The Australian attorney general has mooted a proposal to require service providers to compromise their cryptographic security in order to assist in wiretaps. The proposal is given passing mention in a senate submission from the AG's office, where it is referenced as "intelligibility orders" that would allow "law enforcement, anti-corruption and national security agencies" to secure orders under which providers like Google, Facebook and Yahoo would have to escrow their cryptographic keys with the state in order to facilitate mass surveillance.
Edward Snowden referenced this possibility in his SXSW remarks, pointing out that any communications that are decrypted by service providers are vulnerable to government surveillance, because governments can order providers to reveal their keys. This is why Snowden recommended the use of "end-to-end" security, where only the parties in the discussion -- and not the software vendor -- have the ability to spy on users.
The "intelligibility order" is the same kind of order that led to the shutdown of Lavabit, the secure email provider used by Snowden, whose creator shut the service down rather than compromising his users' security.
"Sophisticated criminals and terrorists are exploiting encryption and related counter-interception techniques to frustrate law enforcement and security investigations, either by taking advantage of default-encrypted communications services or by adopting advanced encryption solutions," the submission noted.
Though it does not name its key targets, Yahoo!, Google and Microsoft already enable encryption by default for their respective web-based email services. BlackBerry's messaging encryption has also previously been raised as a law enforcement issue.
Under the department's plan, "law enforcement, anti-corruption and national security agencies … [would be able] to apply to an independent issuing authority for a warrant authorising the agency to issue 'intelligibility assistance notices' to service providers and other persons".
Attorney General's new war on encrypted web services [IT News]
The Justice Department today announced indictments for 80 individuals on charges they ran a massive business email and money laundering scam that operated in part out of Southern California. DoJ’s 145-page indictment was unsealed Thursday, and charges 80 named individuals with conspiracy to commit mail and bank fraud, plus aggravated identity theft and money laundering. […]
Last Mother's Day, grandmother Rhonda Mengert was subjected to a pat-down search at Tulsa airport, wherein a TSA agent felt a panty-liner in her underwear; she was then forced to strip down and show her panty-liner to a female TSA agent. Naturally, she filed suit against the TSA.
Few states have voting machines that are simultaneously more obviously defective and more ardently defended by the state government than Georgia, where 16-year-old touchscreen systems are prone to reporting ballots cast by 243% of the eligible voters and where gross irregularities in election administration sends voters to the wrong polling places or sends co-habitating husbands […]
There’s no shortage of stories about the benefits of cannabidiol, that benign (and non-psychoactive) cousin of THC. Some have been using it for years to deal with pain, stress, and sleeplessness. And the more people use it, the more discussion there is about how to use it. While there’s no shortage of quality edibles on […]
Are we done with capsule coffee makers yet? Sure, they’re easy. But they are not so easy on the environment, and it’s debatable whether they actually make a better cup. Luckily, there’s never been a better time to switch back to the good old reliable drip method – especially when drip coffeemakers have quietly been […]
If there’s one thing that stayed consistent through the last decade or so of tech industry turmoil, it’s the love affair between techies and Linux. There’s just a ton you can do with the OS, and its open-source format means you can customize your rig from the ground up. Apparently not content with that level […]