Thursday, February 17, 2011

Back doors = bad idea

Backdoor interceptionMainstream media has been reporting battles in various jurisdictions (e.g. India, Saudi Arabia) to force RIM, makers of the BlackBerry, to provide a 'back door' for law enforcement to be able to read the content of messages. Today, the US Congress will hear law enforcement reps appeal for expanded interception and monitoring capabilities.

As the New York Times reported last year, "Essentially, officials want Congress to require all services that enable communications — including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct “peer to peer” messaging like Skype — to be technically capable of complying if served with a wiretap order. The mandate would include being able to intercept and unscramble encrypted messages."

Although this comes in the same week that Secretary Clinton delivered a major speech on Internet freedom, I'm setting the privacy and human rights arguments on one side.

Providing a 'back door' for law enforcement to use is simply inviting accident or abuse or malice. We can be sure it will happen, because abuses have already occurred: see more on the use of 'lawful interception' loopholes in Ericsson equipment used in the Vodafone mobile phone network in Greece to monitor and record conversations by more than one hundred Greek citizens, including government officials, in 2004-2005.
  1. Firstly, the existence of a back door will be like a 'red rag' to the playful (or worse) hacker community: they won't be able to resist breaking in through the back doors, just to prove they can.
  2. Next, we can guarantee that somewhere, some time, somebody will find they're the victim of unwarranted intrusion. As time passes the 1998 Enemy of the State movie looks more and more prophetic. And there are stirrings of reactions against the technology.
  3. Finally, we can be sure that 'back doors' will be open to attack by unfriendly governments and terrorist organisations, just as the Greek experience showed.

No comments:

Post a Comment