I wrote Monday about revelations that the NSA might have been inserting backdoors into security standards. Today I want to talk through two cases where the NSA has been accused of backdooring standards, and use these cases to differentiate between two types of backdoors.
No Facebook, No Service?
The Idaho Statesman, my sort-of-local newspaper, just announced that it will follow the lead of the Miami Herald and no longer allow readers to post anonymous comments to online stories. Starting September 15, readers who want to make comments will have to login through Facebook. This is the second time I’ve encountered a mandatory Facebook […]
NSA Apparently Undermining Standards, Security, Confidence
The big NSA revelation of last week was that the agency’s multifaceted strategy to read encrypted Internet traffic is generally successful. The story, from the New York Times and ProPublica, described NSA strategies ranging from the predictable—exploiting implementation flaws in some popular crypto products; to the widely-suspected but disappointing—inducing companies to insert backdoors into products; […]
On the NSA's capabilities
Last Thursday brought significant new revelations about the capacities of the National Security Agency. While the articles in the New York Times, ProPublica, and The Guardian skirted around technical specifics, several broad themes came out. NSA has the capacity to read significant amounts of encrypted Internet traffic. NSA has some amount of cooperation from vendors […]
Axciom Opens (Some) Consumer Data; What Should You Do?
Yesterday Axciom, a large data broker, rolled out their data transparency site, aboutthedata.com. The sites lets you view some data that Axciom has about you, including demographic data, family status, financials, commercial history, and shopping preferences. The site also lets you correct any errors in the data. It looks like you can modify the data […]