Quick Study

By Brian Robinson

Blog archive

Administration's wiretapping push could damage cloud security

In another case of unintended consequences, now come warnings that the Obama administration’s call to Internet service providers and other firms to make it easier for the FBI to tap into online communications could damage attempts to tighten security in the cloud.

Security research firm Securosis says that the proposal, which is aimed at denying terrorists and other groups the advantage of encrypted communications, will create “a single point of security failure within organizations and companies that don’t have the best security track record to begin with.”

Related stories:

Big Brother wants to surf the Net with you

Why cybersecurity experts can never rest

Security washes out cloud savings

Who owns data in the cloud? The answer could get tricky.

The administration’s proposal specifically targets peer-to-peer communications, requiring companies that deliver these types of services to redesign them to allow interception. There’s only a limited number of ways to do that, Securosis says, and each of them creates new opportunities for security failures. Those failures are also likely to be detectable by bad guys with some fairly basic techniques, it says.

ReadWriteWeb, which provided the initial link to the Securosis post, points out that means nothing but trouble for cloud providers. Instead of locking the cloud down tighter, this proposal would create an always-open backdoor into the cloud.

Government clouds are mostly behind the firewall now, but at some point they’ll have to connect to public services if they want to make full use of the cloud. If Securosis is right, the administration’s proposal might serve to throttle the use of the cloud by the feds, who are paranoid about its security, at the same time that the White House is trying to promote it.


Posted by Brian Robinson on Sep 29, 2010 at 12:20 PM

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • Shutterstock image: looking for code.

    How DOD embraced bug bounties -- and how your agency can, too

    Hack the Pentagon proved to Defense Department officials that outside hackers can be assets, not adversaries.

  • Shutterstock image: cyber defense.

    Why PPD-41 is evolutionary, not revolutionary

    Government cybersecurity officials say the presidential policy directive codifies cyber incident response protocols but doesn't radically change what's been in practice in recent years.

  • Anne Rung -- Commerce Department Photo

    Exit interview with Anne Rung

    The government's departing top acquisition official said she leaves behind a solid foundation on which to build more effective and efficient federal IT.

  • Charles Phalen

    Administration appoints first head of NBIB

    The National Background Investigations Bureau announced the appointment of its first director as the agency prepares to take over processing government background checks.

  • Sen. James Lankford (R-Okla.)

    Senator: Rigid hiring process pushes millennials from federal work

    Sen. James Lankford (R-Okla.) said agencies are missing out on younger workers because of the government's rigidity, particularly its protracted hiring process.

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

Reader comments

Fri, Oct 15, 2010

'These reactions are silly. Essentially the entire world has long had similar requirements as those being requested by the US DOJ. Those requirements have associated standards and the capabilities implemented. This dialogue is typical US-centric banter.' Uh, just because the rest of the world does it, does not make it right. People started this country to get away from submitting to whims of kings and potentates. Freedom has risks, but I am not willing to trade less freedom for fewer risks.

Tue, Oct 5, 2010 Jack Druides California

"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized." Will someone please explain how the 4th Amendment allows the government to even consider building back doors into the Internet?

Fri, Oct 1, 2010 GlobalView Europe

These reactions are silly. Essentially the entire world has long had similar requirements as those being requested by the US DOJ. Those requirements have associated standards and the capabilities implemented. This dialogue is typical US-centric banter.

Thu, Sep 30, 2010 RayW

As was commented on in another thread on the next Obama plan to "make us safe", the more you add taps, the less secure you make things since whatever man (or woman if you want to be today's politically correct) makes, someone else will be able to use/break.

While the dreaded 'Bush' phone monitor program of post 9/11 did find several plots that I know of (and I only had a very small window of visibility, not even state wide), the monitoring of phone lines did not open gaps that many other folks could easily exploit. Adding back doors to access all forms of internet usage that could constitute "peer to peer" communications and encrypted communications would open up a lot of holes that would affect not only Joe and Jane Six Pack, but commerce, industry, finance, and others. The more back doors put on communications and internet access, the better the chance that your bank account and identity will be available for someone else.

Besides, how do you define peer to peer? There are many ways to communicate over the net and pass messages that are encrypted, and many different encryption variations, how do you get back doors on all of them? Make ISPs have to add back doors and maintain them, and guess what will happen to internet rates? Obama will not pay for it out of his various incomes, we will out of what we have left if we want the access still.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group