Quick Study

By Brian Robinson

Blog archive

In cybersecurity, our greatest enemy may be...

When it comes to cybersecurity, we are constantly reminded of the threats posed by external adversaries, or about the inadvertent problems we sometimes cause because of our own lax practices. But what if the greatest damage comes from a deliberately designed weakness?

As security guru Bruce Schneier points out in a recent opinion piece for CNN, the recent and widely publicized hack of Google sites by the Chinese was due to a “back door” that Google itself built into its systems to comply with U.S. government requirements.

This is an old sore in computer security. Programmers since way back when have been building these back doors so that they can easily get into the program they built when they need to tinker with the code. At one time, it was presumed that only they would know how to do so.

Well, surprise! Smart hackers – and there are legions of them – also discovered those back doors and learned how to manipulate them. It’s now one of the first things hackers do to try and gain access to any software system.

Unfortunately, as Schneier also points out, “An infrastructure conducive to surveillance and control invites surveillance and control, both by the people you expect and by the people you don't.” If the FBI, National Security Agency and others insist on being able to monitor the infrastructure, then these kinds of back doors probably will always exist, and hackers — Chinese or others — will always have a way into our cyber systems.

There are some intriguing things being put forward to improve cybersecurity, both from a policys standpoint and through technology. For example, take a look at this Defense Advanced Research Projects Agency's proposal for a “Cyber Genome” program. However, what use is all of this, when our very own surveillance obsession lays us so open to penetration by whoever can find and open the back door?

Posted on Jan 26, 2010 at 12:19 PM


Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.