Government Wants to Improve Its Cybersecurity and Weaken Ours
http://www.truthdig.com/report/item/government_wants_to_improve_its_cybersec
urity_and_weaken_ours_20150623/
Posted on Jun 23, 2015
By Thor Benson
Maksim Kabakou / Shutterstock
Since the most successful hack ever launched against government servers
compromised the personal information of more than 4.2 million government
employees, the government has been scrambling to prevent it from happening
again.
On June 4, the Office of Personnel Management announced it had been hacked,
and officials have speculated that Chinese sources are to blame.
With FBI officials concerned about their ability to defend national
security, FBI Director James Comey has called on companies such as Apple and
Google to build "back doors" into encryption to protect user information
from hacks but allow government agencies to access the data.
The main problem with Comey's request is that there is no feasible way to
create a back door to encryption for government access without making it
susceptible to hacks from other sources. An open window is an open window,
explained Bill Buddington, a software engineer for the Electronic Frontier
Foundation.
"If history serves as any lesson, we know that once there's a back door for
one government agency, then it's not a far jump to see that that back door
is also accessible to others-to hackers and to malicious third parties,"
Buddington told Truthdig. "There's no way to build a back door so the
government can get access to your device and no one else can," he said. An
ironic aspect of this situation is that President Obama has criticized
countries like China for proposing to make U.S. companies hand over
encryption keys in the name of fighting terrorism.
According to Buddington, the FBI's own website used to recommend that
citizens use encryption, because the agency knew that that added safeguard
would help protect their information. Now, since the surveillance state has
ramped up, the agency wants to make sure it can access any data it deems
necessary to access. Even though the FBI can still perform targeted
surveillance operations and get warrants to access this data, Buddington
notes, it wants more options for retrieving intel.
As Johns Hopkins cryptography professor Matthew Green has stated, forcing
companies such as Google and Apple to break their own encryption will do
absolutely nothing to prevent terrorism. "You could strangle the whole U.S.
tech industry, and ISIS would *still* be able to communicate with their
followers using encryption," he tweeted in early June. Essentially,
companies dealing with the data of ordinary U.S. citizens and employees
would be wide open to hacks, while the people the FBI wants to go after
would still just use encryption by other means. Even if encryption was made
entirely illegal, there's little reason to believe terrorists would be
afraid of breaking the law.
Beyond that, there is reason to believe that the data of more than 300
million people who don't work for the federal government could be extremely
valuable to foreign entities. "If there are foreign governments that find
value in getting U.S. government employee data, then there is no reason
they'd stop [going after civilian data]," Buddington notes. He said a
government that opposes the United States could do a lot with the metadata
of U.S. citizens. "To see who is talking to whom, who is communicating with
whom and who's meeting-these kind of diverse interactions are the bread and
butter of intelligence-gathering more generally for nation-states," he said.
"To know the movements of populations is to know how information flows more
generally, and that can affect foreign policy decisions and national
security decisions."
Malicious governments or other entities could collect all the information
they want and then dive in to look for specific patterns or interactions.
Information such as financial data, for example, could be of value to many
hackers. What is thought to be the biggest bank heist ever involved more
than 100 banks in 30 nations that were hacked by a cybercrime gang, and it
is believed well over $300 million was lost-and possibly as much as $1
billion.
Buddington and other experts say citizens and government agencies should be
encrypting all communications and data. As for the government's
cybersecurity, Buddington says the technology it's using is antiquated and
needs to be replaced to respond to evolving threats. He said the government
also needs more cybersecurity experts at every level to advise those who may
not know how to protect themselves. Keeping government data protected is
important, but the country isn't any safer if only its leaders are out of
the line of fire, he notes.
http://www.truthdig.com/ http://www.truthdig.com/
Government Wants to Improve Its Cybersecurity and Weaken Ours
http://www.truthdig.com/report/item/government_wants_to_improve_its_cybersec
urity_and_weaken_ours_20150623/
Posted on Jun 23, 2015
By Thor Benson
Maksim Kabakou / Shutterstock
Since the most successful hack ever launched against government servers
compromised the personal information of more than 4.2 million government
employees, the government has been scrambling to prevent it from happening
again.
On June 4, the Office of Personnel Management announced it had been hacked,
and officials have speculated that Chinese sources are to blame.
With FBI officials concerned about their ability to defend national
security, FBI Director James Comey has called on companies such as Apple and
Google to build "back doors" into encryption to protect user information
from hacks but allow government agencies to access the data.
The main problem with Comey's request is that there is no feasible way to
create a back door to encryption for government access without making it
susceptible to hacks from other sources. An open window is an open window,
explained Bill Buddington, a software engineer for the Electronic Frontier
Foundation.
"If history serves as any lesson, we know that once there's a back door for
one government agency, then it's not a far jump to see that that back door
is also accessible to others-to hackers and to malicious third parties,"
Buddington told Truthdig. "There's no way to build a back door so the
government can get access to your device and no one else can," he said. An
ironic aspect of this situation is that President Obama has criticized
countries like China for proposing to make U.S. companies hand over
encryption keys in the name of fighting terrorism.
