[LINK] Senate committee probes AGD's data retention activities

[Kim Holburn]

On 2010/Nov/01, at 7:37 PM, Rick Welykochy wrote:

> Kim Holburn wrote:
> 
>> If the filter is mandated, then ISPs will have to put in a proxy/application gateway for http and some ISPs already have them.  With a proxy they will have access to the http headers.
> 
> Forests and trees, Kim. If data retention legislation is passed,
> proxies and filters are irrelevant.
> 
> *ALL* data communications as defined by the new act will have to
> be intercepted, analysed and logged by all carriers.
> 
> And just what that analysis is and how deep into the packets it
> travels is one huge mother of a big kettle of fishy stuff.
> 
> You certainly make a valid point about encrypted communications
> and MITM to exploit. If this became public knowledge, i.e. breaking into
> encrypted streams/packets is part of normal logging operations to satisfy
> the requirements of the data retention act, you can say goodbye to confidence
> in e-commerence, online banking and anything to do with consumerism in cyberspace
> in Australia. Only a well oiled gestapo policing system could keep such an
> intrusion quiet and out of earshot of the press.

Technically I don't believe MItM attacks could possibly done on such a scale.  It is extremely difficult.  It might be done for *one or two* streams per month with the resources of a government, a government of a large and technically adept country.  Otherwise most browsers would just baulk.

> BTW: you can also say goodbye to network throughput ;)
> 
> cheers
> rickw
> 
> (( not wishing to terminate the thread due to Godinw's law! ))

Hey is there a Godwin type law for mentioning Stalin?

> When choosing between two evils, I always like to take the one I haven't tried before.
>     -- Mae West

Heh!

-- 
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request