Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Bellovin, Blaze, Clark, Landau

Joseph Lorenzo Hall joe at cdt.org
Fri Feb 8 10:46:50 PST 2013


This appears to be in front of the IEEE paywall for a bit, so grab it
now unless you want to #icanhazpdf it later...

http://www.computer.org/portal/web/computingnow/security/content?g=53319&type=article&urlTitle=going-bright%3A-wiretapping-without-weakening-communications-infrastructure

Going Bright: Wiretapping without Weakening Communications Infrastructure

Steven M. Bellovin , Columbia University
Matt Blaze , University of Pennsylvania
Sandy Clark , University of Pennsylvania
Susan Landau , Privacyink.org

Abstract:

Mobile IP-based communications and changes in technologies have been a
subject of concern for law enforcement, which seeks to extend current
wiretap design requirements for digital voice networks. Such an
extension would create considerable security risks as well as seriously
harm innovation. Exploitation of naturally occurring bugs in the
platforms being used by targets may be a better alternative.

Mobile IP-based communications and changes in technologies, including
wider use of peer-to-peer communication methods and increased deployment
of encryption, has made wiretapping more difficult for law enforcement,
which has been seeking to extend wiretap design requirements for digital
voice networks to IP network infrastructure and applications. Such an
extension to emerging Internet-based services would create considerable
security risks as well as cause serious harm to innovation. In this
article, the authors show that the exploitation of naturally occurring
weaknesses in the software platforms being used by law enforcement's
targets is a solution to the law enforcement problem. The authors
analyze the efficacy of this approach, concluding that such law
enforcement use of passive interception and targeted vulnerability
exploitation tools creates fewer security risks for non-targets and
critical infrastructure than do design mandates for wiretap interfaces.


-- 
Joseph Lorenzo Hall
Senior Staff Technologist
Center for Democracy & Technology
1634 I ST NW STE 1100
Washington DC 20006-4011
(p) 202-407-8825
(f) 202-637-0968
joe at cdt.org
PGP: https://josephhall.org/gpg-key




More information about the liberationtech mailing list