Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

A look at the Network Security Risks of the so called "Protect America Act"

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread		 This topic is archived.
Home » Discuss » Archives » General Discussion (1/22-2007 thru 12/14/2010) Donate to DU
 
YankeyMCC Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Jan-29-08 04:49 PM
Original message
A look at the Network Security Risks of the so called "Protect America Act"
Risking Communications
Security: Potential Hazards
of the Protect America Act

By Steven M. Bellovin, Columbia University

Matt Blaze, University of Pennsylvania

Whitfield Diffie and Susan Landau Sun Microsystems

Peter G. Neumann SRI International

Jennifer Rexford Princeton University


(snip)
In August 2007, United States’ wiretapping
law changed: the new Protect America Act
permits warrantless foreign-intelligence wiretapping
from within the US of any communications
believed to include a party located outside
it. US systems for foreign intelligence surveillance
located outside the United States minimize access to
the traffic of US persons by virtue of their location.
The new act could lead to surveillance on an unprecedented
scale that will unavoidably intercept some
purely domestic communications. A civil liberties
concern is whether the act puts Americans at risk of
spurious—and invasive—surveillance by their own
government, whereas the security concern is whether
the new law puts Americans at risk of illegitimate
surveillance by others.
Building surveillance technologies into communication
networks is risky. The Greeks learned this
lesson the hard way; two years ago, they discovered
that legally installed wiretapping software in a cellphone
network had been surreptitiously enabled by
parties unknown, resulting in the wiretapping of
more than 100 senior members of the government for
almost a year.1 Things are not much better in Italy,
where a number of Telecom Italia employees have
been arrested for illegal wiretapping (with attempts
at blackmail).2
In this article, we focus on security, not civil liberties.
If the intercept system is to work, it is important
that the surveillance architecture not decrease the security
of the US communications networks. Although
we are writing about a US law and its consequences
for the security of US communications, the examples
of Greece and
Italy make clear
that the same issues occur internationally.
Background
The combination of data sources may make this surveillance
more powerful—and create more risk—than
was intended. We start with background on legal and
policy issues, then technical concerns; this extensive
background is necessary because architecture matters
a lot, and in subtle ways.
(snip)

http://www.crypto.com/papers/paa-ieee.pdf
Printer Friendly | Permalink |  | Top

Home » Discuss » Archives » General Discussion (1/22-2007 thru 12/14/2010) Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC