Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

10/14/2010
04:10 PM
John Foley
John Foley
Commentary
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

The Case For Wiretapping The Internet

The directors of National Intelligence and the FBI say tech-savvy extremists pose a growing threat, setting the stage for a national debate over the need for Internet eavesdropping.

Despite that growing threat, Mueller noted the challenge of meeting court-ordered communications "intercepts" during FBI investigations. In some cases, communications providers are unable to provide the electronic communications sought in a court order, in part because they're not required to build or maintain the capabilities to do so.

"Critical laws covering this area have not been updated since 1994, when we moved from a copper-wire phone system to digital networks and cell phones, but of course, technology has expanded exponentially in the past 16 years," Mueller said. "We want to ensure that our ability to intercept communications is not eroded by advances in technology—technology we all rely on to communicate." You can read Mueller's speech here.

We're fast approaching a point that will determine how, and how effectively, U.S. intelligence agencies will be able to tap into the din of terrorist chatter that travels over 21st century networks. According to the New York Times, new wiretapping legislation, described as "sweeping" in scope, will be submitted to lawmakers for action next year.

The challenge is to enable the mission of the U.S. Intelligence Community without compromising the privacy and civil liberties of Americans. Clapper and Mueller both voice a strong commitment to meeting that requirement. Says Mueller, "If we safeguard our civil liberties, but leave our country vulnerable to a terrorist attack, we have lost. If we protect America from terrorism, but sacrifice civil liberties, we have also lost. We must work to strike that balance, every day, in every case."

Seeking balance in the form of legislation will get contentious. Security expert Bruce Schneier, the chief security technology officer for BT, has already denounced the White House plan, and many of his readers are similarly critical and skeptical.

The status quo carries its own risks. Clapper says the number and pace of terrorist attempts in the U.S. by al-Qaida and its affiliates were at an all-time high during the past year. Among all the tough choices, inaction may be the worst.

 

Recommended Reading:

Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15570
PUBLISHED: 2020-07-06
The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file.
CVE-2020-15569
PUBLISHED: 2020-07-06
PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor.
CVE-2020-7690
PUBLISHED: 2020-07-06
It's possible to inject JavaScript code via the html method.
CVE-2020-7691
PUBLISHED: 2020-07-06
It's possible to use <<script>script> in order to go over the filtering regex.
CVE-2020-15562
PUBLISHED: 2020-07-06
An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.