Tsk tsk tsk
What’s that Skip?
You need help with some encryption?
Australia's Federal Police force on Sunday announced it intends to start using new powers designed to help combat criminal use of encryption by taking over the accounts of some social media users, then deleting or modifying content they've posted. The law also requires sysadmins to help those account takeovers. The force (AFP …
".................then I put it to you that any 'evidence' is planted."
Which is why they want the law - back to stitching up "crims" who they don't have real evidence about.
How easy will it be to slip a few naughty pics into someone's social media / email account and then bang them away for kiddie porn.
....and the (Australian) expert on this process is currently languishing in Belmarsh prison. Never forget that the initial grounds for arresting him was a bogus sexual assault allegation from Sweden with no evidence being presented in the UK to extradite him to that country (and then onto another jurisdiction).
It is very difficult to regard our "western/democratic/independent" judicial system as credible.
I'm all for locking the child porn creatures up forever and cracking down on crims, but once again it's another twang of the Public Heartstrings being used to undermine the security and privacy of the largely-innocent masses.
The grey area around how they will force reluctant sysadmins to 'help' is an area of some concern.
It stems from the 2018 meeting of 5-eyes, where they decided because "Privacy Is Not Absolute" they could/should backdoor encryption.
Sep. 3rd 2018 : "An international network of intelligence agencies has told the tech industry that ‘privacy is not an absolute’ and that the use of end-to-end encryption ‘should be rare’ … The statements were made in a joint communiqué and statement of principles following a meeting of the so-called Five Eyes nations – the US, UK, Canada, Australia and New Zealand."
By mid 2019: AN0M fake encrypted phone, appears to to be a marketing psychop for that. AN0M was a fake encrypted phone used to demonize encryption, it was used to create the perception that encryption = criminal.
"The US court document showed that by the middle of 2019, the FBI decided it needed greater reach. It struck an agreement with an unnamed third country to install a server to download communications from AN0M devices around the world which would then be copied and sent to the FBI."
That unnamed third country? Australia. There are 3 groups in that [developer][distributor][end users].
The [developer] will be the USA given we can now see the court order and can see the driver for this.
These were given to a handful of [distributors], typically criminals that the police thought got off lightly. They were told they could earn a vast amount of money distributing these phones and collecting cash. I also suspect they were told it was legal.
[End users] claimed to be variously 9000-11000, yet the numbers released per-country suggest a far smaller number. I suspect many [end users] were also agents for the spies there to give the initial monetary incentive to the [distributors],
The end-user case details don't match up, you find repurposed arrests, retold with different dates as if they were AN0M cases. It appears to be a marketing operation. AN0M cases would immediately be challenged, the legal basis for that surveillance you wouldn't want challenged in court. The "king-pin" claim criminal fronting it, is a classic baddie who escaped into the dark underworld at the end. It's shit in there.
So they've rolled out their backdoors for trial in Australia and so now there is a legal basis for hacking the world by 5-eyes.
DO NOT USE 5 EYES SERVICES, KIT, ROUTERS, HARDWARE, FIREWALLS, CLOUD SERVICES, PHONES, VPNs, DEVICES, CDNs, bulk internet connections, ANY OF IT. They are ALL backdoored. You cannot rely on any kind of legal process here. Any false belief in judicial process and review is meaningless now, any contracts worthless.
Also, watch what you say online, measure your words, even in private and even with friends.
"[July 2019] British, American and other intelligence agencies from English-speaking countries have concluded a two-day meeting in London amid calls for spies and police officers to be given special, backdoor access to WhatsApp and other encrypted communications."
"GCHQ, the UK agency which monitors and breaks into communications, has suggested that Silicon Valley companies could develop technology that would silently add a police officer or intelligence agent to conversations or group chats"
"[Priti] Patel described the summit as “an exciting moment for the UK” and said the UK was “a global leader on national security and child protection and we are committed to working with our close partners on shared challenges”
[So, the psychop marketing for UK will be a "for the children's" thing. For the Australians it was largely "drugs smugglers". I'm expecting you UK fake NGOs will be doing your part, perhaps a new set of front companies pretending to be 'stakeholders'. Lots of fake harrowing stories from your bullshit writers. I'm expecting Priti Patel to be at the forefront of that marketing.]
The core problem: Trump failed Presidency. Barr goes off on an 'attack the messenger' route, where dissent is the problem, dissent is the reason they failed! Critics are the problem, Tik Tok is the problem, people getting together and dissenting from their chosen path is the problem. People stating that Trump got fewer votes so is not the legitimate President is the problem. Democracy is the problem. Speech is the problem. Freedom is the problem. 5 eyes goes into action to eliminate said freedom, back in 2018, and you're seeing the fruits of that attack, blooming now in 2021.
Someone mentioned the home secretary?
“I said last year we’re the Saudi Arabia of wind. Probably the Saudi Arabia of penal policy, under our wonderful home secretary,” Johnson said.
If you're worried, I would demand China show the source code to be checked... Huawei opened their software and was audited by GCHQ and GCHQ failed to show the backdoors they claimed.
So much for that claim.
Meanwhile the same GCHQ was pushing "Ghost Protocols", which would expose UK comms to US surveillance.
