The NSA Stonewalls Congress

I don’t get this. Reuters is reporting that the NSA is refusing to tell congress about its seeking of back doors. It’s certainly true that an argument can be made that the NSA should be seeking back doors but how is it okay for them to give congress the finger? If you look at what the NSA is saying, it’s pretty clear they’re either incompetent or lying. They say they have a “lessons learned” document about the fallout from the Snowden revelations but that they can’t find it.

In any event, it’s worth taking a look at the premise that the NSA should be seeking back doors and actively trying to get companies to install them. The usual argument against back doors is that others will find and exploit them. That’s not just a theoretical concern. In the real world there have been many (embarrassing to the NSA) instances of exactly that. The primary (known) example of that is the Juniper exploit in which an NSA backdoor in Juniper equipment was modified to provide a new back door for unknown actors.

Every expert who doesn’t work for the NSA or one of its siblings agrees that back doors are a bad idea that will be exploited. The NSA thinks the use of back doors make us safer but the evidence suggests otherwise. The real problem, I think, is that the NSA hasn’t internalized the reality that they’re no longer the best cryptologists in the West and maybe the world. They aren’t and just because it’s hard doesn’t mean that the bad guys won’t find and exploit whatever back doors they manage to install. Just ask Juniper.

This entry was posted in General and tagged , . Bookmark the permalink.