[LINK] Australian Privacy Foundation's 'easy option'?

stephen at melbpc.org.au stephen at melbpc.org.au
Sat Apr 28 00:41:18 AEST 2007 

Richard writes,

> Well, the story's a bit of a technical jungle, but I would guess
> the "easy option" is to:
>
> - Force backdoors in encryption;
> - Impose the interception load on ISPs; and
> - Require mass-capture of traffic.

Thanks RCx2 and AC .. all ones if you ask me (no pun intended).

But, what about an encrypted VoIP / WiFi VPN scenario? T'would
seem a simple future set-up for another Mokbel family, or perhaps
the Jihad inclined.  Any ideas how FedGov intercepts will work then?

Btw, for clarification regarding the APF position, Nigel kindly emails:

--
Stephen .. One of our Board members forwarded your comment
on the. article, with a question about my assertion about easy options.

What I meant to convey in my longer discussion with the journo was that
the government has a tendency to take the 'easy option' of legislating to
accommodate law enforcement & national security ambit claims (often
unsubstantiated with hard evidence of need or likely effectiveness) rather
than doing the hard work of trying to maintain the difficult but essential
balance between those public interests and other important values, 
including privacy and civil liberties.

Feel free to post this to LINK if you wish

Nigel

*************************************************************
Nigel Waters, Board Member and Policy Coordinator
Australian Privacy Foundation
E-mail: enquiries at privacy.org.au
APF Web site: http://www.privacy.org.au
*************************************************************

> OK: encryption is a problem for interception. But interception itself
> is not such a mystery. For that part, you do what you've always done -
> get a court order applying to a specific connection and capture its
> traffic. Even packets traverse physical ports. Yes, I know that there
> are specific workarounds but most services run through a specific
> physical link.
>
> Let's take the "Skype on cellular" option. Here, a court order to
> capture all traffic from a particular mobile device would enable the
> intercept; once again, it's that once you have the traffic, you need to
> decrypt it.
>
> Where the VoIP call is to a PSTN phone at the other end, things are 
> simpler, because at some point the call is likely to be "in the clear" 
> (not universally, just "mostly").
>
> I suspect at some point law enforcement is going to have to accept that 
> encryption is "here to stay". What if the TCP/IP decryption problem is 
> solved? There's always quantum crypto just around the corner.*
>
> RC
>
> * I have a problem with an apparent contradiction in quantum
> cryptography. Intercepting a message supposedly destroys the quantum
> entanglement, meaning you cannot intercept undetected. Yet to overcome
> the distance limitations of the technology, scientists have also
> invented "quantum repeaters" - which seems to me to represent a
> possible MITM attack on the communication path.
>
> stephen at melbpc.org.au wrote:
>> Tony forwards:
>>
>>>> Subject: ACMA introduces new number range for innovative 
>>>> communications services such as VoIP
>>>>
>>>> ... new location-independent service type, and number range, to 
>>>> facilitate the introduction of innovative communications services ..
>>>> <http://www.acma.gov.au/WEB/STANDARD//pc=PC_310162>
>>>>
>>
>> Hmm .. maybe these two items, above and below, are related? Does
>> anyone know what the Australian Privacy Foundation's 'easy option'
>> might entail?
>>
>> Net Voice Haunts Spooks
>> Chris Jenkins APRIL 24, 2007 
>> <http://australianit.news.com.au/articles/0,7204,21609052%5E15319%5E%
>> 5Enbv%5E,00.html>
>>
>> Spooks and police these days have to deal with almost untraceable Skype
>> calls made from mobile phones using mobile data networks using handsets
>> such the Hutchison X series.
>> The proliferation of carriers and services and the advent of easily
>> available encryption means the days of the humble phone tap have 
passed,
>> IT security expert and Queensland University of Technology faculty of
>> information technology associate dean Bill Caelli said.
>> "The biggest challenge right now for law enforcement is the legal and
>> practical challenge of convergence," Professor Caelli said. "It's a hot
>> topic. .. What do you do about VoIP, about Skype and all those sorts of
>> things?"
>> IP networks don't readily lend themselves to interception or even
>> emergency calls services, said the Australian Privacy Foundation's 
Nigel
>> Waters.
>> "There are some questions as to whether technically the VoIP carriers 
are
>> able to provide the law enforcement agencies with the interception
>> capability that they require. There are ongoing discussions about 
whether
>> they can deliver," he said.
>> More and more communications services are being encrypted as a matter 
of
>> course and transmitted over privately owned networks. This encryption 
is
>> forcing agencies to use less capable and easily discoverable means of
>> eavesdropping on suspects, such as bugging a room, Professor Caelli 
said.
>> The arrival of IP has thrown up law enforcement issues that simply 
didn't
>> exist in the era of government-owned phone companies offering simple
>> services from within the exchange.
>> For example, a company using a VPN may conduct encryption using its own
>> equipment on its own premises, for information to be transmitted via 
its
>> own network, Professor Caelli said.
>> "The dimensions that you're running into are not just technical. 
They're
>> legal and they have to do with ownership and with point of 
interception,"
>> he said.
>> "How would interception work in a VPN environment where everyone is
>> connected to what is essentially a telephone exchange owned by the 
>> company?
>> "Once you move across to a TCP/IP world, how do you separate out the
>> services?"
>> The arrival of new communications was also challenging the safeguards
>> that govern the way telecommunications were intercepted, the APF's Mr
>> Waters said.
>> "The temptation for governments is to say this is all too difficult and
>> to take the easy option, and this results in an overall diminution of
>> privacy," he said.  The Australian --

Cheers all ..
Stephen Loosley
Victoria, Australia

More information about the Link mailing list