I see the split loyalty, a group more loyal to a foreign power than their own country. Their own country to be spied on, with the trust/help of that foreign power.
This is nation-state level stuff. Huawei (and Cisco, for that matter) also make the hardware, so the software source code is not a complete picture. There are lots of ways to hide things in programmable controller firmware, seemingly-safe utility chips that are not in fact what they appear to be, chips hidden within a multi-layer PCB, components added inside connectors etc.
Then there are the not-insignificant issues of ensuring that the code you audited is what is actually running on the device, that every single board and component in the system is truly as described, and that those conditions are true for every single unit that you purchase. If you're buying, say, 100 "identical" routers, it might only take one back-doored unit to compromise your network.
And of course, you can't exclude the possibility of compromise without participation by the vendor.
When you create a new power, don't look how it can be used for the benefit of population, but how the enemy can use it against you.
Unless Australia assumes people won't elect a government that will use that instrument to silence opposition and become in power in perpetuity. Unless they already are that kind of government.
Politicians are, by and large, technologically clueless. The cops say "we need this and that and the other", so to be seen to be "tough on crime", the government mindlessly rams this sort of legislation through parliament. The opposition dare not oppose anything because the government head kickers will inevitably claim they are soft on crime and child porn.
"You're either with us or you are supporting the pedophiles" is a common refrain. There is absolutely no room for a sensible debate on these sorts of matters.
And interfering with encryption is also such a great idea that keeps us all so, so safe.
Politicians are, by and large, technologically clueless.
That's true, but they are not clueless when it comes to the thirst of power. This is calculated to make sure any politician will not go into withdrawals and they can always order to control someone or an organisation to get the dopamine kick.
"It's impossible to argue against the strongest possible action against those who create or consume child sex abuse material."
No, it's very much possible, and indeed entirely sensible, to do so. Child abuse is a fairly unpleasant crime, but that doesn't mean you have to throw all rationality out the window the moment someone screams "Think of the children!". The "strongest possible action" would be along the lines of summary execution, but that is rightly not an option in any civilised country. Warrantless investigation, lynch mobs, indefinite detention... there are all kinds of strong action that most sane people would consider unreasonable no matter how bad you think a particular crime might be. And as this article demonstrates, even allowing regulated warrants in a legal setting may well be considered going too far by many people.
So let's try to keep things in perspective a bit please. I will happily argue against the strongest possible action against child abusers, just as I will do so against murderers, Nazis, and all kinds of other unpleasant types. Just because they're bad people, that doesn't mean anything and everything must be allowed in response.
"Cyber-enabled serious and organised crime, often enabled by the dark web and other anonymising technologies, such as bespoke encrypted devices for criminal use, present a direct challenge to community safety and the rule of law. For example, on the dark web criminals carry out their activities with a lower risk of identification and apprehension."
There are many smart criminals. This law will do absolutely nothing to stop them. The smart ones, the ones you need to stop, will just move to a different system. One where the government cannot hack no matter what law is passed. This law may catch a few criminals; it will be used more against people. Your social media post about protesting ... taken down and you get sent to an Australian gulag.
The thing to do is what the FBI did a few years back. They convinced criminals to buy phones that used an encryption system that the FBI had access to. They convinced criminals to use their compromised service. This was not an existing service that had a backdoor. This was a honeypot the US government set up to specifically catch criminals.
Exactly. This will do absolutely nothing against terrorists, against the child abusers who create CSAM, against the most serious organised crime. Those people understand encryption, understand that they need to use standalone encrypted services (not dependent on a third party), understand the need to employ people who can teach them about key management, etc. The encryption cat is well out of the bag and the serious bad guys - the 4 horsemen of the apocalypse - will be doing it properly, under their own control and unaffected by these laws.
The laws will, indeed, be used against the consumers of CSAM but it will mostly be used against people organising "illegal" demonstrations (whether BLM in the US or Extinction Rebellion in the UK), against trade unions, against asylum seekers and against people who are a threat to the powers that be. Some of them will be criminals, but not all. Some of them will be victims (of planted evidence, of taking down of legitimate sites or communications, ...).
Is it just me that gets annoyed by unexplained Acronyms?
Child Sexual Abuse Material (CSAM). The full text does appear towards the end of the arcticle but not with the acronym.
I'd only expect a small proportion of readers to know the above meaning and others may be confused knowing of: CSAM, Customer Support and Maintenance (electronic commerce)!
It's entirely possible to argue against the strongest possible action against those who create or consume child sex abuse material, when creating the framework that allows that action enables the complete elimination of basic freedoms for all in favour of overreaching state power. We seem to have forgotten that government is an unwelcome imposition to be tolerated insofar as it serves us, not a godhead or a master. Given the staggering witlessness and incompetence of those who presently govern us, pretty much irrespective of who "we" refers to, this is somewhat surprising.
Broad powers created to fight "terrorism" or child abuse always end up being used to serve petty bureaucracy, fight personal vendettas and line pockets. Or have we forgotten McCarthyism so completely? If so, then let's at least remember that the UK's IPA has been used by councils to check whether people are putting the right things in the right bins. That was created to fight "terrorism" and "organised crime" too.
Biting the hand that feeds IT © 1998–2021