Australian Government Proposing Laws to enable the police to gain access to encrypted mobile phones.

[mr moose]

Just now, Thaldor said:

Or then you are focusing on the detail too much not to notice the reality?

Is that even a thing?

Just now, Thaldor said:

 

How are you going to access E2E encrypted messages without accessing the receiving device (considering how safe modern devices are, with a backdoor or something that can be considered a backdoor) or having a third key that can intercept the messages in the middle? You can have either accessibility for government or security, you cannot access encrypted memory or messages without breaking the encryption one way or another (and trust me, brute forcing is not an option).

I don't know what you are asking for, the law does not ask for the capability to break E2E encryption, it asks fro help from providers to gain access to data on specific devices after the encryption stage (not a mitm) and only under specific warrant.  There is no call for a third key.

 

Just now, Thaldor said:

 

"Build us a way to access the messages, but you don't need to remove the encryption, but still we need to access them"

And I don't think Attorney General considers saying "Better start building that quantum computer to break encryptions, mate" and handing over some brute force notes as assistance.

I don't think this bill is saying what you think it is.

Just now, Thaldor said:

IF you have real encryption, you cannot access that without the decryption key. You cannot "build a new capability that will enable" to give government access to the encrypted data WITHOUT weakening the protection.

Obviously you can't access encrypted data without the key,  I think the issue here is you are stuck on "build a capability" but the exact meaning of that and the limitations that accompany this bill don't mean what you think they do.

 

Please see my post directly above yours, it might help to highlight why this isn't a backdoor or why this can't be used to undermine E2E encryption.

[leadeater]

5 hours ago, Amazonsucks said:

Nope totally not corrupt or infiltrated by corrupt hostile authoritarian foreign governments at all...

 

Hint: perception does not equal reality. 

 

Unless of course one ignores reality and facts, and "chooses what they believe" instead of being objective.

Problem is you know very little about our country, our political system and well really anything at all to do with our security agencies. Very few people outside of New Zealand do, Australians would know a very good amount too. There is a reason New Zealand is ranked first as the most transparent government and least corrupt country, for many years. Might want to look in to why rather than trying to find the very few and obscure things, ones that SIS would have already known about before Jian Yang even entered the country.

[Amazonsucks]

5 hours ago, mr moose said:

Why should I address something I don't think is terribly appropriate to the argument?   It's not my fault you are scared of everything.

Because it is absolutely relevant and appropriate. Dismissing the massive revelations of illegal spying by 5 eyes governments is pathetic. 

 

Why are you afraid of addressing reality? Youre going to really pretend like the Snowden, Binney and Drake leaks arent real? Pine Gap doesnt exist? Its in your back yard.

4 hours ago, mr moose said:

You read the details very carefully yet missed the bit were it only applies to crimes where a warrant has been granted.  A backdoor applies to everyone, a warrant only applies to an specific set of people.

 

You clearly dont know how the rubber stamp courts that approve warrantless domestic spying on millions of people work then. Ever heard of FISA or PRISM? Stellar Wind? Yeah lets pretend like that doesnt exist.

 

Cellbrite who???

[mr moose]

7 hours ago, Amazonsucks said:

Because it is absolutely relevant and appropriate. Dismissing the massive revelations of illegal spying by 5 eyes governments is pathetic. 

 

Why are you afraid of addressing reality? Youre going to really pretend like the Snowden, Binney and Drake leaks arent real? Pine Gap doesnt exist? Its in your back yard.

You clearly dont know how the rubber stamp courts that approve warrantless domestic spying on millions of people work then. Ever heard of FISA or PRISM? Stellar Wind? Yeah lets pretend like that doesnt exist.

 

Cellbrite who???

 

your funny.   Try to stay on topic.  This isn't about US 3 letter agencies using illegal tactics to gain private information without legal consent.

[Amazonsucks]

24 minutes ago, mr moose said:

 

your funny.   Try to stay on topic.  This isn't about US 3 letter agencies using illegal tactics to gain private information without legal consent.

Its about government overreach and abuse involving privacy. You know, the same thing that 5 eyes governments have been doing for years that i just mentioned...

 

And stop and think about this for a moment. How do you think these technologically illiterate politicians plan to get into devices that are encrypted? 

