Large-Scale Surveillance Systems Create Security Risks

from the unauthorized-access dept

There’s been a lot of discussion, here and elsewhere, about the dangers that expanded government surveillance pose to civil liberties. The Constitution protects the right to be free of unreasonable searches, which the courts have held includes electronic eavesdropping, and many people, myself included, think that recent proposals for expanded wiretapping threaten that right. But less attention has been paid to the security risks created by expanded eavesdropping programs. Matt Blaze and some other computer security experts have a new article documenting the risks concerning eavesdropping systems that themselves could be compromised, allowing unauthorized third parties to use government surveillance networks for their own ends. That’s what happened in Greece, when someone managed to hack into the Greek surveillance infrastructure and listen in on dozens of senior government officials. Blaze and his co-authors argue that the more information collected by a wiretapping scheme, the greater the damage that will be done if it’s ever compromised. The Protect America Act, which Congress passed last August and is due to expire in a few days, authorizes virtually unchecked government interception of communications between Americans and those overseas. The paper warns that the safeguards in the Protect America Act are inadequate to protect Americans from a compromised surveillance network. Congress would do well to listen.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Large-Scale Surveillance Systems Create Security Risks”

Subscribe: RSS Leave a comment
Thom says:


The vast majority of Americans have no out of the country contact but the vast majority of Congressmen and Senators do – if not due to personal business matters then to government ones. Perhaps all we need to do is point out that it’s only a matter of time before their shady dealings are exposed by this program. That should get their attention and make them think twice.

Anonymous Coward says:

Re: Ummm

Well, technically a lot of gamers DO have out of country contact via whatever online game they are playing. From playing on servers based on Europe to players from outside the US playing on US based servers, some people DO have contact with people that are not American.

of course it’s usually stuff like “STFU NOOB” and “USA SUCKS” or even “MORE DOTS MORE DOTS MORE DOTS” but it is just ignorant to say that many people with Internet access only have contact with people in their own country.

The point to this? All the wire-tapping and surveillance will include all online activities.

Steve R. (profile) says:

ALL Large Scale Security UNSAFE

Regretfully my “sound bite” generator isn’t working too well. We need a Murphy Law for security. Any large scale deployment of a security system to serve an infinite population is fundamentally unsafe.

At a fundamental level, as more and more people acquire “keys” to access the “protected” system, the greater the chance that one of them will prove to be a nut case, a fanatic, an opportunist, disgruntled, etc. (It is not uncommon for a fired (just or unjust) employee to strike back.)

Another way to put it, the more “keys” one has, the easier it is to “lose” one. Then if you have to change the “key” it becomes an administrative nightmare trying to get everyone a new “key”.

Not only that, but all companies and governments are in competition for employees. What does that mean? You might start off having high employment standards, but then you find you can’t hire enough staff, so you lower your standards and you skimp on security checks. The sleeper terrorist is then able to sneak in. (also the nut case, etc.)

PS: This also applies to DRM technologies. Eventually someone on the inside will publicly disgorge the security “keys”.

Steve R. (profile) says:

Re: ALL Large Scale Security UNSAFE

I just had to re-register for a re-deployment of our time card system. To gain access to the system, I had to riffle through a whole bunch of papers containing my passwords and login IDs for a variety of systems in order to find the login ID and password that I needed.

So we have systems that are supposedly “secure” but the users have little pieces of paper in obvious locations that would give virtually anyone access to these supposedly secure systems.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...