back to article Australia on the cusp of showing the world how to break encryption

The Australian government has scheduled its “not-a-backdoor” crypto-busting bill to land in parliament in the spring session, and we still don't know what will be in it. The legislation is included in the Department of Prime Minister and Cabinet's schedule of proposed laws to be debated from today (13 August) all the way into …

  1. David 45

    Idiots

    Looks like down under are on the Trump pig-ignorance band-wagon! When will they listen to people who actually know what they're talking about? Madness.

    1. CFtheNonPartisan

      Re: Idiots

      I don't think Australia is on Trump's pg ignorance bandwagon, the Australian conservatives originated it and Trump is only copying it as best he can.

      Search for the illustrious George Brandis trying to answer what metadata is. Pathetic does not do justice. It has not gotten any better since.

    2. Malignant_Narcissism

      Re: Idiots

      You clearly haven't been paying much attention in history class. To suggest that Australia is riding on Trumpkin's coat tails is a massive stretch. This effort is tame compared to other laws they've had in place for decades.

  2. beep54
    Angel

    Ijtihad

    The world, well the Western world at least, seems to be in the throws of a severe backlash to 'progress' which is increasingly viewed as abhorrent. Independent reasoning need not apply as we have enough knowledge, thank you very much. This 'closing of the Gates of Itjihad' worked out SO well for Islam (/s). Alvin Toffler seems more and more prescient with his concept of 'Future Shock'. Ah well, the future is, indeed, not evenly distributed.

    1. Spoonsinger

      Re:Alvin Toffler seems more and more prescient with his concept of 'Future Shock'

      and Gillan.

      (Just remember that there is no laughing in heaven).

    2. Anonymous Coward
      Anonymous Coward

      On the contrary, they love progress

      That's what has enabled them to conduct mass spying on millions of communications simultaneously for decades. They just don't like that progress has continued, and they are losing that ability they became used to - which had caused them to mostly forget older methods they used before they could listen in everything at once.

    3. Chuunen Baka

      Re: Ijtihad

      "in the throes of"

  3. Anonymous Coward
    Anonymous Coward

    according to the Australian Prime Minister, in comment about how the government can force access to encrypted data

    "The laws of Australia prevail in Australia, I can assure you of that," Turnbull said. "The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia."

    1. Anonymous Coward
      Anonymous Coward

      Well that's OK then. They only need to decrypt the Australian end. The other end will be safe.

    2. julianh72

      And in other news ...

      ... the Prime Minister, Mal.com Turnbull, declared that "irrational numbers are an abomination in the eyes of the Government", and are henceforth banned from use within Australia.

      1. onefang

        Re: And in other news ...

        We are replacing irrational numbers with irrational laws? Someone needs to throw a π into Turnbull's face.

    3. Anonymous Coward
      Anonymous Coward

      What a moron

      If that were true how come he hasn't fallen off the bottom of the planet yet ??

      Idiot.

  4. A Bee
    Coat

    Crypto-busting bill

    "... but we still don't know what will be in it."

    Why not? Have they encrypted it?

  5. Anonymous Coward
    Anonymous Coward

    "Stupidity or conspiracy"

    Sums up this current government very well.

    Once Tony Abbott stops tilting at renewable energy windmills and conquers the great climate change conspiracy, he'll be right onto magic backdoor spells for tech.

    Meanwhile, Fizzer-Turnbull just smiles and looks to the sky.

  6. Detective Emil

    Note to self

    I'm off to Oz next year. Must make sure the VPN's in working order.

    1. Adam 1

      Re: Note to self

      No point if the laws of mathematics don't apply. On a serious note, do this as there are already metadata retention laws in place.

      /Posted from, oooh, let's go Azerbaijan, today.

      1. The Central Scrutinizer

        Re: Note to self

        Often post from Germany or The Netherlands myself.

    2. pertayter

      Re: VPN

      Remember your data is accessible in plaintext form at the VPN gateway

      Be aware that if the VPN service has an Australian gateway, they will be subject to the proposed law requiring them to cooperate with law enforcement and security services

      So, when visiting Australia, do not use an Australian VPN service, and do not use an Australian gateway of any VPN service

  7. Anonymous Coward
    Anonymous Coward

    Think France has prior art here ... in early days of email/internet encryption was not legal in France so multinational companies had to carefully construct their network routing tables to ensure that non-french parts of the company could share encrypted data without any danger of packets passing througjh servers in France

    1. Khaptain Silver badge

      Fortunately it's no longer the case.

      So maybe, the Ozzies should reconsider if their master plan will really have any impact.

      First we had the great barrier reef.

      Then we had the great Aussi Firewall.

      The we had the amazing Aussi Full Decryption laws.

      Then we had a scandal because one of the ministers got caught doing something naughty, one/all of his adversaries could now read the hidden stuff.

