ASIO to tap private PCs, delete personal data -- USA to follow

[Bruce in West Oz]

ASIO Gains Right to Tap Private Computers

Sunday, November 28, 1999 - Australian Parliament has passed new laws that
permit the Australian Security Intelligence Organisation (ASIO, equivalent of the CIA) to tap the computers of private users. Not only can ASIO tap anyone's system, but the new laws also allow ASIO to alter, add or delete private data, if that action is required to gain any required access.

The new Amendment Bill was passed on November 25, 1999 -- the idea was originally set forth in May. The ASIO act had remained previously unchanged since 1979, and more than one member of Parliment complained that the new bill was rushed through too fast.

Australian Democrats say the new law is a serious breach of every Australian's privacy, while others say there is now a huge potential for evidence to become
planted or tampered with to sway an investigation. Little if any check and balance is in place that requires integrity assurances.

Similar efforts are underway in the United States, where federal officials seek to
gain the inclusion of backdoors in the new IPv6 protocol. By doing so, data could
be tapped as it travels between endpoints with the greatest of ease, virtually
eliminating any hopes of privacy through the protocol.

To date, the IETF has opposed such specifications in the standard, and privacy
advocates worldwide continue to speak loudly against such technology inclusions.

from: http://www.ntsecurity.net/go/2c.asp?f=/news.asp?IDF=184&TB=news

Slowly, but surely .......

B

 

[DC]

Bruce, you know I think highly of you.....

But what the hell is going on with you Aussies???!!

Gads! When are the tattoos being done?

------------------
"Quis custodiet ipsos custodes" RKBA!

 

[Valdez]

Another good reason to get PGP or another good encryption package using Public Key Encryption algorithms. As far as we know, a large enough key is unbreakable. A good idea if you are going to keep any important information on your computer.

Of course the other key thing to have is a good method of wiping off any information stored in non-encrypted form off of your hard-drive. I'm not sure how well the wipe package from Norton Utilities works, though they claim it was made to government specificiations to protect deleted material.

 

[Bruce in West Oz]

DC:

Well, I make an effort to keep up to date with news/current affairs/legislation etc. I heard, back in May, that this was proposed and rejected by the government.

Then nothing, zilch, nada -- until this popped up as a fait accompli this week.

On a gun-related note, I only found out this week, too, that our State Government has called for a "review" of the firearms laws, under threats from the Federal Government, for January next year.

This will "close some loopholes" in the existing legislation, such as:

• require anyone applying for a firearm or addition to a firearms licence to now show "100 points" of identification (which amounts to passport plus driver's licence with photo plus birth certificate)

• closing mail-order firearms-related sales between WA and the other States, forcing us to buy from gun dealers here in WA. Bear in mind, Perth (pop. 1.3 million) has fewer than about 7 gun dealers -- hence ammo prices are high! At the same time, the State Govt is "buying out" licensed gun dealers -- and then shutting them down. Ultimately, of course, we won't be able to buy ammo or anything to do with guns at all.

B

 

[alan]

Australia, like Great Britain, has an Official Secrets Act also, or is that only GB and Canada?

 

[SB]

PGPs are not unbreakable. It's just a matter of time. Of course, with a large key, it can take even a respectable agency up to a month to crack. But then, something like that should be plenty for the average folks like myself.

The biggest problem is perhaps not with software, but wetware (ie people). A 128-bit encryption program is no good if the password is "god" or if you've never changed your passwords before.

But then, I suppose it all really depends on how much security you think you need. Personally, while I have PGP installed and ready, I've never had the need to use it yet. The most sensitive information I have yet to transmit is about personal gossip. I'm sure the government is highly interested in who is dating who now.

Which leads me to yet another point. Perhaps we're over-reacting? If you're really serious about secrecy, keep your mouth shut. Please don't flame me, it was more of a rhetorical point than a pragmatic one. But even the government is not capable of just intercepting and analyze ever piece of data available out there. They have to narrow in on their targets. They can narrow their seach to specific targets or specific keywords.

If you're some harmless person going about your business, nobody will bother you. If you're someone talking trash about building bombs and overthrowing governments, well.... Hence the point about keeping one's mouth shut. But that's just it. Cunning criminals won't be talking about it openly over the net.

The government can also narrow their search by listening to random traffic and recording data that contains certain keywords. For example, if your unencrypted e-mail has something to the effect of, "Overthrowing the government by setting off a series of biological bombs in major cities." yeah, that might set off a few computers. Of course, large scale tapping schemes are not only cumbersome to implement, but they will also fail because the truely crafty people who are fanatical about security will encrypt their texts the old-fashion way before electronically encrypting them. It could be something as simple as keyword replacements. Instead of "overthrowing government", it could be "tulips". Instead of "biological bombs", it could be "petunias".

So, my opinion is that such a legislation will not work. I think more than anything, cunning criminals will remain uncaught by this net-tapping scheme while average folks like you and me will be harassed because we're not a danger to society and so we don't encrypt our data.