 

What actually changes compared to how its done now? This is already done on a regular basis. 

[mr moose]

1 minute ago, Amazonsucks said:

Its about government overreach and abuse involving privacy.

 

And stop and think about this for a moment. How do you think these technologically illiterate policians plan to get into devices that are encrypted? 

 

What actually changes compared to how its done now?

 

Oh I see, now they a tech illiterate.  You probably should know our PM invested heavily in (and made considerable money from) software development and email/internet services.  He's not tech illiterate. 

 

If you have to ask what changes with this law then you really aren't following it and you should not be making absolute claims about it.  Yet you have the audacity to claim the people who wrote the law are somehow ignorant. 

 

answer:

It gives investigators who obtain a warrant the power to search (using providers tech and software code) private messages that are on a specific device.  Currently they cannot do that even though some providers have full access to PM's on many services they provide.  It is completely outside of E2E encryption. and they cannot force a company to weaken privacy, therefore if a company wants to code their software so not even they can read the messages then there is absolutely nothing the authorities can do.   It's simply extending the search warrant  permissions they have for searching a house to digital devices, however in order to do that they need assistance from service providers, this law makes it legal to ask (even force depending on the severity of the crime they are investigating).   It really is only a minor change as the courts can already force an individual to hand over their passwords if the evidence contained within a device if it is reasonably expected to be pertinent to the case.  The difference now is that if that doesn't happen,  it's not just contempt of court you face charges on, it is actually an offense in itself not to assist when instructed.   As the link I provided early explains, providing assistance doesn't mean breaking encryption, it means proving that the encryption can't be broken or providing what information they have. 

 

 

If there is one thing I wish this forum would do, it is stop trying to interpret legal documents with only half the information and making assumptions about what some key words mean.

 

[Thaldor]

12 hours ago, mr moose said:

Is that even a thing?

I don't know what you are asking for, the law does not ask for the capability to break E2E encryption, it asks fro help from providers to gain access to data on specific devices after the encryption stage (not a mitm) and only under specific warrant.  There is no call for a third key.

 

I don't think this bill is saying what you think it is.

Obviously you can't access encrypted data without the key,  I think the issue here is you are stuck on "build a capability" but the exact meaning of that and the limitations that accompany this bill don't mean what you think they do.

 

Please see my post directly above yours, it might help to highlight why this isn't a backdoor or why this can't be used to undermine E2E encryption.

Maybe I'm stuck with the technicalities, but even with a law and US amounts of fines, not a single company who develops a software with truly encrypted messaging can help Australian officials, at least without compromising the security of their software.

 

Only way I can think that could be made is to have modified version of the software that would be uploaded to the suspects device and that version would upload the messages to a server (and that is still a kind of backdoor). But for that the needed information about the suspect is something that would need a lot of detective work (at least suspects Google/iTunes account information and possibly their software account information (you can still register WhatsApp/Telegram accounts for prepaid and landline phone numbers so that's one more problem for the officers)). It would drop the problematic of accounts to only software level to upload the backdoor to every single device, but then the security of the whole software is compromised. And then there's still one big problem, someone needs to update the software, so if the device is in the posession of officers and the suspect refuses to unlock it we get back to the age old question of backdoors.

 

For example you happen to have a drive with data in it encrypted with VeraCrypt and the password is over 30 characters long (even if it was only lower case letters that would take modern PCs 2 septillion years to crack and with uppercase letters, numbers and special characters added 1 duodecillion years, you are not going to brute force that) and you would need to access it without the password, simply put, you're in deep [brown stuff]. No matter if you would try to force TrueCrypt developers and everyone that has contributed to the VeraCrypt to help you, they could not help you, even if it was punishable with death sentence. Only way they could help you, would be creating a backdoor and compromising the security of the software. Even if that backdoor would be dormant and unusable until the queen of England and the presidents of the greatest countries gave warrant to activate it and gain access to that drive, the softwares security would still be compromised. Your only real hope would be to find the unicorn aka. vulnerability and while VeraCrypt is open source project based on TrueCrypt, your chances to find that unicorn is extremely close to zero. In this case only way the developers actually could help the officers to access the data is by creating a backdoor.

[mr moose]

9 hours ago, Thaldor said:

Maybe I'm stuck with the technicalities, but even with a law and US amounts of fines, not a single company who develops a software with truly encrypted messaging can help Australian officials, at least without compromising the security of their software.

That is correct. The Australian government cannot get data from a truly encrypted device that does not contain a backdoor.  This legislation does not change that.

9 hours ago, Thaldor said:

Only way I can think that could be made is to have modified version of the software that would be uploaded to the suspects device and that version would upload the messages to a server (and that is still a kind of backdoor).

Nope, the legislation expressly forbids that.

 

Quote

(1) A technical assistance notice or technical capability notice must not have the effect of: (a) requiring a designated communications provider to implement or build a systemic weakness, or a systemic vulnerability, into a form of electronic protection; or (b) preventing a designated communications provider from rectifying a systemic weakness, or a systemic vulnerability, in a form of electronic protection.

and

 

Quote

The powers cannot be used to impose data retention capability or interception capability obligations. These will remain subject to existing legislative arrangements in the TIA Act.

Which means they cannot be forced to create a new version of software with weaker encryption or vulnerability and they must not create software that retains data, ergo no uploading to third party websites.

 

9 hours ago, Thaldor said:

But for that the needed information about the suspect is something that would need a lot of detective work (at least suspects Google/iTunes account information and possibly their software account information (you can still register WhatsApp/Telegram accounts for prepaid and landline phone numbers so that's one more problem for the officers)). It would drop the problematic of accounts to only software level to upload the backdoor to every single device, but then the security of the whole software is compromised. And then there's still one big problem, someone needs to update the software, so if the device is in the posession of officers and the suspect refuses to unlock it we get back to the age old question of backdoors.

Except they are not permitted to ask for a backdoor, anything that undermines current encryption, security and privacy is not permitted by this law.

 

9 hours ago, Thaldor said:

For example you happen to have a drive with data in it encrypted with VeraCrypt and the password is over 30 characters long (even if it was only lower case letters that would take modern PCs 2 septillion years to crack and with uppercase letters, numbers and special characters added 1 duodecillion years, you are not going to brute force that) and you would need to access it without the password, simply put, you're in deep [brown stuff]. No matter if you would try to force TrueCrypt developers and everyone that has contributed to the VeraCrypt to help you, they could not help you, even if it was punishable with death sentence. Only way they could help you, would be creating a backdoor and compromising the security of the software. Even if that backdoor would be dormant and unusable until the queen of England and the presidents of the greatest countries gave warrant to activate it and gain access to that drive, the softwares security would still be compromised. Your only real hope would be to find the unicorn aka. vulnerability and while VeraCrypt is open source project based on TrueCrypt, your chances to find that unicorn is extremely close to zero. In this case only way the developers actually could help the officers to access the data is by creating a backdoor.

These encryption tools are fine and these laws do not create an obligation for any of these companies to compromise their encryption software with a back door.  The government accepts that if the device or file is encrypted and the company cannot unlock it,  then that data is only obtainable through the owner of the data, not the company that wrote the software.

 

It seems there is a lot of misinformation about what this law intends to achieve:

 

1, If your phone is encrypted and the manufacturer can't unlock it due to the lack of a back door then that is stiff shit for the government.

The government cannot force apple or google or MS to install a backdoor under this legislation.

The government cannot force a company to not improve or update software that provides secure encryption and security.

The government cannot fine a company for not decrypting a device that they do not have a legitimate key for.

 

2. If you are using a messenger service and the police successfully get a warrant to search your devices and message history, they can request the messenger service provider do all they can to retrieve messages.  This means all messages they can retrieve without creating a backdoor or breaking encryption software making it less secure for the end user.

 

This legislation is not backdoor, if they can't get the information without a backdoor then they don't get the information.

 

[Amazonsucks]

15 hours ago, mr moose said:

 

Oh I see, now they a tech illiterate.  You probably should know our PM invested heavily in (and made considerable money from) software development and email/internet services.  He's not tech illiterate. 

 

If you have to ask what changes with this law then you really aren't following it and you should not be making absolute claims about it.  Yet you have the audacity to claim the people who wrote the law are somehow ignorant. 

