Jump to content

LAwLz

Member
  • Content count

    12,393
  • Joined

  • Last visited

Awards


About LAwLz

  • Title
    Pseudo-intellectual Charlatan
  • Birthday 1993-02-11

Contact Methods

  • Discord
    LAwLz#8319

Profile Information

  • Gender
    Female
  • Location
    Sweden
  • Interests
    Anime/manga, networks, some gaming, tabletop RPGs and posting on forums.
  • Occupation
    Consultant (networking)

System

  • CPU
    AMD Ryzen 1700X
  • Motherboard
    Gigabyte GA-AX370-GAMING 5
  • RAM
    32GB @ 2666MHz CL16 (Corsair)
  • GPU
    MSI 1060 6GB Gaming
  • Case
    Cooler Master HAF 922
  • Storage
    512GB Samsung 960 Pro - 500GB Samsung 850 EVO - 1TB Samsung Spinpoint F3 - 2TB Samsung Spinpoint F4
  • PSU
    Corsair RM750X
  • Display(s)
    Dell U2312HM - Dell U2211H - a crappy TN monitor (Philips 221EL)
  • Cooling
    Noctua D15
  • Keyboard
    Corsair K95 (Brown switches)
  • Mouse
    Logitech G502
  • Sound
    AKG K702 - FiiO E9
  • Operating System
    Windows 10
  • PCPartPicker URL

Recent Profile Visitors

12,362 profile views
  1. Well, the source in the OP is mostly just reciting what the politicians are saying, which is of course extremely biased because of course they want to make their own proposals good and get people onboard. Here is what the legislation says. (Please note that I have not read all of the documents yet, so I may be getting some things incorrect). The parts I am referring to are mostly outlined on page 8 of the explanatory document. This bill introduces three new items into the telecommunications act. *Designated communications provider is defined as a foreign or domestic communications provider, device manufacturer, component manufacturer, application provider, or traditional carriers and carriage service provider.* 1) Technical Assistance Request (TAR) - This is a framework for how a designated communications provider can voluntarily provide assistance to Australian Security Intelligence Organisation (ASIO), Australian Secret Intelligence Service (ASIS) and Australian Signals Directorate (ASD). Nothing wrong with this if you ask me. In fact, it is very good to have this. 2) Technical Assistance Notice (TAN) - A TAN requires a designated communications provider to provide assistance to these organizations IF THEY ARE ALREADY CAPABLE OF DOING SO. This is what is mostly being highlighted in the article, and I think that's alright. I have some privacy-related concerns and I think this can set a very bad presidency even if you completely trust the Australian government, I don't have faith in some other parts of the world. In any case, it seems somewhat reasonable to me, and a lot of companies already provide help to law enforcement when asked. I'd even go as far as to say most companies do. 3) Technical Capability Notice (TCN) - I am going to quote the actual, legal document which explains what a TCN is because it is very important that people can't say I am interpreting things. Here is what a TCN is: While the bill explicitly says they can't force encryption to be removed, it does also specify that they are required to build new tools and capabilities into their services to comply with requests. For example, WhatsApp uses E2EE. It uses unique keys for each device and only the unique install of WhatsApp on your phone can decrypt a message sent to you. The company WhatsApp does not have the capability to intercept messages in-flight, and the bill specifically says that they can't be forced to add that capability. However, the bill states that WhatsApp could be forced to add a "feature" where messages are automatically uploaded to their or government owned servers after your device has decrypted it. The article even uses a similar situation with iCloud as an example, where content is encrypted on the phone and the government can't request it be decrypted or backdoored, but they could demand access to iCloud.
  2. I strongly suggest you give up this conversation. I've had a similar one with mr moose before and he won't give up. No matter what you say, or what logic you put forth, he won't change his mind or admit that what Apple is doing might be considered wrong.
  3. I ignored it because it is not relevant. Even if you don't care about privacy, this is still a horrible, horrible idea because of the security risk. Even if you think the Australian government will never abuse this power (despite all the evidence that in the end, spying tools always gets abused by employees to for example stalk people they know), do you honestly think North Korea, China or Russia won't? Or how about your average hacker with malicious intentions, once this backdoor gets leaked to the public?
  4. Well like I said, that approach would be throwing the baby out with the bathwater. Third party additions such as skins might have been cancerous at times, but they are what introduced a ton of great features to Android.
  5. It won't, because the issue here is that manufacturers and carriers are pre-loading the devices with unsecure apps. It's the same problem that exists on Windows computers, where companies such as Lenovo installs unsecure software. The only way to stop that would be to not allow any additional software to be installed on stock devices, but that's throwing the baby out with the bathwater.
  6. And anyone who think that is crazy and will never happen should pick up a history book, or if you don't think crazy politicians can get into power, maybe a newspaper would be a more enlightening read... Or just remember that the nazi party was in fact democratically elected, which lead to WW2.
  7. Discord are launching their own games store

