Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security Encryption United Kingdom

UK Cryptographers Call For UK and US To Out Weakened Products 105

Posted by Unknown Lamer from the instead-they-disappear dept.
Trailrunner7 writes "A group of cryptographers in the UK has published a letter that calls on authorities in that country and the United States to conduct an investigation to determine which security products, protocols and standards have been deliberately weakened by the countries' intelligence services. The letter, signed by a number of researchers from the University of Bristol and other universities, said that the NSA and British GCHQ 'have been acting against the interests of the public that they are meant to serve.' The appeal comes a couple of weeks after leaked documents from the NSA and its UK counterpart, Government Communications Headquarters, showed that the two agencies have been collaborating on projects that give them the ability to subvert encryption protocols and also have been working with unnamed security vendors to insert backdoors into hardware and software products."
This discussion has been archived. No new comments can be posted.

UK Cryptographers Call For UK and US To Out Weakened Products More

UK Cryptographers Call For UK and US To Out Weakened Products

Comments Filter:

  • Re:Likely outcome (Score:2, Interesting)

    by Anonymous Coward on Tuesday September 17, 2013 @04:56AM (#44870975)

    What makes you believe spying on everybody, including politicians and military, are about preventing terrorism? The Information Dominance (look it up), is for just that: Dominance. By an unaccountable entity.

  • Re:hahhaha (Score:5, Interesting)

    by TheRaven64 ( 641858 ) on Tuesday September 17, 2013 @04:56AM (#44870977) Journal
    The problem is that the NSA and GCHQ have dual mandates. They are responsible for both ensuring their respective countries are not vulnerable to attacks and for ensuring that they have techniques for attacking others. This means that when they discover a vulnerability in a piece of widely deployed software, they have conflicting requirements. If they publish it, then the systems that they're defending will be safer because it will be fixed, but if they don't publish it then the systems that they're attacking will remain vulnerable. This gets even worse when they start introducing intentional back doors (given how many Russian spies there were in these institutions during the Cold War, it's pretty much expected that there will be some Chinese spies in there now, so those back doors are almost certainly not secret).

  • Re:Likely outcome (Score:5, Interesting)

    by Walterk ( 124748 ) <slashdot@@@dublet...org> on Tuesday September 17, 2013 @05:21AM (#44871061) Homepage Journal

    Interesting you raise the point about the "mandate to spy on as much as possible on the off chance that it may prevent some terrorist act".

    There is a very interesting article on the BBC blogs indicating just how useless MI5 has been at any sort of intelligence gathering, even the sort that's been painfully obvious over it's entire existence. It's opening gambit: "Maybe the real state secret is that spies aren't very good at their jobs and don't know very much about the world".

    http://www.bbc.co.uk/blogs/adamcurtis/posts/BUGGER [bbc.co.uk]

Slashdot Top Deals

"Gravitation cannot be held responsible for people falling in love." -- Albert Einstein

Close