Australian Law Enforcement Pushes Against Encryption, Advocates Data Retention 88
angry tapir (1463043) writes "Australia is in the middle of a parliamentary inquiry examining telecommunications interception laws. Law enforcement organisations are using this to resurrect the idea of a scheme for mandatory data retention by telcos and ISPs. In addition, an Australian law enforcement body is pushing for rules that would force telcos help with decryption of communications."
nothing new here. (Score:1)
Can we reject this crap preemptively? (Score:2)
It'd be really nice if we could respond to these various laws that keep getting proposed and shot down by passing a preemptive rejection of all future laws in the same vein, requiring say a supermajority vote to pass any legislation containing rejected provisions. It wouldn't be a perfect solution, but it would mostly shut down the "maybe we can buy enough votes *this* year" folks, as well as the "let's sneak a surveillance provision in as a rider on this agricultural bill" shenanigans.
Re: (Score:1)
What you describe is a "law above laws", that serves as a guide to legislative actions and that reflects the underlying values of the society that we don't want legislated away by the whims of the parliament of the day.
This is the role of the constitution. And yes, the modern world does need a right to private communications or something similar to be included, because the current protections included in it just don't cover the manners in which modern abuses of power can manifest.
Re: (Score:1)
thankfully the privacy advocates are also questioned in the inquiry and they recommend the other extreme, in the end we end up with something in the middle.
"the middle" is not always right. When it comes to privacy, it isn't. Annoying how people are so readily willing to sacrifice individual liberties in the name of 'compromise.'
Reason to use end-to-end encryption (Score:5, Informative)
Add this as reason #2'175 on the long list of why one should definitely use end-to-end encryption.
If you use a well designed end-to-end encryption, that has been validated by cryptologist (think OTR [cypherpunks.ca] for chat, ZRTP [wikipedia.org] for voice), I doesn't matter what the quality of the underlying link is or if telcos are helping breaking the link.
Best part? These technology can work over your already existing systems (though ZRTP can't work over Skype's voice and video. It only works over SIP or XMPP/Jingle - i.e.: the standards that the whole rest of the internet is using).
So you can OTR encrypt your chats over your Google Talk's XMPP session.
And there are clients supporting them either out-of-the-box (jitsi [jitsi.org], adium [adium.im]) or with a plugin (pidgin [pidgin.im]), over your existing accounts (XMPP like Google Talk, or any random SIP provider).
Re: (Score:3)
Good idea, it works right up to the moment when it is a crime if you use non-government approved encryption methods.
Re: (Score:2)
If I know Tony Abbot and co, there are government law drafters who have been given the task of taking the UK RIP act (the one that lets them send you to jail for refusing to hand over encryption keys) and invent a similar law that fits the Australian system.
All in the name of fighting "Terrorism", "Child Pornography" (that TV star who recently went down for being a kiddy fiddler will probably be used as an example of the sort of people these laws are intended to stop), "Organized Crime" (bikie gangs, gun vi
Jail and keys (Score:5, Informative)
If I know Tony Abbot and co, there are government law drafters who have been given the task of taking the UK RIP act (the one that lets them send you to jail for refusing to hand over encryption keys) and invent a similar law that fits the Australian system.
To be "jailed for refusing to reveal keys" requires that there ARE EXISTING keys in the first place.
Modern encryption like OTR and similar are based around "perfect forward secrecy [wikipedia.org]". They DO NOT use stable cryptographic key on purpose, instead they rely on "ephemeral keys" (in the case of OTR, that's DHE [wikipedia.org]).
There's no real key to be handed over.
(Also because there's no real key to be handed over, DHE needs to be paired with something else to authenticate guarantee against MITM attacks.
The web use public keys for that (RSA is a popular thing). In the case of OTR, instead of keys they use "Socialist Millionaire [wikipedia.org], it doesn't rely on any actual key)
(That's part of the discussion around Lavabit, had they used PFS, they would be able to simply handle their key and switch to newer. The NSA wouldn't be able to decrypt anything with the old keys (if DHE or ECDHE was used instead) and they wouldn't be able to further impersonate Lavabit if the revealed keys was revoked/updated. Saddly Lavabit used classical public key crypto and all communication would have been retro-actively hosed by revealing the key.
It's also part of the discussion around Heartbleed. If heartbleed has been used to retrieve keys, sites using classical PK would be more compromised than sites using DHE/ECDHE : the former had all they communication retro-actively hosed, the latter can only be impersonated in the future until they leak is discovered and the key revoked/changed)
Of course, as mentioned by the parent-poster, this is all shiny and nice in the math/crypto world, but...
it works right up to the moment when it is a crime if you use non-government approved encryption methods.
The Australian government could make a future law making mandatory to use special forms of crypto, that DO use keys (say bye-bye to DHE/ECDHE or at least ECDHE with a secure elliptic curve) and that require the key to be deposited in a government-accessible escrow (like requiring the password to be transmitted crypted with a government-own public key, or requiring ECDHE with government-compromised curve).
Re: (Score:2)
Quite right. Using software that explicitly makes it impossible for you to comply with the law is not defense against the law. It can potentially be defense against revealing your secrets in the face of "rubber-hose" decryption attempts, but unless your secrets are *really* important you're unlikely to appreciate being unable to reveal them under duress.
Does not exist (Score:4, Interesting)
Using software that explicitly makes it impossible for you to comply with the law is not defense against the law.
It's not that the software doesn't comply with the law. It's just that the things that your are asked to provide in the first place simply DOESN'T EXIST (provably, per math and crypto science).
Like said by gnasher719 [slashdot.org] somewhere else [slashdot.org] among the comments on this /. entry :
It's like two shops, one with a video camera running and one without. The shop with the video camera must hand recordings over to the police if there was a crime in front of the camera. The shop without the video camera doesn't need to do anything, and doesn't have to install a camera just in case someone gets stabbed in front of the shop.
The second doesn't have any record to disclose if ordered by the court. There just don't exist any recording that they could hand over. There security relies on some completely different scheme (say, a heavily armed bouncer/guard) which doesn't involve any camera nor any recording that could be handed over.
OTR relies on a completely different form of encryption (perfect forward secrecy, powered by ephemeral diffie-hellman) that doesn't involve permanently stored passwords. So there's nothing that you could hand over, even if asked by court.
It can potentially be defense against revealing your secrets in the face of "rubber-hose" decryption attempts, but unless your secrets are *really* important you're unlikely to appreciate being unable to reveal them under duress.
The goons who are going to beat you, to obtain a password, even if no password exists, are probably going the same goons who are beating you into revealing a password to get access to your huge stash of monney, even if you're actually broke. You know, just beat you in case there's a slight chance to get some money. Don't listen that you don't have a password, or that you don't have money. Maybe they should beat you a bit more. You know, in case you're bluffin and you actually have a password, or actually have money (hidden by another password that you haven't caugh up yet). Or maybe you gave them money, and they'll beat a bit more just to see if you don't have more of it. Who knows what they are going to get if they keep beating you? More money? Or plain more fun while beating you ?
There's no point of anything. Brutal goons who have decided to beat are going to beat your poor soul out, no matter what. Either you have a password or not. Either you already gave a couple of passwords or not. Either you have money or not. Either you already gave some money or not. They'll make you miserable even a bit more just in case.
Cryptography is only a defence against lawful individual. Who follow law and have to follow due process. They can't require you to provide something that provably doesn't exist. And modern day cryptography helps you bring irrefutable proof that the password doesn't exist.
(gnasher719's camera doesn't exist, so you provably don't have any records to bring to court).
Re: (Score:2)
Re: (Score:3)
The requirement to provide the encryption key would face a major legal hurdle in the high court as it extends the search and seizure well beyond the person or persons being investigated to every person whose data could be decrypted by that key and thus compromised, well and truly beyond the scope of the investigation. It would be similar to getting a search warrant to search all the mail at a particular post office to in order to access one person email, or getting a search warrant to search every house on
Provable (Score:2)
that will only give the court a reason to add a "destruction of evidence" charge on top of "refusing to reveal keys".
It is clearly provable that the required key DO NOT EXIST in PFS (like DHE or ECDHE).
What you mention would be recieving a court order requiring you to bring a *pink unicorn* in court, and get subsequently jailed for "destruction of evidence" when you claim that no pink unicorn exist.
Just like no pink unicorn doesn't exist, it's simply provable by math and crypto science that no key exist that you could reveal (that the whole point of this class of algorithms).
It's not that the law is unjust, it's that it c
Re: (Score:1)
Start of immigration to a better country for you.
Better than Australia? I don't know...
Switzerland (Score:2)
And unlike you, we DO have snow here around.
Re: (Score:2)
Unfortunately many judges and jury members have the same level of belief in pink unicorns as they have in complex math. They will simply discard the testimony of a math expert.
Re: (Score:2)
Re: (Score:2)
If I know Tony Abbot and co, there are government law drafters who have been given the task of taking the UK RIP act (the one that lets them send you to jail for refusing to hand over encryption keys) and invent a similar law that fits the Australian system.
