Some commentary from security advocates, including cryptography writer Bruce Schneier.
http://time.com/2966463/nsa-spying-surveillance-cybersecurity-privacy-advocates-schneier/
NSA Spying Hurts Cybersecurity for All of Us Say Privacy Advocates
The surveillance debate has focused on the legality of spying on Americans but some say the biggest danger is in the methods the NSA uses
Privacy advocates Monday slammed the National Security Agency for conducting surveillance in a way they say undermines cybersecurity for everyone and harms U.S. tech companies.
“We have examples of the NSA going in and deliberately weakening security of things that we use so they can eavesdrop on particular targets,” said Bruce Schneier, a prominent cryptography writer and technologist. Schneier referenced a Reuters report that the NSA paid the computer security firm RSA $10 million to use a deliberately flawed encryption standard to facilitate easier eavesdropping, a charge RSA has denied. “This very act of undermining not only undermines our security. It undermines our fundamental trust in the things we use to achieve security. It’s very toxic,” Schneier said.
In the year since former NSA contractor Edward Snowden’s first leaks, attention has focused on the Agency’s surveillance itself, fueling debates over whether it is legal and ethical to spy on American citizens or to eavesdrop on the leaders of allied countries. NSA policies that intentionally undermine cybersecurity too often get left out of the debate, said panelists Monday at a New American Foundation event titled “National Insecurity Agency: How the NSA’s Surveillance Programs Undermine Internet Security.”
“If the Chinese government had proposed to put in a backdoor into our computers and then paid a company $10 million to make that the standard we would be furious,” said Joe Hall, chief technologist at the Center for Democracy and Technology. “That’s exactly what the NSA has become: the best hacker in the entire world.”
In a statement to TIME, the NSA denied it had made the Internet less secure.
“While we cannot comment on specific, alleged intelligence-gathering activities, NSA’s interest in any given technology is driven by the use of that technology by foreign intelligence targets. The United States pursues its intelligence mission with care to ensure that innocent users of those same technologies are not affected,” spokesperson Vanee’ Vines said. “Our participation in standards development has strengthened the core encryption technology that underpins the Internet. NSA cannot crack much of the encryption that guards global commerce – and we don’t want to.”
The tension arises due to the two competing missions of the National Security Agency: electronic surveillance and protecting U.S. systems from cyberattacks.
Nearly all of our online communications are encrypted in some way against cyberattack, to protect our bank accounts from thieves and our intimate lives from nosy neighbors. This poses a challenge for the NSA as the agency, since September 11, 2001, has focused less on agents of foreign governments and more on ferreting out terrorist threats. Inevitably the data of innocent people gets caught its dragnet. A Washington Post report Sunday estimated that 90 percent of those caught in the agency’s data surveillance net—including intimate communications like family photographs and emails between lovers—are everyday Internet users not suspected of wrongdoing, many of them American citizens.
The agency has sought to install “backdoors,” hardware and software systems with deliberately weakened security, into some of the most commonly used tech products, as it did in the program codenamed PRISM. American tech companies say this hurts their business in the international marketplace, where users aren’t keen to use software that comes bugged by an American intelligence agency. Major tech firms, including Google, supported an amendment to the defense budget in May to prohibit the NSA from using funds for this kind of backdoor surveillance.
“Maybe a year ago this sort of language might have seemed unnecessary,” Google Privacy Policy Counsel David Lieber said, “but now its actually really important to restore trust that these sorts of things are not being requested and/or required of companies.”
Critics, like panelist Amie Stepanovich, senior policy counsel for the web freedom group Access, say NSA has also worked to crack and undermine encryption standards set by the National Institute of Standards and Technology (the body that establishes the security standards that help protect our email accounts, banking websites, etc.), and hoarded indexes of computer bugs the agency uses to hack into machines rather than reveal the vulnerabilities so they can be fixed.
In the wake of apparently unfounded accusations that the NSA knew about the Heartbleed bug and didn’t help fix it, the administration announced this spring it has “re-invigorated” existing policy on how it decides whether or not to disclose or exploit security vulnerabilities it finds. “Building up a huge stockpile of undisclosed vulnerabilities while leaving the Internet vulnerable and the American people unprotected would not be in our national security interest. But that is not the same as arguing that we should completely forgo this tool as a way to conduct intelligence collection,” White House Cybersecurity Coordinator Michael Daniel wrote in April.
At its core the question comes down to a cost benefit analysis. “The fundamental issue,” Schneier said, “is should we compromise the security of everybody in order to access the data of the few.”
- Nexus Of Mathematics, Cryptography, Blockchain Will Redefine Technological Innovation Expert - New Telegraph Newspaper - May 15th, 2024
- What is the purpose of post-quantum cryptography? - Security Boulevard - March 21st, 2024
- Quantum Computing and Networking Poised to Revolutionize Cryptography - BroadbandBreakfast.com - March 21st, 2024
- TM Technologies and Quantum Resistant Cryptography Team Up to Increase Speed and Security of 5G/6G, Satellite ... - Yahoo Finance UK - March 5th, 2024
- Cryptology | Definition, Examples, History, & Facts | Britannica - February 1st, 2024
- What Is Moore's Law, And How Does It Impact Cryptography? - Blockchain Magazine - January 24th, 2024
- Cryptography 101: Key Principles, Major Types, Use Cases ... - Splunk - December 11th, 2023
- Federal agencies take 'most important' first step with inventorying cryptography ahead of quantum migration, OMB ... - FedScoop - December 11th, 2023
- What is Cryptography? - Cryptography Explained - AWS - January 30th, 2023
- What is Cryptography? Definition, Importance, Types | Fortinet - January 22nd, 2023
- What is cryptography? How algorithms keep information secret and ... - CSO - January 22nd, 2023
- What is Cryptography? Definition from SearchSecurity - January 22nd, 2023
- System.Security.Cryptography.CryptographicException: The payload was ... - December 28th, 2022
- NIST Action Will Heat Up Post-Quantum Cryptography Market: Report - TechNewsWorld - December 12th, 2022
- Global Encryption Day: Why quantum-safe cryptography is the future of cybersecurity - World Economic Forum - October 23rd, 2022
- Post-Quantum Cryptography: Anticipating Threats and Preparing the Future - ENISA - October 23rd, 2022
- Cracking the code of cryptography and life The Irish Times - The Irish Times - October 15th, 2022
- Dutch influence standards for post-quantum cryptography - ComputerWeekly.com - October 15th, 2022
- Castle Shield Holdings, LLC Updates the Post-Quantum Cryptography (PQC) Algorithms for Its Data-in-Motion Aeolus VPN Solution - Business Wire - October 15th, 2022
- Yale increases investment in blockchain research - Yale Daily News - October 15th, 2022
- OPPO joins the FIDO Alliance, accelerating the arrival of a new era of passwordless sign-ins - Yahoo Finance - October 15th, 2022
- It's Time To Trust Crypto. Here's Why. - Entrepreneur - October 15th, 2022
- Algorand (ALGO) on its journey to breach the $0.4 mark! - CryptoNewsZ - October 15th, 2022
- Crypto Hackers Gross Over $3 Billion From 125 Hacks so Far This Year Featured Bitcoin News - Bitcoin News - October 15th, 2022
- Bitt and IDEMIA: Winners of the G20 Central Bank Digital Currency TechSprint 2022 - Yahoo Finance - October 15th, 2022
- White House Releases First-Ever Comprehensive Framework for Responsible Development of Digital Assets - Lexology - October 15th, 2022
- The Web3 Foundation taps edX for free courses on blockchain and Polkadot - Cointelegraph - October 15th, 2022
- CoinGeek Weekly Livestream: Jad Wahab and Marcin Zarakowski discuss honest nodes and their role in Bitcoin - CoinGeek - October 15th, 2022
- What Is Cryptography? Definition & How It Works | Okta - October 7th, 2022
- What Is Cryptography in Cyber Security: Types, Examples & More - October 7th, 2022
- Decentralized Identifiers (DIDs) is Officially an Internet Standard, Says The World Wide Web Consortium (W3C) - bitcoinke.io - October 7th, 2022
- Cloudflares post-quantum cryptography protects almost a fifth of the internet - VentureBeat - October 7th, 2022
- Nobel Prize in Physics goes to scientists who paved the way for quantum computing - Space.com - October 7th, 2022
- The 2nd Annual Encryption Consulting Conference is Back! - PR Newswire - October 7th, 2022
- Quantum Computing And The Threat Posed To Bitcoin - The Dales Report - October 7th, 2022
- Cryptocurrency users with gambling affinity are more involved mentally and financially than non-gambling users - PsyPost - October 7th, 2022
- Cardano (ADA) and Algorand (ALGO) Are Two Blockchains To Watch Next Bull Cycle, Says Coin Bureau Here?... - The Daily Hodl - October 7th, 2022
- The Guardian view on the Rosetta Stone: a monument to code-breaking - The Guardian - October 7th, 2022
- Still think everything is awful? Here are three reasons for hope - Colorado Newsline - October 7th, 2022
- Sleep Disorders And Quantum Cryptography Win Big At The Breakthrough Prizes 2023 - IFLScience - September 29th, 2022
