this post was submitted on 10 Oct 2024
229 points (99.6% liked)

Technology

59267 readers
3788 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
229
Salt Typhoon Hack Shows There's No Security Backdoor That's Only For The "Good Guys" - [EFF] (www.eff.org)
submitted 1 month ago by [email protected] to c/[email protected]
7 comments fedilink hide all child comments
 

cross-posted from: https://feddit.org/post/3639969

At EFF we’ve long noted that you cannot build a backdoor that only lets in good guys and not bad guys. Over the weekend, we saw another example of this: The Wall Street Journal reported on a major breach of U.S. telecom systems attributed to a sophisticated Chinese-government backed hacking group dubbed Salt Typhoon.

According to reports, the hack took advantage of systems built by ISPs like Verizon, AT&T, and Lumen Technologies (formerly CenturyLink) to give law enforcement and intelligence agencies access to the ISPs’ user data. This gave China unprecedented access to data related to U.S. government requests to these major telecommunications companies. It’s still unclear how much communication and internet traffic, and related to whom, Salt Typhoon accessed.

That’s right: the path for [U.S.] law enforcement access set up by these companies was apparently compromised and used by China-backed hackers.

[...]

Internet Wiretaps Have Always Been A Bad Idea

Passed in 1994, CALEA requires that makers of telecommunications equipment provide the ability for government eavesdropping. In 2004, the government dramatically expanded this wiretap mandate to include internet access providers. EFF opposed this expansion and explained the perils of wiretapping the internet.

The internet is different from the phone system in critical ways, making it more vulnerable. The internet is open and ever-changing. “Many of the technologies currently used to create wiretap-friendly computer networks make the people on those networks more pregnable to attackers who want to steal their data or personal information,” EFF wrote, nearly 20 years ago.

[...]

top 7 comments
sorted by: hot top controversial new old
[–] [email protected] 35 points 1 month ago

Anyone who thinks otherwise has no business sharing their thoughts on the matter

[–] [email protected] 11 points 1 month ago

Trust me bro, this is for your own good.

[–] [email protected] 9 points 1 month ago (1 children)

It's almost like the legislators are more concerned with swinging their dicks around than with actual safety and best practices.

[–] [email protected] 6 points 1 month ago

They are more concerned with people who might threaten their power having some potential for privacy.

The consequences for common security are far below in their list of priorities.

[–] [email protected] 9 points 1 month ago

Oh no, i'm in shock!

/s

[–] [email protected] 7 points 1 month ago

Can't they just get this info with a warrant? If they are using a backdoor, it's illegal no matter who is doing it.

[–] [email protected] 3 points 1 month ago

EU chatcontrol is going to be great IF they do it.