|
|
|
|
|
|
by sorbits
1830 days ago
|
|
|
> This is how police should get around the problems presented with encryption. By adding a backdoor to E2E encryption? That is pretty much what they have been asking for :) Amazing that criminals still pick some unknown device over an existing solution with a proven track record. This is not the first time something like this has happened: - https://en.wikipedia.org/wiki/EncroChat - https://en.wikipedia.org/wiki/Sky_Global |
|
|
Not really. At least in Australia's case they asked for the ability to access data on the end point while it is unencrypted, which it must be when a human consumes it. They didn't want to backdoor encryption, just bypass it. And they didn't just ask for it - they got it.
Specifically, the Assistance and Access bill (2018) [0]. The "Assistance" in the title allows them to demand assistance from a software company (eg, Google / Microsoft / Apple) in developing an app (or a modified version of an existing app) that that won't trigger the OS's warnings while it provides access to data while it is unencrypted. The "Access" in the bills title refers to the fact they can they demand the software developer force the app to be "upgraded" to the "spy" version on targeted devices via their normal security patch mechanisms.
As you can probably gather from the date of the bill, this law has been in place or about 2 years now. But it probably wasn't in place when this started, as the law was passed New Years Eve, 2018, which explains all this social engineering cloak and dagger stuff.
When I first saw the story I thought it was odd they publicising a hack that only works when nobody knows about it. But now I think about it, my guess is they publicised it because they won't need to use it again. They've legislated far easier ways to spy on a phone.
[0] https://www.homeaffairs.gov.au/about-us/our-portfolios/natio...