NY Times: NSA Should Be Barred From Requiring Companies To Introduce Surveillance Backdoors
from the good-for-them dept
This is a bit surprising, given the source, but the NY Times editorial board has come out strongly against the NSA’s practice of forcing companies to install backdoors in no uncertain terms:
These back doors and special access routes are a terrible idea, another example of the intelligence community’s overreach. Companies and individuals are increasingly putting their most confidential data on cloud storage services, and need to rely on assurances their data will be secure. Knowing that encryption has been deliberately weakened will undermine confidence in these systems and interfere with commerce.
The back doors also strip away the expectations of privacy that individuals, businesses and governments have in ordinary communications. If back doors are built into systems by the N.S.A., who is to say that other countries’ spy agencies — or hackers, pirates and terrorists — won’t discover and exploit them?
In two short paragraphs, the editorial gets right to the heart of the problem. The “cost” to having these backdoors is undeniably huge in terms of trust and privacy. The harm to individuals and businesses is tremendous, but the benefits are, at best, minor. We get vague discussions about stopping some terrorist attacks, but still others get through. Yet, in every day life there are risks. It’s ridiculous to expect 100% perfection in stopping terrorists, and when we go way too far in trying to stop every attack, we lead to unintended consequences such as destroying privacy and harming the ability of companies to build better, more secure products.
Surprisingly, again, the NY Times then speaks out in support of a bill from Rep. Rush Holt that would make it illegal for the government to require backdoors in various products. This would be a huge step in enabling the US tech industry to move forward with more secure encryption.
Representative Rush Holt, Democrat of New Jersey, has introduced a bill that would, among other provisions, bar the government from requiring software makers to insert built-in ways to bypass encryption. It deserves full Congressional support. In the meantime, several Internet companies, including Google and Facebook, are building encryption systems that will be much more difficult for the N.S.A. to penetrate, forced to assure their customers that they are not a secret partner with the dark side of their own government.
This is unlikely to happen, unfortunately. The DOJ, for years, has been pushing for even more backdoors. And, you may recall, just a month or so before the Snowden leaks, the DOJ wanted the power to fine companies who wouldn’t install surveillance backdoors. The law enforcement world would go absolutely ballistic, should Holt’s bill ever get near becoming law.
Filed Under: backdoors, nsa, nsa surveillance, rush holt, security, surveillance
Comments on “NY Times: NSA Should Be Barred From Requiring Companies To Introduce Surveillance Backdoors”
The law enforcement world would go absolutely ballistic, should Holt’s bill ever get near becoming law.
If anything this will be fun to watch. This time they’ll need wizardry to prevent such bill from moving forward. There’s far too much support given all the leaks. Still, I do believe they can perform some magic tricks when in dire need and turn it from fun into terrifying. How far can the US Govt go to maintain its Police State capabilities?
Without backdoors, the gov will be forced to go to a judge to get a warrant after probable cause is established. What an idea.
NSA should be sent to the moon
Re: Re:
I think you are confused too:
http://www.techdirt.com/articles/20130918/07151324566/angered-nsas-actions-brazilian-hacker-defaces-nasa-websites.shtml
Re: Re: Re:
lol, I get the joke, but, they should still go to the moon.
and possibly send nasa to the moon too…….. again….
Re: Re: Re: Re:
Clearly what we should do is use NASA to send the NSA to the moon. Two birds, one stone.
Re: Re:
I think the sun would be a much brighter option. Literally.
Re: Re:
As long as we can design a ship that lets Gen. Alexander stay in his Star Trek Captain’s chair, I don’t think he’d have much of a problem with this idea…
make that all the “leaders” (*cough* slave masters) of the world. they should all be sent to the moon. with haste
Re: Re:
add “also” to the beginning of the above post.
Re: make that all the "leaders" (*cough* slave masters) of the world
http://en.wikipedia.org/wiki/Sic_semper_tyrannis
Re: Re: make that all the "leaders" (*cough* slave masters) of the world
wow, nevermind. Im’ just another fool on the internet
Even the NY Times engages in Populism now and then.
Don’t believe for a second that it’s sincere.
Your take on the advice,”bar the government from requiring software makers” is as usual Pollyanna-ish and shallow; to me the KEY word there makes it sounds like corporatist elites advising bribery over coercion ’cause you catch more flies — more LOYAL flies — with honey than vineger.
And besides that: there’ll be no change until people go to jail for crimes already committed.
It is more reasonable to assume that any competent foreign spy agency has already obtained the information. Ed Snowden has demonstrated how easy it is to penetrate NSA’s secrets. The fact that the Chinese let him leave, and the Russians are not trying to keep him suggests that they already know all the interesting stuff that he could tell them.
Note, they do not necessarily need his documents, but could gain a lot of useful information from talking to him, if NSA had managed to keep its secrets.
“NSA Should Be Barred.”
FTFY.
This is a start but not the heart of the issue
The essence is this. Protecting America means protecting liberty and that is, to honestly protect the Constitution, including the spirit of the 4th. The editorial can also be read that it is ok NSA can spy on everything only if they don’t harm commerce. But the fact is, if NSA does not protect liberty, they do not protect America and have failed their primary mission. In fact, currently they harm America, beyond commerce alone. This means, they must stop mass surveillance of America, period.
Re: This is a start but not the heart of the issue
Yep – The NSA is more Un-American than the HUAC.
Re: This is a start but not the heart of the issue
A million times this. In fact, their outright assault on liberty and the Constitution is why I consider their actions (and the similar actions by other spy and law enforcement agencies) to be straight up unamerican.
That’s why the only real future of encryption is open source. That way if an algorithm is compromised, at least it is compromised in full view of the development community, which is about the best we can hope for. Then you publish the hash value for the compiled binaries and presumably everyone knows if they have a clean copy when they go to use it.
Re: Re:
No, I’m sorry. If the implementation is compromised, then maybe. But if the algorithm is compromised, no amount of looking at the source will spot it.
Seriously, cryptology is a very complicated, specialized branch of applied mathematics. Algorithmic errors (both intentional and not) are incredibly easy to make and incredibly hard to spot. This is why only fools invent their own crypto — unless you’re an expert, the odds are overwhelming that you will introduce a vulnerability without ever noticing it.
Re: Re: Re:
The open source community includes specialists in cryptology. Further with the code being open, it must be assumed that some of these experts work for unfriendly governments. When trying to get a backdoor into open source software, it is not just the known developers that you have to get it past, but also the unknown expert who is working for an unfriendly government.
Unless you work for the US government, you assume that they are better than you. |That is why weakening a public standard was a stupid thing to do, unless you want other intelligence agencies to be able to break domestic encrypted commercial and private traffic.
perhaps a way of making this shit sink in is to ask how the USG would feel if it were to discover that all of it’s communications were being intercepted, decoded and read before being passed on? how would it feel if other countries suddenly got advanced knowledge of different products and manufacturing techniques? and the biggest one, how would it feel if suddenly there was an influx of beneficial drugs introduced on to the market, taking away almost all of the income from the vastly over priced US companies, and it was all due to the security forces of a country like, for example, India or Thailand, countries that normally dont have two cents to scratch their asses with? there would be hell to pay! those countries would be chastise from arse hole to breakfast and demands made in compensation as well as assurances that the spying stopped.
we already have another situation brewing, instigated by the USA over a company being able to sue a country because the company thinks it deserves to get patents etc on a product, even though it has been proven or suspected of having problematic side effects and in protecting it’s citizens, the country has refused to give permission to sell the product! if this stuff carries on, the world is going to be in seriously deep shit, because a country is going to have to either allow a product to be sold, even when it is known to be dangerous or it has got to pay a fortune to the company for not allowing it to be sold! what a nightmare scenario! and thanks yet again to the USA! it ought to be stopped from trading with everywhere else. it’s too bloody dangerous and self-serving!!
Re: Re:
perhaps a way of making this shit sink in is to ask how the USG would feel if it were to discover that all of it’s communications were being intercepted, decoded and read before being passed on
You mean by someone other than Israel?
http://www.techdirt.com/articles/20130911/08530124484/new-leak-shows-nsa-shares-raw-domestic-communications-data-with-israeli-intelligence.shtml
NSA should be dismantled.
We just need secure, open-source hardware and software. Cryptography specialists and home-brew citizens will take care of the security aspects.
What we really need is secure smartphones, because that’s where humanity is currently getting bashed over the head by repressive governments.
I dream of the day a smartphone with open-source hardware and software drivers is released.
Once that day comes, humanity will finally be able to exercise their human rights to secure, private, communications.
It will feel absolutely liberating!
I don’t care what Congress does. I don’t care what Apple or Google does. They’re all corrupt and can never be trusted.
I hope someone uploads specification to the internet, showing how to build an Open-Source Smartphone. That’s what we really need.
If no company will build it, then we’ll buy the components separately and build the phones ourselves. We’ll 3D print the casings ourselves and use SIM cards from existing phone carriers if we have to.
Ahh, the future could be absolutely marvelous! If we manage to survive through the crony capitalist era, that is.
It's a hell of a thing...
Re: It's a hell of a thing...
Oops. Hit enter and it posted instead of dropping down a line. =(
Basically, the feds are saying that they can spy on us because we are easy to spy on and therefore don’t have an expectation of privacy…but in order to make it easy to spy on us, they had to at some point invade our privacy.
But now that they’ve invaded our privacy, we have none because we didn’t object to a secret court making secret interpretations of secret laws that we didn’t know existed at the time. Of course, anyone who actually did somehow object (due to having psychic powers, perhaps) would have been prosecuted for espionage, probably in secret in a secret court.
By that logic, absolutely anything can be justified and absolutely NOTHING is illegal.
Re: Re: It's a hell of a thing...
“Of course, anyone who actually did somehow object (due to having psychic powers, perhaps) would have been prosecuted for espionage, probably in secret in a secret court.”
More accurately, a federal court would have said the same thing they told the ACLU. “You cannot prove the secret spy program exists. Therefore, your case cannot go forward due to lack of standing”.
So you are correct. There’s no possible way anyone outside the government, could have prevented these unconstitutional spy programs from happening.
It took a brave, selfless soul like Edward Snowden to shine light on this atrocity.
When even your best friend is turning on you, maybe it’s time for a little self-reflection.
Cloud storage?
Cloud storage has to be the weakest argument which can possibly be advanced here. If one is worried about security of files in the cloud, get an open source encryption program, check it for back doors, encrypt things on your local machine before putting them in the cloud and decrypt them when you get them back, rather than relying on the storage provider’s encryption.
The real issues involve shared and communicated data in contexts where everything has to be done online because sharing keys by physical transfer is infeasible.
One wonders whether the NYTimes is cryptologically illiterate or is deliberately advancing a straw-man because they are really in favor of expanding the power of the state.