Information Security, Ethical Hacking, website Security, Database Security, IT Audit and Compliance, Security news, Programming, Linux and Security.
Sunday, 5 May 2013
U.S. Aims to Force Web Services to Compromise Message Encryption
Frustrated that email and social network users can encrypt their messages, law-enforcement agencies want the feds to enact punitive measures to force cooperation.
Even if it accomplished nothing else, the Middle Eastern governments’ crackdowns on communications during the Arab Spring movement two years ago demonstrated how much governments, in general, and repressive governments, in particular, hate encryption—particularly in the hands of private citizens. This is why governments from Egypt to Oman to India have tried to ban BlackBerry smartphones with their uncrackable encryption. Now, in the United States, the Federal Bureau of Investigation and the military and intelligence agencies are going after your encrypted communications on Google, Facebook and other Web communication services. Google, as you’ll likely recall, was hacked by the Chinese military who tried to get into the email accounts of dissidents who use Gmail for communicating their pro-freedom activities. The Chinese, a repressive regime if there ever was one, just hates dissidents. So the military hackers wanted to read their email to find out who they were and what they were up to. Google responded by encrypting its network from end to end. Facebook, after being attacked repeatedly, has done the same thing. Other networks that pride themselves on their security are also providing encrypted communications, including BlackBerry, which is widely used by the U.S. government precisely for this reason.
Of course those other repressive governments never actually banned BlackBerry devices because their own intelligence agencies also use them and needed the security more than they needed to read other people’s email.
So now we come to the FBI and other U.S. law-enforcement agencies that are trying to read the text messages, chats and the email of people they think are bad guys. The feds say that they’re doing this to fight crime and terrorism. And they say they have a right to get information if they have a legally obtained wiretap order. The problem is, as The Washington Post reported recently, that not all providers of communications services have the ability to comply with a federal wiretap order. Their systems are secure and they’re meant to stay that way. What the FBI is asking for is the ability to fine those companies that don’t comply with a wiretap order, even if they’re technically unable to do so within a time limit set by the FBI. In other words, if you can’t provide the feds with a back door to your system, the government will keep piling on fines until you go out of business. The idea, of course, is to compel companies that provide secure communications to also build in a means for the feds carry out get their wiretaps.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment