First they came for Huawei...
Oh no, here we go again:
"Senior Trump administration officials met on Wednesday to discuss whether to seek legislation prohibiting tech companies from using forms of encryption that law enforcement can’t break — a provocative step that would reopen a long-running feud between federal authorities and Silicon Valley.
Sigh, what a horrible idea. The 'bad guys' will encrypt their communication regardless of the legality and any encryption that's breakable by law enforcement is also breakable by the 'bad guys'. Remember when Australia effectively banned encryption by requiring companies to backdoor their software when requested by the government? Well that law has, as predicted, "had a material impact on the Australian market and the ability for Australian companies to compete globally".
"...any other computer or a communication in transit to access the relevant data", and "if necessary achieve that purpose -- to add, copy, delete or alter other data", provided that "having regard to other methods (if any) of obtaining access to the relevant data which are likely to be as effective, it is reasonable in all the circumstances to do so".
Unintended or deliberate consequences? This is legislation that was rushed through Parliament - with the full support of the opposition - before Christmas, apparently to thwart some undisclosed threat, and now Australian businesses and journalists are paying the price. While politicians assure us that the bill has resulted in "lives being saved", the Minister of Home Affairs censors the Ombudsman's reports, meaning we will never really know. Not that they would care, anyway, as politicians are the only people exempt from the anti-encryption law.
However, not everyone is as dismissive of cost-benefit analysis as Australia. In the United States, there at least appears to be something resembling debate within government, with various departments unsure as to whether or not banning/weakening encryption would be a good idea (bravo, Commerce and State Departments!).
"The DOJ and the FBI argue that catching criminals and terrorists should be the top priority, even if watered-down encryption creates hacking risks. The Commerce and State Departments disagree, pointing to the economic, security and diplomatic consequences of mandating encryption “backdoors.”
DHS is internally divided. The Cybersecurity and Infrastructure Security Agency knows the importance of encrypting sensitive data, especially in critical infrastructure operations, but ICE and the Secret Service regularly run into encryption roadblocks during their investigations."
Hopefully cooler heads prevail. After all, it was only last week that the United States conceded that banning Huawei in the name of national security... might actually compromise national security (see The bits below for more on that debacle). Now it wants to ban encryption for the same reason, despite ample evidence showing that doing so would actually weaken national security? What a joke.
Enjoy the rest of this week's issue. Cheers,
The real motivation for the Huawei ban.
It turns out that the reason the United States is so far behind in the 5G race is because "the broadband spectrum needed to create a successful network was reserved not for commercial purposes but for the military", making it "significantly slower and more expensive to roll out than just about anywhere else".
The Pentagon, which is leading the push against Huawei and other "national security" threats that also happen to be 5G pioneers, is the reason why the US sucks at 5G. You can't make this stuff up.
- What Trump’s Huawei Reversal Means for the Future of 5G »
- HP, Dell and Microsoft look to join electronics exodus from China »
- U.S. government staff told to treat Huawei as blacklisted »
- China’s tech sector faces ‘hangover after the party’ »
The future of travel?
Visitors to certain parts of China are having their phones loaded with malware (specifically Xinjiang, where the government is "cracking down" on its minority Muslim Uyghur population):
"The Android malware, which is installed by a border guard when they physically seize the phone, also scans the tourist or traveller's device for a specific set of files, according to multiple expert analyses of the software. The files authorities are looking for include Islamic extremist content, but also innocuous Islamic material, academic books on Islam by leading researchers, and even music from a Japanese metal band."
Not a good precedent. How long until the TSA decide to copy the idea?
Other bits of interest
- Google’s Jigsaw Was Supposed to Save the Internet. Behind the Scenes, It Became a Toxic Mess »
- 81% of 'suspects' flagged by Met's police facial recognition technology innocent »
- House lawmakers officially ask Facebook to put Libra cryptocurrency project on hold »
- I Opted Out of Facial Recognition at the Airport—It Wasn't Easy »
- Libra's Unresolved Puzzles »
Image of the week
I hate "willingness to pay/accept" economic studies because even without realising it, people's stated preferences are often far different to their revealed preferences (i.e. when they actually have to part with their cash). This paper agrees, "because of a lack of information and behavioural biases, both willingness to pay and willingness to accept measures are highly unreliable guides to the welfare effects of retaining or giving up data privacy".
Interestingly the type of data matter, with people wanting "significantly more money to allow access to personal data when primed that such data includes health-related data than when primed that such data includes demographic data".
This week's data breaches
An unusually quiet week in terms of data breaches. Perhaps the NSA was too busy celebrating Independence Day?
- Border-surveillance subcontractor suspended after cyberattack revealed sensitive monitoring details »
- File-storage app 4shared caught serving invisible ads and making purchases without consent »
- Someone Is Spamming and Breaking a Core Component of PGP’s Ecosystem »
- Amazon Alexa keeps your data with no expiration date, and shares it too »
- Apple reveals App Store takedown demands by governments »
- 7-Eleven Japanese customers lose $500,000 due to mobile app flaw »
- British Airways faces record £183m fine for data breach »
That's all for now. If you enjoyed this issue, feel free to share it via email →
Issue 40: First they came for Huawei... was compiled by Justin Pyvis and delivered on 09 July 2019. Feel free to send feedback, suggestions for future issues, ideas, insults, or pretty much anything that crosses your mind to their Keybase or Riot.im account.