Susan Landau, an engineer at Sun Microsystems and the author of Privacy on the Line: The Politics of Wiretapping and Encryption, has an op-ed in today’s Washington Post that builds on the FISA issues we discussed in our Tech Policy Weekly podcast yesterday. Her editorial is entitled, “A Gateway for Hackers: The Security Threat in the New Wiretapping Law.” In it she argues that:
Grant the NSA what it wants, and within 10 years the United States will be vulnerable to attacks from hackers across the globe, as well as the militaries of China, Russia and other nations.
Such threats are not theoretical. For almost a year beginning in April 2004, more than 100 phones belonging to members of the Greek government, including the prime minister and ministers of defense, foreign affairs, justice and public order, were spied on with wiretapping software that was misused. Exactly who placed the software and who did the listening remain unknown. But they were able to use software that was supposed to be used only with legal permission.
The United States itself has been attacked. … [and] U.S. communications technology is fragile and easily penetrated. While advanced, it is not decades ahead of that of our friends or our rivals. Compounding the issue is a key facet of modern systems design: Intercept capabilities are likely to be managed remotely, and vulnerabilities are as likely to be global as local. In simplifying wiretapping for U.S. intelligence, we provide a target for foreign intelligence agencies and possibly rogue hackers. Break into one service, and you get broad access to U.S. communications.
I have no idea if she is right, but this is scary stuff. I’d be interested in hearing what others think.