<nettime> FBI pushes for surveillance backdoors in Web 2.0 tools
nettime's very avid reader
nettime at kein.org
Sat Feb 19 03:06:02 PST 2011
By Ryan Singel, wired.com | Last updated about 19 hours ago
http://tinyurl.com/5w7sp4j
The FBI pushed Thursday for more built-in backdoors for online
communication, but beat a hasty retreat from its earlier proposal to
require providers of encrypted communications services to include a
backdoor for law enforcement wiretaps.
FBI general counsel Valerie Caproni told Congress that new ways of
communicating online could cause problems for law enforcement officials,
but categorically stated that the bureau is no longer pushing to force
companies like RIM, which offers encrypted e-mail for business and
government customers, to engineer holes in their systems so the FBI can see
the plaintext of a communication upon court order.
"Addressing the Going Dark problem does not require fundamental changes in
encryption technology," Caproni said in her written testimony (PDF). "We
understand that there are situations in which encryption will require law
enforcement to develop individualized solutions."
("Going Dark" is the FBI's codename for its multimillion-dollar project to
extend its ability to wiretap communications as they happen.)
That's a far cry from what Caproni told The New York Times last fall:
"No one should be promising their customers that they will thumb their
nose at a US court order," Ms. Caproni said. "They can promise strong
encryption. They just need to figure out how they can provide us plain
text."
Those remarks indicated the FBI seemed to want to revisit the encryption
wars of the 1990s. That largely ended with the government scrapping its
plans to mandate backdoors in encryption, after security researchers
discovered flaws in the idea, and the National Research Council concluded
that strong encryption made the country safer.
But that retreat didn't satisfy Susan Landau, a privacy and cryptography
expert who testified alongside Caproni in front of a House Judiciary
subcommittee Thursday.
That's because the FBI is still pushing for more online-communications
companies to build real-time spying capabilities into their software, which
Landau said will harm innovation and introduce security flaws that will be
used against American companies, government agencies and citizens.
Innovation happens too fast on the Internet to require companies that
provide chat and voice-calling capabilitiesbwhich these days includes
online games, social networking sites and a myriad of online chat and
photo-sharing servicesbto comply with detailed wiretapping specifications
that cost hundreds of dollars just to read, according to Landau.
"Requiring that Internet applications with communications systemsb[which]
means anything from speak-to-tweet to Second Life to software supporting
music-jam sessionsbbe vetted first will put American innovation at a global
disadvantage," Landau said. "For American competitiveness it is critical
that we preserve the ease and speed with which innovative new
communications technologies can be developed."
And she added the wiretapping holes are serious security risks.
"Building wiretapping into communications infrastructure creates serious
risk that the communications system will be subverted either by trusted
insiders or skilled outsiders, including foreign governments, hackers,
identity thieves and perpetrators of economic espionage," Landau said in
her written testimony (PDF), pointing to incidents in Greece, Italy and the
United States where equipment built to comply with US wiretapping rules
were subverted. Those rules, known as CALEA, were enacted in 1994 to
require phone companies to engineer their networks to be wiretap-compliant.
The rules were expanded by the FCC in the George W. Bush Administration to
apply to ISPs as well.
The FBI's further push for expanded powers to wiretap online communications
in real time comes against the backdrop of revolutions in the Middle East
that relied heavily on social media communication tools and as Secretary of
State Hillary Clinton called for worldwide internet freedom.
"I urge countries everywhere to join the United States in our bet that an
open internet will lead to stronger, more prosperous countries,b Clinton
said Tuesday, speaking at George Washington University.
But Caproni argued that law enforcement officials are occasionally running
into cases where criminals are using online communication tools that aren't
wiretappable in real-time, because the provider had not built-in that
capability. Caproni did not mention that the FBI has not encountered a
single case of encryption hampering its criminal investigations for the
past four years, according to reports to Congress, nor that the FBI has
never run into a single case over the last 10 years where it could not get
the plaintext of a target's communications.
Landau told Congress the FBI was overlooking some very good news.
"While there is a genuine problem with intercepting some communications,
the FBI now has access to more communications, and more metadata about
communications, than ever before in history," Landau said.
But Caproni said that's not enough and the FBI needs to find new technical
solutions b though she did add that the Obama administration has no "formal
position at this time" about needed changes to the law.
But she warned Congress that the country was in danger from a surveillance
gap.
"As the gap between authority and capability widens, the government is
increasingly unable to collect valuable evidence in cases ranging from
child exploitation and pornography to organized crime and drug trafficking
to terrorism and espionage -evidence that a court has authorized the
government to collect," Caproni said. "This gap poses a growing threat to
public safety."
Also on Thursday, the Electronic Frontier Foundation released some
government documents about the FBI's so-called Going Dark program, which it
got under the Freedom of Information Act. Those documents show the project
dates to 2006, and that the FBI had hired high-powered consultants from the
Rand Corporation and Booz Allen Hamilton to help come up with solutions.
# distributed via <nettime>: no commercial use without permission
# <nettime> is a moderated mailing list for net criticism,
# collaborative text filtering and cultural politics of the nets
# more info: http://mail.kein.org/mailman/listinfo/nettime-l
# archive: http://www.nettime.org contact: nettime at kein.org
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list