https://parlinfo.aph.gov.au/parlInfo/download/committees/reportjnt/024269/toc_pdf/ReviewoftheTelecommunicationsandOtherLegislationAmendment(AssistanceandAccess)Act2018.pdf;fileType=application%2Fpdf
On Sat, 30 Mar 2019 at 13:35, Paul Wilkins <paulwilkins...@gmail.com> wrote: > It's a curious move for the PJCIS to refer the Assistance and Access Act > to the Independent National Security Legislation Monitor. As they say, > they've never referred legislation to the INSLM ever before. > > If the considerable resources at the disposal of the PJCIS, Attorney > General's, and the Dep't of Home Affairs haven't been sufficient to produce > workable law, then what hope the INSLM? > > > Kind regards > > Paul Wilkins > > > On Fri, 29 Mar 2019 at 19:05, Robert Hudson <hud...@gmail.com> wrote: > >> 404 for the page on the ACS website.. >> >> On Thu, 28 Mar 2019 at 12:40, Aftab Siddiqui <aftab.siddi...@gmail.com> >> wrote: >> >>> Just for the info. There was an event yesterday "Safe Encryption >>> Australia Forum" in Sydney. Some highlights are here. >>> >>> https://www.innovationaus.com/2019/03/Labor-will-rewrite-encryption-laws >>> >>> >>> https://ia.acs.org.au/article/2019/tech-industry--fix-the-assistance-and-access-bill.html >>> >>> Regards, >>> >>> Aftab A. Siddiqui >>> >>> >>> On Thu, Mar 28, 2019 at 12:33 PM Paul Wilkins <paulwilkins...@gmail.com> >>> wrote: >>> >>>> The silence on the Assistance and Access Act since it passed in >>>> December has been deafening. It was firmly understood, on representations >>>> by the Liberal Government, that the bill passed was passed as an expedient, >>>> yet now we have the third report from PJCIS due 3rd April, and yet another >>>> round of submissions from corporations large and small, industry luminaries >>>> and human rights and legal experts, all saying that basically we're where >>>> we were back in September 2018, when Dutton rather disingenuously reported >>>> to the House that: >>>> >>>> "The government has consulted extensively with industry and the public >>>> on these measures and has made amendments to reflect the feedback in the >>>> legislation now before the parliament." >>>> >>>> Yet no matter how many submissions are made to how many parliamentary >>>> committees, we now seem stuck with a deeply flawed Act, the Liberals are >>>> walking backwards on the Labor amendements, while the country's police >>>> forces now operate with sweeping interception powers well beyond what's >>>> necessary and proportional. >>>> >>>> Kind regards >>>> >>>> Paul Wilkins >>>> >>>> >>>> On Thu, 14 Feb 2019 at 12:03, Paul Wilkins <paulwilkins...@gmail.com> >>>> wrote: >>>> >>>>> ACIC in their submission seem to be making the case, that as police >>>>> now have EA powers under the Act to surveil targets, so too should the >>>>> ACIC >>>>> have EA powers to surveil the police. >>>>> >>>>> https://www.aph.gov.au/DocumentStore.ashx?id=989cabd1-5e9f-4fc3-a961-9a8b94683e7b&subId=666446 >>>>> >>>>> I think however this too is wrong, and that two wrongs don't make a >>>>> right. The police should never have been given EA powers to break >>>>> encryption when all they need is legal intercept. And then ACIC too could >>>>> have LI powers. >>>>> >>>>> As I point out in my latest PJCIS submission, >>>>> >>>>> https://www.aph.gov.au/DocumentStore.ashx?id=4d150922-3809-4487-aa2f-f8976f2b3789&subId=666483 >>>>> there's a basic difference between Legal Intercept and Exceptional >>>>> Access, where EA you need read/modify/write/delete rights, whereas LI is >>>>> read only. >>>>> >>>>> If you restrict access by the police to read only, a very large chunk >>>>> of the ensuant vulnerabilities go away. Further, the amount of damage the >>>>> police can do on a magical mystery tour of your data centre is contained. >>>>> >>>>> Kind regards >>>>> >>>>> Paul Wilkins >>>>> >>>>> >>>>> On Thu, 24 Jan 2019 at 13:27, Robert Hudson <hud...@gmail.com> wrote: >>>>> >>>>>> The government said they'd consider them, not that they'd implement >>>>>> them. >>>>>> >>>>>> I have very little faith at all that without significant pressure >>>>>> being brought to bear, that the government response would be anything >>>>>> more >>>>>> than "we consider them, and decided no, we're happy as we are". >>>>>> >>>>>> On Thu, 24 Jan 2019 at 13:03, Paul Wilkins <paulwilkins...