Facebook Plunges Again
Tumblr 101: Tips And Tricks To Get Started
Security hole in Gmail used by Chinese hackers was created by U.S. law enforcement
If China isn't behind these sophisticated, masterful attacks... who -- or what -- is?
In further news, there's a brilliant (but very opinionated) piece over on CNN by Bruce Schneier. We didn't cover it here on Download Squad yet, but it seems that the hackers used a backdoor in Gmail to gain access -- a backdoor required by U.S. law enforcement agencies. It's not uncommon for such rear entries to exist -- they started to appear in Western nations around the same time as anti-terrorism laws -- but the fact that such backdoors are easy to hack is a concern.
Basically, all major online services have such backdoors programmed into them. It's not crazy to assume that similar attacks were used on the other 30 Silicon Valley businesses. It's not such a problem that these backdoors exist -- it's a problem that once in place, someone will discover them -- they will be hacked.
Schneier finishes his CNN Opinion pieces with a poignant and chilling thought about the current state of technology and the things to come:
"The problem is that such control makes us all less safe. Whether the eavesdroppers are the good guys or the bad guys, these systems put us all at greater risk. Communications systems that have no inherent eavesdropping capabilities are more secure than systems with those capabilities built in. And it's bad civic hygiene to build technologies that could someday be used to facilitate a police state."
Comments
4
Subscribe to commentsJamesJan 26th 2010 7:31PM
I had heard something similar days ago, but at the time I was told that the mechanism they have in place to provide court-ordered searches (as in, the interface that lets them comply with a subpoena) is accessible only to certain employees whose job it is to provide those documents to the cops. I understood it to be the case that one of these employees had their credentials stolen / social-engineered / whatever, and those credentials were used to access the law enforcement system. I would hardly consider that a "back door". Did I hear wrong, or are people blowing this out of proportion?
Sebastian AnthonyJan 26th 2010 7:37PM
That sounds about right, yep.
The problem is that such a hole exists... :)
In an ideal world, there would be no way into Gmail accounts other than with the registered name and password.
Obviously that's not going to happen though, eh...
ProlornJan 26th 2010 9:40PM
That's not exactly what I heard:
It's not truly a backdoor into Gmail accounts. The system only accesses some basic account information and email headers, not contents.
The only Gmail accounts that were truly hacked were those that belonged to individuals who had fallen victim to scams.
If law enforcement is allowed to monitor your snail mail and search your physical home, then it's going to seek ways to monitor your email. I suppose that ideally, you'd want all your information encrypted if possible. At least with this fetching system might clear you with law enforcement without facilitating access to deeper content, though.
EmilyJan 27th 2010 9:56AM
All you speak of requires a warrant to do. Is that the case here also?