Cryptography - or: quo vadis, Australia?

Discussion in 'Serious Discussion' started by ancestor(v), Jan 14, 2019.

  1. ancestor(v)

    ancestor(v) Admin
    Staff Member

    Jun 26, 2007
    2,726
    4,773
    90
  2. nodnar

    nodnar MDL Expert

    Oct 15, 2011
    1,041
    739
    60
    they need an epidemic of yellow vests down under.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. ancestor(v)

    ancestor(v) Admin
    Staff Member

    Jun 26, 2007
    2,726
    4,773
    90
  4. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,544
    11,549
    340
    #4 Yen, Jan 15, 2019
    Last edited: Jan 15, 2019
    Oh no, not again!

    AFAIK the US had cryptography on the United States Munitions List until Clinton has changed that.
    It should be a means that is reserved to the US federal states government only.

    They were against the general public presence of cryptographic tools on the www and especially PGP and they wanted to forbid any downloads of such.

    There was a US only version of Netscape with strong encryption (reserved for USA) and an international version with weak 40 bit encryption.


    They (NSA) wanted to issue a clipper chip.
    A cryptographic chip with own serial number and GAK (government access to keys)

    This happened in the 90s.
    https://www.washingtonpost.com/news...olicies/?noredirect=on&utm_term=.c2353fcb715d

    The only 'reasonable' way to have 'backdoors' is to compromise the key pair creation.
    The controlling instance then has a sort of master key.
    By that you can forget about the whole sense of encryption, though.
    I myself consider any statutory restriction/ control on cryptography as unconstitutional...

    The only countermeasure to the idea of the Australian government is to use open source cryptographic products.

    Encryption is an important means to guarantee privacy, privacy of correspondence...also there is the democratic right to refuse testimony.

    Nobody should have more control as the user itself. And only the authorized recipient should be able to decrypt.

    Leaked documents to break encryption:
    http://www.spiegel.de/international...attacks-on-vpn-ssl-tls-ssh-tor-a-1010525.html
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. nodnar

    nodnar MDL Expert

    Oct 15, 2011
    1,041
    739
    60
    Der Feind hört mit!
    it is of all times..
    the uk, in the days of telegraphy, was cheerfully
    eavesdropping on the transantlantic cables
    that all landed on their coasts.plus outgoing cables
    to the continent too, so pretty much
    most of the civilized world.and they were not
    telling anyone.ever since Snowden everyone
    is at least aware of it now.hence the need for encryption.
    [not that i have such a lot to hide, but i would just like
    to spare myself some embarrassing thoughts...
    and what i do online privately is none of the Feinds`
    business anyway.]
    but this newfangled aussie law seems totally daft.
    like peeling an egg with a sledgehammer.
    as you say, ancestor[v], the implications.....
    i always had my doubts about encryption..
    it takes processor resources and i had to assume that
    there would be a permanent us-designed backdoor.
    but this aussie thing is just too much.
    the implications are that it can create a
    weakness in software for access badges too.
    [you cannot lock your own door anymore, unless
    you use a good old key for that.]
    i really wonder what has the human rights
    brigade to say about that.is australia exempt
    for human rights? [ they only seem to think they are, imo.]
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,544
    11,549
    340
    #6 Yen, Jan 15, 2019
    Last edited: Jan 15, 2019
    end-to-end encryption with reasonable key length and randomized creation is safe.
    That's the reason why they want to have such absurd regulations.
    Also GPG is a safe and proper concept.

    When you use proper encryption and you create the key-pairs yourself with proper entropy and you do not hand-out the keypairs you are the owner of the received messages and you can determine who can encrypt by sharing the public part....
    There is no backdoor nor a 'tool' which could change that.

    Also a proper company that sells applications and the corresponding server infra structure service for secure messaging never would be able to decrypt messages from their customers themselves. And they would delete the encrypted messages from their servers right after delivery.

    Even the locally stored messages on the customer's devices would be safe if the device should become seized by authorities as long as one can hide the key-pair. (actually the private one)

    We just have to make sure to have a sufficient key length and a true randomized factor at creation.
    And there will be no backdoor at the cryptography itself...

    Flawed random number generator as backdoor. (2015)
    https://blog.cryptographyengineering.com/2015/12/22/on-juniper-backdoor/
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. ancestor(v)

    ancestor(v) Admin
    Staff Member

    Jun 26, 2007
    2,726
    4,773
    90
  8. nodnar

    nodnar MDL Expert

    Oct 15, 2011
    1,041
    739
    60
    so strange, no reaction from other members in this thread. i am afraid that they all turned into meek,weary fatalists...:(
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. ancestor(v)

    ancestor(v) Admin
    Staff Member

    Jun 26, 2007
    2,726
    4,773
    90
    Maybe everyone is from Australia :p
     
  10. Michaela Joy

    Michaela Joy MDL Crazy Lady

    Jul 26, 2012
    3,883
    4,316
    120
    I remember the Clipper chip.
    I guess that means I'm getting old. :wheelchair:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    2,927
    1,652
    90
    Even before 9-11 the U.S. govt wanted to know everything about everybody on line. I can recall in 2000 they came out with a tool called "Carnivore" to track emails, of course they only got much better and more secret about what the NSA really does with our privacy
    https://abcnews.go.com/Technology/story?id=119469&page=1
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. MS_User

    MS_User MDL Guru

    Nov 30, 2014
    3,115
    580
    120
    edward snowden comfirm to the world what many of us suspected already....but remember is all done to keep us safe;)
     
  13. rayleigh_otter

    rayleigh_otter MDL Senior Member

    Aug 8, 2018
    425
    368
    10
    #13 rayleigh_otter, Jan 24, 2019
    Last edited: Jan 24, 2019
    Keep who safe exactly? Because when the masses rise up(read your history and look at France over the past weeks) they will use it against us.
     
  14. gorski

    gorski MDL Guru

    Oct 21, 2009
    3,220
    838
    120
    I'm not sharing my home made videos voluntarily!!! :D :D :D

    When South Africa was a pariah state they did not share the master key to their encryption SW with NSA/CIA/etc. and we (the rest of us when the SW was leaked) had something safe from all that bad situation - but now it's a different ball game, isn't it...??
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    2,927
    1,652
    90
    #15 Joe C, Mar 16, 2019
    Last edited: Mar 16, 2019
    “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” ...
    ---- Ben Franklin

    We have already failed at protecting ourselves Liberties from our government. I think it was around 9/11/01
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...