Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Thursday, 13 December 2018 09:28

ASD mythbuster Burgess spreads some myths of his own

By
ASD mythbuster Burgess spreads some myths of his own Pixabay

It is somewhat ironic that the director-general of the Australian Signals Directorate, Mike Burgess, has chosen to vent about so-called myths around the new encryption law, when the man himself has been spreading a myth about 5G technology.

Burgess released a statement on Wednesday, listing seven myths which, he said, had been spread about what is officially known as the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018. (Burgess calls it the TOLA Act). But in trying to shoot them down, he appears to have advanced some myths of his own.

First to the 5G business: Burgess was quoted by The Australian in October as saying in what many dubbed a major speech: “The distinction between core and edge collapses in 5G networks. That means that a potential threat anywhere in the network will be a threat to the whole network."

This was advanced as justification for banning Chinese telecommunications companies Huawei and ZTE from a role in Australia's 5G rollout.

But this was proven false, when a 5G trial in Auckland, conducted jointly by Huawei and New Zealand telco Spark used a Huawei 5G NR (New Radio on both the C-band and mmWave) and a 4G Radio Access Network, both of which were deployed by using dedicated hardware connected to the Cisco Evolved Packet Core, with each component isolated.

The ASD then claimed that Burgess' reference was to more "mature" 5G implementations. That isn't correct either. You can read the claims and the refutation here.

But to the matter at hand: myths. The first one that Burgess claimed was being spread was that the information of individuals is no longer safe. In support of this, he stated the bleeding obvious: "If you are using a messaging app for a lawful purpose the legislation does not affect you."

I have done my fair share of writing and commenting on the encryption law, but have never seen any claim like this. Not sure where Burgess got that one.

unicorn big

The second myth Burgess says is being spread is that agencies get unfettered power under the law. As warrants can give one access to phone calls, there is no difference if they allow access to encrypted communications, runs his argument.

There are three new powers in the law which force individuals or companies/organisations to build in backdoors into devices or software. Fines or prison beckon for those who resist. And this is not extreme power?

What can law enforcement gain from encrypted content that it cannot deduce from metadata – which, few will inform the public, cannot be encrypted? (Emphasis mine).

As to unfettered power, let me digress a bit. When Australia passed the metadata retention law in 2015, we were assured that only the 20 or so agencies authorised to access it would be allowed to do so. But last month, Communications Alliance chairman John Stanton provided a list of some 80 agencies which had sought access. Open slather would be a gross understatement.

Who's to guarantee a repeat won't occur with this law too?

Flying in the face of statements from variously highly qualified technical experts, Burgess claims that the security of the Internet is not under threat because of the law. But when vulnerabilities are introduced, they are accessible both to the law-abiding citizen and the crook. Claiming that such vulnerabilities are "highly targeted" is a red herring, because nobody can predict the impact of a software change and all its possible ramifications.

A hint to Burgess: just call your counterparts at the NSA and ask them about the Shadow Brokers.

While tech companies themselves have been saying that the law will force them offshore, Burgess dismisses this, saying that Australia is not the first to pass such a law, the UK went first. True, but the UK has a bill of rights, which Australia lacks. Also, some part of the UK bill has now been struck down. And though the UK bill was passed in 2016, it has yet to be used. Why, one wonders. [iTWire has a story this morning from an unnamed firm which is planning to move operations from January.]

The next myth being spread, avers Burgess, is, "There is no way to be sure that the communications of Australians won’t be jeopardised." Here he cites oversight from the Inspector-General of Intelligence and Security and the Commonwealth Ombudsman as mitigating factors, as also the review by former judicial officials and a techie who is certified by ASIO. Why not have a sitting judge? And why have a techie certified by ASIO – who is almost certain to be an ex-ASIO man/woman? Since when did the Commonwealth Ombudsman have oversight of intelligence agencies?

The next myth is, again, one I have never heard: that ASD will be able to spy on Australians. ASIO is doing an excellent job of that, along with all the other law enforcement agencies we have. This, again, seems to be a red herring.

The final myth that Burgess set out to bust is that the reputation of Australian tech companies will suffer. Here he tries to draw a difference between what Australia has meted out to Huawei and the impact that the law will have on Australia. Others, like Andrew Hastie, the head of the Parliamentary Joint Committee on Intelligence and Security, have run a similar argument based on the reasoning that Australia is a democracy and China is a dictatorship.

But this reasoning is fallacious as pointed out by Francis Galbally, the chairman of encryption technology firm Senetas, a company which exports a sizeable portion of the $3.2-billion-odd Australian tech exports each year. During a hearing of the PJCIS, he responded to Hastie, saying: "With respect, Chair, you say there's no equivalent, and I agree, it's not equivalent, but I can tell you other countries take a different view. At the moment, as we stand in the world, Australia is regarded as the most trustworthy country in the world for cyber security products, bar none.

"There are countries in the world that don't trust the US. There are countries in the world that don't trust Israel. There are countries that don't trust Singapore. There are countries in the world that don't trust other countries for all sorts of reasons. Australia stands up as the most trustworthy.

"That's why we've been able to sell our products into more than 40 countries around the world. That's why even eastern European countries use our products for their secret service protection; we're trusted. This bill gives a perception of mistrust, and whatever you say, whether it's really going to apply to us or not or whether there's a democracy or not, it gives a perception of mistrust."

Trust. Perhaps Burgess should spend some time trying to understand that concept.


Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments