Useful Links
SMBlog
RSS feed RSS icon
About this blog
About me
Archives of Dave Farber's IP list
Archives of RISKS Digest
The Legal Information Institute at Cornell University
Thinking Security
Firewalls and Internet Security: Repelling the Wily Hacker
The Electronic Frontier Foundation
The Tor Project
The Center for Democracy and Technology
Freedom to Tinker blog
Bruce Schneier's blog
Matt Blaze's blog
Matthew Green's A Few Thoughts on Cryptographic Engineering
Krebs on Security
January 2008
Good NY Times Magazine Article on E-Voting (6 January 2008)
A License for Geiger Counters? (9 January 2008)
Hacking Trains (11 January 2008)
A New Internet Wiretapping Plan? (15 January 2008)
The CIA Blames Hackers for Power Outages (18 January 2008)
Apple Adds the Missing Applications to the iPod Touch (23 January 2008)
The Dangers of the Protect America Act (27 January 2008)
Massive Computer-Assisted Fraud (29 January 2008)
Recent Posts
Brief Notes on Computer Word and Byte Sizes (7 March 2023
In Memoriam: Frederick P. Brooks, Jr. --- Personal Recollections (18 November 2022
Attacker Target Selection (5 July 2021
Where Did "Data Shadow" Come From? (26 June 2021
Vaccine Scheduling, APIs, and (Maybe) Vaccination Passports (2 April 2021
Security Priorities (25 February 2021
Covid-19 Vaccinations, Certificates, and Privacy (13 August 2020
Hot Take on the Twitter Hack (15 July 2020
Trust Binding (11 June 2020
Facebook, Abuse, and Metadata (24 May 2020
Archive
2007 (43)
2008 (39)
2009 (21)
2010 (15)
2011 (16)
2012 (14)
2013 (6)
2014 (16)
2015 (14)
2016 (6)
2017 (17)
2018 (16)
2019 (17)
2020 (15)
2021 (4)
2022 (1)
2023 (1)
 
Full Index
Tag Index

The Dangers of the Protect America Act

27 January 2008

Fundamentally, a wiretap is an intentional breach of security. It may be a desirable or even a necessary breach, but it is a breach nevertheless. Furthermore, the easier it is for the "good guys" to "break in", the easier it may be for the bad guys. The Greek cellphone tapping scandal is just one case in point.

There’s another, more subtle, problem: if your wiretap is done incorrectly, perhaps by relying on incorrect information, you may miss traffic that you’re entitled to hear (and should hear, to protect society).

The Protect America Act carries both risks. Matt Blaze, Whit Diffie, Susan Landau, Peter Neumann, Jennifer Rexford, and I have written an analysis of the dangers. It will appear soon in IEEE Security and Privacy; you can download a preprint here.

https://www.cs.columbia.edu/~smb/blog/2008-01/2008-01-27.html