Feeds

IT security to become political battleground

DRM and wire-tapping rise up the political agenda

  • alert
  • submit to reddit

Internet Security Threat Report 2014

RSA Security will re-emerge as a major arena for political debate over the next year, cryptography legend Whitfield Diffie predicted today.

The cryptographic community fought a long and ultimately successful battle to lift US export restrictions on encryption technology. The climax was a Clinton administration decision more than four years ago to relax controls.

Since then - aside from the ever-present debate about handing over cryptographic keys to law enforcement authorities - things have been a good deal quieter, at least intellectually.

Diffie, chief security officer at Sun Microsystems, forecasts that this will change in coming months. The political battle will spill over into two distinct technology fields.

Conflicting views about law enforcement requests to monitor voice over IP networks and over digital rights management (DRM) technology will re-energise IT politics, he said.

Extending wiretapping to VoIP is controversial because it "affects the architecture of networks of all kinds," according to Diffie.

And DRM is contentious because it extends to copyright holders control over end-user systems.

Diffie said the argument over DRM was complicated by its use in non-controversial applications. For example, DRM technology could be applied to verify that the configuration of a system hadn't been altered by hackers.

"A technology that attests to the configuration of a component in a dynamic network and says 'its safe for you to play' is of great security benefit. Whether it’s a technology you should force on consumers is far less clear," he said.

With legislation on spam on both sides of the Atlantic last year, politics has hardly disappeared from the IT industry. Diffie argues that these debates are not characterised by the real clash of competing philosophies which characterised the crypto export debate.

Diffie made his comments during a cryptography panel at the RSA Conference in San Francisco. ®

The Register RSA coverage in full

Remote control for virtualized desktops

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
State Dept shuts off unclassified email after hack. Classified mail? That's CLASSIFIED
Classified systems 'not affected' - but, is this reconnaissance?
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.