Quick Study

By Brian Robinson

Blog archive

Administration's wiretapping push could damage cloud security

In another case of unintended consequences, now come warnings that the Obama administration’s call to Internet service providers and other firms to make it easier for the FBI to tap into online communications could damage attempts to tighten security in the cloud.

Security research firm Securosis says that the proposal, which is aimed at denying terrorists and other groups the advantage of encrypted communications, will create “a single point of security failure within organizations and companies that don’t have the best security track record to begin with.”


Related stories:

Big Brother wants to surf the Net with you

Why cybersecurity experts can never rest

Security washes out cloud savings

Who owns data in the cloud? The answer could get tricky.


The administration’s proposal specifically targets peer-to-peer communications, requiring companies that deliver these types of services to redesign them to allow interception. There’s only a limited number of ways to do that, Securosis says, and each of them creates new opportunities for security failures. Those failures are also likely to be detectable by bad guys with some fairly basic techniques, it says.

ReadWriteWeb, which provided the initial link to the Securosis post, points out that means nothing but trouble for cloud providers. Instead of locking the cloud down tighter, this proposal would create an always-open backdoor into the cloud.

Government clouds are mostly behind the firewall now, but at some point they’ll have to connect to public services if they want to make full use of the cloud. If Securosis is right, the administration’s proposal might serve to throttle the use of the cloud by the feds, who are paranoid about its security, at the same time that the White House is trying to promote it.

 

Posted by Brian Robinson on Sep 29, 2010 at 12:20 PM


Featured

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

  • Comment
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    Doing digital differently at VA

    The Department of Veterans Affairs CIO explains why digital transformation is not optional.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.