Watch this episode on YouTube.
Reasonably Accurate 馃馃 Transcript
Good morning, everybody. How you doing today? I realize this is a bit of a mid mornings with Mark um been processing a lot of stuff this morning. So um a few things happened and I want to actually share uh some pages uh with you on my screen.
So uh as we walk through this, because I think four very disparate things are actually related um in the related a really interesting way. So the first is um Australia uh passed a bill uh recently today or yesterday depending on how your time zone sit um around encryption.
And this is a much panned bill. Um I don't want to dive into the politics behind it, but what it does seem to enable is the Australian government to force it companies to create backdoors and to enable lawful access to various communications. Now, I'm a huge supporter of lawful access, but I'm also a huge um opponent of forcing companies to change their technology to enable that lawful access because that primarily means trying to break encryption schemes.
Now, encryption is hard enough to do correctly. Um And it protects the vast majority of what we do on the internet. So forcing companies to build weaker encryption and back doors into encryption is a major problem because it's going to create weaker security. And that has a disproportionate impact versus what you're trying to accomplish with the law.
There's a reason when you have uh your phone that um the device itself uh encrypts end to end for the most stuff. Um Everything on this device is supposed to be just mine. Uh If law enforcement requests the device and goes through the the various mechanisms in place to gain access to the device, that's one thing.
And they can also subpoena um apple to get access to icloud, there's a lawful access provision there, iMessage is still end to end encrypted. So unless I back up to icloud, they need my device to get access and that's a different level of um requirement, there's a different required level of legal proof and you can't do it at scale and that's really it.
So there needs to be a balancing act. This Australian law is way out of whack. Um And it puts Australian users and internet users in general at risk because companies now have to adhere to it. At the same time. Craziness happened um here in Canada, uh Huawei's CFO was transiting through Canada and was arrested to extradite to the US.
Now, this is apparently related to sanctions, but it's the latest step in an escalating um effort against getting uh or getting Huawei uh an effort to get Huawei equipment out of Western uh and five ice networks because they, uh they are alleging that the um equipment is compromised.
Um Now, interestingly enough, uh if it's a telecom transmission equipment, um even if the equipment was compromised, if you're using end to end encryption and the equipment isn't one of those ends, things that transit across this equipment would still be relatively safe.
Depending, you know, assuming that nobody had the ability to crack the level of encryption used in that end to end because the uh telecom equipment is a midway point. So my device and your device, they wouldn't be actually cracked. So it's interesting in that Huawei is being accused of doing the thing that Australia just legally mandated.
At the same time this morning, uh Apple released a brand new paper. Uh Let me zoom in on it here um On differential privacy. Now, I'm just starting to read through this. It's with um Apple and Stanford. Um They have this aspect of doing differential privacy um which is uh a new way of anonymized data of doing analysis on data while maintaining privacy on it.
And that's really, really interesting stuff. So I'm going to dig into there and then to kind of end this on a happy note uh to say, you know, it doesn't need to be all doom and gloom. Uh A good friend of mine, Stefan Christensen tweeted me this this morning uh with a quote from a new government of Canada initiative around um uh government uh it systems uh that source code, uh they want to default to um open source and they want to make that source available publicly.
Um So this section in here, you can tell it's a government document because there's four sub points or five sub points. So see 2383 says that uh by default, any source code written by the government must be released in an open format um via government of Canada websites and uh services uh designated by the Treasury Board of Secretariat, which is a department within the Canadian government.
So this is a definitive push for the Canadian government to go open in the same directive. Um They actually have uh the ability to um or they have the um directive to push out data in open formats. So you've got this contrast of Australians uh trying to um mandate tech companies adhere to give them lawful access, uh which I think is an over pivot of um the protection, you know, and it's common for incident responders.
It's common for intelligence services for military to only see the bad and not uh balance with the good. And I think that that's a mistake. It needs to be readjusted, similar with the uh uh push against Huawei being escalated with the accusation of the exact same thing that Australia just gave themselves the ability to do.
Um Apple is still making uh pushes on differential privacy, which I think is phenomenal because that gives us the ability to do big data analytics while maintaining privacy. And the Canadian government has opened a whole bunch of things up around their it procurement.
It's an interesting interesting morning. Um I don't really have a central theme there other than data is a critical resource in today's world. Um It's something that all different um communities are looking at from different aspects. The biggest challenge I think we have is that we're all still connected.
The internet is inter after all. Um So we have this challenge of uh laws made in one places or initiative taken in one community have impacts on the other. So hopefully it will all balance out. But lots to think about lots that I'm keeping my eye on.
Uh just one of those thinker days. I hope you are set up to have a wonderful day. Uh Talk to me online at Mark NC A for those of you in the vlogs in the comment down below. And as always uh for podcast listeners and everybody else uh me at Mark N dot C A.
What are your thoughts on any of these four issues? All of them bigger theme. Uh You know, did you hear of them? This is the first time. Let's just keep a discussion going because I think this is really fascinating stuff and it has a real significant impact on how we live, our digital lives, have a fantastic day and we'll talk to you soon.
