U.S. enables Chinese hacking of Google
By Bruce Schneier, Special to CNN
STORY HIGHLIGHTS
- Google says hackers from China got into its Gmail system
- Bruce Schneier says hackers exploited feature put into system at behest of U.S. government
- When governments get access to private communications, they invite abuse, he says
- Government surveillance and control of Internet is flourishing, he says
Editor's note: Bruce Schneier is a security technologist and author of "Beyond Fear: Thinking Sensibly About Security in an Uncertain World." Read more of his writing at www.schneier.com.
(CNN) -- Google made headlines when it went public with the fact that Chinese hackers had penetrated some of its services, such as Gmail, in a politically motivated attempt at intelligence gathering. The news here isn't that Chinese hackers engage in these activities or that their attempts are technically sophisticated -- we knew that already -- it's that the U.S. government inadvertently aided the hackers.
In order to comply with government search warrants on user data, Google created a backdoor access system into Gmail accounts. This feature is what the Chinese hackers exploited to gain access.
Google's system isn't unique. Democratic governments around the world -- in Sweden, Canada and the UK, for example -- are rushing to pass laws giving their police new powers of Internet surveillance, in many cases requiring communications system providers to redesign products and services they sell.
Many are also passing data retention laws, forcing companies to retain information on their customers. In the U.S., the 1994 Communications Assistance for Law Enforcement Act required phone companies to facilitate FBI eavesdropping, and since 2001, the National Security Agency has built substantial eavesdropping systems with the help of those phone companies.
Systems like these invite misuse:
more
http://www.cnn.com/2010/OPINION/01/23/schneier.google.hacking/index.html?hpt=T2
