[LINK] Senate committee probes AGD's data retention activities
Rick Welykochy
rick at praxis.com.au
Mon Nov 1 19:59:40 AEDT 2010
Bernard Robertson-Dunn wrote:
> Assumption: We are talking here about accessing email via an ISP
> connection and POP.
How about another assumption. The data retention act will require
the logging of authentication information. This information comes
in handy when dealing with terrorists and child molesters. And such
information is rife throughout the Internet protocols, i.e. it can
be part of a URL:
telnet://nastyperson:password@nastysite.co.uk
or part of a protocol preamble, e.g. for email:
USER: nastyperson
PASS: password
or simply contained in a packet as content ... or "data" if so
defined by the act, e.g.
"My machine password is xyz"
At the risk of digressing, be aware that in the UK it is considered contempt
not to reveal authentication information when requested by the courts.
e.g.
<http://www.webuser.co.uk/news/top-stories/502161/teen-jailed-for-not-revealing-password>
In the USA defendants can "take the 5th (self-incrimination)" ...
<http://cyb3rcrim3.blogspot.com/search?q=revealing+password>
cheers
rickw
--
Rick Welykochy || Praxis Services
When choosing between two evils, I always like to take the one I haven't tried before.
-- Mae West
More information about the Link
mailing list