Does the FBI Need Better Hackers?
Try this for a counterintuitive method for protecting privacy:
"[A] better way to protect privacy and security on the internet may be for the FBI to get better at breaking into computers."
That's the recommendation put forward in a Wired opinion piece by Susan Landau, author of Surveillance or Security? The Risks Posed by New Wiretapping Technologies, and Matt Blaze of the Distributed Systems Lab at the University of Pennsylvania. Their basic argument is that there is increasing pressure to make the internet more wiretap-friendly, including mandatory wiretap backdoor capabilities in internet services. But this could have disastrous results, including even more crime than the wiretap capabilities themselves would be likely to prevent.
A potential solution, they propose, is to use existing vulnerabilities to carry out lawfully permitted wiretapping. At least these targeted exploits "are harder to abuse on a large scale than globally mandated backdoors in every switch, every router, every application, every device."
Here's the core of the argument:
Since the beginning of software time, every technology device — and especially ones that use the internet — has and continues to have vulnerabilities. The sad truth is that as hard as we may try, as often as we patch what we can patch, no one knows how to build secure software for the real world.
Instead of building special (and more vulnerable) new wiretapping interfaces, law enforcement can tap their targets’ devices and apps directly by exploiting existing vulnerabilities. Instead of changing the law, they can use specialized, narrowly targeted exploit tools to do the tapping.
It's an interesting argument - RTWT here.
Or, if you prefer to use an RSS reader, you can subscribe to the Blog RSS feed.RSS
Blogs We Like
Books, news, and ideas from MIT Press
The MIT PressLog is the official blog of MIT Press. Founded in 2005, the Log chronicles news about MIT Press authors and books. The MIT PressLog also serves as forum for our authors to discuss issues related to their books and scholarship. Views expressed by guest contributors to the blog do not necessarily represent those of MIT Press.