We bust through the FUD around Australia’s proposed encryption law. Plus the demise of another dark web marketplace and why you might want to stick all your data in the cloud when you cross a border.
Using a Screen Reader? Click here
Multiple versions (ogg, video etc.) from Archive.org.
Please SUBSCRIBE HERE.
Follow us on Soundcloud.
A special thanks to all our supporters–without you, none of this would be possible.
If you are willing to support the show or give as little as 5 cents a day on Patreon. Thank you!
Big thanks to Dan Lueders for the headlines music and Martin Bell for the opening theme!
Big thanks to Mustafa A. from thepolarcat.com for the logo!
Thanks to our mods, Kylde, Jack_Shid, KAPT_Kipper, and scottierowland on the subreddit
Show Notes
To read the show notes in a separate page click here!
- News You Should Know
- More Top Stories
- Discussion
- Message of the Day
- (29:35) Devin (impact of show)
Len Peralta’s “I Don’t Understand Encryption”
Please let me be the one to apologise for the Australian Prime Minister. Believe it or not he is a tech savvvy person who founded an ISP called OZEMail back in the day before his brain and integrity were removed by the far-right here in OZ who hold his prime ministership in vice like grip.
Please do not judge the rest of Australia by the Turnbull. He cannot sneeze without approval from the alt-right cola loving polititians and like all power mad people will do or say anything to retain it.
I need to edit and I can’t – damn auto correct.
Savvy only has two vs
It is a far right coal loving government – not cola
Tom, I was just listening to DTNS 3073 and thought I’d give a different position on the snarky Australia vs Math topic. I’ve worked in IT and IT sec for almost 20 years, private sector, public sector, and international law enforcement. My first few points are the common thread of saying that if we “weaken” (and I’ll come back to that) encryption through legislation, bad guys will just use stronger, probably open source, encryption. Of course AES 256 and PGP are basically un-crackable unless you get very lucky with current hardware. Of course for organized crime and many terrorist organizations, this would be the case. However, there are many more “dumb” criminals out there than smart ones and while their crimes are not as spectacular as stopping a child porn ring on the dark net, convicting an embezzler is also part of law enforcement and may benefit from a way to decrypt encrypted storage. So, not all criminals are going to know that their encryption tool of choice has a way for law enforcement to decrypt traffic.
The second point is the common confusion of what legislatures want and what you and Shannon laughed about as a “back door.” There are many encryption mechanisms that allow for multiple keys to decrypt. I did not use the term private key because public key crypto is another issue and systems like WhatsApp don’t use public key crypto to encrypt the streaming traffic. They use public key crypto to exchange the symmetric keys to something like AES as you’d never get a phone to use something like 4096 bit keys with public key crypto on live streaming. Anyway, my point is that there are many well regarded systems that allow multiple keys to access strongly encrypted data without weakening the crypto. After all, it is just math.
For example, LastPass allows me to create one-time keys to be used if I can’t get to my master password. LastPass also allows me to share a key with a family member or my lawyer so that in the event of my death, they can access my data. In fact, that password that I give my lawyer does not have to be changed even if I change my master password. There have been many strong crypto systems over the years that allow for multiple keys to decrypt without any degradation of the strength of the crypto.
Now, as for policy and legislation, that’s a completely different beast, but the math works just fine for multiple keys to decrypt encrypted traffic going all the way back to at least the original PK Zip.
Anyway, love the show and always give you credit for the lunch and luncheon correction. 🙂
Correct. We didn’t say you couldn’t have extra keys. We said you couldn’t stop people from encrypting things that don’t reserve a key for others.
I know it was an auto-correct, and those can be maddening, but I love the idea of politician being obsessed with pop/soda/cola and doing anything to please that.