Senator: Backdoor for the Feds is a backdoor for hackers
Wyden pushes for law banning special access in software, hardware for cops and spies
A US Senator is urging Congress to pass laws forbidding Uncle Sam's spies from forcing software and hardware makers to build backdoors.
In an op-ed posted in the LA Times, Sen. Ron Wyden (D-OR) said that there was no safe way to build backdoors into phones, tablets, computers and software without exposing them to hackers to exploit.
Wyden, who this month proposed a bill to ban government agencies from mandating backdoors, noted the mechanisms US agencies want to use for law enforcement and intelligence will double as open invitations for foreign agencies and criminals to pwn devices.
"The problem with this logic is that building a back door into every cellphone, tablet, or laptop means deliberately creating weaknesses that hackers and foreign governments can exploit," Wyden wrote.
"Mandating back doors also removes the incentive for companies to develop more secure products at the time people need them most; if you're building a wall with a hole in it, how much are you going invest in locks and barbed wire?"
Mandatory backdoors in devices and code are a hot topic: g-men argue that being able to tunnel into devices is essential to saving lives by detecting and preventing crime. Privacy advocates, meanwhile, have argued that the tools are a violation of privacy and a major security threat.
Put Senator Wyden firmly in the latter category. He notes that even the government agencies themselves have proven less-than-trustworthy when it comes to handling data collected from citizen devices.
"For years, officials of intelligence agencies like the NSA, as well as the Department of Justice, made misleading and outright inaccurate statements to Congress about data surveillance programs — not once, but repeatedly for over a decade," he said.
"These agencies spied on huge numbers of law-abiding Americans, and their dragnet surveillance of Americans' data did not make our country safer." ®
Sponsored: DevOps and continuous delivery