NY Times: NSA Should Be Barred From Requiring Companies To Introduce Surveillance Backdoors
from the good-for-them dept
This is a bit surprising, given the source, but the NY Times editorial board has come out strongly against the NSA's practice of forcing companies to install backdoors in no uncertain terms:These back doors and special access routes are a terrible idea, another example of the intelligence community’s overreach. Companies and individuals are increasingly putting their most confidential data on cloud storage services, and need to rely on assurances their data will be secure. Knowing that encryption has been deliberately weakened will undermine confidence in these systems and interfere with commerce.In two short paragraphs, the editorial gets right to the heart of the problem. The "cost" to having these backdoors is undeniably huge in terms of trust and privacy. The harm to individuals and businesses is tremendous, but the benefits are, at best, minor. We get vague discussions about stopping some terrorist attacks, but still others get through. Yet, in every day life there are risks. It's ridiculous to expect 100% perfection in stopping terrorists, and when we go way too far in trying to stop every attack, we lead to unintended consequences such as destroying privacy and harming the ability of companies to build better, more secure products.
The back doors also strip away the expectations of privacy that individuals, businesses and governments have in ordinary communications. If back doors are built into systems by the N.S.A., who is to say that other countries’ spy agencies — or hackers, pirates and terrorists — won’t discover and exploit them?
Surprisingly, again, the NY Times then speaks out in support of a bill from Rep. Rush Holt that would make it illegal for the government to require backdoors in various products. This would be a huge step in enabling the US tech industry to move forward with more secure encryption.
Representative Rush Holt, Democrat of New Jersey, has introduced a bill that would, among other provisions, bar the government from requiring software makers to insert built-in ways to bypass encryption. It deserves full Congressional support. In the meantime, several Internet companies, including Google and Facebook, are building encryption systems that will be much more difficult for the N.S.A. to penetrate, forced to assure their customers that they are not a secret partner with the dark side of their own government.This is unlikely to happen, unfortunately. The DOJ, for years, has been pushing for even more backdoors. And, you may recall, just a month or so before the Snowden leaks, the DOJ wanted the power to fine companies who wouldn't install surveillance backdoors. The law enforcement world would go absolutely ballistic, should Holt's bill ever get near becoming law.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: backdoors, nsa, nsa surveillance, rush holt, security, surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
If anything this will be fun to watch. This time they'll need wizardry to prevent such bill from moving forward. There's far too much support given all the leaks. Still, I do believe they can perform some magic tricks when in dire need and turn it from fun into terrifying. How far can the US Govt go to maintain its Police State capabilities?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
http://www.techdirt.com/articles/20130918/07151324566/angered-nsas-actions-brazilian-hacker-de faces-nasa-websites.shtml
[ link to this | view in chronology ]
Re: Re:
and possibly send nasa to the moon too........ again....
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: make that all the "leaders" (*cough* slave masters) of the world
[ link to this | view in chronology ]
Re: Re: make that all the "leaders" (*cough* slave masters) of the world
[ link to this | view in chronology ]
Even the NY Times engages in Populism now and then.
Your take on the advice,"bar the government from requiring software makers" is as usual Pollyanna-ish and shallow; to me the KEY word there makes it sounds like corporatist elites advising bribery over coercion 'cause you catch more flies -- more LOYAL flies -- with honey than vineger.
And besides that: there'll be no change until people go to jail for crimes already committed.
[ link to this | view in chronology ]
It is more reasonable to assume that any competent foreign spy agency has already obtained the information. Ed Snowden has demonstrated how easy it is to penetrate NSA's secrets. The fact that the Chinese let him leave, and the Russians are not trying to keep him suggests that they already know all the interesting stuff that he could tell them.
Note, they do not necessarily need his documents, but could gain a lot of useful information from talking to him, if NSA had managed to keep its secrets.
[ link to this | view in chronology ]
FTFY.
[ link to this | view in chronology ]
This is a start but not the heart of the issue
[ link to this | view in chronology ]
Re: This is a start but not the heart of the issue
[ link to this | view in chronology ]
Re: This is a start but not the heart of the issue
A million times this. In fact, their outright assault on liberty and the Constitution is why I consider their actions (and the similar actions by other spy and law enforcement agencies) to be straight up unamerican.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
No, I'm sorry. If the implementation is compromised, then maybe. But if the algorithm is compromised, no amount of looking at the source will spot it.
Seriously, cryptology is a very complicated, specialized branch of applied mathematics. Algorithmic errors (both intentional and not) are incredibly easy to make and incredibly hard to spot. This is why only fools invent their own crypto -- unless you're an expert, the odds are overwhelming that you will introduce a vulnerability without ever noticing it.
[ link to this | view in chronology ]
Re: Re:
Unless you work for the US government, you assume that they are better than you. |That is why weakening a public standard was a stupid thing to do, unless you want other intelligence agencies to be able to break domestic encrypted commercial and private traffic.
[ link to this | view in chronology ]
we already have another situation brewing, instigated by the USA over a company being able to sue a country because the company thinks it deserves to get patents etc on a product, even though it has been proven or suspected of having problematic side effects and in protecting it's citizens, the country has refused to give permission to sell the product! if this stuff carries on, the world is going to be in seriously deep shit, because a country is going to have to either allow a product to be sold, even when it is known to be dangerous or it has got to pay a fortune to the company for not allowing it to be sold! what a nightmare scenario! and thanks yet again to the USA! it ought to be stopped from trading with everywhere else. it's too bloody dangerous and self-serving!!
[ link to this | view in chronology ]
Re:
You mean by someone other than Israel?
http://www.techdirt.com/articles/20130911/08530124484/new-leak-shows-nsa-shares-raw-domesti c-communications-data-with-israeli-intelligence.shtml
[ link to this | view in chronology ]
[ link to this | view in chronology ]
What we really need is secure smartphones, because that's where humanity is currently getting bashed over the head by repressive governments.
I dream of the day a smartphone with open-source hardware and software drivers is released.
Once that day comes, humanity will finally be able to exercise their human rights to secure, private, communications.
It will feel absolutely liberating!
I don't care what Congress does. I don't care what Apple or Google does. They're all corrupt and can never be trusted.
I hope someone uploads specification to the internet, showing how to build an Open-Source Smartphone. That's what we really need.
If no company will build it, then we'll buy the components separately and build the phones ourselves. We'll 3D print the casings ourselves and use SIM cards from existing phone carriers if we have to.
Ahh, the future could be absolutely marvelous! If we manage to survive through the crony capitalist era, that is.
[ link to this | view in chronology ]
It's a hell of a thing...
[ link to this | view in chronology ]
Re: It's a hell of a thing...
Basically, the feds are saying that they can spy on us because we are easy to spy on and therefore don't have an expectation of privacy...but in order to make it easy to spy on us, they had to at some point invade our privacy.
But now that they've invaded our privacy, we have none because we didn't object to a secret court making secret interpretations of secret laws that we didn't know existed at the time. Of course, anyone who actually did somehow object (due to having psychic powers, perhaps) would have been prosecuted for espionage, probably in secret in a secret court.
By that logic, absolutely anything can be justified and absolutely NOTHING is illegal.
[ link to this | view in chronology ]
Re: Re: It's a hell of a thing...
More accurately, a federal court would have said the same thing they told the ACLU. "You cannot prove the secret spy program exists. Therefore, your case cannot go forward due to lack of standing".
So you are correct. There's no possible way anyone outside the government, could have prevented these unconstitutional spy programs from happening.
It took a brave, selfless soul like Edward Snowden to shine light on this atrocity.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Cloud storage?
The real issues involve shared and communicated data in contexts where everything has to be done online because sharing keys by physical transfer is infeasible.
One wonders whether the NYTimes is cryptologically illiterate or is deliberately advancing a straw-man because they are really in favor of expanding the power of the state.
[ link to this | view in chronology ]