 

answer:

It gives investigators who obtain a warrant the power to search (using providers tech and software code) private messages that are on a specific device.  Currently they cannot do that even though some providers have full access to PM's on many services they provide.  It is completely outside of E2E encryption. and they cannot force a company to weaken privacy, therefore if a company wants to code their software so not even they can read the messages then there is absolutely nothing the authorities can do.   It's simply extending the search warrant  permissions they have for searching a house to digital devices, however in order to do that they need assistance from service providers, this law makes it legal to ask (even force depending on the severity of the crime they are investigating).   It really is only a minor change as the courts can already force an individual to hand over their passwords if the evidence contained within a device if it is reasonably expected to be pertinent to the case.  The difference now is that if that doesn't happen,  it's not just contempt of court you face charges on, it is actually an offense in itself not to assist when instructed.   As the link I provided early explains, providing assistance doesn't mean breaking encryption, it means proving that the encryption can't be broken or providing what information they have. 

 

 

If there is one thing I wish this forum would do, it is stop trying to interpret legal documents with only half the information and making assumptions about what some key words mean.

 

So what youre saying is, Australia has no equivalent to the Fifth Amendment in addition to no First, Second, Fourth... etc. And they keep whittling away what little constitutional rights you have, until you end up like the UK, N. Korea or China. 

 

In addition to that, making money off a technology company does not make one tech literate. The laws of mathematics arent trumped by the laws of Australia for example.

 

Even you must admit that this legislation is useless from a technical standpoint. If the messages arent secure and can be obtained via this nethod it indicates that the messenger service is junk. If they are secure, this law does nothing to "solve crimes". 

 

@Thaldor

 

Look at Cellbrite, Finfisher and Hacking Team.

 

 

 

[leadeater]

38 minutes ago, Amazonsucks said:

So what youre saying is, Australia has no equivalent to the Fifth Amendment

 

Quote

Privilege in respect of self-incrimination in other proceedings

             (1)  This section applies if a witness objects to giving particular evidence, or evidence on a particular matter, on the ground that the evidence may tend to prove that the witness:

                     (a)  has committed an offence against or arising under an Australian law or a law of a foreign country; or

                     (b)  is liable to a civil penalty.

             (2)  The court must determine whether or not there are reasonable grounds for the objection.

             (3)  Subject to subsection (4), if the court determines that there are reasonable grounds for the objection, the court is not to require the witness to give the evidence, and is to inform the witness:

                     (a)  that the witness need not give the evidence unless required by the court to do so under subsection (4)

http://www6.austlii.edu.au/cgi-bin/viewdoc/au/legis/cth/consol_act/ea199580/s128.html

 

Quote

Protection against compelled self-incrimination is implicit in the Miranda rights statement, which protects the "right to remain silent." This amendment is also similar to Section 13 of the Canadian Charter of Rights and Freedoms. In other Commonwealth of Nations countries like Australia and New Zealand, the right to silence of the accused both during questioning and at trial is regarded as an important right inherited from common law, and is protected in the New Zealand Bill of Rights Act and in Australia through various federal and state acts and codes governing the criminal justice system.

 

[Amazonsucks]

8 hours ago, leadeater said:

 

http://www6.austlii.edu.au/cgi-bin/viewdoc/au/legis/cth/consol_act/ea199580/s128.html

 

 

So the latter parts of what i said remain true. This is just normalizing the pwning of endpoints using malware or some other method to bypass encryption, which is already done all the time.

 

Which from a technical standpoint is moot. Either they cant get the data if the messages are secure, and if what @mr moose says is true about them not intending to backdoor things, then this new law does nothing.

 

Or, if they can access the data by either infecting the endpoint or cracking it like Cellbrite does, its redundant since this is already done all the time. It also means that the device or service is vulnerable, and no one will use it from then on.

 

I guess this law does help criminals to know which devices and services are safe to use for criminal activity. Meanwhile it erodes the privacy of law abiding citizens and makes it more of a police state.

 

But then, these policians are tech savvy and would never do that either intentionally or through incompetence...

 

 

[mr moose]

9 hours ago, Amazonsucks said:

So what youre saying is, Australia has no equivalent to the Fifth Amendment in addition to no First, Second, Fourth... etc. And they keep whittling away what little constitutional rights you have, until you end up like the UK, N. Korea or China. 

No.

