watch?v=rmLAj9iIfQk

  22. julian.smith

    George (metadata) Brandis

    Dumber than a sack of rocks

  23. Mahhn

    End to Banking

    End to Banking.

    Here at the bank, we use encrypted Emails, Encrypted storage, Encrypted laptops, Encrypted data at rest, Encrypted data in transit. We on occasion send and receive encrypted media (including off site backups).

    With a back door, it will get hacked, it will get stolen. But not just us, as we use products that other banks use. A back door for one person is a back door for everyone, and is now the front door.

    Politicians don't understand technology.

    They keys to your car open an encrypted lock that only the encrypted key fits. Don't forget to fuck over the auto industry at the door, since all the funding for them will be fucked now.

    1. Charles 9

      Re: End to Banking

      End to banking? What did banks do before computers? Or before the telegraph?

  24. Spaceman Spiff

    Oh yes, this will turn out well! Just remember, back doors are ubiquitous - if we have them, you have them. How many of your secrets do you want out in the "wild"? That's one way to find out what our "representatives" are up to!

  25. DJO Silver badge

    Foot, gun, take aim, fire!

    So messaging moves off the normal internet and you lose all the lovely metadata which any intelligence expert will tell you (in confidence) is where the bulk of their information comes from.

  26. Stevie

    Bah!

    "Five eyes nations"? To refrain from the casual usage of derogatory racial slurs, iniquitous soft one!

    1. DCFusor

      Re: Bah!

      Retief!

      1. Stevie

        Re: Bah!

        To clean your bifocals soonest, vile Terry!

        How can you mistake the noble form of Ambassador Slith, resplendent in eyeshields and hip-cloak for that interfering busybody?

        To be on the receiving end of my best 415-C (Righteous approbation brought on by diplomatic faux-pas committed by inferiors)!

  27. Anonymous Coward
    Anonymous Coward

    Conspiracy theory...

    ... just like in Vernor Vinge's 'A deepness in the sky' - the alien mother ship is waiting at the la grange point and has been infiltrating our networks for years. They're using misinformation campaigns to influence the humans ...

    Trump, Putin, Erdogan and the nutcases in the middle east have been used to dilute the credibilty of news in our networks - hence softening the impact of the alien campaign.

    Breaking decryption on a global scale is required to find the aliens' TOR entry node.

    Terrorists and child abusers have been the excuse to break encryption.

    Now proof me wrong!

    1. GrapeBunch

      Re: Conspiracy theory...

      In a recent study of White Rhinos, researchers used fake poos to influence the herd. QED.

  28. Anonymous Coward
    Anonymous Coward

    Why the focus on point-to-point communications?

    So Alice and Bob (and their circle) develop their own cipher. Suppose that the cipher is a book cipher. Any message sent will be encrypted twice -- once in their private cipher, and once in some backdoored public cipher. How does the backdoor help the government (or anyone else who is listening)? The metadata in this case says Bob is messaging Alice...but so what? And in the case that Bob simply posts the message on The Register -- then the recipient(s) are likely completely unknown!!

    *

    For example, here's a (real) book cipher message. What does it say?

    ====

    sforzato pharyngo- woadman mecometer semihysterical veratrize fiercenesses Ranquel lepidotic Kawaguchi eyeservice fringiness half-plane piligerous saskatoon straddle-fashion sharecroppers colibertus bilobular unsacrilegiousness Gallicolae snake-eyed hydrophorous rain-soaked entoplasm eschewing brulyiement Erastianize acetphenetid recheat hout alada superaffiuence sweet-scented Altingiaceae researchful unegregiously unregenerately blighted Marlette nonbeauties Ossetian perversite artcraft Staley physiognomonic keawe kentallenite acroataxia yodles Rhabdomonas mournfulness VC loose-lived self-purifying tornadoesque uroo slopmaking annalists undeferrable ammonitic WAN pokable limbs Composaline gasified Chibcha elephantiases guerdonless orchestras whoop-de-doo commercialised periclean half-reclined naturata haemonchosis bug-juice theorically demonstrant premarrying honduras knickknack Adrianople -aceous inductees counter-faller cervicorn yowe adenomata kutch jardon eradicable nonfervidly cribriformity totoaba Marduk Muscadine mangrate Californian Mignonette Stroessner fisherpeople So. gibble-gabble cayuses Wallinga squab-pie fancywork niftiness

    ====

    1. Someone Else Silver badge

      Re: Why the focus on point-to-point communications?

      It says you spend too much time on pr0n sites!

    2. Charles 9

      Re: Why the focus on point-to-point communications?

      It stands out when the government decrypts the message with their cipher and it still comes out garbage. Now Alice and Bob are suspicious. You not only have to conceal your communications, but you also have to conceal that you're communicating as well.

      1. Sir Runcible Spoon

        Re: Why the focus on point-to-point communications?

        @Charles9 - that's a false argument. After all, we do expect this only to be used in a targetted fashion don't we? Therefore if it's targetted, they already know that the communication is suspect.

        If we simply accept *they* will decrypt *everything* on the offchance of finding a fish, then we are all criminals and the only recourse left to the free people of Earth is to own it and actually become the criminals they fear us to be.

        "So often one finds one's destiny on the path one takes to avoid it."

        1. Anonymous Coward
          Anonymous Coward

          Re: Why the focus on point-to-point communications?

          "If we simply accept *they* will decrypt *everything* on the offchance of finding a fish, then we are all criminals and the only recourse left to the free people of Earth is to own it and actually become the criminals they fear us to be."

          And then they nuke us.

      2. Anonymous Coward
        Anonymous Coward

        Re: Why the focus on point-to-point communications?

        Quote: "Alice and Bob are suspicious"

        Don't make me laugh. You may recall that all the recent outrages in the UK were performed by people who were "already known to the security services". I don't think Alice and Bob have much to worry about ..... apart perhaps to worry about false arrest!!!

  29. Anonymous Coward
    Anonymous Coward

    Microwave ovens

    A huge amount of microwave ovens have already been ordered to build the cluster required to break the encryption.

    The cluster will be linked to the other 5-eye nations in a collaborative effort. Apoarently Trump himself came up with the design. As a first - the raw compute power will be underpinned by green energy.

    There's a massive wall of solar panels on the mexican border.

    Australia still has to use coal because that's what they got. The brits got plenty of hot air left from the brexit talks. The canadians use pure 'good will'. Did I forget anyone ? Yes, NZ won the americas cup. That'll do.

  30. Someone Else Silver badge
    Big Brother

    Points to live by (if you're one of those people)

    • We've always been at war with Eastasia

    • All your data are belong to us

    • pi = 3

  31. genghis_uk
    FAIL

    the other problem that is never mentioned is that a code only has to be strong enough to survive for a certain length of time.

    A bunch of bad guys organising something in a few months may want a strong cypher or encryption but if that something is today (or probably even in the next couple of days) they could send it in clear text as the chances of it being intercepted and acted upon is incredibly small. Even smaller if the spooks are intercepting everything.

    So if encryption is banned and they do not want to draw attention, they could effectively hide in plain sight by sending clear text messages that look innocuous... how do you deal with that? Ban all communications?

    1. Oengus

      Ban all communications?

      That's what the government want. To ban all communications except their propaganda.

  32. DeKrow
    Coffee/keyboard

    Law hierarchy

    Natural laws > Human laws

    For example:

    Mathematics > Legislation, in the same way that

    Evolution > Creationists desire for evolution not to exist

    Where's Reality's Esc key?

    1. Sir Runcible Spoon
      Trollface

      Re: Law hierarchy

      There are enough gaps in the theory of evolution to raise questions as to whether it is the *whole* answer. Just sayin'.

  33. The Central Scrutinizer

    And the Train of Stupid just keeps rolling on

    All this talk of deliberately breaking encryption makes me want to puke. George "metadata" Brandis is a technologically illiterate buffoon. Watch this, if you haven't. You'll probably choke with laughter. Train wreck interview

    1. cbars Bronze badge

      Re: And the Train of Stupid just keeps rolling on

      That video is far too heavily edited and unfair, in my opinion. It's impossible to tell how often he actually stumbled. A fair few people who read this site would flounder when asked to explain a document that someone else has written and who were only recently briefed on.

      That said, yes, politicians need to be good at absorbing and understanding that sort of information - but I don't think the video adequately portrays the true level of his incompetence, exaggeration is not helpful.

      1. The Central Scrutinizer

        Re: And the Train of Stupid just keeps rolling on

        Trust me, he is that technologically ignorant. He may be the Attorney General of Australia... *gag* but he sure doesn't understand computing on any meaningful level.

  34. MrDamage Silver badge

    Dear Politicians

    There is a forest out there working hard replenishing the oxygen you are wasting.

    Please go and apologise to it.

    What I want to know is if they legislate weakened encryption, will they (the politicians, not the government) also accept legal and financial liability for the inevitable breaking of it by bad actors? The tax payer does not deserve to be burdened with the extra cost of these numpty-headed decisions.

    What company in it's right mind would be willing to risk using 5-eyes based encryption if they have to accept all of the risks?

    Fucking morons the lot of them.

  35. Richard Parkin

    cannot even manage their own passwords ...

    These are the people who, in the UK at least, cannot even manage their own passwords.

    1. Charles 9

      Re: cannot even manage their own passwords ...

      Not just in the UK. I know people who you try to drill "correcthorsebatterystaple" into them and they keep coming back "donkeyenginepaperclipwrong". Some of them can't even spell their own name correctly or even recall their birthday? No joke!

  36. Anonymous Coward
    Anonymous Coward

    In case you haven't already noticed it. Privacy is gone since 9/11. what's happening now is mopping up a bit of mess. Legalising privacy invasion after it has been going on for decades.

    Next goverments started scare campaigns - so we're all scared of the terrorists.

    What's happening now is the systematic destruction of free press. Trump does it by calling it fake news and ridiculing journalists. Putin and Erdogan just look up the journalists they don't like. Either way the outcome is the same. Without free press governments or whoever is in charge can serve up any news they like.

    We're heading towards a scared populatin, who by now is dependant on the internet. The population cannot communicate privately anymore and news aren't intrustworthy.

    I'm certain goverments will try to chip humans like pets within the next decade or two.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like