TribLIVE

| USWorld


 
Larger text Larger text Smaller text Smaller text | Order Photo Reprints

Law enforcement, intelligence agencies want to 'like' you on social media

Daily Photo Galleries

By The Washington Post
Saturday, July 26, 2014, 12:01 a.m.
 

WASHINGTON — Law enforcement and intelligence agencies want to be able to wiretap social media, instant message and chat services. But building in ways to wiretap these kinds of communication can lead to less secure systems, say technical experts, including former National Security Agency officials.

Some security experts suggest hacking as an alternative, but other experts, including FBI officials, say that method poses serious risks.

Right now only phone companies, broadband providers and some Internet phone services are required by law to build in intercept capabilities, but the government wants to extend that requirement to online communication providers.

“From a purely technical perspective, when you add this sort of law enforcement access feature to a system, you weaken it,” said Steven Bellovin, a computer science professor at Columbia University. “First, it creates an access point that previously didn't exist. Second, you've added complexity to the system ... and most security problems are due to buggy code.”

In 1994, the government passed the Communications Assistance for Law Enforcement Act, which mandated that phone companies make their systems wiretap-ready.

Richard “Dickie” George, a former NSA technical director until he retired in September 2011, recalled how in the mid-1990s, “in the early days of CALEA,” the NSA tested several commercial phone systems with intercept capabilities, and “we found problems in every one.” Making the systems hack-proof, he said, “is really, really hard.”

He said, however, that over the years, “we've come a long way.”

Susan Landau, a faculty member in the Worcester Polytechnic Institute Department of Social Science and Policy Studies in Massachusetts, said phone services are more complicated now — and so the switches are, too.

“It's highly doubtful,” she said, “that the new switches are secure.”

The United States, she said, “has a lot more to lose by building ways into communications networks than it has to gain, because those ways last for a very long time, and we enable others who couldn't afford to build ⅛back doors⅜ in themselves with ways to get into our communications systems.”

One alternative to wiretaps is to hack the target's phone or computer, Bellovin and Landau said. In so doing, the FBI would be exploiting software flaws that exist instead of making new ones, Landau said. And the FBI would be getting communications before they are encrypted or after they are decrypted, Bellovin said.

“They have to be very careful that they don't create a risk that the exploit will proliferate elsewhere,” Landau said. “That's why we argue for increasing the funding for research.”

Marcus Thomas, a former FBI official, said hacking is “unreliable and dangerous because hacks can propagate.”

 

 
 


Show commenting policy

Most-Read Nation

  1. Obama says Sony hack not an act of war
  2. WikiLeaks releases purported CIA documents on operatives’ travel
  3. NYPD: Cop ambush killer told passers-by to watch
  4. Ghostly snailfish found at record depth
  5. Obama fires back on foreign policy on Cuba, Russia
  6. IBM’s Watson supercomputing system to be applied to PTSD
  7. Poor morale, training in Air Force ICBM program spur questions about usefulness as nuclear deterrent
  8. Killer of New York police officers angry over Garner chokehold death, officials say
  9. Dawn of Orion: NASA launch opens new era in space
  10. Dems push approval of up to 12 more judicial nominees
  11. U.S., Cuba patching torn relations with historic accord
Subscribe today! Click here for our subscription offers.