Australia on the cusp of showing the world how to break encryption

You just pass a law, apparently

By Richard Chirgwin


The Australian government has scheduled its “not-a-backdoor” crypto-busting bill to land in parliament in the spring session, and we still don't know what will be in it.

The legislation is included in the Department of Prime Minister and Cabinet's schedule of proposed laws to be debated from today (13 August) all the way into December.

All we know, however, is what's already on the public record: a speech by Minister for Law Enforcement and Cybersecurity Angus Taylor in June, and the following from the digest of bills for the spring session:

Implement measures to address the impact of encrypted communications and devices on national security and law enforcement investigations. The bill provides a framework for agencies to work with the private sector so that law enforcement can adapt to the increasingly complex online environment. The bill requires both domestic and foreign companies supplying services to Australia to provide greater assistance to agencies.

What's worrying to Vulture South is not so much the government sticking to the idea that there are magical powers to be had to decrypt strongly end-to-end encrypted messages.

It’s that there’s a persistent strain of authoritarian magical thinking that keeps looking for some kind of reality-hack that gives law enforcement what it wants without somehow breaking encryption. For example, defenders of the government’s position argues that you can keep encryption intact if you only attack end-user devices (say, a rootkit with screen-capture powers), and that proves that the government doesn’t want to break into networks.

Australia wants tech companies to let cops 'n' snoops see messages without backdoors


In effect, it is argued, the government wants to force companies to push rootkits onto users to read received and sent messages without decrypting network traffic.

Apart from the dodgy technological sophistry involved, this belief contradicts what Angus Taylor said in June (our only contemporary reference to what the government has in mind).

“We need access to digital networks and devices, and to the data on them, when there are reasonable grounds to do so,” he said (emphasis added).

If this accurately reflects the purpose of the legislation, then the Australian government wants access to the networks, not just the devices. It wants a break-in that will work on networks, if law enforcement demands it, and that takes us back to the “government wants a backdoor” problem.

And it remains clear that the government's magical thinking remains in place: having no idea how to achieve the impossible, it wants the industry to cover for it under the guise of “greater assistance to agencies”.

Telcos (although not companies like Apple or Google) already provide plenty of assistance – lawful intercept, metadata, and the like – but the “greater assistance” is specifically in the context of access to encrypted communications.

It's nothing more than a legislatively-encoded rehash of FBI Director Chris Wray's plaintive call that since the technology existed to put a man on the Moon, technology must exist to decrypt communications.

Perhaps, like loonies who think someone's hiding the secret of burning water to power cars, governments believe the technology they want already exists, but telcos and tech platforms are hiding the fact. Stupidity or conspiracy: it's hard to know which is worse. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

Those facial recognition trials in the UK? They should be banned, warns Parliamentary committee

Updated Latest call to halt creepy tech likely to fall on deaf ears

UK Home Secretary doubles down on cops' deeply flawed facial recognition trials

1984 is not an instruction manual, and yet here we are

Metropolitan Police's facial recognition tech not only crap, but also of dubious legality – report

Just 8 out of 42 matches correct, say uni researchers

Photo 'memories' storage biz Ever uses family snaps to train facial recognition AI

You mean you didn't read the 2,566-word privacy policy?

Baffling tale of Apple shops' 'non-facial' 'facial recognition', a stolen ID, and a $1bn lawsuit after a wrongful arrest

Teen loses driving permit, gets wrongly linked to spate of thefts

SEC says no to Amazon bid to stop shareholders voting on use of facial recognition system

Proposal seeking to halt sale of Rekognition to US agencies to be heard at annual meeting

Arrested development: Cops dump Amazon's facial-recognition API after struggling to make the thing work properly

15 months of wrangling and Orlando couldn't even begin testing AI cloud tech for population surveillance

Gamers get a chance to battle an AI on the QT. Plus: Robo-marines, and fisticuffs over facial recognition in Detroit

Roundup Rapid-fire summary of machine-learning news

San Francisco votes no to facial-recognition tech for cops, govt – while its denizens create it

Alternative headline: Face-rec tech rekt – wham ban, thank you, San Fran

New phone who dis? Facial recognition models more farcical despite progress

GTC AI doesn't always work as well as you'd expect in real life