Posted on

Contact tracing done right?

Relevant given the recent release of the Australian app. The EU have been generally pro-privacy for some time and the list of safeguards they mandate seem to be fairly reasonable and balanced upon protecting the individual and doing the job it needs to do.

The problem with the conversation at present on the Australian app is that it is using a number of keywords such as encryption and privacy impact assessment; both of which can have significantly varying degrees of efficacy neither of which are explained in any real detail. There is also a high reliance on legislative protections. As we have seen in the recent past with metadata retention, legislative protections are not always the best solution.

https://www.theregister.co.uk/2020/04/17/european_contact_tracing_app_spec/

Posted on

Let’s think about this a bit first…..

This is something I believe we will eventually see this become a standard in societies across the world in some for or other moving forward from this point. In my opinion I don’t think it is necessarily a bad thing. We have a technology that can vastly assist in the timely management of otherwise disastrous conditions. This technology has the ability to save lives which is never a bad thing.

That said, speed is the enemy of good practice when it comes to information management. A couple of things that really need to be injected into the conversation around this technology in any country looking at deploying it:

1. Has the process that will make the data collected anonymous been tested? Is the anomyization of the data been mathematically proven?

2. Has the code used in the application been security tested? Data is the new commodity for cyber crime. Anything that produces data will become a target, particularly one that is potentially as widespread as this type of application

3. Has the supply chain of the code been examined? Basically, do you know where the code has come from? Has all third party code used in the application been verified not to contain any malicious code or backdoors?

Apple, Google Team on Coronavirus Tracking – Sparking Privacy Fears
Posted on

Use technology to fight the good fight….always

Don’t get me wrong here. This is a serious issue and one that would benefit from the application of technology to help the mammoth effort of track and trace required to fight the pandemic. But if we have managed to mobilize the amount of resources we have so far in the response to this, surely we can also mobilize the necessary skills, both technical and policy, to ensure that whatever tracking system we create has the safeguards necessary to protect the rights and privacy of the citizen.


We have the potential capability to deploy a mechanism that would make this crisis and any future ones like it easier to manage and save lives. But this doesn’t mean that we need to create something that has far reaching consequences after the crisis is over.
Like all good applications should be, design the necessary security and privacy safeguards in now, rather than later when it is a problem.

#privacy #infosec #security

https://www.scmagazine.com/home/security-news/news-archive/coronavirus/aclu-privacy-concerns-abound-over-location-tracking-to-stop-covid-19-spread/

Posted on

From little things, big breaches grow

With everything being connected these days and recording for our convenience and future reference, these types of data mashups are inevitable I suspect. It does go to show that sometimes the smallest and seemingly insignificant piece of electronics can lead to a very significant security issue.

The report referenced in the article also provides some additional interesting insights (https://www.gao.gov/assets/690/686203.pdf)

https://www.theverge.com/2018/1/28/16942626/strava-fitness-tracker-heat-map-military-base-internet-of-things-geolocation

Posted on

A master key for all

The topic of law enforcement access to encrypted devices has again reached the media (http://www.smh.com.au/world/fbi-chief-calls-phone-encryption-a-major-public-safety-issue-20180109-h0fwz1.html). Something that seems to appear with increasing regularity.

The ironic thing here is that if the various calls from different governments were successful in implementing some form of backdoor to encryption, they would be in just as much trouble as the public who are railing against such changes. Probably more. I am certain the inevitable vulnerabilities and flaws introduced by such changes would be targeted to government information with more devastating impact than that of the average Joe/Jane Citizen.

This is a complex issue and unfortunately one that gets sidelined by emotive arguments from both camps. The ‘for’ camp usually cite the issues of terrorism and child protection (the two most unassailable arguments and rarely addressed directly by opponents). The ‘against’ camp usually cite privacy and government overreach into the lives of its citizens (a valid argument of course, but not one that addresses the mains issues).

I don’t disagree that there realistically needs to be something done. Information is becoming predominately digital and law enforcement does have a job to do which at times is hindered by the ubiquity of strongly encrypted devices.

However, the calls to implement a form of backdoor into existing crypto technology will only weaken the foundation of strong and secure Internet communications and transactions. The very communications and transactions that underpin the function of a lot of contemporary society.

The creation of backdoors or ‘master keys’ will create a weakness that will need to be strongly controlled and highly protected. Any compromise of this mechanism would have the impact of potentially destroying the confidentiality of all data/devices/systems protected by that crypto system. As we have seen over recent years, the ability of organisations or governments to protect their most valuable information is never assured. All this approach would do is create a crown jewel target that would the sort after prize of cyber criminals and foreign intelligence services alike (if only we had some way to securely encrypt such a target…. oh wait!).

This current article raises some details trying to support its argument. The FBI was unable to gain access to the content of 7,775 devices in fiscal year 2017. This certainly represents an element of frustration I would suspect for investigators who are pursuing their cases. The article does fail to address a couple of points however.

Of those 7,775 devices that were inaccessible and their associated investigations, how many of those investigations failed due to that lack of ability to access the data. Namely, how many criminals avoided conviction because of the encryption on the devices? A device is an element of an investigation and I would suspect in very few cases the only avenue of approach to the investigation. While access to the data is likely critical in a number of those cases, the raw figure being presented as a ‘public safety issue’ is not really a valid argument.

Ever since encryption was first used by nation states for communications there has been attempts to break the various codes that have been used. Where it hasn’t been possible to read the information being transmitted there have been other methods developed to gain as much insight as possible. The analysis of signals transmission itself can elicit useful information. Basically, the presence of communication and the recipient can also be used to further the cause of an investigation without necessarily knowing the content of the message.

Moves by law enforcement and governments to state their case for this in an emotive and urgent nature will not lead to a rational discussion of viable solutions. There is risk here that in their pursuit of capability a great damage may be done to the underlying confidentiality mechanism that the world relies heavily on.

Certainly, I would agree there is a need for this capability, but it is not solely a technical discussion. It requires equal parts engagement of stakeholders involving strong legislative protections as well as support from relevant technology stakeholders.

There are solutions to this problem. And I do hope that we reach the one that is right for all.

Posted on

The New World Order of Privacy

I suspect we will be seeing more of these types of articles in coming months and years. This is essentially the same type of problem that impacts other areas of security from secure software development to encryption; we develop an assurance method and then research (legitimate or otherwise) finds the flaws. The problem I see is that unlike secure software development and encryption, de-identification methods don’t have the same level of maturity. With the current environment of data (especially personal data) being of high value, we are going to need to mature these methods very quickly

http://www.smh.com.au/technology/innovation/australians-health-records-unwittingly-exposed-20171218-p4yxt2.html

Posted on

Article: Privacy in the digital age is only possible if we act now

Recent article published by Charlie Lewis in Crikey discussing the state of affairs that is information security and privacy in the digital age.

Privacy in the digital age is only possible if we act now 

I think the last paragraph highlights the key issue we have here; privacy advocates don’t seem to be able to agree on the most appropriate way forward.

There should also be some acknowledgement in this discussion that in many ways this discussion is too little too late. So many major businesses rely on the collection and trade of personal information. If we were make any meaningful change in this area, those companies would require a new income and business model.

I am afraid that we have long ago given away our rights for privacy in exchange for convenience.

(Note: new Crikey articles are behind a paywall for the first two weeks after publishing)