Alec Muffett Profile picture
everybody deserves good security

Sep 4, 2018, 13 tweets

Australia: "The Assistance and Access Bill 2018" - the people of Australia have SIX DAYS in which to register their feelings on encryption back doors: homeaffairs.gov.au/about/consulta… #straya #endtoend

A Bill for an Act to amend the law relating to telecommunications, computer access warrants and search warrants, and for other purposes #otherPurposes

A technical capability notice may require the provider to do acts or things by way of giving help to ASIO or an interception agency in relation to…

Oh my; the ancillary blogpost drips with irony:

To increase the strength of private institutions to attack by foreign surveillance, it is necessary to diminish their resistance to privacy invasion by ourselves or any other party: homeaffairs.gov.au/about/national…

It literally says "Foreign interference threatens […to] interfere with private-sector decision making", from the perspective of wanting to interfere with private-sector software architecture decisions.

"S'right, mate, you get a free choice in -where- you put a backdoor into your software and what shape it is; can't say fairer than that…"

homeaffairs.gov.au/about/national…

Australia: here's your chance to tell the Government why backdoors in software make -everyone- insecure:

** The Government welcomes your feedback. Submit any comments to assistancebill.consultation@homeaffairs.gov.au by 10 September 2018. **

I was architect & team lead for Facebook Messenger Secret Conversations (ie: End-to-End Crypto) — if this perp was using Snapchat, it strongly suggests that he has the operational security nouse of a pineapple.

Snapchat is not an "encrypted communication method"; it's a cesspit.

Disparagement aside, though: Snap have a perfectly decent law-enforcement page and will offer Australian law enforcement help under MLATs, and they can actively "spy" on named users; it would be interesting to know why this was not sufficient: snap.com/en-GB/safety/s…

Given that the Perp was using Snapchat, his use of Messenger was likely equally capable of being subpoenaed under MLAT using the Facebook's law enforcement portal. Again, it would be good to know why Vic police found this insufficient: facebook.com/records/login/

Quote: « Victoria Police was unable to access evidence which would have enabled them to secure a successful prosecution and identify further victims » — incorrect; metadata "fanout" of whom the Perp has been interacting with is known to Facebook in all circs. Just -ask- them.

Reading this, I must ask myself which of the Australian Gov't, or else the Victoria Police, are demonstrating either incompetence (in investigation) or misrepresentation (to seek to shift public opinion) - investigation is entirely possible, potential other victims identifiable:

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling