In an urgent, important blog post, computer scientist and security expert Ed Felten lays out the case against rules requiring manufacturers to put wiretapping backdoors in their communications tools. Since the early 1990s, manufacturers of telephone switching equipment have had to follow a US law called CALEA that says that phone switches have to have a deliberate back-door that cops can use to secretly listen in on phone calls without having to physically attach anything to them. This has already been a huge security problem — through much of the 1990s, AT&T’s CALEA controls went through a Solaris machine that was thoroughly compromised by hackers, meaning that criminals could listen in on any call; during the 2005/6 Olympic bid, spies used the CALEA backdoors on the Greek phone company’s switches to listen in on the highest levels of government. But now, thanks to the widespread adoption of cryptographically secured messaging services, law enforcement is finding that its CALEA backdoors are of declining utility — it doesn’t matter if you can intercept someone else’s phone calls or network traffic if the data you’re captured is unbreakably scrambled. In response, the FBI has floated the idea of “CALEA II”: a mandate to put wiretapping capabilities in computers, phones, and software. As Felten points out, this is a terrible idea. If your phone is designed to secretly record you or stream video, location data, and messages to an adverse party, and to stop you from discovering that it’s doing this, it puts you at huge risk when that facility is hijacked by criminals. It doesn’t matter if you trust the government not to abuse this power (though, for the record, I don’t — especially since anything mandated by the US government would also be present in devices used in China, Belarus and Iran) — deliberately weakening device security makes you vulnerable to everyone, including the worst criminals: Our report argues that mandating a virtual wiretap port in endpoint systems is harmful. The port makes it easier for attackers to capture the very same data that law enforcement wants. Intruders want to capture everything that happens on a compromised computer. They will be happy to see a built-in tool for capturing and extracting large amounts of audio, video, and text traffic. Better yet (for the intruder), the capability will be stealthy by design, making it difficult for the user to tell that anything is amiss. Beyond this, the mandate would make it harder for users to understand, monitor, and fix their own systems—which is bad for security. If a system’s design is too simple or its operation too transparent or too easy to monitor, then wiretaps will be evident. So a wiretappability mandate will push providers toward complex, obfuscated designs that are harder to secure and raise the total cost of building and operating the system. Finally, our report argues that it will not be possible to block non-compliant implementations. Many of today’s communication tools are open source, and there is no way to hide a capability within an open source code base, nor to prevent people from simply removing or disabling an undesired feature. Even closed source systems are routinely modified by users—as with jailbreaking of phones—and users will find ways to disable features they don’t want. Criminals will want to disable these features. Ordinary users will also want to disable them, to mitigate their security risks. Felten’s remarks summarize a report [PDF] signed by 20 distinguished computer scientists criticizing the FBI’s proposal. It’s an important read — maybe the most important thing you’ll read all month. If you can’t trust your devices, you face enormous danger. CALEA II: Risks of wiretap modifications to endpoints
Read more here:
Computer scientists to FBI: don’t require all our devices to have backdoors for spies
An anonymous reader writes “Internet registrar Name.com on Wednesday revealed it was hit by a security breach. The company sent an email to its customers informing them that their usernames, email addresses, passwords, and credit card account information “may have been accessed by unauthorized individuals.”” Read more of this story at Slashdot. 
mask.of.sanity writes “The passwords of thousands of Australian businesses are being stored in clear readable text by the country’s tax office. Storing passwords in readable text is a bad idea for a lot of reasons: they could be read by staff with ill intent, or, in the event of a data breach, could be tested against other web service accounts to further compromise users. In the case of the tax office, the clear text passwords accessed a subsection of the site. But many users would have reused them to access the main tax submission services. If attackers gained access to those areas, they would have access to the personal, financial and taxpayer information of almost every working Australian. Admins should use a strong hash like bcrypt to minimize or prevent password exposure. Users should never reuse passwords for important accounts.” Read more of this story at Slashdot. 
snydeq writes “Microsoft’s release of Office 2013 represents the latest in a series of makeover moves, this time aimed at shifting use of its bedrock productivity suite to the cloud. Early hands-on testing suggests Office 2013 is the ‘best Office yet,’ bringing excellent cloud features and pay-as-you-go pricing to Office. But Microsoft’s new vision for remaining nimble in the cloud era comes with some questions, such as what happens when your subscription expires, not to mention some gray areas around inevitable employee use of Office 2013 Home Premium in business settings.” Zordak points to coverage of the new Office model at CNN Money, and says “More interesting than the article itself is the comments. The article closes by asking ‘Will you [pay up]?’ The consensus in the comments is a resounding ‘NO,’ with frequent mentions of the suitability of OpenOffice for home productivity.” Also at SlashCloud. Read more of this story at Slashdot. 
An anonymous reader writes “Darren Nix works for 42Floors, a business that uses its website to help people find office space. He recently received a marketing email for a service that offered to identify visitors to his website. After squeezing some information out of the marketer and playing around with a demo account, he now explains exactly how sketchy companies track your presence across multiple websites. The marketer offered to provide Nix with ‘tracking code that would sit in your web site’ which would ‘grab a few key pieces of data from each visitor.’ This includes IP addresses and search engine data. The marketer’s company would then automatically analyze the data to try to identify the user and send back whatever personal information they’ve collected on that user from different websites. Thus, it’s entirely possible for a site to know your name, email address, and company on your very first visit, and without any interaction on your part. Nix writes, ‘A real-world analogue would be this scenario: You drive to Home Depot and walk in. Closed-circuit cameras match your face against a database of every shopper that has used a credit card at Walmart or Target and identifies you by name, address, and phone. If you happen to walk out the front door without buying anything your phone buzzes with a text message from Home Depot offering you a 10% discount good for the next hour. Farfetched? I don’t think so. … All the necessary pieces already exist, they just haven’t been combined yet.'” Read more of this story at Slashdot.