OT: aapt hacked

[Ext User(Albm&ctd)]

Oh no, govco want all users to be monitored but some opportunist hackers
targetted aapt that was (AFAIK) against the move anyway.
http://www.qt.com.au/story/2012/07/2...-over-new-law/

Al
--
I don't take sides.
It's more fun to insult everyone.

[Ext User(Sylvia Else)]

On 1/08/2012 9:18 PM, Albm&ctd wrote:
>
> Oh no, govco want all users to be monitored but some opportunist hackers
> targetted aapt that was (AFAIK) against the move anyway.
> http://www.qt.com.au/story/2012/07/2...-over-new-law/
>
> Al
>

I noticed the other day that Google is now using SSL, so that's one
whole raft of web history that the government will not be able to get at.

Sylvia.

[Ext User(Deevo)]

"Sylvia Else" <sylvia@not.here.invalid> wrote in message
news:a7snkbF7n9U1@mid.individual.net...
> On 1/08/2012 9:18 PM, Albm&ctd wrote:
>>
>> Oh no, govco want all users to be monitored but some opportunist hackers
>> targetted aapt that was (AFAIK) against the move anyway.
>> http://www.qt.com.au/story/2012/07/2...-over-new-law/
>>
>> Al
>>
>
> I noticed the other day that Google is now using SSL, so that's one whole
> raft of web history that the government will not be able to get at.

Stupid question, what's SSL?
--
Deevo

Geraldton WA

[Ext User(George W Frost)]

"Deevo" <deevo37@bigpond.com> wrote in message
news:D_9Sr.1257$qv3.492@viwinnwfe01.internal.bigpo nd.com...
> "Sylvia Else" <sylvia@not.here.invalid> wrote in message
> news:a7snkbF7n9U1@mid.individual.net...
>> On 1/08/2012 9:18 PM, Albm&ctd wrote:
>>>
>>> Oh no, govco want all users to be monitored but some opportunist hackers
>>> targetted aapt that was (AFAIK) against the move anyway.
>>> http://www.qt.com.au/story/2012/07/2...-over-new-law/
>>>
>>> Al
>>>
>>
>> I noticed the other day that Google is now using SSL, so that's one whole
>> raft of web history that the government will not be able to get at.
>
> Stupid question, what's SSL?
> --
> Deevo
>
> Geraldton WA


SIMPLE
STUPID
LOGIC

[Ext User(Stephen Oakes)]

On 1/08/12 11:16 PM, Deevo wrote:
> Stupid question, what's SSL?

"Secure Sockets Layer" - a standard for sending encrypted data over the
Internet.

In a browser context, it is HTTPS.

It is impossible to hack, unless you have sufficient computing power or
are the USA government. :/

- soakes

[Ext User(terryc)]

On 01/08/12 23:00, Sylvia Else wrote:
> On 1/08/2012 9:18 PM, Albm&ctd wrote:
>>
>> Oh no, govco want all users to be monitored but some opportunist hackers
>> targetted aapt that was (AFAIK) against the move anyway.
>> http://www.qt.com.au/story/2012/07/2...-over-new-law/
>>
>> Al
>>
>
> I noticed the other day that Google is now using SSL, so that's one
> whole raft of web history that the government will not be able to get at.

Umm, they provide the SSL and since they will e required to hand the
"text" over in clear text, SFA difference. May only stop mid-stream
snoopers. I say may, that is if the code is so elite that no one can
spot a basic coding mistake as has already happened once.

[Ext User(Sylvia Else)]

On 2/08/2012 2:25 AM, terryc wrote:
> On 01/08/12 23:00, Sylvia Else wrote:
>> On 1/08/2012 9:18 PM, Albm&ctd wrote:
>>>
>>> Oh no, govco want all users to be monitored but some opportunist hackers
>>> targetted aapt that was (AFAIK) against the move anyway.
>>> http://www.qt.com.au/story/2012/07/2...-over-new-law/
>>>
>>>
>>> Al
>>>
>>
>> I noticed the other day that Google is now using SSL, so that's one
>> whole raft of web history that the government will not be able to get at.
>
> Umm, they provide the SSL and since they will e required to hand the
> "text" over in clear text, SFA difference.

