Perhaps the biggest condemnation of President Obama’s address last Friday announcing reforms to the NSA’s surveillance programs was his failure to mention any of the agency’s alleged involvement in subverting cryptography standards and the impact that has had on the trustworthiness of products built on those baselines.

A long list of the nation’s top cryptographers and security influencers took a stand today against the government’s surveillance activities and subversion of security technology via an open letter. The experts condemn the intelligence community’s practices and point out that tampering with crypto standards via the insertion of backdoors and the tapping of commercial links between data centers belonging to large Internet providers not only damages the privacy and civil liberties of Americans, but opens the door for malicious hackers—criminal and nation-state—to exploit the same holes used by the NSA.

“Indiscriminate collection, storage, and processing of unprecedented amounts of personal information chill free speech and invite many types of abuse, ranging from mission creep to identity theft,” the experts wrote in the letter. “These are not hypothetical problems; they have occurred many times in the past.”

The co-signers of the letter include some security and computing legends such as Steve Bellovin, Niels Ferguson, Ed Felten, Ron Rivest, Bruce Schneier and dozens of others. The letter calls on the government to be transparent about its activities and “resist the deployment of mass surveillance programs in advance of sound technical and social controls,” the letter said. The experts also lent their endorsement to a movement called Reform Government Surveillance, which was unwrapped in December.

A group of eight technology giants, including Facebook, Apple and Google, make up the Reform Government Surveillance coalition, which proposed five principles in an open letter of its own to Obama.

Those principles start with limits on the government’s ability to compel service providers to disclose user data and stop bulk collection of Internet communication. It also calls for intelligence agencies to operate under a clear, transparent legal framework that includes independent reviewing courts, which is currently not the case with the Foreign Intelligence Surveillance Court.  The group asks the government to allow data to cross borders without having to worry about legal loopholes that enable government to access data stored outside the country. They also ask that governments work together to avoid conflicting laws and develop transparent legal frameworks under which governments agree to operate when it comes to requests for user data.

“The choice is not whether to allow the NSA to spy. The choice is between a communications infrastructure that is vulnerable to attack at its core and one that, by default, is intrinsically secure for its users,” the letter said. “Every country, including our own, must give intelligence and law-enforcement authorities the means to pursue terrorists and criminals, but we can do so without fundamentally undermining the security that enables commerce, entertainment, personal communication, and other aspects of 21st-century life.”

Obama’s speech last week called for immediate and longterm reforms to the NSA’s bulk collection of phone call metadata. The program would end as it exists today, but the president stopped short of ending the agency’s collection of data, which it says it uses to map connections between foreigners thought to be involved in terrorism. The dragnet, however, also sweeps up communications to and from Americans who are not terror suspects, something that has outraged privacy advocates.

Categories: Cryptography, Government, Privacy

Comments (4)

  1. plz
    1

    Anyone got a math book? Math course? Math teacher? Math archetype? These are people that support the nation from an education standpoint and have access /and study/ (to) the algorithms, but can’t see through any of the publicly documented protocol/policies or comprehend tolerances? Did the US learn folly capitalism, or please remind me who killed the anal star? *There was no contact info on the .info website.. GO FIGURES!
    try http://zeroality.tv & check for obesity.

    Reply
  2. plz
    2

    Anyone got a math book? Math course? Math teacher? Math archetype? These are people that support the nation from an education standpoint and have access /and study/ (to) the algorithms, but can’t see through any of the publicly documented protocol/policies, or comprehend tolerances? Did the US learn folly capitalism, or please remind me who killed the anal star? *There was no contact info on the .info website.. GO FIGURES!
    try http://zeroality.tv & check for obesity.

    Reply
  3. Tony Stone
    3

    Contrary to what Obama, Rep Peter King (R NY) and Sen. Dianne Feinstein(D CA) are telling the American Public. Metadata is a weapon of Government Power. Metadata tells the government who you associate with, when you associate, where you associate and for how long. The government should not have this information about you, because individuals in the government can use this data in the future to harass, suppress, intimidate and control its population. This goes against the core of who we are as Americans. Our forefathers gave us rights greater than the government; let’s not give them away for false sense of “security”.

    Incompetence in Obama’s administration (we saw a lot of this last year and disappointed I vote for him) and luck of oversight of the NSA has allowed these young people in the NSA to do whatever they want just because they technically can even if it’s wrong.

    Reply
  4. plz
    4

    This is getting super dumb. People not understanding what government is, not understanding what/how (you) are fighting for justice, not understanding English, not understanding rights or freedoms, not understanding who is the culprit, what to do in and when to do it. You people are also well in-depth into incompetence, not just the Obama Administration (ie: not a single government agency). Cell value, ?

    Reply

Leave A Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>