They'd be a bit late.
-- http://en.wikipedia.org/wiki/K... [wikipedia.org]
Re: (Score:2)
Isn't google dumping XMPP completely in less than a month?
Re: (Score:2)
XMPP on Hangout (Score:2)
Bug post from a user using XMPP with Hangout [askubuntu.com]. It works but offline message aren't supported (as Hangout instead use Gmail for history storage).
I also had a link with a citation from author explaining that hangout is still an XMPP derivative under the hood, but I lost it :-(
Re: (Score:2)
Re:Reason to use end-to-end encryption (Score:4, Funny)
Isn't google dumping [insert service here] completely in less than a month?
Very probably.
Details (Score:2)
They are dumping the "Google Talk" brand for their chat and moving to the consolidated "Google+ Hangouts" service.
That service, according to its authors, works on a modified XMPP.
Currently:
- pidgin (and other XMPP users) can log with XMPP even if they switch to hangouts.
- Google+ Hangouts doesn't accept server-to-server communication (you can only chat with other Google users. You need a separate account, for example @jabber.org, to be able to chat with the rest of the XMPP network) [*]
- Google+ Hangouts us
Google+ Hangouts and OTR (Score:2)
Extra note:
One of the things that don't work with Facebook and the new Google Hangout's, namely lack of history, doesn't make that much sens with OTR anyway.
OTR use ephermeral encryption. There's no permanent key.
If you access old encrypted history (what would be contained in GMail and visible in the full blown Hangout+ app, for example) there's no way to decypher it, the information doesn't exist anymore.
(That's the whole point of Diffie-Hellman used in OTR and the whole Perfect Forward Secrecy: there does
OTR is an overlay (Score:2)
you're suggesting end-to-end encryption, and then suggesting a service by a company that forces and guarantees eaves dropping in its EULA? = wrong
OTR works as an overlay. It first encrypts message (using perfect forward secrecy with DHE and deniable [=keyless] authentication with Socialist Millionaire).
Then it sends *THAT* message over the network.
The thing which transits through the network is completely useless for any interception.
Want a proof ? Open two clients: open pidgin with OTR enabled, open Gmail's Google Talk at the same time.
Send a message with pidgin to an end-point having OTR enabled too (say a jitsi user).
The other end-point receives a
Letters ~= end-to-end encryption (Score:2)
We used to use paper envelopes with glued or wax seals, and the government guaranteed they would deliver the letter unopened. You could verify both in the era when that was current technology. For the king's spymaster to read your mail, he had to get an order from a judge to authorize it, and employ a fair bit of skill to replace the broken seal or envelope. Similarly, "pen registers" of who you communicated with also required judicial permission, but weren't detectable.
Over time the technology changed
E-Mail ~= Post-cards vs. Modern day crypto. (Score:2)
Title: "Letters ~= end-to-end encryption" - We used to use paper envelopes with glued or wax seals, and the government guaranteed they would deliver the letter unopened. You could verify both in the era when that was current technology.
There's a difference though. In the "wax seal" era you mention, the whole thing still rely on trust. You would need to trust the government, and the government neet to guarantee that the letter gets through unopened.
The only thing you could hope for is being able to *detect* tampering. Not *prevent* tampering.
Modern day cryptography is based around a no trust paradigm. The lesser number of people you need to trust, the better.
(And in the case of OTR, you don't even trust your correspondent. The protocol is
Re: (Score:2)
I quite agree, the technology changed, and we need to both change with it, and take advantage of it to create stronger guarantees. At the same time, we don't want to depend on a single point of failure.
I actually think we need a defence in depth. Guarantees offered by an arms-length postal service, technical means of testing the protections, legal protection from the law where the guarantees are breached, and enforcement of the law by independent, arms-lengths police under the oversight of a string cour
Crypto vs. all. (Score:2)
I quite agree, the technology changed, and we need to both change with it, and take advantage of it to create stronger guarantees.
And my point of view is that by using decent, suddenly we don't rely on anything else.
I actually think we need a defence in depth. Guarantees offered by an arms-length postal service, technical means of testing the protections, legal protection from the law where the guarantees are breached, and enforcement of the law by independent, arms-lengths police under the oversight of a string court system. Add to that a technology that makes it impractical for a middleman to leak one's information, and protection against a security service demanding your keys without laying a 20-page "information to obtain" before a non-trusting judge.
And all this is unneeded in case of good crypto.
All this would require long pollitical adventure until its finally accepted in law and enacted.
Meanwhile crypto works as of tofay in the current environment.
To take again a metaphor: imagine that you want to protect your car against act of vandalism from the government.
You could either push for the acceptance for a legislation forbiden the government to behave as vandals, and
Re: (Score:2)
I think we'll disagree on the sufficiency of crypto, but we definitely agree on the necessity!
Would you say they're ordered? I so I'd want crypto first and laws second, if only because crypto takes less time to write (:-))
Re: (Score:2)
Two words: network effect.
I tried switching over my family to an XMPP setup. I installed an XMPP daemon on a home server and made it as easy as I could to get everyone going.
"Why do I have to do this?"
"What's wrong with Skype?"
"This program doesn't look exactly the same, I'm lost!"
"Oh, you're so paranoid!"
"If this is so secure, what's this certificate warning about?"
"Why, are you doing something illegal?"
Sigh... technology can't fix stupid. Until it "just works", nothing is going to change.
In their defens
Reuse as much as possible (Score:2)
Two words: network effect. {...} I installed an XMPP daemon on a home server and made it as easy as I could to get everyone going.
Baby steps. Having them use an existing facility like XMPP interface to GoogleTalk/Google+Hangouts, or the XMPP interface into Facebook would have been a smaller jump, or the SIP provider to their home telephony (if they use a combined "Internet + IPTV + VoIP" package).
(Though some would have complained that facebook sticker don't work currently over XMPP)
Then start handling separately the cryptographic issue.
(Once everyone is used to have Adium on their Mac to chat with Google Talk and Facebook contacts, i
Invading privacy is the crime (Score:5, Insightful)
When will common people realize that invading privacy is a crime? Instead there seems to be an acceptance of it being just collateral damage in the war against child porn and terrorists.
Don't come with "if you have nothing to hide you don't need privacy" tantrum because I think privacy is an emotional necessity for the development of a healthy brain. Too bad so much will have been lost before before the general public realizes what has been lost.
Remember 911 (Score:2)
Re: (Score:2)
That's the excuse that is being trotted out by our lords and masters. In that context, these moves make sense in their eyes. The debate is whether (a) whether the threat is real (b) it's enough to justify the intrusions by the state and (c) whether the state actually achieves anything by these intrusions. All these points are disputable, but it's unfair to dismiss them without consideration.
Fact: If a service provider is capable of giving my information to law enforcement when faced with a legally sound and fully justified search warrant, then they are capable of reading my information without any such warrant. Including information that they have no right or justification to access and that is highly sensitive and could be highly damaging to me if published.
Re: (Score:1)
No, it isn't, because freedom is more important than safety. Whether the safety is real or not is irrelevant; anyone who would sacrifice such fundamental liberties for safety is a coward who is making their country worse.
Re: (Score:2)
No, it isn't, because freedom is more important than safety.
Not in Australia.
Re: (Score:2)
But they're not "invading privacy"! They just want the option to invade privacy at any time. Biiig difference.
Re: (Score:2, Insightful)
Armchair psychology aside, there are implications for political debate even in free societies. It's difficult to campaign for the legalisation of X (whatever X is) if you cannot do so anonymously, because most of those campaigning for legalisation probably do X and so would become targets for arrest. This also applies if X is merely very unpopular, to the point that speaking in favor of it would result in protests, possible violence, boycotting of business, etc.
Re: (Score:2)
Take the thing into your own hands (Score:2)
When will common people realize that invading privacy is a crime? Instead there seems to be an acceptance of it being just collateral damage in the war against child porn and terrorists.
Then take the things into your own hands. The technology is already here, it's called "Cryptography".
Well designed end-to-end cryptography make so you don't even need to trust your government or anyone else.
And using ephermal key negociation (like DHE or ECDHE) means that there are no key to be handed over in case someone would like to obtain key through coertion.
Then you don't need to count on government realizing anything about privacy. They can still think whatever they want, they might think that mass s
Re: (Score:2)
"When will common people realize that invading privacy is a crime?"
Probably never, the enlightenment was wrong about how the brain worked, see here:
https://www.youtube.com/watch?... [youtube.com]
Re: (Score:3)
These sorts of discussions are nothing new. Debates about how to handle modern cryptography have been running since its invention. The police are judged exclusively by their ability to catch criminals. They are not judged on how eloquently they argue for civil rights. Plus, they are exposed to the pointy end of criminal behaviour and its impact on people every single day, so of course they tend to get frustrated when they can't stop it. They are rarely if ever exposed to the pointy end of government abuses
Re: (Score:3)
nobody believes the outcomes will be fair or properly enforced.
