Date: August 15, 2009 7:33:56 AM PDT
Subject: [IRP] Building in Surveillance
Building in Surveillance
Crypto-Gram Newsletter
Bruce Schneier
Chief Security Technology Officer, BT
China is the world's most successful Internet censor. While the Great
Firewall of China isn't perfect, it effectively limits information flowing
in and out of the country. But now the Chinese government is taking things
one step further.
Under a requirement taking effect soon, every computer sold in China will
have to contain the Green Dam Youth Escort software package. Ostensibly a
pornography filter, it is government spyware that will watch every citizen
on the Internet.
Green Dam has many uses. It can police a list of forbidden Web sites. It
can monitor a user's reading habits. It can even enlist the computer in
some massive botnet attack, as part of a hypothetical future cyberwar.
China's actions may be extreme, but they're not unique. Democratic
governments around the world -- Sweden, Canada and the United Kingdom, for
example -- are rushing to pass laws giving their police new powers of
Internet surveillance, in many cases requiring communications system
providers to redesign products and services they sell.
Many are passing data retention laws, forcing companies to keep
information on their customers. Just recently, the German government
proposed giving itself the power to censor the Internet.
The United States is no exception. The 1994 CALEA law required phone
companies to facilitate FBI eavesdropping, and since 2001, the NSA has
built substantial eavesdropping systems in the United States. The
government has repeatedly proposed Internet data retention laws, allowing
surveillance into past activities as well as present.
Systems like this invite criminal appropriation and government abuse. New
police powers, enacted to fight terrorism, are already used in situations
of normal crime. Internet surveillance and control will be no different.
Official misuses are bad enough, but the unofficial uses worry me more.
Any surveillance and control system must itself be secured. An
infrastructure conducive to surveillance and control invites surveillance
and control, both by the people you expect and by the people you don't.
China's government designed Green Dam for its own use, but it's been
subverted. Why does anyone think that criminals won't be able to use it to
steal bank account and credit card information, use it to launch other
attacks, or turn it into a massive spam-sending botnet?
Why does anyone think that only authorized law enforcement will mine
collected Internet data or eavesdrop on phone and IM conversations?
These risks are not theoretical. After 9/11, the National Security Agency
built a surveillance infrastructure to eavesdrop on telephone calls and
e-mails within the United States.
Although procedural rules stated that only non-Americans and international
phone calls were to be listened to, actual practice didn't always match
those rules. NSA analysts collected more data than they were authorized
to, and used the system to spy on wives, girlfriends, and famous people
such as President Clinton.
But that's not the most serious misuse of a telecommunications
surveillance infrastructure. In Greece, between June 2004 and March 2005,
someone wiretapped more than 100 cell phones belonging to members of the
Greek government -- the prime minister and the ministers of defense,
foreign affairs and justice.
Ericsson built this wiretapping capability into Vodafone's products, and
enabled it only for governments that requested it. Greece wasn't one of
those governments, but someone still unknown -- a rival political party?
organized crime? -- figured out how to surreptitiously turn the feature
on.
Researchers have already found security flaws in Green Dam that would
allow hackers to take over the computers. Of course there are additional
flaws, and criminals are looking for them.
Surveillance infrastructure can be exported, which also aids
totalitarianism around the world. Western companies like Siemens, Nokia,
and Secure Computing built Iran's surveillance infrastructure. U.S.
companies helped build China's electronic police state. Twitter's
anonymity saved the lives of Iranian dissidents -- anonymity that many
governments want to eliminate.
Every year brings more Internet censorship and control -- not just in
countries like China and Iran, but in the United States, the United
Kingdom, Canada and other free countries.
The control movement is egged on by both law enforcement, trying to catch
terrorists, child pornographers and other criminals, and by media
companies, trying to stop file sharers.
It's bad civic hygiene to build technologies that could someday be used to
facilitate a police state. No matter what the eavesdroppers and censors
say, these systems put us all at greater risk. Communications systems that
have no inherent eavesdropping capabilities are more secure than systems
with those capabilities built in.
_______________________________________________
IRP mailing list