13 January 2010 9:54a Pacific

Breach by design

by Matt Sherman

It appears that the hack against Google was perpetrated via their law enforcement compliance system.

As an eminent group of security experts argued in 2008, the trend toward building surveillance capability into telecommunications architecture amounts to a breach-by-design, and a serious security risk. As the volume of requests from law enforcement at all levels grows, the compliance burdens on telcoms grow also—making it increasingly tempting to create automated portals to permit access to user information with minimal human intervention.

In other words, Google (and other comms companies) are required to build systems for providing wiretaps to government authorities.

That’s like catnip to hacker. If you want to reveal secrets in a system, target the area that’s designed for revealing secrets. Brilliant.

Permalink | Comments (0)
Comments are closed

Tell others

TwitterTweet this page
Digg!Digg this page
TwitterAdd to Google Reader

Experimental! Let me know how it works for you.

Shorten this page's URL

Learn more about the TinyASP URL shortener

ASP.Net jQuery Controls

Implement jQuery effects using familiar ASP.Net server controls. Learn more...

Recent posts

How about jQuery-style “property methods” for C#?

A few more reasons to use Progressive Enhancement

Net neutrality and preserving the dinosaurs

IE8 becomes #1 browser, Chrome up, Firefox plateaus

more...  

About us

ClipperHouse.com is brought to you by Matt Sherman and Fernando Chilvarguer, among others. Contact us here.