      Then the great firewall, decryption process was removed as it wasn't in public interest...

      What goes around, comes around...

  8. bigtreeman

    bad legislation

    My guess is creating legislation to force companies to give access to encrypted data. If grand poobah, mighty technocrat Malcolm is involved it will be underhanded and dumb.

    Our government creates stupid legislation without sufficient discussion or thought. They have created some pretty awful laws to allow themselves to do really nasty shit. They usually end up with a patchwork of bad laws to cover over holes they have created.

    Most of their crap still exists because it is too expensive or too difficult to challenge in the high court. I expect a law review somewhere in the future to wipe these bad laws off the books, it will take years and a future Australian government which gives a shit.

    Read IBM and the Holocaust by Edwin Black for insight into misuse of technology by business and government, it's fecking chilling.

    1. Nick Kew

      Re: bad legislation

      The paragraph quoted in the article doesn't imply breaking crypto (nor of course does it imply the contrary). It *could be* a perfectly realistic bill dealing with situations like the FBI-Iphone row.

      Flat-earth George has now moved on: wikipedia tells us he's now Aussie High Commissioner to Blighty. Damn, he should be a Barry Humphries character!

      1. The Central Scrutinizer

        Re: bad legislation

        He is a Barry Humphries character. Kindly old uncle George from Campberwell with his $7000 bookcase.

    2. pertayter

      Re: Access

      The intention is to force companies to provide access to data which is encrypted in transit using SSL, but stored in plaintext

      and to force companies to provide access where data is stored encrypted, where the company, not the user, controls the encryption key. A lot of cloud storage works this way. The company uses the same key to encrypt everybody's data

      1. JohnFen

        Re: Access

        "A lot of cloud storage works this way"

        Which is why anybody who is storing data in the cloud that they don't encrypt themselves first are being foolish.

  9. Magani
    Unhappy

    Once again...

    ...the present incumbents on the hill in Canberra prove that they have NFI about a whole host of topics. The sad part is that the opposition is much the same. Dumb and dumber.

    I love a sunburnt country, but they're making it bloody difficult.

  10. Anonymous Coward
    Anonymous Coward

    incompetence...

    I've always taken great comfort in the fact that my pollies were on the whole clueless knobs. It would be much more terrifying and dare I say dangerous if they knew what they were doing and were effective at implementing it. The bumbling fools we have are neither. Yes, it costs money (cough, NBN multi technology mix) but it's no danger to society in any fundamental way.

  11. mc nobby

    Hey, If they want a magical black box with a flashing led on it. Then I'll get busy in the shed.

    I have a feeling the magical device may cost an equally magical amount of money....$20Mill outa cover it

    Watch the led, if it stops blinking then it's stopped decrypting and you need to say the incantation

    1. Tac Eht Xilef

      No ... think bigger!

      > $20Mill outa cover it

      You're thinking too small.

      Remember, another organisation was recently given $444 million for something equally impossible (and ultimately more futile...)

      1. Khaptain Silver badge

        Re: No ... think bigger!

        @Mc Nobby

        I presume that that was a reference to the IT Crowd... Brings up some sunshine to this cloudy morning.

        https://www.youtube.com/watch?v=iDbyYGrswtg

        and it's follow up

        https://www.youtube.com/watch?v=Vywf48Dhyns

      2. Anonymous Coward
        Anonymous Coward

        Re: No ... think bigger!

        Now that Retro Computers Ltd has cracked the ZX Spectrum Vega+ problem and have got it into production <giggle>

        https://www.theregister.co.uk/2018/08/09/zx_spectrum_vega_plus_hands_on_review/

        they must be an excellent candidate to design and construct a DecryptoBox (TM) for the Oz pollies with NFI.

      3. EnviableOne

        Re: No ... think bigger!

        you're missng the Point, thats $20million each,

        and you need to attach one to every device you want to decrypt traffic on, that means Every PC, every tablet, every smarphone and everydumb one too

        /me gets out calculator

        /me visits James McCormick to find how to scam the bid system

        hmm... so sell them for $20million, make them for $5

  12. DrM
    Stop

    Consider motivations

    Everyone is assuming that these politicians really want to help law enforcement. Politicians have but one goal -- re-election. They need to be saying to the voters, "We did everything we could, look at this law." They can't afford to say nothing can be done -- that is suicide for a politician. Someone else will immediately say they can fix things and they will be replaced.

    Besides -- the ongoing war on terror is the greatest watershed since the Iron Curtain,

    1. pertayter

      Motivations

      It's not so much about votes as about giving the security services everything they ask for without question. This ABC article has some clues about motivations ...

      http://www.abc.net.au/news/2018-08-14/tech-surveillance-laws-less-of-a-back-door-and-more-a-side-gate/10114534

      "In the last 12 months, 200 cases have arisen where our investigations for serious crimes have been impacted by our inability to access that data under the existing legislation"

      Of course, "We're protecting Australians" is a vote winner, regardless of individual liberties

  13. iLurker

    Someone should remind them what happens when a government decrees - by law - that which is not possible.

