Large-Scale Surveillance Systems Create Security Risks
from the unauthorized-access dept
There's been a lot of discussion, here and elsewhere, about the dangers that expanded government surveillance pose to civil liberties. The Constitution protects the right to be free of unreasonable searches, which the courts have held includes electronic eavesdropping, and many people, myself included, think that recent proposals for expanded wiretapping threaten that right. But less attention has been paid to the security risks created by expanded eavesdropping programs. Matt Blaze and some other computer security experts have a new article documenting the risks concerning eavesdropping systems that themselves could be compromised, allowing unauthorized third parties to use government surveillance networks for their own ends. That's what happened in Greece, when someone managed to hack into the Greek surveillance infrastructure and listen in on dozens of senior government officials. Blaze and his co-authors argue that the more information collected by a wiretapping scheme, the greater the damage that will be done if it's ever compromised. The Protect America Act, which Congress passed last August and is due to expire in a few days, authorizes virtually unchecked government interception of communications between Americans and those overseas. The paper warns that the safeguards in the Protect America Act are inadequate to protect Americans from a compromised surveillance network. Congress would do well to listen.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: civil liberties, eavesdropping, greece, privacy, wiretapping
Reader Comments
Subscribe: RSS
View by: Time | Thread
Ummm
[ link to this | view in chronology ]
Re: Ummm
of course it's usually stuff like "STFU NOOB" and "USA SUCKS" or even "MORE DOTS MORE DOTS MORE DOTS" but it is just ignorant to say that many people with Internet access only have contact with people in their own country.
The point to this? All the wire-tapping and surveillance will include all online activities.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
ALL Large Scale Security UNSAFE
At a fundamental level, as more and more people acquire "keys" to access the "protected" system, the greater the chance that one of them will prove to be a nut case, a fanatic, an opportunist, disgruntled, etc. (It is not uncommon for a fired (just or unjust) employee to strike back.)
Another way to put it, the more "keys" one has, the easier it is to "lose" one. Then if you have to change the "key" it becomes an administrative nightmare trying to get everyone a new "key".
Not only that, but all companies and governments are in competition for employees. What does that mean? You might start off having high employment standards, but then you find you can't hire enough staff, so you lower your standards and you skimp on security checks. The sleeper terrorist is then able to sneak in. (also the nut case, etc.)
PS: This also applies to DRM technologies. Eventually someone on the inside will publicly disgorge the security "keys".
[ link to this | view in chronology ]
Re: ALL Large Scale Security UNSAFE
So we have systems that are supposedly "secure" but the users have little pieces of paper in obvious locations that would give virtually anyone access to these supposedly secure systems.
[ link to this | view in chronology ]
What is the difference? Oh, thats right, you don't like the govt.
[ link to this | view in chronology ]