 

9 hours ago, Amazonsucks said:

In addition to that, making money off a technology company does not make one tech literate. The laws of mathematics arent trumped by the laws of Australia for example.

He didn't just own shares and actually built those businesses. He worked in them and he owned some of them.   Also the number of people who take that comment out of context is amazing, it's like people intentionally ignore the context to focus on what upsets them.

 

9 hours ago, Amazonsucks said:

Even you must admit that this legislation is useless from a technical standpoint. If the messages arent secure and can be obtained via this nethod it indicates that the messenger service is junk. If they are secure, this law does nothing to "solve crimes". 

Correct, but you can't focus on one component of the law and its inability to force decryption onto services  (not that that is even the intention)  and claim the whole thing is useless.  To claim this law is pointless requires that you ignore all the others services online that don't have unique individual encryption or services that aren't even encrypted at all.

 

 

 

 

[leadeater]

1 hour ago, Amazonsucks said:

So the latter parts of what i said remain true. This is just normalizing the pwning of endpoints using malware or some other method to bypass encryption, which is already done all the time.

Ah no, this actually doesn't have much to do with technology at all. Current Australian laws don't allow for the searching of electronic devices except in very specific cases which makes evidence collection hard. This law is to allow for that and also makes companies give assistance if and when possible.

 

Takes a very odd view point to ignore the multiple parts where the proposed law explicitly states no encryption or security is to be compromised or weakened.

 

It's not a technology problem, there's things that just cannot be done legally and it's not the 19th century anymore. Laws do need updating from time to time.

[mr moose]

1 hour ago, Amazonsucks said:

So the latter parts of what i said remain true. This is just normalizing the pwning of endpoints using malware or some other method to bypass encryption, which is already done all the time.

 

No because they aren't allowed to ask a company to bypass encryption. They are not permitted to weaken encryption in anyway. They can only decrypt messages and data that they have a legitimate key for.

1 hour ago, Amazonsucks said:

Which from a technical standpoint is moot. Either they cant get the data if the messages are secure, and if what @mr moose says is true about them not intending to backdoor things, then this new law does nothing.

 

except for all the other things it does.

1 hour ago, Amazonsucks said:

Or, if they can access the data by either infecting the endpoint or cracking it like Cellbrite does, its redundant since this is already done all the time. It also means that the device or service is vulnerable, and no one will use it from then on.

There is already nothing stopping anyone from decrypting a message of they can.  Just because they can;t in many cases doesn't mean they can start infecting computers with malware.  That is illegal and cannot be done (even with a court warrant).

1 hour ago, Amazonsucks said:

I guess this law does help criminals to know which devices and services are safe to use for criminal activity. Meanwhile it erodes the privacy of law abiding citizens and makes it more of a police state.

Knowing which services are more secure does not change the authoritarian state or intentions of the government.  

[Amazonsucks]

1 hour ago, mr moose said:

No.

 

He didn't just own shares and actually built those businesses. He worked in them and he owned some of them.   Also the number of people who take that comment out of context is amazing, it's like people intentionally ignore the context to focus on what upsets them.

 

Correct, but you can't focus on one component of the law and its inability to force decryption onto services  (not that that is even the intention)  and claim the whole thing is useless.  To claim this law is pointless requires that you ignore all the others services online that don't have unique individual encryption or services that aren't even encrypted at all.

 

 

 

 

Like youre ignoring the fact that this is already done regularly and that if it can be done in a way that doesnt break the encryption, it means the service or device is inherently insecure and criminals will quickly be alerted and use something else.

 

2 hours ago, leadeater said:

Ah no, this actually doesn't have much to do with technology at all. Current Australian laws don't allow for the searching of electronic devices except in very specific cases which makes evidence collection hard. This law is to allow for that and also makes companies give assistance if and when possible.

 

Takes a very odd view point to ignore the multiple parts where the proposed law explicitly states no encryption or security is to be compromised or weakened.

 

It's not a technology problem, there's things that just cannot be done legally and it's not the 19th century anymore. Laws do need updating from time to time.

If no security is to be compromised or weakened, then what are they counting on? Guessing passwords? Ok then...

 

2 hours ago, mr moose said:

 

No because they aren't allowed to ask a company to bypass encryption. They are not permitted to weaken encryption in anyway. They can only decrypt messages and data that they have a legitimate key for.

 

except for all the other things it does.

There is already nothing stopping anyone from decrypting a message of they can.  Just because they can;t in many cases doesn't mean they can start infecting computers with malware.  That is illegal and cannot be done (even with a court warrant).

Knowing which services are more secure does not change the authoritarian state or intentions of the government.  

First off, read and watch what Snowden, Binney and Drake have had to say. They do infect computers with malware and when available use bulk collection and analysis of pretty much all internet or radio signal traffic. Thats nothing new and if you think thats 1984 paranoia what are the multiple billion dollar facilities in Utah and Maryland for?

[leadeater]

16 minutes ago, Amazonsucks said:

If no security is to be compromised or weakened, then what are they counting on? Guessing passwords? Ok then...

By gaining the legal right to ask for the data and use as evidence which they do not have currently....

[Drak3]

To sum this up, some Australian law is written in such a way that it needs to be rewritten, tweeked, and/or added onto due to advancements in technology that were not and count not have been accounted for. Australia is ultimately seeking the same/similar legal capability for searches on modern devices as countries like the US, and they even keep due process and maintain that a warrant is requisite.

[Amazonsucks]

2 hours ago, leadeater said:

By gaining the legal right to ask for the data and use as evidence which they do not have currently....

Thats circular logic.

 

If the services and devices are secure, the providers cant give them access to the data.

 

If the services are known to be insecure, criminals wont use them if theyre smart.

 

In either case, it doesnt do what it claims: solve crimes. Now i do see the next logical step here...

 

If this law passes, the next step is for the people behind it to say:

 

"Well we sent the company an order to give us the data, but they cant access it since its properly encrypted. We need to do more! We need to compell tech companies to give us a master key backdoor!" 

 

Then the same people who are in favor of this and making excuses why it should pass will keep voting their freedoms away like their masters want them to.

 

 

 

[leadeater]

3 minutes ago, Amazonsucks said:

Thats circular logic.

 

If the services and devices are secure, the providers cant give them access to the data.

 

If the services are known to be insecure, criminals wont use them if theyre smart.

 

In either case, it doesnt do what it claims: solve crimes. Now i do see the next logical step here...

 

If this law passes, the next step is for the people behind it to say:

 

"Well we sent the company an order to give us the data, but they cant access it since its properly encrypted. We need to do more! We need to compell tech companies to give us a master key backdoor!" 

 

Then the same people who are in favor of this and making excuses why it should pass will keep voting their freedoms away like their masters want them to.

 

 

 

I think you're still stuck on this being a technology problem Australia is trying to solve when actually it's a legal problem.

[mr moose]

4 hours ago, Amazonsucks said:

Like youre ignoring the fact that this is already done regularly and that if it can be done in a way that doesnt break the encryption, it means the service or device is inherently insecure and criminals will quickly be alerted and use something else.

 

Not ignoring anything.

4 hours ago, Amazonsucks said:

If no security is to be compromised or weakened, then what are they counting on? Guessing passwords? Ok then...

 

First off, read and watch what Snowden, Binney and Drake have had to say. They do infect computers with malware and when available use bulk collection and analysis of pretty much all internet or radio signal traffic. Thats nothing new and if you think thats 1984 paranoia what are the multiple billion dollar facilities in Utah and Maryland for?

I think you should take a course in legal rights and due process,  pointing too illegal activity in another country does not change what this is, just because that illegal activity is carried out by a government agency doesn't mean all governments are just as corrupt.

[Amazonsucks]

8 hours ago, leadeater said:

I think you're still stuck on this being a technology problem Australia is trying to solve when actually it's a legal problem.

Nope just on the fact that this law doesnt solve the "problem", because like you and @mr moose this legislation completely ignores the reality of the technology that its supposed to cover.

 

This is a law regarding technology changing, right? Like you or he said its not the 1900s anymore and things have to adapt or whatever you guys said.

 

Except im just pointing out that this doesnt adapt to people having encrypted locked devices... unless this is just a first step like i mentioned, and once the ineffectiveness of this law is demonstrated, it acts as a stepping stone toward backdoors and master keys.

7 hours ago, mr moose said:

 

Not ignoring anything.

