[Linux-aus] ART FOI review - myGov Code Generator app source code
Glen Turner
gdt at gdt.id.au
Sat Jan 3 13:38:44 AEDT 2026
1) a FOI request might not result in the Code Generator source code,
but FOI should be able to illuminate the decision making around how the
app came to be, say versus a list of recommended TOTP apps.
2) a potential claim that the app has a national security sensitivity
would imply the agency has done a lot of paperwork to meet the
requirements of a novel national security cryptographic system, and
some of that may be obtainable by FOI. In particular the list of ISM
exceptions would be long and fundamental, eg: the TOTP secret key does
not roll over often enough, the app is fielded onto uncontrolled
hardware and unmanaged operating systems.
-glen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 216 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linux.org.au/pipermail/linux-aus/attachments/20260103/fe8271e4/attachment.sig>
More information about the linux-aus
mailing list