Updated August 02, 2017 09:02:09
The Federal Government’s bid to force tech companies to reveal terrorists’ secret conversations could be unachievable, according to the former deputy director of the US National Security Agency (NSA).
Chris Inglis had a 28-year career with the NSA and now advises private companies on how to detect Edward Snowden-style leakers within their ranks.
He told the ABC the Turnbull Government’s bid to access encrypted messages sent by terrorists and other criminals is to be admired, but the technology may prove problematic.
“I don’t know how feasible it is to achieve the kind of access the Government might want to have under the rule of law, the technology is tough to get exactly right,” Mr Inglis told the ABC.
“But the Government is honour-bound to try to pursue both the defence of individual rights and collective security.”
Encrypted messages affect close to 90 per cent of ASIO’s priority cases and the laws would be modelled on Britain’s Investigative Powers Act, which obliges companies to cooperate.
Technology experts, like adjunct professor at the Centre for Internet Safety Nigel Phair, have questioned how these laws would really work.
“From a technical perspective we are looking at very high-end computing power that makes it really, really difficult to decrypt a message on the fly, it’s just not a simple process,” he said.
Facebook has already indicated it will resist the Government’s laws, saying weakening encryption for intelligence agencies would mean weakening it for everyone.
“Because of the way end-to-end encryption works, we can’t read the contents of individual encrypted messages,” a spokesman said.
But Mr Inglis said technology companies would not need to create a so-called backdoor to messages, but rather allow intelligence agencies to exploit vulnerabilities.
The NSA was criticised in May after it was revealed it knew about a vulnerability in Microsoft’s system, but exploited it rather than reporting it to the company.
“Here’s the dirty little secret: most of these devices already have what might be technically described as a backdoor their update mechanisms, their patch mechanisms,” he said.
“My read on what you are trying to do is to put that issue on the table and say, ‘we are not going to create backdoors, but we are going to try and use the capabilities that already exist’.”
Mr Inglis said the Australian Government was pushing for legal powers the US Government had not called for.
“We have not had as rich a debate as what I sense is going on in Australia,” he said.
“The Government by and large has not stepped in and directed that we are either going to seek a solution, we are still trying to find a voluntary way forward.”
When Prime Minister Malcolm Turnbull announced the legislation, he noted strong libertarian tendencies of US-based technology companies.
Mr Inglis said Australia was “in the middle of the pack” when it came to cyber security planning.
“You are currently working through how to balance individual privacy the defence of liberty as well as we would say in the states and the pursuit of collective security,” he said.
“No-one is exempt from the threats that are traversing across the cyber space at this moment in time.”
First posted August 01, 2017 04:44:23
- Security Awareness - Encryption | Office of Information ... - October 15th, 2017
- Data Encryption and Decryption (Windows) - October 14th, 2017
- Trumps DOJ tries to rebrand weakened encryption as responsible ... - October 11th, 2017
- How to encrypt (almost) anything | PCWorld - September 22nd, 2017
- Private Internet Access | VPN Encryption - September 21st, 2017
- Encryption Substitutes | Privacy | Encryption - September 21st, 2017
- Data Encryption: Hardware & Software Security: Online ... - September 21st, 2017
- How To Enable BitLocker Drive Encryption In Windows 10? - September 21st, 2017
- PGP Encryption Tool - iGolder - September 21st, 2017
- encryption - How to encrypt String in Java - Stack Overflow - September 21st, 2017
- Encryption Software Market, Size, Trends and Forecast 2020 - September 21st, 2017
- Encryption Definition - Tech Terms - September 20th, 2017
- Why You Should Be Encrypting Your Devices and How to Easily Do It - Gizmodo - September 6th, 2017
- Black Hats, White Hats, and Hard Hats The Need for Encryption in Mining and Resources - Australian Mining - September 6th, 2017
- How can enterprises secure encrypted traffic from cloud applications? - TechTarget - September 6th, 2017
- Encryption Explained - Arizona Daily Wildcat - September 6th, 2017
- News in brief: Call to link encryption to ID; Facebook maps everyone ... - Naked Security - September 2nd, 2017
- 'Independent' gov law reviewer wants users preemptively identified before they're 'allowed' to use encryption - The Register - September 2nd, 2017
- High-Dimensional Quantum Encryption Performed in Real-World ... - Futurism - September 2nd, 2017
- It's Time to Replace Your Encryption-Key Spreadsheet - Data Center Knowledge - September 2nd, 2017
- Legislation to limit smartphone encryption 'may be necessary,' deputy AG Rosenstein says - Washington Times - August 31st, 2017
- Cloud Encryption Market by Component, Service Model, Organization Size, Vertical And Region - Global Forecast to ... - Markets Insider - August 31st, 2017
- Cipher Suites: Ciphers, Algorithms and Negotiating Security Settings - Hashed Out by The SSL Store (registration) (blog) - August 31st, 2017
- Encryption in Office 365 - Office 365 - August 29th, 2017
- Need-to-Know Only: Use Encryption to Make Data Meaningless to ... - Security Intelligence (blog) - August 29th, 2017
- Four strategies to prevent data encryption from hijacking your network - Digital News Asia - August 29th, 2017
- Amber Rudd is wrong - real people do want end-to-end encryption - ITProPortal - August 29th, 2017
- Why encryption is for everyone - IFEX - August 29th, 2017
- 4D quantum encryption successful in first real-world test - New Atlas - New Atlas - August 29th, 2017
- For the First Time Ever, Quantum Communication is Demonstrated in Real-World City Conditions - Futurism - August 26th, 2017
- High-Dimensional Quantum Encryption Takes Place in Real-World ... - Photonics.com - August 26th, 2017
- Hedvig Bakes Encryption into Software-Defined Storage Platform - IT Business Edge (blog) - August 26th, 2017
- Hedvig storage upgrade adds flash tier, encryption options - TechTarget - August 26th, 2017
- How to use EFS encryption to encrypt individual files and folders on Windows 10 - Windows Central - August 26th, 2017
- Cloud Encryption Market Worth 2401.9 Million USD by 2022 - Markets Insider - August 23rd, 2017
- To Protect Genetic Privacy, Encrypt Your DNA - WIRED - August 23rd, 2017
- Data Encryption in OneDrive for Business and SharePoint Online - August 21st, 2017
- Researchers use encryption to keep patients' DNA private - Engadget - August 21st, 2017
- Additional proof that Lancaster County Commissioners should reconsider encrypting police transmissions - LancasterOnline - August 21st, 2017
- iPhone Secure Enclave firmware encryption key leaked - TechTarget - August 21st, 2017
- Encryption, speed push the modern mainframe into the future - TechTarget - August 21st, 2017
- Hardware encryption vs software encryption: the simple guide - Kroll Ontrack UK (press release) (blog) - August 21st, 2017
- Encryption Technology Could Protect the Privacy of Your DNA - Gizmodo - August 21st, 2017
- Beginner's guide to Windows 10 encryption - Windows Central - August 18th, 2017
- Encryption key for iPhone 5s Touch ID exposed, opens door to further research - AppleInsider (press release) (blog) - August 18th, 2017
- How security pros look at encryption backdoors - Help Net Security - August 18th, 2017
- The Laws of Mathematics and the Laws of Nations: The Encryption Debate Revisited - Lawfare (blog) - August 18th, 2017
- 72 percent of security pros say encryption backdoors won't stop terrorism - BetaNews - August 18th, 2017
- Ex-MI5 Boss Evans: Don't Undermine Encryption - Infosecurity Magazine - August 14th, 2017
- Despite end to end encryption, apps like WhatsApp, Messenger are still vulnerable to hacking: Study - Firstpost - August 13th, 2017
- What is Encryption? (with pictures) - wiseGEEK - August 12th, 2017
- Ex-MI5 chief warns against crackdown on encrypted messaging ... - The Guardian - August 12th, 2017
- Former UK security service head says weakening encryption would be too dangerous - 9to5Mac - August 12th, 2017
- News in brief: facial recognition planned for Carnival; spy chief backs encryption; ginger emoji planned - Naked Security - August 12th, 2017
- Avoid getting lost in encryption with these easy steps - We Live Security (blog) - August 12th, 2017
- Here's why IBM Z Mainframe Wants to Encrypt the World - Edgy Labs (blog) - August 10th, 2017
- Symantec Announces Plesk Will Integrate Symantec Encryption Everywhere Security Into Its Website Management ... - Business Wire (press release) - August 10th, 2017
- Australia: Shelve Proposed Law to Weaken Encryption - Human Rights Watch (press release) - August 6th, 2017
- IBM India Helps Create Breakthrough Encryption Technology That's Completely Hacker Proof - Indiatimes.com - August 6th, 2017
- Letter to Prime Minister Turnbull re Encryption and Human Rights - Human Rights Watch (press release) - August 5th, 2017
- Zscaler Finds Hackers Using SSL Encryption in Malware to Hide ... - eWeek - August 5th, 2017
- HBO Hack Highlights Importance of Encryption, Data Governance - eSecurity Planet - August 3rd, 2017
- UK flip-flop on encryption doesn't help anyone - CNET - August 3rd, 2017
- UpVote: Turkish regime jails IT trainers in encryption clampdown - Ars Technica UK - August 3rd, 2017
- Telegram messaging app strikes deal with Indonesia on encryption - Digital Trends - August 2nd, 2017
- Encryption is for 'Real People' - Human Rights Watch - August 2nd, 2017
- We don't want to ban encryption, but our inability to see what terrorists are plotting undermines our security - Telegraph.co.uk - August 2nd, 2017
- Real people don't need encryption - Fudzilla - August 2nd, 2017
- Facebook's Sheryl Sandberg: WhatsApp metadata informs governments about terrorist activity in spite of encryption - CNBC - July 31st, 2017
- Commissioners need to rethink encryption - LancasterOnline - July 31st, 2017
- Ex-NSA chief Chris Inglis backs government's encryption push against Apple, Facebook - The Australian Financial Review - July 31st, 2017
- Oak Ridge licenses its quantum encryption method - FCW.com - July 31st, 2017
- iStorage diskAshur2 1TB PIN-protected encrypted external hard drive [Review] - BetaNews - July 31st, 2017
- Top 5: Risks of encryption backdoors - TechRepublic - July 31st, 2017
- Indian IT firms value scaling encryption, lag in adoption: Study - Economic Times - July 31st, 2017
- Industry firm patents new cyber encryption technology - Defense Systems - July 12th, 2017
- The Encryption 'Balance' Trump's FBI Candidate Wants Is Mathematically Impossible - New York Magazine - July 12th, 2017
- We need to protect encryption - ITProPortal - July 12th, 2017
- End-to-End Encryption is Key to Securing Government Databases - Nextgov - July 12th, 2017
- Quantum satellites demonstrate teleportation and encryption - physicsworld.com - July 11th, 2017