@gmail.com> >>>>>> wrote: >>>>>> >>>>>>> Labor's amendments haven't been forgotten, and will have to be dealt >>>>>>> with eventually, when the time comes for the PJCIS to table their April >>>>>>> recommendations. >>>>>>> >>>>>>> Noone is forgetting that the Act was passed as an interim measure, >>>>>>> to allow law enforcement to deal with the Christmas break with new >>>>>>> powers. >>>>>>> It would be a serious breach of faith for the government to renege on >>>>>>> the >>>>>>> outstanding amendments. >>>>>>> >>>>>>> Kind regards >>>>>>> >>>>>>> Paul Wilkins >>>>>>> >>>>>>> >>>>>>> On Wed, 23 Jan 2019 at 13:24, Michelle Sullivan <miche...@sorbs.net> >>>>>>> wrote: >>>>>>> >>>>>>>> Paul Wilkins wrote: >>>>>>>> > Obviously this has been in limbo over the Christmas break. >>>>>>>> There's 2 >>>>>>>> > really important issues, on hold because of this. >>>>>>>> > >>>>>>>> > 1 - When or if the PJCIS will call for public comment on the Act >>>>>>>> as >>>>>>>> > passed. >>>>>>>> > >>>>>>>> > 2 - The appearance of the Labor amendments. >>>>>>>> > >>>>>>>> > So we probably won't see any developments until Parliament >>>>>>>> resumes >>>>>>>> > 12th February. >>>>>>>> >>>>>>>> I'll lay money there will be no amendments (passed), there will be >>>>>>>> an >>>>>>>> attempt to force Apple etc to write in a weakness which will be >>>>>>>> challenged. There will be many people that will not update their >>>>>>>> iOS/Andriod anytime soon. Personally I stopped updating the moment >>>>>>>> this >>>>>>>> bill was passed - particularly as there is at least one Apple >>>>>>>> update >>>>>>>> that stated, "No bug/security fixes"... >>>>>>>> >>>>>>>> What you will most likely find (and the idiots over in the ACT >>>>>>>> haven;'t >>>>>>>> worked it out yet) is that the terrorists have some very smart >>>>>>>> people >>>>>>>> "working" for them and they probably already jailbreak their phones >>>>>>>> and >>>>>>>> install their own messaging software on it.. (not that you need to >>>>>>>> jailbreak when you can use the 'team' functionality in xcode to >>>>>>>> install >>>>>>>> non apple approved apps on your phone.) >>>>>>>> >>>>>>>> Of course the highly amusing part is how easy it is to plugin to >>>>>>>> online >>>>>>>> services and how easy it is to run your own asymmetric >>>>>>>> cryptography... I >>>>>>>> suspect it would be trivial to put your own encryption over the top >>>>>>>> of >>>>>>>> any of those services/apps that allow such (and some already do - >>>>>>>> recently came across a plugin to the mailapp that has a custom >>>>>>>> encryption/decryption mechanism which is used by a bank for secure >>>>>>>> messaging. This means as posted elsewhere any interception would >>>>>>>> have >>>>>>>> to be by screen capture and keyboard interception on the device, >>>>>>>> which I >>>>>>>> personally would immediately class as a systemic weakness because >>>>>>>> if I >>>>>>>> were doing it i'd be cut/pasting messages into my own non-internet >>>>>>>> connected app for encryption/decryption so you can capture what you >>>>>>>> want >>>>>>>> off imessage, facebook messenger etc... you'd still be getting >>>>>>>> encrypted >>>>>>>> blocks of data.. and if you capture everything you have online >>>>>>>> banking >>>>>>>> passwords and everything else that goes with that and there one >>>>>>>> thinks >>>>>>>> about who else can see the captures.... >>>>>>>> >>>>>>>> This is what you get when you have people in charge that have >>>>>>>> interest >>>>>>>> in obtaining data they are not entitled to. >>>>>>>> >>>>>>>> At least the Queensland police will not get voice recorded giving >>>>>>>> out >>>>>>>> new locations to abusive ex-husbands, now they can protect >>>>>>>> themselves by >>>>>>>> just accessing the phone of the wife in hiding.. >>>>>>>> >>>>>>>> ... anyone seen my foil hat today I seem to have misplaced it....? >>>>>>>> :P >>>>>>>> >>>>>>>> -- >>>>>>>> Michelle Sullivan >>>>>>>> http://www.mhix.org/ >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> AusNOG mailing list >>>>>>>> AusNOG@lists.ausnog.net >>>>>>>> http://lists.ausnog.net/mailman/listinfo/ausnog >>>>>>>> >>>>>>> _______________________________________________ >>>>>>> AusNOG mailing list >>>>>>> AusNOG@lists.ausnog.net >>>>>>> http://lists.ausnog.net/mailman/listinfo/ausnog >>>>>>> >>>>>> _______________________________________________ >>>> AusNOG mailing list >>>> AusNOG@lists.ausnog.net >>>> http://lists.ausnog.net/mailman/listinfo/ausnog >>>> >>> _______________________________________________ >>> AusNOG mailing list >>> AusNOG@lists.ausnog.net >>> http://lists.ausnog.net/mailman/listinfo/ausnog >>> >>
_______________________________________________ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog