Home Security IT lobby group says govt making encryption policy 'on the run'
×

Message

Failed loading XML...

IT lobby group says govt making encryption policy 'on the run'

IT lobby group says govt making encryption policy 'on the run' Featured

A lobby group for IT workers has slammed the Coalition government over its proposal to introduce laws to gain access to encrypted communications, saying such moves were completely unworkable.

IT Professionals Association president Robert Hudson said though the government was saying it did not want a backdoor into encrypted communication applications, such a method was the only way that it could achieve what it had stated it wanted to do.

In the wake of the terrorist incidents in London, both Prime Minister Malcolm Turnbull and Attorney-General George Brandis have proposed that curbs be imposed on encryption.

But Hudson said just making such statements could be interpreted as "political opportunism" because anyone who had an understanding of how encryption worked would know that such proposals could not be implemented.

"The government is suggesting that certain device and application vendors (Apple for iPhones, various Android phone manufacturers, Facebook for Facebook Messenger and WhatsApp, etc, maybe even SSL certificate vendors – nobody really knows yet, the government has not yet explained this) provide them with an ability to intercept and read encrypted messages in 'near real time'," Hudson said.

"With modern encryption processes, this is only possible if you have access to the key required to decrypt the message, as 'cracking' the encryption is largely not possible otherwise due to the mathematical complexity of the algorithms used."

Hudson said this meant that despite the government's protests that it did not want backdoors, "that's the only way to achieve what they want – and if they have backdoors into the encryption, then two things will happen:

"The backdoor will be leaked/exposed. This basically means that the encryption process can no longer be trusted.

"People will stop using encryption processes they cannot trust."

He said this would have little effect on the "bad guys" because those who were competent would switch to communications protocols they trusted or else manage the encryption keys themselves.

"By some reports, less than half of all communications between 'bad guys' is estimated to be encrypted today and these are likely already the competent ones. Such a knee-jerk reaction will, however, have a horrific impact on innocent use of encryption. Legitimate users will be forced to find other methods of encryption," Hudson said.

"If SSL certificate vendors are forced to bake 'backdoors' into their certificates, the impact on eCommerce alone (currently a $32 billion business in Australia in 2017) will be immense.

"This government appears to have not learnt anything from past technology initiatives that were implemented on the run. In typical fashion, there appears to have been no serious consultation with experts and disregard for (or no understanding of) the complexities involved."

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

RECOVERING FROM RANSOMWARE

Ransomware is a type of malware that blocks access to your files and systems until you pay a ransom.

The first example of ransomware happened on September 5, 2013, when Cryptolocker was unleashed.

It quickly affected many systems with hackers requiring users to pay money for the decryption keys.

Find out how one company used backup and cloud storage software to protect their company’s PCs and recovered all of their systems after a ransomware strike.

DOWNLOAD THE REPORT!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.

 

Popular News

 

Telecommunications