(August 6, 2012 at 10:39 am)Epimethean Wrote: But what about the issue at hand in the thread, Tib?I find the article somewhat misleading.
Quote:...a requirement for internet service providers (ISPs) to store user online activity for two years.Sure, this is a bad thing, but the real question should be whether ISPs have been doing this already. Plenty of ISPs already store data, and some of them even do deep packet scanning on data.
Quote:This means that everything you do, from social networking, emails, web browsing, chat sessions, Skype sessions and so on would be monitored, stored and made available to government intelligence agencies as and when needed.Misleading. The largest social networks are Facebook, Google+, and Twitter, and all three operate over HTTPS by default (in fact, I don't think you can turn it off on them now). HTTPS protects your "online activity" all the way from your browser to the social networking servers with strong encryption. ISPs do not have the capability to break this encryption, and neither do governments. This is the same for every site using HTTPS (including this one).
Emails are a bit trickier. If you are using a webmail service like Gmail, then your emails are accessed over a HTTPS connection again, and stored somewhere in America (out of reach of the Aussie ISPs). Emails aren't usually encrypted when being sent, but that doesn't necessarily mean the ISPs can store them. For instance, if I were to send an email from my Gmail account to another Gmail account, the chances are it doesn't even leave Google's servers. Even if I sent it from my laptop's mail client, I still connect to Google's SMTP server (over an encrypted connection) to send the mail. The security of emails boils down to which service you are using, and who you are sending it to.
Chat sessions - well, what chat protocols are being used? MSN isn't encrypted, but XMPP (which powers Facebook chat and GTalk) is. Skype is a nasty one, since Microsoft have practically bent over backwards to let governments spy on users; I heartily recommend never logging into your Skype account again (I'm not going to).
Quote:The hacking attacks by Anonymous on government websites and AAPT were designed to highlight to the Australian public the difficulty of keeping stored data private. By carrying out hacking attacks and then making public pronouncements Anonymous hopes to convince Australians not to support changes to the current privacy laws.Again, misleading. It is not difficult to keep stored data private. It's just that governments tend to be incredibly bad at this. Give me a year in charge of any government storage program, and I could easily make it secure. If that sounds like bragging, believe me, it's not. The weaknesses that let hackers in are incredibly easy to fix, but the people in charge of the systems (even the security teams) are often blissfully unaware that the weaknesses even exist.