- Lecturer in Cryptography job with KINGS COLLEGE LONDON | 310005 - Times Higher Education - September 29th, 2022
- Microsoft venture fund M12 invests millions in advancing cryptography and 'smart contracts' - OnMSFT.com - September 29th, 2022
- Sectigo's Chief Strategy Officer and CISO Advisor David Mahdi Accepted To Fast Company Executive Board - StreetInsider.com - September 29th, 2022
- Fundamental Cryptography in Theory and Python - iProgrammer - September 21st, 2022
- Web Crypto API - Web APIs | MDN - Mozilla - September 21st, 2022
- Cryptomathic appoints Laurent Lafargue as CEO of the pioneer in cryptography - FinanceFeeds - September 21st, 2022
- Blockchain and POW are the leading technology behind Bitcoin. - Deadline News - September 21st, 2022
- NTT Research Names Takashi Goto Head of the Technology Promotion Team - Business Wire - September 21st, 2022
- Investigating the Use of Blockchain to Authenticate Data from the Statistics Canada Website - Statistique Canada - September 21st, 2022
- 6 Technological Innovations in the New York Sports Betting Industry - Qrius - September 21st, 2022
- EMVCo reports on the future of contactless payments - NFC World - September 13th, 2022
- Quantum eMotion to Present at the H.C. Wainwright 24th Annual Global Investment Conference in New York - Digital Journal - September 13th, 2022
- The emerging role of cybersecurity in the automotive sector - The Financial Express - September 13th, 2022
- Jack Dorseys Web5 is a solution to a problem thats already been solved - VentureBeat - September 5th, 2022
- What is Cryptography in security? What are the different types of ... - September 5th, 2022
- RKVST Launches RKVST Free and RKVST Team SaaS Supply Chain Integrity, Transparency and Trust Solution - Business Wire - September 5th, 2022
- The United States Is Behind the Curve on Blockchain - War on the Rocks - September 5th, 2022
- $3.7 Billion Worldwide Blockchain in Retail Industry to 2027 - Featuring Cognizant, Infosys and Oracle Among Others - ResearchAndMarkets.com -... - September 5th, 2022
- Research Fellow in Applied Cryptography And Data Security job with UNIVERSITY OF SURREY | 306274 - Times Higher Education - August 28th, 2022
- ASPG, Inc. Announces Release of CryptoZ, Innovative New z/OS Cryptography Reporting and Administration Sy - Benzinga - August 28th, 2022
- UN: monitoring the use of cryptography can make the Internet safer - The Cryptonomist - August 20th, 2022
- Keyfactor Named to the 2022 Inc. 5000 List for Third Consecutive Year and Recognized as the Fastest Growing PKI and Cryptography Leader in America -... - August 20th, 2022
- Cryptography 101: Giving a framework to the brimming blockchain businesses of India - Times of India - August 20th, 2022
- Godfather of Crypto expresses concerns over current state of blockchain privacy - CryptoSlate - August 20th, 2022
- Nine Benefits of FIDO Authentication | HYPR - Security Boulevard - August 20th, 2022
- Now That Authorities Have Sanctioned Tornado Cash, Is Bitcoin Next? - Bitcoin Magazine - August 20th, 2022
- Meet the world's first carbon-negative blockchain - wknd. - August 20th, 2022
- 'FutureFi': Crypto is transforming the green finance universe | Greenbiz - GreenBiz - August 20th, 2022
- Philippine Regulator Warns the Public of Engaging With Foreign Crypto Service Providers Regulation Bitcoin News - Bitcoin News - August 20th, 2022
- What Is Cryptography: Definition and Common Cryptography Techniques - August 12th, 2022
- What is Cryptography? Types of Algorithms & How Does It Work? - August 12th, 2022
- What is Cryptography? - Kaspersky - August 12th, 2022
- Former Google CEO: Bitcoin is a remarkable achievement of cryptography - The Cryptonomist - August 12th, 2022
- Protect your privacy with cybersecurity and cryptography - Geeky Gadgets - August 12th, 2022
- Saving Private Keys From The Courts - Bitcoin Magazine - August 12th, 2022
- NTT Research and NTT Corporation Engage in Breakthrough Research at Crypto 2022 - Business Wire - August 12th, 2022
- Can WhatsApp messages be secure and encryptedbut traceable at the same time? - EurekAlert - August 12th, 2022
- Why 2023 is the year of passwordless authentication - TechTarget - August 12th, 2022
- Sony unveils a new way to protect images from theft, manipulation - Popular Photography - August 12th, 2022
- Cameron Whitehead wins again, taking top honors in the CyberForce Program's Conquer the Hill Reign Edition Competition - EurekAlert - August 12th, 2022