Over time, they won't be. Power corrupts. That's why it should be forcibly limited on those who have it.
One more reason to give them work (Score:1)
I send myself files coded with over 10 different algorythms (use of a bash script to automatise crypt/decrypt.
code is there: https://github.com/jupiter126/... [github.com]
feels like (Score:3)
Same as UK (Score:2)
Sounds like they're copying the law here in the UK. Which for a five-eyes country isn't that surprising.
www.computerworld.com.au site (Score:3)
And every company wanting to avoid the fate of Lavabit must just make sure that they don't have the capability to decrypt customers' data. That way, the company and the customer are safe from law enforcement. (Hiring a lawyer at the right time also helps, and sending keys to a court in a 4 point font doesn't).
And the rest (Score:2)
I long to see they efforts with PGP/GPG
and with OTR, and with ZRTP, etc.
Random data (Score:3)
Re: (Score:1)
Re: (Score:2)
That should work... but the fact that the court can order you to disclose your password, and put you in jail if claim you don't remember it, kind of makes me think they'll just say "fuck it" and you'll be sitting in prison indefinitely.
Ephemeral encryption to the rescue (Score:2)
but the fact that the court can order you to disclose your password, and put you in jail if claim you don't remember it, kind of makes me think they'll just say "fuck it" and you'll be sitting in prison indefinitely.
Then use modern day crypto like OTR [cypherpunks.ca].
OTR use ephemeral keys (in this case it's DHE [wikipedia.org]), so there's no permanent key to begin with that could be disclosed (also no retro-active decryption possible. There doesn't exist any piece of information following whose disclosure, law enforcement could suddenly retro-actively decrypt all the intercepted communication that they have logged during the past years).
OTR use a key-less authentication system (Socialist millionaire [wikipedia.org]), so there's not even an authetication key, and a
Re: (Score:2)
Exactly, because using software that makes it impossible for you to comply with the law means you get a "Get Out of Jail Free" card, right? Just wait until the bankers get ahold of this idea!
Re: (Score:2)
Exactly, because using software that makes it impossible for you to comply with the law means you get a "Get Out of Jail Free" card, right? Just wait until the bankers get ahold of this idea!
But you comply with the law. The law can require a service provider (like Lavabit) to give all the information that they have, even if it means being in breach of contract with their customer apparently. If you can't decrypt the information, then you complied with the law. If you can decrypt information, then you must decrypt it to comply with the law.
It's like two shops, one with a video camera running and one without. The shop with the video camera must hand recordings over to the police if there was a
Camera vs. Password (Score:2)
It's like two shops, one with a video camera running and one without. The shop with the video camera must hand recordings over to the police if there was a crime in front of the camera. The shop without the video camera doesn't need to do anything, and doesn't have to install a camera just in case someone gets stabbed in front of the shop.
Yup, nice image. The second doesn't have any record to disclose if ordered by the court. There just don't exist any recording that they could hand over. There security relies on some completely different scheme (say, a heavily armed bouncer/guard) which doesn't involve any camera nor any recording.
OTR relies on a completely different form of encryption (perfect forward secrecy, powered by ephemeral diffie-hellman) that doesn't involve permanently stored passwords.
Re: (Score:2)
Wanted: Private information refuge. (Score:1)
It's so sad to see my adopted country, Australia, going down the same drain as the country our family sought economic refuge from, England! At any moment, the AFP could break down the door, nick the disk drives, and put me in the clanger until I hand over the crypto passphrases. Information security is under threat in Australia. Knowing my luck, the NSA has read the IP address for this AC post, given it to their Australian mates at the DSD, and the AFP (Australian Federal Police) are on their way with sledg
so they can be more like the NSA (Score:2)
Re: (Score:1)
Crypotgraphy (Score:2)
Why not develop and use technology that protects political engagement and democratic paricipation?
You mean, like modern-day cryptography ?
Specially things like OTR [cypherpunks.ca] ?
That have perfect foward secrecy [wikipedia.org], thanks to DHE [wikipedia.org] ? (i.e.: there's no key that could be disclosed to enable decryption of past intercepted communication) ?
That use authentication through Socialist Millionaire [wikipedia.org] (which is keyless, meaning that there's no way to proof that past intercepted communication is authentic) ?
Which simply functions as an overlay, meaning that you can use it as up today above any chat system that you currently already have
Re: (Score:2)
Privacy and data retention (Score:1)
Noooo!! (Score:1)