On Fri, 23 Nov 2018 at 14:47, Paul Brooks <[email protected]> wrote:
> On 23/11/2018 11:37 AM, Alex Samad wrote: > > Wondering what the implications of this bill and the recent China was > stealing our > > traffic.... > > > > So in theory could china steal / sniff our traffic and because of these > weakening of > > encryption allow china to snope on our stuff > > > > A > In theory no - this bill doesn't weaken encryption, and explicitly doesn't > allow any > changes that would weaken encryption. > They say that - but I don't believe them. I don't think they even understand what they're suggesting (or if they do understand, they're relying on others not understanding, or not caring). > > This bill seeks to bypass encryption entirely by giving the agencies > easier access to > get into devices and the back-end databases of apps and websites, to see > what is > stored in there -bypassing unlock codes, PINS, thumbprint readers etc on > devices for > example. So for traffic being sniffed 'in the middle' the information is > still > sent/received as fully encrypted - and man-in-the-middle snooper won't see > anything. > But if the authorities get hold of your phone or PC, they'll have easier > access to > look into your sent/received message stores and read whats in there, which > is stored > in your device un-encrypted. > The tools the authorities have access to will invariably fall into the hands of others. > > In practice, if they balls-up the change request given to the device > manufacturer or > app/website developer, anything could happen. > Yep. Aside from the direct ramifications, it's the indirect and unintended consequences that REALLY have the potential to be damaging. > > P. > _______________________________________________ > AusNOG mailing list > [email protected] > http://lists.ausnog.net/mailman/listinfo/ausnog >
_______________________________________________ AusNOG mailing list [email protected] http://lists.ausnog.net/mailman/listinfo/ausnog