According to Buddington, the FBI's own website used to recommend that
citizens use encryption, because the agency knew that that added safeguard
would help protect their information. Now, since the surveillance state has
ramped up, the agency wants to make sure it can access any data it deems
necessary to access. Even though the FBI can still perform targeted
surveillance operations and get warrants to access this data, Buddington
notes, it wants more options for retrieving intel.
As Johns Hopkins cryptography professor Matthew Green has stated, forcing
companies such as Google and Apple to break their own encryption will do
absolutely nothing to prevent terrorism. "You could strangle the whole U.S.
tech industry, and ISIS would *still* be able to communicate with their
followers using encryption," he tweeted in early June. Essentially,
companies dealing with the data of ordinary U.S. citizens and employees
would be wide open to hacks, while the people the FBI wants to go after
would still just use encryption by other means. Even if encryption was made
entirely illegal, there's little reason to believe terrorists would be
afraid of breaking the law.
Beyond that, there is reason to believe that the data of more than 300
million people who don't work for the federal government could be extremely
valuable to foreign entities. "If there are foreign governments that find
value in getting U.S. government employee data, then there is no reason
they'd stop [going after civilian data]," Buddington notes. He said a
government that opposes the United States could do a lot with the metadata
of U.S. citizens. "To see who is talking to whom, who is communicating with
whom and who's meeting-these kind of diverse interactions are the bread and
butter of intelligence-gathering more generally for nation-states," he said.
"To know the movements of populations is to know how information flows more
generally, and that can affect foreign policy decisions and national
security decisions."
Malicious governments or other entities could collect all the information
they want and then dive in to look for specific patterns or interactions.
Information such as financial data, for example, could be of value to many
hackers. What is thought to be the biggest bank heist ever involved more
than 100 banks in 30 nations that were hacked by a cybercrime gang, and it
is believed well over $300 million was lost-and possibly as much as $1
billion.
Buddington and other experts say citizens and government agencies should be
encrypting all communications and data. As for the government's
cybersecurity, Buddington says the technology it's using is antiquated and
needs to be replaced to respond to evolving threats. He said the government
also needs more cybersecurity experts at every level to advise those who may
not know how to protect themselves. Keeping government data protected is
important, but the country isn't any safer if only its leaders are out of
the line of fire, he notes.
http://www.truthdig.com/eartotheground/item/scotus_might_be_about_to_mess_wi
th_the_fair_housing_act_20150624/
http://www.truthdig.com/eartotheground/item/scotus_might_be_about_to_mess_wi
th_the_fair_housing_act_20150624/
http://www.truthdig.com/eartotheground/item/scotus_might_be_about_to_mess_wi
th_the_fair_housing_act_20150624/
http://www.truthdig.com/eartotheground/item/dzokhar_tsarnaev_speaks_i_apolog
ize_to_the_victims_of_boston_20150624/
http://www.truthdig.com/eartotheground/item/dzokhar_tsarnaev_speaks_i_apolog
ize_to_the_victims_of_boston_20150624/
http://www.truthdig.com/eartotheground/item/dzokhar_tsarnaev_speaks_i_apolog
ize_to_the_victims_of_boston_20150624/
http://www.truthdig.com/avbooth/item/audio_chris_hedges_on_rebels_visionarie
s_and_wages_of_rebellion_20150624/
http://www.truthdig.com/avbooth/item/audio_chris_hedges_on_rebels_visionarie
s_and_wages_of_rebellion_20150624/
http://www.truthdig.com/avbooth/item/audio_chris_hedges_on_rebels_visionarie
s_and_wages_of_rebellion_20150624/
http://www.truthdig.com/report/item/sentence_first_verdict_afterwards_the_al
ice_in_wonderland_20150624/
http://www.truthdig.com/report/item/sentence_first_verdict_afterwards_the_al
ice_in_wonderland_20150624/
http://www.truthdig.com/report/item/sentence_first_verdict_afterwards_the_al
ice_in_wonderland_20150624/ http://www.truthdig.com/
http://www.truthdig.com/
http://www.truthdig.com/about/http://www.truthdig.com/contact/http://www.tru
thdig.com/user_agreement/http://www.truthdig.com/privacy_policy/http://www.t
ruthdig.com/about/comment_policy/
C 2015 Truthdig, LLC. All rights reserved.
http://www.hopstudios.com/
http://support.truthdig.com/signup_page/subscribe
http://support.truthdig.com/signup_page/subscribe
http://www.facebook.com/truthdighttp://twitter.com/intent/follow?source=foll
owbutton&variant=1.0&screen_name=truthdighttps://plus.google.com/+truthdight
tp://www.linkedin.com/company/truthdighttp://truthdig.tumblr.com/http://www.
truthdig.com/connect
