NY Times: NSA Should Be Barred From Requiring Companies To Introduce Surveillance Backdoors

from the good-for-them dept

This is a bit surprising, given the source, but the NY Times editorial board has come out strongly against the NSA's practice of forcing companies to install backdoors in no uncertain terms:
These back doors and special access routes are a terrible idea, another example of the intelligence community’s overreach. Companies and individuals are increasingly putting their most confidential data on cloud storage services, and need to rely on assurances their data will be secure. Knowing that encryption has been deliberately weakened will undermine confidence in these systems and interfere with commerce.

The back doors also strip away the expectations of privacy that individuals, businesses and governments have in ordinary communications. If back doors are built into systems by the N.S.A., who is to say that other countries’ spy agencies — or hackers, pirates and terrorists — won’t discover and exploit them?
In two short paragraphs, the editorial gets right to the heart of the problem. The "cost" to having these backdoors is undeniably huge in terms of trust and privacy. The harm to individuals and businesses is tremendous, but the benefits are, at best, minor. We get vague discussions about stopping some terrorist attacks, but still others get through. Yet, in every day life there are risks. It's ridiculous to expect 100% perfection in stopping terrorists, and when we go way too far in trying to stop every attack, we lead to unintended consequences such as destroying privacy and harming the ability of companies to build better, more secure products.

Surprisingly, again, the NY Times then speaks out in support of a bill from Rep. Rush Holt that would make it illegal for the government to require backdoors in various products. This would be a huge step in enabling the US tech industry to move forward with more secure encryption.
Representative Rush Holt, Democrat of New Jersey, has introduced a bill that would, among other provisions, bar the government from requiring software makers to insert built-in ways to bypass encryption. It deserves full Congressional support. In the meantime, several Internet companies, including Google and Facebook, are building encryption systems that will be much more difficult for the N.S.A. to penetrate, forced to assure their customers that they are not a secret partner with the dark side of their own government.
This is unlikely to happen, unfortunately. The DOJ, for years, has been pushing for even more backdoors. And, you may recall, just a month or so before the Snowden leaks, the DOJ wanted the power to fine companies who wouldn't install surveillance backdoors. The law enforcement world would go absolutely ballistic, should Holt's bill ever get near becoming law.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    icon
    Ninja (profile), Sep 23rd, 2013 @ 7:03am

    The law enforcement world would go absolutely ballistic, should Holt's bill ever get near becoming law.

    If anything this will be fun to watch. This time they'll need wizardry to prevent such bill from moving forward. There's far too much support given all the leaks. Still, I do believe they can perform some magic tricks when in dire need and turn it from fun into terrifying. How far can the US Govt go to maintain its Police State capabilities?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 23rd, 2013 @ 9:06am

    Without backdoors, the gov will be forced to go to a judge to get a warrant after probable cause is established. What an idea.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 23rd, 2013 @ 9:11am

    NSA should be sent to the moon

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 23rd, 2013 @ 9:13am

    make that all the "leaders" (*cough* slave masters) of the world. they should all be sent to the moon. with haste

     

    reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Sep 23rd, 2013 @ 9:19am

    Even the NY Times engages in Populism now and then.

    Don't believe for a second that it's sincere.

    Your take on the advice,"bar the government from requiring software makers" is as usual Pollyanna-ish and shallow; to me the KEY word there makes it sounds like corporatist elites advising bribery over coercion 'cause you catch more flies -- more LOYAL flies -- with honey than vineger.

    And besides that: there'll be no change until people go to jail for crimes already committed.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 23rd, 2013 @ 9:33am

    who is to say that other countries’ spy agencies — or hackers, pirates and terrorists — won’t discover and exploit them?

    It is more reasonable to assume that any competent foreign spy agency has already obtained the information. Ed Snowden has demonstrated how easy it is to penetrate NSA's secrets. The fact that the Chinese let him leave, and the Russians are not trying to keep him suggests that they already know all the interesting stuff that he could tell them.
    Note, they do not necessarily need his documents, but could gain a lot of useful information from talking to him, if NSA had managed to keep its secrets.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    The Groove Tiger (profile), Sep 23rd, 2013 @ 9:33am

    "NSA Should Be Barred."

    FTFY.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Me, Sep 23rd, 2013 @ 9:34am

    This is a start but not the heart of the issue

    The essence is this. Protecting America means protecting liberty and that is, to honestly protect the Constitution, including the spirit of the 4th. The editorial can also be read that it is ok NSA can spy on everything only if they don't harm commerce. But the fact is, if NSA does not protect liberty, they do not protect America and have failed their primary mission. In fact, currently they harm America, beyond commerce alone. This means, they must stop mass surveillance of America, period.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Sep 23rd, 2013 @ 9:36am

      Re: This is a start but not the heart of the issue

      Yep - The NSA is more Un-American than the HUAC.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      John Fenderson (profile), Sep 23rd, 2013 @ 9:45am

      Re: This is a start but not the heart of the issue

      But the fact is, if NSA does not protect liberty, they do not protect America and have failed their primary mission.


      A million times this. In fact, their outright assault on liberty and the Constitution is why I consider their actions (and the similar actions by other spy and law enforcement agencies) to be straight up unamerican.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Some Guy, Sep 23rd, 2013 @ 9:38am

    That's why the only real future of encryption is open source. That way if an algorithm is compromised, at least it is compromised in full view of the development community, which is about the best we can hope for. Then you publish the hash value for the compiled binaries and presumably everyone knows if they have a clean copy when they go to use it.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      John Fenderson (profile), Sep 23rd, 2013 @ 9:48am

      Re:

      That way if an algorithm is compromised, at least it is compromised in full view of the development community, which is about the best we can hope for.


