On Fri., 23 Nov. 2018, 16:46 Robert Hudson <hud...@gmail.com wrote: > > > On Fri, 23 Nov 2018 at 14:47, Paul Brooks <pbrooks-aus...@layer10.com.au> > wrote: > >> On 23/11/2018 11:37 AM, Alex Samad wrote: >> > Wondering what the implications of this bill and the recent China was >> stealing our >> > traffic.... >> > >> > So in theory could china steal / sniff our traffic and because of these >> weakening of >> > encryption allow china to snope on our stuff >> > >> > A >> In theory no - this bill doesn't weaken encryption, and explicitly >> doesn't allow any >> changes that would weaken encryption. >> > > They say that - but I don't believe them. I don't think they even > understand what they're suggesting (or if they do understand, they're > relying on others not understanding, or not caring). > >> >> This bill seeks to bypass encryption entirely by giving the agencies >> easier access to >> get into devices and the back-end databases of apps and websites, to see >> what is >> stored in there -bypassing unlock codes, PINS, thumbprint readers etc on >> devices for >> example. So for traffic being sniffed 'in the middle' the information is >> still >> sent/received as fully encrypted - and man-in-the-middle snooper won't >> see anything. >> But if the authorities get hold of your phone or PC, they'll have easier >> access to >> look into your sent/received message stores and read whats in there, >> which is stored >> in your device un-encrypted. >> > > The tools the authorities have access to will invariably fall into the > hands of others. >
Or be abused by those who have official access to them. "Queensland in court fight with domestic violence victim whose details leaked by policeman" https://www.theguardian.com/australia-news/2018/aug/21/queensland-in-court-fight-with-domestic-violence-victim-whose-details-leaked-by-policeman "NSA SEXINT IS THE ABUSE YOU’VE ALL BEEN WAITING FOR" http://cyberlaw.stanford.edu/blog/2013/11/nsa-sexint-abuse-you ’ve-all-been-waiting > >> >> In practice, if they balls-up the change request given to the device >> manufacturer or >> app/website developer, anything could happen. >> > > Yep. Aside from the direct ramifications, it's the indirect and > unintended consequences that REALLY have the potential to be damaging. > >> >> P. >> _______________________________________________ >> AusNOG mailing list >> AusNOG@lists.ausnog.net >> http://lists.ausnog.net/mailman/listinfo/ausnog >> > _______________________________________________ > AusNOG mailing list > AusNOG@lists.ausnog.net > http://lists.ausnog.net/mailman/listinfo/ausnog >
_______________________________________________ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog