Skip to main content

2018 Assistance and Access Bill

This is a cross post from my less technical blog at https://abeath.blog

Passed the Senate last night, rushed through in a day by a bunch of politicians that probably haven't read any of the submissions or listened to anyone in IT about the impact on privacy these encryption changes will make. Man it makes my blood boil. There was an article on Business Insider about it quoting a software consultant in Melbourne Tom Sulston and he summed it up really well:
1. The bill is bad for security because encryption keeps us safe from criminals. This bill will make it easier for them to hack us.
2: The bill is bad for jobs because software companies will choose not to work in Australia, as this bill is fundamentally incompatible with GDPR.
3: The bill is bad for workers, as it opens up all sorts of penalties if we conscientiously object to being drafted into the security services.
4: The bill is bad for democracy as it will make it easier for a sitting government to access the private communications of journalists, opposition politicians, unions, businesses, et al.
5: The bill is bad for the economy because global consumers will choose digital services that come from countries that are not threatened by Australian legislation.
There are clearly plenty more reasons why the bill is terrible, but these are some big, big problems.
https://twitter.com/tomsulston - see his feed for more stuff
I read this and can't help but agree. If I'm a criminal I would be super happy about this decision. You can be damn sure those guys will find open source software that isn't screwed the Australian Government and lock their shit up tight while the rest of us have defective software and devices allowing all and sundry to mess with our stuff.
This is a sad day indeed for Australia and we are rightfully the laughing stock of the technical world. What is worse is that this Bill was passed in order to stop another Bill being defeated (and this Bill is to get kids of Nauru for medical treatment. I'm not going to comment on that - I'm cranky enough with this other thing). So stupid politics screws the pooch royally here and there's only the House left to amend it.
Saints preserve us (I sound like little old Southerner). I am so disappointed in this decision and despite having written to my local member (I missed out on a submission to the stupid Bill thing) on several occasions I am very unhappy with this result. I'm also pissed at the behaviour of our elected officials trivialising something like this into name calling and bullshit behaviour when it is so important. Telling the opposition leader he is a "a clear and present threat to the safety of Australians" while they are looking at the Bill in order to guilt it through is really not good enough. If the Bill and the reasons behind it are solid, then an ad hominem attack like this is unnecessary and paints those elected in a worse light.
And while I'm on the soap box law enforcement needs to take a good look at themselves too. They're proposing to weaken encryption for everyone in order to catch a few people. Guess what idiots? More people will be negatively affected by this than the positive outcomes. You're weakening my encryption, my wife's and my kids to catch criminals. How about investing in some good old fashioned police work and updating the way you pursue criminals rather than screwing up things for everyone? I wonder if they have even looked carefully out the outcomes of this legislation past the echo chamber they live in. It's very disappointing and once again I'm considering moving to the moon.
Update:
I have to add to this after reading some more stuff about the Bill online. There were 173 amendments put forward to this Bill hours before it passed. The Senate were asked to consider 173 different amendments. I can't highlight this enough. 173 is a shite load. Surely this is an example of how flawed the bill was? Here is one of the Senator's takes on it:
It's fine, they're only asking for 173 amendments to be moved together. 173. Amendments most of us only saw an hour or two ago. 173.
It's a complete shitshow #AAbill #encryption #Auspol
— Senator Jordon Steele-John (@Jordonsteele) December 6, 2018
Twitter....
Come on! Seriously! Further to this, I've looked at the Bill and I'm gravely concerned that the current accreditation we have to have to work with the Government departments might be incompatible with this Bill and I could go to gaol for denying the Government fucking up our security in order to have the accreditation to work with the same Government. Is that not completely stupid? Welcome to Australia....
Rant over.

Comments

Popular posts from this blog

Windows 10 Enterprise Eval - gotchas

After an annoying turn of events where my Windows 10 Enterprise USB drive failed, attempts to install Win10 onto a computer failed miserably. I turned to the net and managed to get my hands on Microsoft's Windows 10 Enterprise Evaluation. I have an enterprise key so I thought - cool! Here's the opportunity to get it going and to then upgrade the license later. Full install, patched etc and all is swell. Except when I try to upgrade. I straight up tried changing the licence key only to get a variety of errors, most of which are pertaining to the activation system being unavailable. The I try this: https://winaero.com/blog/upgrade-windows-10-evaluation-to-full-version-easily/ but it doesn't work either. Next I'll try this: h ttp://www.edugeek.net/forums/windows-10/174594-upgrading-windows-10-enterprise-90-evaluation-full.html And if all else fails, in goes the bootable USB I've now created. If only I'd had this in the first instance I would not be writing t

Plone - the open source Content Management System - a review

One of my clients, a non-profit, has a lot of files on it's clients. They need a way to digitally store these files, securely and with availability for certain people. They also need these files to expire and be deleted after a given length of time - usually about 7 years. These were the parameters I was given to search for a Document Management System (DMS) or more commonly a Content Management System (CMS). There are quite a lot of them, but most are designed for front facing information delivery - that is, to write something, put it up for review, have it reviewed and then published. We do not want this data published ever - and some CMS's make that a bit tricky to manage. So at the end of the day, I looked into several CMS systems that looked like they could be useful. The first one to be reviewed was OpenKM ( www.openkm.com ). It looked OK, was open source which is preferable and seemed to have solid security and publishing options. Backing up the database and upgradin

Fixing a black screen after doing a Kali Linux update

Kali Linux is a rolling Linux distribution designed for security and penetration work. You can find details on it here: www.kali.org . We run this excellent product for a range of different security work and it's been great. I built the image in VMplayer, then shared it to the team and we've all been at it since. A recent update broke it though - black screen, no network and completely unresponsive. There are lots of posts about similar things - mostly to do with graphics adaptors, however, we found that executing the following at a root prompt fixed it. But how to get to the root prompt from a blank screen? Linux has a number of terminals available to the user - most of us use the graphical one to do our day to day, but you can access a command line prompt without much trouble. Simply hold CTRL-ALT and then F2 or F3 down at the same time and it drops you to a command line login. BOOM. Time to fix it up. For me, and for the other fellas in the team, all it too was to