From The Center for Democracy and Technology: https://www.cdt.org/blogs/leslie-harris/1109ignoring-democracy-name-security
Last week’s revelation that the National Security Agency (NSA) is building vulnerabilities and backdoors into the Internet’s core infrastructure is beyond alarming. Ultimately, the NSA has made our country’s critical infrastructure less secure in the name of security, while showing blatant disregard for the democratic process. While the fact that the NSA decrypts encrypted data should not itself be cause for outrage by the American public – cracking codes is the core job of the NSA – its approach is what’s outrageous.
Back in the 1990s there was a very public debate over the best way to secure our country’s communications networks. The debate focused on an executive branch effort to promote a standard and then propose legislation mandating the use of the “clipper chip” – a standard cryptographic chip that would allow the U.S. Government to decrypt communications. This would have essentially required companies to allow access to their communications network by the government. The NSA argued that this access was essential to the security of the nation and they contended that technology was so advanced that only NSA could exploit the built-in access feature of the chip.
Digital rights advocates and academics rallied together to stop the clipper chip dead in its tracks. They showed that it would introduce greater vulnerabilities into the country’s communications network and that it would open the door to potential surveillance abuses against citizens. When balancing a secure network against the benefit to security of obtaining information through embedded weakness in the network, Congress decided that a more secure network would far better serve the security interests of the U.S., promote broad adoption of the Internet, and spur online commerce and innovation. This rationale has proven to be fundamentally sound.
This was a resounding defeat of the clipper chip in a highly democratic manner – helped along by advances in cryptography products. Most of us thought that the case was closed, however it appears as though the NSA decided it would go ahead with its plans to build backdoors into communications networks anyway. While it’s unclear how the NSA justified its undermining of secure technologies or whether its efforts were even fully legal, what is clear is that they made a unilateral decision to actively make secure technologies much less secure.
All this points to what has become an unworkable balancing act that the NSA tries to undertake – being the country’s code breaker, but also trying to serve as the country’s code creator. The agency is tasked with surveillance, but also with cyber security, which often don’t go hand-in-hand. In working closely with Internet companies, the NSA purports to help them provide more secure, better encrypted services, however it now appears that the NSA was also building backdoors into the solutions it offered, while holding back knowledge of critical vulnerabilities that it could later use for surveillance purposes. Would you feel comfortable going to the NSA for security support now?
Continue reading at: https://www.cdt.org/blogs/leslie-harris/1109ignoring-democracy-name-security
Image may be NSFW.
Clik here to view.
Image may be NSFW.Clik here to view.
