An epic story in The Witcher universe, as told with cards.
Thronebreaker: The Witcher Tales Review | Cards on the Table
We sit down with Blizzard to discuss the studio revisiting the classic real-time strategy of 2003's Warcraft III: Reign of Chaos.
Warcraft III: Reforged – Remaking a Classic
A Love Letter to the Western Classic
Red Dead Redemption 2: Rockstar's Road to Redemption
Assistance and Access Bill - weakening encryption
trog
AGN Admin
Other International
39715 posts
Being discussed today in the House of Representatives is something called the Assistance and Access Bill, which is a new piece of legislation that aims to make us more secure by (amongst other things) requiring technology companies to include a way for law enforcement to be able to access encrypted information - for example, they want to legislate a system that compels (say) Facebook to allow the government to eavesdrop/intercept messages in (say) Whatsapp. The argument from law enforcement is that they can basically not spy on people because the current system of crypto is too good and terrorists are using it to do stuff.

You can listen/watch the live stream of this right now; as I am writing this someone from Digital Rights Watch is currently explaining their reservations with the system.

The general consensus of the technical community is that this bill is terrible because it will weaken encryption, making us all less safe online. Further, most of the solid crypto-based messaging systems are open source and any criminal will be able to trivially avoid this by using easily available open source software.

It is an interesting discussion; I'd encourage anyone interested in preserving their ability to maintain privacy to read more about it and you can help fight it by becoming an EFA member or donating to Digital Rights Watch.

In case anyone is not sure, encryption:
- keeps messages sent between you and someone else secure from eavesdroppers
- means if you lose your [modern] phone, people can't pick it up and pull all your data off it
- ensures your personal information can be stored safely in data centres so people can't just copy it off the disks and know everything about you
- makes sure you can bank online over wifi without having to worry about people intercepting and stealing all your money
- literally underpins almost every single thing you do on a computer, mobile phone, tablet, or anything that carries electricity these days

It's kind of a big deal.

Here is a Juice video:

10:58am 30/11/18 Permalink
system
Internet
--
10:58am 30/11/18 Permalink
BladeRunner
Queensland
2915 posts
It is concerning but I am not sure how it is going to affect other things that use encryption. If whatsap and google build a backdoor into their encryption for their apps, how does that weaken my banks online banking? Is encryption all the same of is there many different types for many different purposes?

This is a difficult question, liberty vs security.
07:56pm 30/11/18 Permalink
trog
AGN Admin
Other International
39716 posts
It is concerning but I am not sure how it is going to affect other things that use encryption. If whatsap and google build a backdoor into their encryption for their apps, how does that weaken my banks online banking? Is encryption all the same of is there many different types for many different purposes?
Very good question! There are many different types. And you're right: the system used for whatsapp and other messaging applications is generally different to that used by online banking (although there are some shared elements), so a compromise in one doesn't /necessarily/ mean a compromise in others.

One concern about the legislation is that being rushed through it's broad enough to require /any/ cryptosystem to be necessarily compromised so that law enforcement can eavesdrop. It seems inevitable that this will encroach on things like web-based crypto at some point.

One thing that noone has really figured out how to do yet is to create a good cryptosystem that weakens it enough to allow law enforcement access to it but keeps is strong enough to stop attackers - i.e., short of key escrow (giving the government the actual password as well) or simply CCing them on every message or something, there just are no good technical solutions that allow us to preserve most security while giving up just enough of it for the feds to monitor.

Good news though, Labor have stepped up to the plate for a change and pushed back after yesterday's testimony
11:10am 01/12/18 Permalink
Twisted
Brisbane, Queensland
12364 posts
In case anyone is not sure, encryption:
- Ensures the data has not been manipulated in transit.

Which is something state sponsored hackers and Govt. agencies (also just general malicious actors) have been doing for years, manipulating unencrypted data for tracking and identification purposes or to insert malicious code into site code in transit, etc.
to allow law enforcement access to it but keeps is strong enough to stop attackers
Pretty sure they're one in the same these days?
08:05pm 01/12/18 Permalink
Raven
Melbourne, Victoria
9639 posts
Which is something state sponsored hackers and Govt. agencies (also just general malicious actors) have been doing for years, manipulating unencrypted data for tracking and identification purposes or to insert malicious code into site code in transit, etc.

Not just governments, but ISPs. What, you think major ISPs haven't been using transparent proxies for decades to inject things like advertising and tracking over HTTP traffic?
09:54am 03/12/18 Permalink
Twisted
Brisbane, Queensland
12365 posts
What, you think major ISPs haven't been using transparent proxies for decades to inject things like advertising and tracking over HTTP traffic?
They sure have and this shouldn't be news to anyone. It has been in practice for over a decade. People should be very concerned about the Internet, but they never are.
08:10pm 03/12/18 Permalink
trog
AGN Admin
Other International
39718 posts
- Ensures the data has not been manipulated in transit.
yes very important one and a big reason to start using HTTPS on your own websites if you're not already. Let's Encrypt makes this sooo easy
10:46am 04/12/18 Permalink
Twisted
Brisbane, Queensland
12367 posts
Apparently the bill has bipartisan support again and will push through according to the news this morning...
08:31am 05/12/18 Permalink
ravn0s
Brisbane, Queensland
19188 posts
well s***. i guess we deserve it for electing such morons.


i look forward to tech companies pulling out of australia and the first major hacking scandal.
08:55am 05/12/18 Permalink
Twisted
Brisbane, Queensland
12368 posts
Yeah pretty much. In 1 go they've eroded any trust anyone could have in an Australian product.
09:40am 05/12/18 Permalink
Insom
Brisbane, Queensland
4673 posts
it's all bulls***, and it's bad for ya

I guess this will cover a certain class of popular messaging apps, but won't it just drive the development of even more 'peer to peer' solutions? (or the adoption of those that exist)
08:12pm 05/12/18 Permalink
system
Internet
--
08:12pm 05/12/18 Permalink
AusGamers Forums
Show: per page
1
Post a Reply
You must be logged in to post a reply.