[Linux-aus] ART FOI review - myGov Code Generator app source code

Glenn McIntosh neonsignal-linux at meme.net.au
Fri Jan 2 14:46:08 AEDT 2026 

On 7/12/25 08:49, Matthew Lye via linux-aus wrote:
> Under the government classification framework, anything that can cause 
> harm (even if very minor) attracts some level of national security 
> classification, and as such is exempt from FOI requests. This is 
> probably where the attempt to force disclosure will end up.

I would counter this by suggesting that _obscuring_ the implementation 
of the mygov identification is likely to lead to greater harm, and that 
the implementation should have been made open in the first place.

It is well understood in modern cryptography that there should be 
separation between the method and the keys used, and that it is the keys 
which need to be secured, not the method.

It is also the case that an important identification system like mygov 
is likely to be subject to attacks by hostile actors with significant 
resources, who will be able to reverse engineer the implementation, 
whether or not it is open, and find flaws.

The government agency is presumably acting in good faith here, but it is 
important for them to understand that making the implementation open is 
the best way to uncover any flaws before they are exploited in 
detrimental ways.

Opening up the implementation in the short term no doubt allows many 
more people (both with good and bad intentions) to find flaws, which is 
why the implementation should have been open for discussion _before_ it 
was put in use, so that any problems could be mitigated. But better late 
than never.

There will be wider range of people who will vet the implementation if 
we don't have to put resources into reverse engineering it. This is why 
modern cryptography protocols are made open by standards committees, and 
why it is cautioned that one should not invent cryptography protocols 
willy nilly.

Either the implementation is secure, in which case opening it up has no 
negative consequences to Australian citizens (and makes the system 
easier to use across a variety of platforms); or the app is insecure, 
and the increased vetting after opening it up will enable flaws to be 
remedied.

Openness of implementation should be the norm for taxpayer funded apps, 
but this is especially true when that code might have a critical point 
of failure (whether that is voting systems or identification systems).

Glenn
-- 
pgp: 833A 67F6 1966 EF5F 7AF1  DFF6 75B7 5621 6D65 6D65

More information about the linux-aus mailing list