I think you should take a course in legal rights and due process,  pointing too illegal activity in another country does not change what this is, just because that illegal activity is carried out by a government agency doesn't mean all governments are just as corrupt.

Oh so Aus and NZ arent 5 eyes members who have collection sites run by and staffed with US personnel who can even bypass your country's customs entirely? Like i said, did you read what Snowden, Drake and Binney had to say regarding your country's cooperation with warrantless bulk data collection? Aus and NZ are no better than the US in that regqrd, but i love the holier than thou attitude youve got about it.

 

 

 

[leadeater]

6 hours ago, Amazonsucks said:

Nope just on the fact that this law doesnt solve the "problem", because like you and @mr moose this legislation completely ignores the reality of the technology that its supposed to cover.

If you actually read the explaining document for the proposed law you'd understand the issues that this is trying to address, this is about evidence collection and admissibility in court. There is strict rules for that, one of the big changes is they can issue a search warrant on a person instead of a specific property or electronic device.

 

It's not about getting around or trying to break encryption, counter intuitively considering the law's focus on encryption in the news.

 

Maybe have a think about this from the perspective of the legal system and actually trying to convict a person in court using evidence. 

[mr moose]

6 hours ago, Amazonsucks said:

Nope just on the fact that this law doesnt solve the "problem", because like you and @mr moose this legislation completely ignores the reality of the technology that its supposed to cover.

 

This is a law regarding technology changing, right? Like you or he said its not the 1900s anymore and things have to adapt or whatever you guys said.

 

Except im just pointing out that this doesnt adapt to people having encrypted locked devices... unless this is just a first step like i mentioned, and once the ineffectiveness of this law is demonstrated, it acts as a stepping stone toward backdoors and master keys.

Oh so Aus and NZ arent 5 eyes members who have collection sites run by and staffed with US personnel who can even bypass your country's customs entirely? Like i said, did you read what Snowden, Drake and Binney had to say regarding your country's cooperation with warrantless bulk data collection? Aus and NZ are no better than the US in that regqrd, but i love the holier than thou attitude youve got about it.

 

 

 

You don't even understand what the law is proposing, let alone the current laws, you just keep repeating the same rhetoric.  I have posted links and evidence that explain what it is a bout but you'd rather keep talking about snowden and back doors etc, which clearly shows you don't know a thing about it.   Why do you insist on trying top prove something you clearly don't understand?  You have done this in several threads, come in with wild claims that are wrong then after have been proven wrong you go on endless tirades with information that has little to no intrinsic value to the actual claims you have made.

 

For the last time:

There are no backdoors, nor ways to get one, this law does not permit the government or any authority to strong arm any company or developer into weakening or changing their security.  PERIOD.  Stop mention backdoors and leaks and irrelevant shit.

[ARikozuM]

15 minutes ago, leadeater said:

Maybe have a think about this from the perspective of the legal system and actually trying to convict a person in court using evidence. 

I've been on jury duty twice (narrowly evaded the third). The legal system is crap most of the time. The prosecution (State, in both of my duties) says one thing (i.e. victim was raped inside a truck) and then provides no evidence for it and we're left to rely only on witness testimony. I have no trust in most cases where evidence was available and/or withheld. 

 

This will only serve to push career criminals to tighter means rather than helping the general populace. You're asking for the decrypted data from the device which is more harmful as many may seek to abuse this once knowledge of how to do so comes out. 

[mr moose]

20 minutes ago, ARikozuM said:

I've been on jury duty twice (narrowly evaded the third). The legal system is crap most of the time. The prosecution (State, in both of my duties) says one thing (i.e. victim was raped inside a truck) and then provides no evidence for it and we're left to rely only on witness testimony. I have no trust in most cases where evidence was available and/or withheld. 

 

This will only serve to push career criminals to tighter means rather than helping the general populace. You're asking for the decrypted data from the device which is more harmful as many may seek to abuse this once knowledge of how to do so comes out. 

Yes, it will push career criminals to be more vigilant, most of them already are of course.  But it also address short falls in the accepted scope of current laws that were written when the transistor was first being developed.    There has to be an evolution of law alongside society and technology,  if we allow law to stagnate when everything else evolves and changes then we'd still be trying to burn gay people at the stake and accuse ugly woman of witchcraft.