Censorship isn't the only worry in the Google-China standoff
--another is security. How did the hacking attack that started the whole donnybrook happen, anyway? Security expert Bruce Schneier tells a troubling story: Chinese hackers used the
very architecture the U.S. government demanded for
surveillance. "In order to comply with government search warrants on
user data," Schneier explains, "Google created a backdoor access system
into Gmail accounts. This feature is what the Chinese hackers exploited
to gain access." This raises an interesting question: are government
security systems, ironically, creating a security weakness? And is
overzealous government surveillance the least of our worries?
While privacy is often the major concern, Schneier argues that the "unofficial uses" of surveillance
systems are perhaps the bigger risk:
Any surveillance and control system must itself be
secured. An infrastructure conducive to surveillance and control
invites surveillance and control, both by the people you expect and by
the people you don't.
China's hackers subverted the access system Google put in place to comply with
U.S. intercept orders. Why does anyone think criminals won't be able to
use the same system to steal bank account and credit card information,
use it to launch other attacks or turn it into a massive spam-sending
network? Why does anyone think that only authorized law enforcement can
mine collected Internet data or eavesdrop on phone and IM conversations?
Are surveillance systems more trouble than they're worth?
Want to add to this story? Let us know in comments
or send an email to the author at
hhorn at theatlantic dot com.
You can share ideas for stories on the Open Wire.