Be interesting to see how the Australian government could force an
entity in the USA to hand over such information.

> May only stop mid-stream
> snoopers. I say may, that is if the code is so elite that no one can
> spot a basic coding mistake as has already happened once.

Any known security holes would be fixed. The only way the government
could get in would be to find a security hole to exploit, but keep it
quiet. Rather unlikely.

Sylvia.

[Ext User(Sylvia Else)]

On 2/08/2012 1:21 AM, Stephen Oakes wrote:

> It is impossible to hack, unless you have sufficient computing power or
> are the USA government. :/

Probably not even the USA government can hack it, given that it's a
published protocol into which the government cannot have put any
back-door modes of access.

Sylvia.

[Ext User(terryc)]

On 02/08/12 10:24, Sylvia Else wrote:
> On 2/08/2012 2:25 AM, terryc wrote:

>> Umm, they provide the SSL and since they will e required to hand the
>> "text" over in clear text, SFA difference.
>
> Be interesting to see how the Australian government could force an
> entity in the USA to hand over such information.
you can not be seriously that blind to events over the past few years.
>
>> May only stop mid-stream
>> snoopers. I say may, that is if the code is so elite that no one can
>> spot a basic coding mistake as has already happened once.
>
> Any known security holes would be fixed.
They have to be known about first. Sigh, you can stop with the sales
pitch, this customer isn't buying the rant.

[Ext User(Sylvia Else)]

On 2/08/2012 11:58 AM, terryc wrote:
> On 02/08/12 10:24, Sylvia Else wrote:
>> On 2/08/2012 2:25 AM, terryc wrote:
>
>>> Umm, they provide the SSL and since they will e required to hand the
>>> "text" over in clear text, SFA difference.
>>
>> Be interesting to see how the Australian government could force an
>> entity in the USA to hand over such information.
> you can not be seriously that blind to events over the past few years.

There has been litigation in the civil courts. That's rather different
from the situation where a government seeks access to records in another
jurisdiction where the laws of that jurisdiction would not force the
provision of those records.


>>
>>> May only stop mid-stream
>>> snoopers. I say may, that is if the code is so elite that no one can
>>> spot a basic coding mistake as has already happened once.
>>
>> Any known security holes would be fixed.
> They have to be known about first. Sigh, you can stop with the sales
> pitch, this customer isn't buying the rant.
>

If they're not known then they cannot be used. Most holes need to be
used at the time of transmission. The problem only arises when a person
bent on compromising security knows about a hole, but those inclined to
plug holes do not.

It may eventually be demonstrated that the encryption schemes used are
so fundamentally flawed that a simple recording of a transmission can
later be decoded, but it's hardly a basis that governments could use for
systematic snooping on their citizens.

Sylvia.

[Ext User(terryc)]

On 02/08/12 13:08, Sylvia Else wrote:
> On 2/08/2012 11:58 AM, terryc wrote:
>> On 02/08/12 10:24, Sylvia Else wrote:
>>> On 2/08/2012 2:25 AM, terryc wrote:
>>
>>>> Umm, they provide the SSL and since they will e required to hand the
>>>> "text" over in clear text, SFA difference.
>>>
>>> Be interesting to see how the Australian government could force an
>>> entity in the USA to hand over such information.
>> you can not be seriously that blind to events over the past few years.
>
> There has been litigation in the civil courts. That's rather different
> from the situation where a government seeks access to records in another
> jurisdiction where the laws of that jurisdiction would not force the
> provision of those records.

Your network understanding is very simple and behind the times.

[Ext User(Deevo)]

"Stephen Oakes" <soakes@iinet.net.au> wrote in message
news:SuSdnSw8H_z71ITNnZ2dnUVZ_jqdnZ2d@westnet.com. au...
> On 1/08/12 11:16 PM, Deevo wrote:
>> Stupid question, what's SSL?
>
> "Secure Sockets Layer" - a standard for sending encrypted data over the
> Internet.
>
> In a browser context, it is HTTPS.
>
> It is impossible to hack, unless you have sufficient computing power or
> are the USA government. :/

Thanks, very interesting.
--
Deevo

Geraldton WA