  14. Anonymous Coward
    Anonymous Coward

    > Telcos (although not companies like Apple or Google) already provide plenty of assistance – lawful intercept, metadata, and the like

    Stop calling it Metadata damnit! Whom I call, when I call, which cell tower is used, what device I have, what date, what time, what duration, all this is DATA. Just because the contents is unknown doesn't mean the rest is not data.

    Stop spreading the BS!

  15. Giovani Tapini

    Will probably stop the Aussies from some trading activities

    I'm fairly sure that some global payment systems are not compatible with the direction of legislative travel. this could well prevent Australia from being a trusted counterparty...

  16. The Central Scrutinizer

    I despair for this place right now

    So, because terrorism! we'll ban or try to break https,secure online banking, shopping, our own stupid My Health Record system and myriad other online activities. Stupidity really knows no bounds.

  17. Wilf 67

    So how fast will the big companies decide...

    That they no longer want to do business down there? As they will likely lose customers if they don't. And as others have alluded to this isn't just Aussie affecting. You can't break it for one country it would be necessity be world wide for Facebook and all the others. Given some of the big American companies do actually seem to care about their users they may simply ignore them and then withdraw service when threatened. Never thought I would be glad of people like Zuckerberg (assuming he is willing to fight this of course.)

    Fingers crossed.

    1. pertayter

      Google in China

      Do not be optimistic about the behaviour of corporations

      See the recent press about Google returning to the Chinese marketplace, in compliance with Chinese regulations

  18. aaaa

    iMessages in the Cloud

    Apple recently introduced their ‘iMessages in the Cloud’ feature - and I think it’s aimed specifically at satisfying this type of legislation.

    The iMessages are still encrypted end to end, but a copy is sent to Apple and stored on their iCloud server to which they have a master key and can respond to warrants etc.

    To satisfy the Australian legislation all they need to do is ensure it’s turned on and can’t be turned off. Either explicitly or implicitly eg: by forcing it on for ‘australian’ sold devices, or when on an ‘Australian network’ or by allowing command and control to enable that remotely on specific devices.

    The Cloud is convenient for sure - but your cloud provider (anywhere) must respond to warrants and must be able to decrypt your data. On a public cloud there is nothing stopping you ensuring that the data you store on a cloud is already encrypted with a key only you have - but as soon as you use things like iMessages in the Cloud then that’s not an option available to you.

    1. Mark 65

      Re: iMessages in the Cloud

      Just use Signal. Don't have the hardware dependency then.

  19. onefang

    "Stupidity or conspiracy: it's hard to know which is worse."

    I think we have both now. A conspiracy of stupids.

  20. WildWest

    Stupidity or Conspiracy?

    "There's no need to attribute to conspiracy anything more easily explained by incompetence". Me

    1. JohnFen

      Re: Stupidity or Conspiracy?

      That's a distinction without a difference. In the end, the resulting behavior is the same, so I don't care which it is.

  21. JaitcH
    Thumb Down

    WARNING!!!

    Dumb politicians 'thinking'.

  22. djnapkin

    This is not intended to break end-to-end encryption.

    It is just so they can ask Google/Microsoft/Apple to hand over gmails, hotmails, or whatever is held in the cloud.

  23. markt1964

    Not recommended, to put it mildly

    While their argument of “We need access to digital networks and devices, and to the data on them, when there are reasonable grounds to do so" might be laudable, if the government has access, then regardless of how altruistic their intent might be, then so do the bad guys. This is completely leaving aside any issue of corruption within the government itself, which is also a possibility. Invariably, the methods that the government uses to access such information will get leaked, or else somebody else will figure it out and suddenly everybody's at risk.

    And, in fact, this will make law enforcement's job much harder, not easier, because they will additionally have to defend the public from the nefarious people that use the exact same measures the government would use to access otherwise personal and private information.

    And while, sure, you can go and say that doing that would be illegal, catching the perpetrators for this sort of thing can be effectively impossible because there's no guarantee that they are even in their jurisdiction, so bad guys could continue to access the public's private information with impunity and the damages to completely innocent parties would be incalculable.

    So no..... just no. This is a BAD IDEA (tm) all the way around and the entire concept should be aborted immediately. Regardless of how good their intentions might be for something like this, it opens up a can of worms that absolutely nobody will ever be able to fix.

  24. Anonymous Coward
    Anonymous Coward

    Burning Water

    Burning water to power your car +is+ possible - if you choose your fuel source from the vicinity of a fracking site!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like