1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Apple demands the right to secure devices in a letter to the Australian Government

By mongeese · 8 replies
Oct 13, 2018
Post New Reply
  1. Apple sees itself as being forced to choose a side: stronger on-device security or aiding law enforcement. They’ve been trying to choose both, creating an international web portal for law enforcement data access requests, but also creating a ‘USB Restricted Mode’ that prevents law enforcement from hacking locked iPhones. Meanwhile, governments have been pushing for them to more heavily favor law enforcement, but thus far, Apple hasn’t complied.

    Australia took it a step further by drafting new legislation that requires tech companies like Apple to give access to devices or be fined up to AU$10 million (US$7.3 million). In response, Apple sent the Australian government a letter highlighting how device security is a key line of defense against online “criminals and terrorists” and challenged the idea that “weakening encryption is necessary to aid law enforcement.”

    The letter evaluated six key issues with the law – called the Assistance and Access Bill – and then politely demanded that they are solved.

    The first issue is that the bill grants the government and law enforcement “extraordinarily broad and vague powers” over device security implementation. While the bill currently prohibits “implementing or building a systematic weakness or systematic vulnerability” into a device, it doesn’t define either of those terms. The Australian government insists that they don’t want to weaken encryption, but Apple says that needs to be integrated into the bill in case future governments abuse its power.

    The second issue is the absence of judiciary oversight. In the bill’s current form, only the Attorney General’s permission is required to force a company to hand over access keys or fine them the AU$10 million. Apple wants a jury to decide if a warrant is appropriate or not and wants another jury to decide if Apple should pay the fine if the warrant is ignored.

    The third issue is that it is entirely law enforcement’s decision if a warrant is appropriate or not. Even if every expert, researcher, scientists or academic out there believes a warrant is unnecessary and immoral, the government can make the decision without consulting any of them. Apple wants a panel of experts appointed to review each warrant.

    While the bill doesn’t require companies to bake-in intercept capabilities (the ability for law enforcement to remotely view messages and calls in real time), Apple claims that the “exceptions swallow the rule.” One such exception is a ‘computer access warrant’ that is frequently given out to the Australian Security Intelligence Organization (ASIO) that would grant them full intercept capabilities. Apple wants all intercepts prohibited.

    One of the worst issues is that if an employee at a company receives a warrant but believes it to be immoral, there is nothing they can do about it. Due to security concerns, speaking about a warrant is punishable with 5 years’ imprisonment – they can’t even consult their boss. Apple wants internal discussion to be permitted and potentially a primitive appeal process.

    The last issue is contradictions with foreign law. An example Apple provided is that by allowing ASIO to intercept messages, they would be susceptible to US criminal law because they store the data in America. They claim that “Apple could face stiff penalties of up to 4% of its annual turnover under the General Data Protection Regulation” in Europe.

    Personally, I find it very hard to believe that this bill is even required at all. While there have been valid complaints that law enforcement hasn’t been able to access devices, Apple has complied with nearly 26,000 requests for access in Australia alone.

    Permalink to story.

     
  2. jobeard

    jobeard TS Ambassador Posts: 12,285   +1,367

    Amazingly uninformed legislators -- irrespective of National Origin.
     
    mbrowne5061 and ForgottenLegion like this.
  3. Right side bob

    Right side bob TS Member Posts: 42   +9

    You see here in the USA we don't have that ****.
    We only have a overbearing government which needs a warrant to save time. They can still use PI websites designed to capture the data of BILLIONS of people. Assuming they have your gear better have encrypted all your files on a cloud based server which has no back doors like Spideroak. And wiped all the data not deleted wiped, hid your passwords. And used tor to pay for Crypt o currency with prepaid cards bought by homeless people (no video footage) then laundered the money afterwards buying VPN's (switch it up for security) finally buying multiple routers to use and hide your true self.

    That's only to keep your files and identity safe, your online activity is a different matter. First and foremost get Duckduckgo as your main browser it keeps no logs and blocks some trackers. Also get the following extensions to keep yourself more hidden, Click&Clean, Ghostery, UBlock Origin, Disconnect, and most importantly HTTPS Everywhere. Those are a few of many to help hide yourself online, if you want to remain completely anonymous NEVER TURN ANY OF THE EXTENSIONS OR VPNS/Tor OFF UNDER NO CIRCUMSTANCE EVER. Also use a desktop/laptop to remain more secure due to the inability to use multiple extensions at once regularly (by "regularly" I mean idfk how to use multiple extensions on mobile browsers without editing the code in some some way).

    That's your intro to privacy in the USA. Assuming you haven't done something so horrible that the USA would waste so much time just to see what you did. The average person would mostly be fine. Also you could plead the 5th instead so.......... yeah this would be useless assuming your not dead.
    https://www.youtube.com/watch?v=BShvYeyMm_Y
    Power hungry but still people have power.
    I have so much spare time.
     
  4. mbrowne5061

    mbrowne5061 TS Evangelist Posts: 1,012   +522

    Someone hasn't been keeping up. They sold out, a while ago too.
     
  5. Right side bob

    Right side bob TS Member Posts: 42   +9

    I like the classics, wait I know disconnect may or may not have sold out but Ghostery when? Can I have your source please.
     
    Last edited: Oct 16, 2018
  6. mbrowne5061

    mbrowne5061 TS Evangelist Posts: 1,012   +522

    https://adexchanger.com/data-exchanges/ghostery-sheds-ad-tracker-sells-off-plug-focus-compliance/

    Basically, their model turned into the same as AdBlock's, but toned down a little. They 'blocked' items by default, then let through ones that are 'trusted'. How they defined 'trusted' was a little ambiguous and they never gave users a straight answer when asked about this.

    It has gone open source in the last few months though, but that is a little too late. I recommend uBlock Origin anyway, since that lets you have far more control over what is blocked, and where. It can be used for more than just ads.
     
  7. Right side bob

    Right side bob TS Member Posts: 42   +9

    So it doesn't sell your data its just suspicious in its ways. No need to uninstall?
     
  8. mbrowne5061

    mbrowne5061 TS Evangelist Posts: 1,012   +522

    Not if the suspicion doesn't trip your alarm bells, no. It trips mine, mainly because there are softwares out there that don't make me suspicious because they are community developed and/or open-source from the get-go, and accomplish the same objective.
     
  9. Right side bob

    Right side bob TS Member Posts: 42   +9

    I trust snowden and mittnick thats why I have it, also it sold out to a privacy company in the article.
     

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...