After reading about things like Back Orifice, it is is somewhat amusing to read that similar tactics are being propositioned as a way for law enforcement officials to gain access to data. One wonders how long they could expect to keep such access "secret" and out of the hands of crackers. This email has been forwarded from aucrypto. Darren > By Gerard Knapp > InternetNews.com Australia Correspondent > > [January 4, 1999--SYDNEY] Law enforcement agencies in Australia > ought to be able to "hack" into corporate computer systems and > change proprietary software to enable monitoring of > communications, according to a 1996 report which had been > censored by the Australian government but recently uncovered by a > university student. > > The report also suggested that technology vendors could also be > recruited to help modify software or hardware that they installed > at a company's premises. > > However, Australian police agencies have not taken the advice, > opting instead to concentrate their energies on interception of > telecommunications by tapping into the systems of Internet > service providers (ISPs). > > The report, entitled "Review of Policy relating to Encryption > Technologies," was prepared for the Federal Attorney-General's > Department by Gerard Walsh, a former deputy director-general of > the Australian Security and Intelligence Organisation (ASIO). It > had been released in 1997 with some passages omitted after a > request by civil liberties group Electronic Freedom Australia. > > Greg Taylor, chair of the EFA's Crypto Committee, said a > university student in Hobart had discovered an archival copy of > the so-called "Walsh report" with the censored material intact. > > Censored recommendations included giving police and espionage > agencies "the authority to 'hack,' under warrant, into a > nominated computer system as a necessary search power," and "the > authority to alter proprietary software so that it may provide > additional and unspecified features." These additional features > might include "the introduction of other commands, such as > diversion, copy, send, [or to] dump memory to a specified site," > the report said. > > The agencies might need to obtain the "cooperation of > manufacturers or suppliers" to help with the insertion of these > extra software agents. > > "When manufacturers or suppliers are satisfied the modification > has no discernible effect on function, they may consent to assist > or acquiesce in its installation," Walsh said in the report. > > The establishment of a separate agency to perform such work would > approach AUS$500 million, Walsh estimated, but could be performed > by the existing Defence Signals Directorate. > > The report recommended changes to the 1914 Crimes Act and the > 1979 Australian Federal Police Act, but the only legislative > changes in this area were made over a year ago in the > Telecommunication Legislation Amendment Act 1997. > > This act enabled law enforcement agencies to access > communications directly from ISPs, and for the resulting cost to > be incurred by the ISPs. The non-censored version of the report > is available on the EFA's Web site. >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:28:43 PDT