How The FBI's Desire To Wiretap Every New Technology Makes Us Less Safe
from the can-you-hear-me-now? dept
Here they go again. Every year or so we end up writing about the FBI's desire for better wiretapping capabilities for new technologies, such as Skype. Basically, the FBI argues that because "bad guys" might use those tools to communicate in secret, they need backdoors to make sure that they can keep tabs on the bad guys.But they're forgetting something: the FBI isn't necessarily the only one who will get access to those backdoors. In fact, by requiring backdoors to enable surveillance on all sorts of systems, the FBI is almost guaranteeing that the bad guys will use those backdoors for their own nefarious purposes. It's not security, it's anti-security.
This is why claims by the feds that we need cybersecurity legislation, like CISPA or the Cybersecurity Act, ring hollow. If they really wanted more protected networks, they wouldn't keep asking for specific security holes to be explicitly added to those networks.
Somehow, the FBI always thinks that if there are backdoors, only it will use them. That is extreme wishful thinking.Two decades ago, the FBI complained it was having trouble tapping the then-latest cellphones and digital telephone switches. After extensive FBI lobbying, Congress passed the Communications Assistance for Law Enforcement Act (CALEA) in 1994, mandating that all telephone switches include FBI-approved wiretapping capabilities.
CALEA was justifiably controversial, not least because its requirement for “backdoors” across our communications infrastructure seemed like a security nightmare: How could we keep criminals and foreign spies from exploiting weaknesses in the new wiretapping features? Would we even be able to detect them when they did?
Those fears were soon borne out. In 2004, a mysterious someone — the case was never solved — hacked the wiretap backdoors of a Greek cellular switch to listen in on senior government officials … including the prime minister.
Think this could only happen abroad? Some years ago, the U.S. National Security Agency discovered that every telephone switch for sale to the Department of Defense had security vulnerabilities in their mandated wiretap implementations. Every. Single. One.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
The First Word
“I always wondered where that extra piece of string was going....
I used to communicate with my neighbor via 'high tech' methods (tin can's with a string attached that was strung between our bedroom windows), now I know what that extra string running up to the telephone pole was....Early FBI mandated communication 'backdoor'....
Subscribe: RSS
View by: Time | Thread
Says the agency that creates and stops their own fantasy terrorism plots. A few questions come to mind then: should we really give a damn to what they say? Should they really exist if they have to CREATE their own plots and threats to stay relevant?
[ link to this | view in thread ]
Re:
What we should be asking is how soon they will be stopping their own Forrest Gump hacker plots?
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
you might think it's extreme wishful thinking, i call it out and out stupidity! how anyone, let alone what is supposed to be a top level law enforcement agency, charged with and, at least in part, responsible for the protection and well being of the citizens as well as the country, can possibly believe this is beyond me! anything (and i mean anything) that is made/invented by man can be broken by man. it's just that sometimes it takes longer than others! having a purposefully, partially broken invention gives perpetrators an open invitation and a head start
[ link to this | view in thread ]
I always wondered where that extra piece of string was going....
Early FBI mandated communication 'backdoor'....
[ link to this | view in thread ]
[ link to this | view in thread ]
Earlier example
[ link to this | view in thread ]
really??
You need to PROTECT your data, its a STUPID computer in your hands..Virus/bots and the WHOLE thing.. NOW you want to add another BUG??
Ever wonder why they use Throw away phones on TV shows?? DUMB phones cant tell on you.. iF YOU WANT TO SWAP SECRETS, WHY are you using a PHONE?
ANYONE here understand the word WIRELESS, and the problems associated with it??
Yes, type on that Nice wireless keyboard, and Anyone within 30 feet can READ IT, with the right program.. NO security needed.
BEFORE they installed LINK security, you could have 4+ people all listening on a wireless headsets to your Wireless BT, Music device..(RIAA didnt like that)
Anyone read the story about Home depot and the registers, all wireless and NOT ENCRYPTED??(they had fun with that)
What these guys WANT, is that Each phone sends a NOTE, of the phones NUMBER/ID..the rest of the data can already be read, but they CANT tell who is saying WHAT. Then ADD to it the GPS data of the phone and you can track ANYONE..
[ link to this | view in thread ]
Hehe
[ link to this | view in thread ]
Sony rootkit
[ link to this | view in thread ]
I like Jeremy Lyman
[ link to this | view in thread ]
FBI
[ link to this | view in thread ]
[ link to this | view in thread ]
I just had to - fortune(6) gave me that one immediately after reading this article.
[ link to this | view in thread ]
A few will sell it.
A few might sit it on.
A few will leak it to cause chaos. "My favorite option! It's what I would do to teach the bastards a lesson."
Now you have a open backdoor which software companies are forced to patch so they can be re-cracked in another day and the cycle will go on till they tell the FBI to kindly go fuck themselves.
There are plenty of whiz kids out there that have a gift far greater than most of us will ever even begin to dream of. They can look at it and instantly know how to fuck it up.
Like me plenty others can mess with shit over time but it's nothing compared to the people with a natural gift. Most of the coders for these companies DO NOT have that gift. Even if they all did there will always be someone out there to see something they did not.
These backdoors will end up being used for plenty of malicious activities. Not only that they will be abused for anonymity that will turn out to be a free tool handed out by the FBIs stupidity.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
And enough of them will share how it's done that soon everybody will know. Pirate bay proxies all over again, which is just DRM all over again.
[ link to this | view in thread ]
Wishful Thinking
I don't think that that's the case at all. I think the FBI doesn't CARE if anyone else uses them. This is how highly they regard your privacy. After all, if you're innocent you have nothing to hide, if you have nothing to hide why would you care if anyone (FBI agent, hacker, your mom, etc) listened in on your every conversation?
[ link to this | view in thread ]
Think like Law Enforcement
[ link to this | view in thread ]
Re:
They are an economic powerhouse because of their cheap manufacturing, it'd be rather stupid of them to jeopordize that for some mass spying program that would have very very questionable benefits.
Besides with policies like the one highlighted here being adopted if they want to do mass spying, they can just piggy back off the work of the Americans... No need to put any effort of their own into such a program.
[ link to this | view in thread ]
Re: Re:
That was my point!
[ link to this | view in thread ]
Re: Sony rootkit
Well, I would have called shenanigans on this, but considering that one company tried to have me fired for exposing their back-door, I have to find myself looking for the sad-but-true button. Why the folks at Sony that did this aren't sitting in jail, and the company isn't paying huge fines, is beyond me.
[ link to this | view in thread ]
Even so
Even if they're right in this thinking (and they're not), it still wouldn't make the situation any more tenable. History shows us that the FBI (or any other TLA) cannot be trusted with wholesale access to our communications.
[ link to this | view in thread ]
Re: Re:
Why does any nation engage in stupid behavior that is virtually guaranteed to hurt them in the long run? Or, to ask it a different way, every other nation does stupid things that hurt them, why would China be the exception?
[ link to this | view in thread ]
basic economics, again
[ link to this | view in thread ]
Re: Re: Sony rootkit
[ link to this | view in thread ]
Re: basic economics, again
with a free companion desktop guide : Creating a WEB of LAW to Catch Bad Guys for Dummies
and a 20% off coupon for the up and coming sure to be a best-seller : Defending Fascism from Patriots for Dummies
[ link to this | view in thread ]
Re: #4
[ link to this | view in thread ]
Re: Re: Re: Sony rootkit
That or a boss that believes in computer security and doesn't believe in security solely through obscurity. They could have prosecuted me for it, though I don't know what grounds they could have done so since it was "my" device (it was my employer's device, and I was authorized to test the security of the device) and I found the backdoor through honest means (protip, never use the name of your company as the url-path for your unauthenticated/unencrypted backdoor, and never try to obscure the path by adding an underscore after someone finds your backdoor. And a better protip is to not include a unauthenticated/unencrypted backdoor in the first place.)
[ link to this | view in thread ]
[ link to this | view in thread ]
Won't someone think about the non USA programmers... (well other than the FBI who strangely seem to want nothing more than to help any country other than the USA attain economic success)
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
Meditiation
[ link to this | view in thread ]