Skip to main content

Wiretap Law May Create 'Backdoors' For Hackers, Experts Warn

As the Obama administration considers supporting a proposal to help law enforcement eavesdrop on Internet communications, experts warn the measure could have an unintended consequence: creating digital "backdoors" for cybercriminals to exploit.

The FBI has been pushing for legislation that would force companies like Google and Facebook to create ways for law enforcement to conduct court-approved surveillance on their networks. The Obama administration is "on the verge of backing" a measure that would fine Silicon Valley companies that refuse to build wiretapping capabilities into their systems, according to The New York Times.

But security experts and at least one lawmaker say it could make the Internet less safe by requiring tech companies to essentially design a security flaw into their products.

"The government should be doing everything in its power to increase the security of our communications networks, not riddling them with interception backdoors that will likely be exploited by criminals and foreign governments," Chris Soghoian, a policy analyst for the American Civil Liberties Union, said in a statement. "History has shown time and time again that interception backdoors are fundamentally at odds with good cybersecurity."

Rep. Hank Johnson (D-Ga.), a member of the House Judiciary committee where wiretapping legislation would be considered, said he opposes the FBI's proposal.

“At a time when we need sensible legislation to confront cyber threats, the F.B.I. proposal is a step in the wrong direction on security and privacy," Johnson said in a statement. "Forcing companies to engineer backdoors for information requests would increase the risk of hacking, identify theft, and mass surveillance.”

The proposal comes amid growing debate over how to combat terrorism and cybercrime. The Boston bombings have heightened awareness over national security and whether law enforcement should conduct surveillance on suspected terrorists who communicate online. At the same time, hackers are increasingly breaking intocomputer networks of major corporations and government agencies, raising alarm about the need to combat cyber threats.

The FBI argues the wiretapping mandate is needed because new forms of Internet-based communication have outpaced the Communications Assistance for Law Enforcement Act, or CALEA. The 1994 law requires telecommunications companies to make their networks wiretap-friendly, but does not apply to most Internet companies.

If the law is overhauled to include providers of Internet-based communications services, it could create a new target for hackers looking to exploit weaknesses in those networks, according to Susan Landau, a fellow at the Radcliffe Institute for Advanced Study at Harvard University.

Two years ago, Landau warned a congressional committee of a "serious risk" that wiretaps built into communications networks "will be subverted either by trusted insiders or skilled outsiders, including foreign governments, hackers, identity thieves and perpetrators of economic espionage."

It has happened before. In 2004, for example, hackers gained access to the wiretapping capabilities built into the network of Greece's largest cellular service provider and eavesdropped on more than 100 Greek government officials, including the prime minister.

"Rather than securing us, such capabilities endanger us," Landau said in written testimony.

At the same hearing, Valerie Caproni, who was the FBI's general counsel at the time,insisted that the bureau "doesn't want backdoors" and that "the security of the Internet is extremely important to the FBI."

"But I also get kept up by worrying that we have got criminals running around that we can’t arrest and can’t prosecute because we can’t actually execute a wiretap order,"she said, according to a transcript of the hearing.

In an op-ed on Wired.com earlier this year, Matt Blaze, professor of computer science at the University of Pennsylvania, argued against creating mandatory wiretaps for Internet services. Instead, he suggested that law enforcement should conduct surveillance through another controversial method: hacking into suspects' computers.

"Instead of changing the law, they can use specialized, narrowly targeted exploit tools to do the tapping," Blaze wrote.

The FBI is already attempting to use this surveillance technique, but the courts have not always approved. Last month, a judge in Texas rejected a request by the FBI to remotely hack into a computer to obtain emails, chat-messaging logs and other documents to investigate a bank fraud and identity-theft case that began earlier this year.

In a written opinion, U.S. Magistrate Judge Stephen Smith said the FBI needed to ensure that such techniques didn't allow law enforcement to also gather information on people not suspected of committing a crime.

"This is not to say that such a potent investigative technique could never be authorized," Smith wrote in his opinion. "But the extremely intrusive nature of such a search requires careful adherence" to the rules.

This story has been updated to include comment from Rep. Hank Johnson (D-Ga.).


Technorati Tags: ,

Comments

Popular posts from this blog

DO YOU WANT TO BECOME A MASON IN NIGERIA

 After all i have said about this fraternity if you are still interested in becoming a mason there are just simply ways in which you can do that, but inspite of my post i am neither encouraging nor discouraging you all i am doing is just to let you know more about this frat and there's more to come about those who have joined, the so called stars like jay-z, kanye west etc i guess its just 7 simple ways to join and off you go  Are there things you want to accomplish in your life? Are there ways you want to enrich yourself? Do you enjoy being with people you like and respect? As a Freemason, you’ll find friendship and fraternity. You’ll develop life skills like self-confidence, leadership, and effective communication. You’ll learn to work as part of a team  and to better yourself as you help others. Think about taking the first step into becoming a Mason. It is widely thought that one must be invited to become a Freemason or that Freemasonry is so exclusive as to be b...

13 Places You Should Visit In before the end of 2013

  Wikimedia Commons It's more than halfway through 2013 and even though the summer is winding down, there's still plenty of time to book a trip to a great destination. We looked at major developments, cultural trends, and global festivals to find the hottest places to travel around the world in 2013. There are vast untouched landscapes that offer incredible outdoor experiences, cities that are experiencing a cultural rebirth, and up-and-coming destinations that offer great deals and few tourists. London, England Since Kate Middleton gave birth to Prince George Alexander Louis last week , England has been in the national spotlight, and is expecting a tourism boost. But that's not the only reason to visit the UK right now. The 2012 Summer Olympics in London came and went, but many of the buildings, restaurants, hotels and venues that sprouted up to accommodate the hundreds of thousands of visitors who came for the Olympics still stand. Several new building...

Samsung reportedly close to releasing Glass competitor — and Google’s involved

This one is definitely a rumor, but its source is reliable enough to warrant a little speculation. Analyst and blogger  Eldar Murtazin  tweeted a rather definite message this week that Samsung is “developing [its] own version of Google Glass. We will see it (probably) around April – May under Gear Glass brand.” Given that Google’s own version of Glass is not expected to hit the mass market until early 2014, Samsung’s Glass competitor could very well race Google’s to market. That might seem like a nightmare for Google, which has invested heavily in Glass and is no doubt planning for a strong event launch, but as was pointed out in a CNet article, the use of the word “Glass” implies an official partnership. Samsung is known for its aggressive branding and Google would likely raise legal concerns regardless, so it’s unlikely the brand Gear Glass would be used without a partnership. Does Google even want to sell Glass, or does it just want you wearing face-screens? ...