One last thing. I think the the deal with data deletion is a bit over-hyped as well. Even with window 95, it is impossible to remotely probe your computer's HD over the net. Even with programs such as Back Orifice requires physical contact with your computer to install the program before your files can be manipulated remotely. So, your HD is safe so long as your home is safe. "Net-tapping" can only occur during mid-transmission.

If you're the paranoid sort, there are freewares out there that will exceed NSA standards in data wiping. All it would take is a random seed generator that makes more than three passes (NSA minimum) at the file that you want to over-write. I don't recall the name of it, but I saw one that makes seven passes. But personally, I don't even use one. The most sensitive data I have on my computer are a few account passwords and some porn pictures. In fact, I prefer knowing I have the ability to recover data if needed to. To each their own.

[This message has been edited by SB (edited December 02, 1999).]

 

[oberkommando]

Bruce, where in hell is Ned Kelly when you need him?

 

[KAM_Indianapolis]

If you are truly paranoid and bent on conspiracy, hmmm... the good ole US Postal Service would probably do wonders. Crime, despotism, and terrorism are much older than the internet, and did fine without it for the greater percentage of human history.

Would be very easy to create a key-word replacement program, send it on a floppy disk, and use it with email. Don't know what the decryption success would be.

Also you used to read a lot about the government being against PGP. Haven't heard a peep about it lately. Could it be they are no longer worried because they have the hardware to break it now?

------------------
Peace through superior firepower...
Keith

If the 2nd is antiquated, what will happen to the rest.
"the right to keep and bear arms."

 

[Bruce from West Oz]

Ned Kelly? He wore <gasp> body armour (which, incidentally, is illegal here now)

Ah, "such is life".
(Ned's last words on the gallows.)



B

 

[Dennis]

Whether or not such invasions of privacy will work is not the point. Such snooping is unconstitutional without Probable Cause.

Additionally, we are *paying* the government to snoop on us.

Even worse, if their efforts are NOT effective, the government will spend MORE money and force technology upon us to facilitate their snooping.

Bummer!

The current government of Democrats and Republicans has forgotten who is the master and who is the servant. Worse, they gradually are reducing our role as "government servant" to that of "serf"!

And when THAT word is pronounced, I only want it to refer to internet "surf"!

We gotta replace these crackpots in Washington.

Stick it to 'em! RKBA!

 

[HankL]

SB You know that our govt. does not mind spending our money on things that do not work for them as long as they are a pain in the butt for us.
Hank

------------------
And who exactly were those guys in the black hoods firing rubber bullets and flash
bangs? Local police? THE
SECRET SERVICE ORDERED THE SEATTLE PD AND NATIONAL GUARD TO CLEAR THE
STREETS OF ANY AND ALL PEOPLE!!!

 

[alan]

Dennis, you wrote


The current government of Democrats and Republicans has forgotten who is the
master and who is the servant. Worse, they gradually are reducing our role as
"government servant" to that of "serf"!

Unfortunately, there is a lot to what you have said, however I wonder as to how many of the "sheep" out there have even tried to "remind" the political types of the facts. Perecious few, I suspect, leaving me wondering as to why this is, aside from the obvious laziness of most people.

 

[Dennis]

Alan,
I would guess (!) it is the fear of being singled out, being financially ruined, and hurting our family to an extent that we couldn't bear.

Laziness is a factor, but I would think fear is the greater obstacle.

Just pondering...

 

[DC]

It may be fear...but its unfounded. They flat out don't listen to us...period.

For example: Today there was a press release from Mike Honda...some dip**** Cali Assemblyman who stated that "the people of Calif have spoken and they want more gun control"....
Now this is on top of the laws the Gov has just signed(extensively covered here during the last year)....and this is referring to a special Assembly session going on right now.
There has been no outcry for additional gun laws....this is a bunch of communistic pols inventing more problems and heat.

------------------
"Quis custodiet ipsos custodes" RKBA!

 

[Dennis]

These "representatives" of the people were elected by the people!

So, unless the representatives misled the voters during the campaigns, the voters who elected these dipsticks are getting what they deserve.

The problem, of course, is too little heed is paid to logic, fairness, and (the old irritant to government) the Constitution.

I'm sorry, DC, for you and the other people in California who are Americans in spirit as well as merely in name.

 

[Ivanhoe]

several reasons to be concerned about computer security;
- it is already being used for economic warfare; search for the keyword "Echelon" (a systematic interception of telecommunications that the US gov't is using to aid American companies competing against foreign companies)
- can, and probably is, being used to build a profile against you (God help you if you've e-mailed an ethnic joke to a buddy and later had to defend yourself against someone of that ethnicity)
- your machine may be stolen from your house; unencrypted data such as financial accounts may lead to a serious monetary loss

http://www.tiac.net/users/smiths/privacy/cookleak.htm