We're fucked.
(CNN) -- Google made headlines when it went public with the fact that Chinese hackers had penetrated some of its services, such as Gmail, in a politically motivated attempt at intelligence gathering. The news here isn't that Chinese hackers engage in these activities or that their attempts are technically sophisticated -- we knew that already -- it's that the U.S. government inadvertently aided the hackers.
In order to comply with government search warrants on user data, Google created a backdoor access system into Gmail accounts. This feature is what the Chinese hackers exploited to gain access.
Google's system isn't unique. Democratic governments around the world -- in Sweden, Canada and the UK, for example -- are rushing to pass laws giving their police new powers of Internet surveillance, in many cases requiring communications system providers to redesign products and services they sell.
Many are also passing data retention laws, forcing companies to retain information on their customers. In the U.S., the 1994 Communications Assistance for Law Enforcement Act required phone companies to facilitate FBI eavesdropping, and since 2001, the National Security Agency has built substantial eavesdropping systems with the help of those phone companies.
Systems like these invite misuse: criminal appropriation, government abuse and stretching by everyone possible to apply to situations that are applicable only by the most tortuous logic. The FBI illegally wiretapped the phones of Americans, often falsely invoking terrorism emergencies, 3,500 times between 2002 and 2006 without a warrant. Internet surveillance and control will be no different.
Official misuses are bad enough, but it's the unofficial uses that worry me more. Any surveillance and control system must itself be secured. An infrastructure conducive to surveillance and control invites surveillance and control, both by the people you expect and by the people you don't.
China's hackers subverted the access system Google put in place to comply with U.S. intercept orders. Why does anyone think criminals won't be able to use the same system to steal bank account and credit card information, use it to launch other attacks or turn it into a massive spam-sending network? Why does anyone think that only authorized law enforcement can mine collected Internet data or eavesdrop on phone and IM conversations?
These risks are not merely theoretical. After September 11, the NSA built a surveillance infrastructure to eavesdrop on telephone calls and e-mails within the U.S. Although procedural rules stated that only non-Americans and international phone calls were to be listened to, actual practice didn't match those rules. NSA analysts collected more data than they were authorized to and used the system to spy on wives, girlfriends and notables such as President Clinton.
But that's not the most serious misuse of a telecommunications surveillance infrastructure. In Greece, between June 2004 and March 2005, someone wiretapped more than 100 cell phones belonging to members of the Greek government: the prime minister and the ministers of defense, foreign affairs and justice.
Ericsson built this wiretapping capability into Vodafone's products and enabled it only for governments that requested it. Greece wasn't one of those governments, but someone still unknown -- A rival political party? Organized crime? Foreign intelligence? -- figured out how to surreptitiously turn the feature on.
And surveillance infrastructure can be exported, which also aids totalitarianism around the world. Western companies like Siemens and Nokia built Iran's surveillance. U.S. companies helped build China's electronic police state. Just last year, Twitter's anonymity saved the lives of Iranian dissidents, anonymity that many governments want to eliminate.
In the aftermath of Google's announcement, some members of Congress are reviving a bill banning U.S. tech companies from working with governments that digitally spy on their citizens. Presumably, those legislators don't understand that their own government is on the list.
This problem isn't going away. Every year brings more Internet censorship and control, not just in countries like China and Iran but in the U.S., the U.K., Canada and other free countries, egged on by both law enforcement trying to catch terrorists, child pornographers and other criminals and by media companies trying to stop file sharers.
The problem is that such control makes us all less safe. Whether the eavesdroppers are the good guys or the bad guys, these systems put us all at greater risk. Communications systems that have no inherent eavesdropping capabilities are more secure than systems with those capabilities built in. And it's bad civic hygiene to build technologies that could someday be used to facilitate a police state.
Via
Comments
The problem is, that Google isn't the only one doing it. I am not worried about some hacker coming in and raping the fuck out me, I am more worried about some Government using the backdoor and monitoring everything about me. This is the part that freaks me out more.
If these systems are already implemented on different services throughout the Internet then we're in big fucking mess.
Yup. They've been using the backdoors provided to them by these literal sell-outs for years. You see, there has never been any laws designed specifically for the Internet, although common sense would dictate that current privacy laws and statutes would fully cover Internet use as well, these criminals in Washington "need" everything defined specifically for them before they can "do the right thing". For example, there is a law that says I can't rob a merchant of his money. But if there isn't specifically a law that says I am also prohibited from robbing a non-profit representative of his money, then as far as the law can be interpreted there is no law against robbing the non-profit representative, because he's not a merchant! The law was put in place to prevent the act of robbery... period... and anybody with any common sense at all would interpret it as such.. BUT... not these clowns like the feds, narcs and cops. They need a law specifically for every little variation before they can comply with the base meaning of any laws. You have to spell it right out for them and drag them down by the neck kicking and screaming to the river to drink and then force their head under the water until they'll drink, and even then they'll just choke on it. As long as there are no specific laws governing the behavior of these clowns when the Internet privacy of citizens are concerned, they will continue to rape and rob you of every private piece of information they can get from you.
Remember _NSAkey?
This isn't new.
The US government seems to be setting the trend for all government. Cocks!
12345char :facepalm:
stop being a cunt :mad:
Right! It's alright for them to do it but not anyone else.....FUCK THEM!