    I don't think that will be an issue. All they have to do is make a shortcut to the game's .exe. The game contains the instructions for launching the client. It's not like the shortcuts for games in the start menu breaks just because Steam or Origin decides to update.
  8. What do you think will happen if backdoors become mandatory? What do you think the positive effects will be, and what do you think the negative effects will be, if any?
  9. Chances are you said "you got nothing to fear if you got nothing to hide", which is basically the opposite of what Trik'Stari said.
  10. Well no, the result is not the same. If a vulnerability was found in one of the iOS stock apps then removing the shortcut would not protect the user. Removing a shortcut and disabling a program are two very, very different things. Disabling/Removing the vulnerable app = Fixing a crack in the wall. Removing the shortcut to the app = Putting some wallpaper over the crack so that you can't see it anymore.
  11. If you do, then you should be against mandatory backdoors, because it is a MASSIVE safety issue. How many more WannaCry attacks do we need before people realize that keeping security issues hidden, or having mandatory security holes in products is a bad idea from a security and safety standpoint? Yes, that is a backdoor. And I recommend you read the article a bit more carefully. They are explicitly asking for ways to scan the content of devices. Not the content of messages during transmission, but rather when the content is on the device. Also, the suggestion is that someone could have their device forcefully decrypted. Did you not read the article? Because you are literally saying the exact opposite of what is outlined in the article.
  12. No, it's not like saying we shouldn't have license plates. It's like saying we shouldn't have mandatory remote controlled bombs in every car because the police want to remotely be able to neutralize a potential threat. Even if you don't give a damn about privacy it's still extremely bad from a security standpoint. Again, look at WannaCry. That would be a small attack compared to the attack that would happen using these mandatory backdoors. Then there is also the issue of what the backdoors would be used for. The Australian government might say they only want to use it for terrorist investigations, but Russia or China might demand access to the same backdoor. What are they going to use it for? Maybe crack down on people who has the "wrong" political views. And no, it is not possible to create a backdoor that only the Australian government can use, and only for the "right" purposes. I don't have to make that many hard choices, no. Even if I had, mandatory backdoors is to me a very simple choice. They should not exist. Again, this is not about privacy. It's just bad from a security standpoint. As soon as one of these tools leaks or gets discovered, which they will, everyone with a backdoored device is at risk. You think the alleged attacks from North Korea, China and Russia have been bad? They will be tiny in comparison. Also, there are several open source encryption tools out there. If these backdoors became mandatory people would just use those. Even if we ignore the fact that a lot of terrorist attacks are organized through face-to-face conversations and burner phones, terrorists could just add another layer of encryption and the entire backdoor would be pointless.
  13. The problem is that it's kind of like saying "it's perfectly reasonable that a country demands that knives me manufactured in a way where they can only stab bad people, not good ones". Sounds good in theory, but it can't be done in practice. If you allow the police to enter your devices, then you simultaneously allow everyone else too, including Russia, China, ISIS, North Korea etc. Remember, WannaCry was a tool developed by the NSA which leaked. The same thing will inevitably happen with these mandatory backdoors. Except these backdoors will most likely have far more privileges than WannaCry.
  14. Don't let them fool you with "alternative terms". This is by definition a backdoor. There is no such thing in cryptography as a "side-door". It's just them trying to avoid using the word backdoor because it is very stigmatized (for good reasons). It's like how thieves can say "I didn't steal from him, I just borrowed without asking". It's just playing around with words to make their actions sound less bad than they are. Haha I had forgotten about that. Direct quote from the prime minister: They are most certainly being unreasonable. They are asking companies to make huge compromises in their security, which will puts people at risk. Remember that government tools have been leaked before, quite often in fact. Remember that stolen government tools has been weaponized before, such as WannaCry. If you think WannaCry was bad, this is basically a law which says companies must agree to help the development of vulnerabilities, and they aren't allowed to patch them.
  15. AMD ThreadRipper Gen 2 Reviews

    Very interesting read. Haven't read through all the reviews yet but so far the results seems to be: Really, really good performance in applications which don't need to fetch that much data from RAM. We're talking significantly better 7zip compression than even the 32 core EPYC processor for 4200 dollars. Not that great performance when the processor needs to fetch data from RAM. We're talking performance on par with the ~350 dollar 2700X and 8700K when decompressing in 7zip. The infinity fabric uses a ton of power. Something like 50% of the power budget when all 32 cores are active, which is a lot considering at full load it uses almost 500 watts. The encoding engine is shit. Someone wrote a kinda half-assed plugin for encoding with x264 instead, and even though the plugin system is fairly slow, it was still faster and had higher quality than Adobe's own engine. It's just ass and if Adobe were smart they would replace it with FFmpeg.
×