      No, I'm sorry. If the implementation is compromised, then maybe. But if the algorithm is compromised, no amount of looking at the source will spot it.

      Seriously, cryptology is a very complicated, specialized branch of applied mathematics. Algorithmic errors (both intentional and not) are incredibly easy to make and incredibly hard to spot. This is why only fools invent their own crypto -- unless you're an expert, the odds are overwhelming that you will introduce a vulnerability without ever noticing it.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Sep 23rd, 2013 @ 11:59am

        Re: Re:

        The open source community includes specialists in cryptology. Further with the code being open, it must be assumed that some of these experts work for unfriendly governments. When trying to get a backdoor into open source software, it is not just the known developers that you have to get it past, but also the unknown expert who is working for an unfriendly government.
        Unless you work for the US government, you assume that they are better than you. |That is why weakening a public standard was a stupid thing to do, unless you want other intelligence agencies to be able to break domestic encrypted commercial and private traffic.

         

        reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 23rd, 2013 @ 9:56am

    perhaps a way of making this shit sink in is to ask how the USG would feel if it were to discover that all of it's communications were being intercepted, decoded and read before being passed on? how would it feel if other countries suddenly got advanced knowledge of different products and manufacturing techniques? and the biggest one, how would it feel if suddenly there was an influx of beneficial drugs introduced on to the market, taking away almost all of the income from the vastly over priced US companies, and it was all due to the security forces of a country like, for example, India or Thailand, countries that normally dont have two cents to scratch their asses with? there would be hell to pay! those countries would be chastise from arse hole to breakfast and demands made in compensation as well as assurances that the spying stopped.
    we already have another situation brewing, instigated by the USA over a company being able to sue a country because the company thinks it deserves to get patents etc on a product, even though it has been proven or suspected of having problematic side effects and in protecting it's citizens, the country has refused to give permission to sell the product! if this stuff carries on, the world is going to be in seriously deep shit, because a country is going to have to either allow a product to be sold, even when it is known to be dangerous or it has got to pay a fortune to the company for not allowing it to be sold! what a nightmare scenario! and thanks yet again to the USA! it ought to be stopped from trading with everywhere else. it's too bloody dangerous and self-serving!!

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 23rd, 2013 @ 4:46pm

    NSA should be dismantled.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 23rd, 2013 @ 6:14pm

    We just need secure, open-source hardware and software. Cryptography specialists and home-brew citizens will take care of the security aspects.

    What we really need is secure smartphones, because that's where humanity is currently getting bashed over the head by repressive governments.

    I dream of the day a smartphone with open-source hardware and software drivers is released.

    Once that day comes, humanity will finally be able to exercise their human rights to secure, private, communications.

    It will feel absolutely liberating!

    I don't care what Congress does. I don't care what Apple or Google does. They're all corrupt and can never be trusted.

    I hope someone uploads specification to the internet, showing how to build an Open-Source Smartphone. That's what we really need.

    If no company will build it, then we'll buy the components separately and build the phones ourselves. We'll 3D print the casings ourselves and use SIM cards from existing phone carriers if we have to.

    Ahh, the future could be absolutely marvelous! If we manage to survive through the crony capitalist era, that is.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Bergman (profile), Sep 23rd, 2013 @ 11:46pm

    It's a hell of a thing...

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      Bergman (profile), Sep 23rd, 2013 @ 11:52pm

      Re: It's a hell of a thing...

      Oops. Hit enter and it posted instead of dropping down a line. =(

      Basically, the feds are saying that they can spy on us because we are easy to spy on and therefore don't have an expectation of privacy...but in order to make it easy to spy on us, they had to at some point invade our privacy.

      But now that they've invaded our privacy, we have none because we didn't object to a secret court making secret interpretations of secret laws that we didn't know existed at the time. Of course, anyone who actually did somehow object (due to having psychic powers, perhaps) would have been prosecuted for espionage, probably in secret in a secret court.

      By that logic, absolutely anything can be justified and absolutely NOTHING is illegal.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Sep 24th, 2013 @ 4:36am

        Re: Re: It's a hell of a thing...

        "Of course, anyone who actually did somehow object (due to having psychic powers, perhaps) would have been prosecuted for espionage, probably in secret in a secret court."

        More accurately, a federal court would have said the same thing they told the ACLU. "You cannot prove the secret spy program exists. Therefore, your case cannot go forward due to lack of standing".

        So you are correct. There's no possible way anyone outside the government, could have prevented these unconstitutional spy programs from happening.

        It took a brave, selfless soul like Edward Snowden to shine light on this atrocity.

         

        reply to this | link to this | view in chronology ]

  •  
    icon
    Postulator (profile), Sep 24th, 2013 @ 1:32am

    When even your best friend is turning on you, maybe it's time for a little self-reflection.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    DNY (profile), Sep 24th, 2013 @ 7:43am

    Cloud storage?

    Cloud storage has to be the weakest argument which can possibly be advanced here. If one is worried about security of files in the cloud, get an open source encryption program, check it for back doors, encrypt things on your local machine before putting them in the cloud and decrypt them when you get them back, rather than relying on the storage provider's encryption.

    The real issues involve shared and communicated data in contexts where everything has to be done online because sharing keys by physical transfer is infeasible.

    One wonders whether the NYTimes is cryptologically illiterate or is deliberately advancing a straw-man because they are really in favor of expanding the power of the state.

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This