CDR: ZDNet UK News: Ex-NSA expert warns of concealed backdoors
This ZDNET UK News story has been forwarded to you by n.ominous@somewhere.out.there.net. Ex-NSA expert warns of concealed backdoors Mon, 25 Sep 2000 10:51:57 GMT Will Knight Ex-spook believes that software backdoors are out there, fuelling conspiracy theories Former NSA (http://www.zdnet.co.uk/news/2000/4/ns-12998.html) (National Security Agency) analyst and representative of Internet rights watchdog EPIC (Electronic Privacy Information Centre) Wayne Madison warned privacy groups Friday that a growing number of proprietary commercial software applications may have backdoors allowing the security services to carry out surveillance activities. Speaking to privacy groups as well as cryptography and security experts at the International Forum on Surveillance by Design (http://www.zdnet.co.uk/news/2000/37/ns-17972.html) at the London School of Economics, Madison warned that this is an area of growing interest for security services such as the NSA. "A lot of manufacturers play ball with the NSA," said Madison. "This is an area that the NSA is moving into a lot and we have to be really careful about it." Until recently the US government strictly controlled the strength of cryptography in software exported to different countries, in order to protect the government's ability to access and monitor communications data. The regulations were relaxed after pressure from industry but Madison believes that this may have driven the NSA to find ways to carry out surveillance. "They're not going to give in over exporting strong cryptography without getting something in return," he says. The NSA carries out the US government's intelligence gathering operations. It is known to gather information from Internet traffic. It is possible for programmers to put secret capabilities into the code used to build programs that are difficult to detect. Software companies including Microsoft (http://www.zdnet.co.uk/news/1999/35/ns-9723.html) have in the past been accused of colluding with the NSA to provide backdoors into their applications. Open source software, which publishes the underlying source code with a finished application, is by contrast entirely transparent. This has caused some foreign governments including the French administration to take an interest in open source solutions. According to Madison, evidence of the FBI's controversial Carnivore email surveillance tool shows that NSA technology is finding its way into other law enforcement departments. He predicts that similar surveillance tools may be applied to other technologies including biometrics and smart cards and used track the movements of individuals. "These are new intelligence targets," he says. Madison warns that government agencies often have a significant role in the development of standards for new technologies. The London forum (http://www.zdnet.co.uk/news/2000/37/ns-17972.html) saw presentations from a host of experts on government surveillance technology including Duncan Campbell, famous for his work on Echelon, and Tony Bunyan of Statewatch. Take me to Surveillance (http://www.zdnet.co.uk/news/specials/1999/09/surveillance/). Is commercial software at risk? To have your say online click on the TalkBack (http://forums.zdnet.co.uk/community/showpost.cgi?forum=anchordesk&Cat=&Board=News&Number=38&page=0&view=expanded&mode=&sb=5) button and go to the ZDNet News forum. Let the editors know what you think in the Mailroom (mailroomuk@zdnet.com). And read (http://www.zdnet.co.uk/news/mailroom.html) what others have said. If you found this ZDNN news report valuable, why not sign up for the free daily ZDNN News Alert - and we'll email you our top five headlines every day. http://www.zdnet.co.uk/misc/newsletters/news.html ZDNet News: The UK's best source for computing news - updated throughout the day. http://www.zdnet.co.uk/news/ Please report any abuse of this service to ukwebmaster@zd.com
participants (1)
-
n.ominous@somewhere.out.there.net