I thought that yesterday's post would create more of a stir.
Zone Alarm -- a free, popular internet firewall used by millions, perhaps even by you -- is made by a Israeli company called Check Point, now under investigation by the State Department. Check Point wants to buy another computer security firm, Sourcefire, which is heavily involved with military systems. The worry is that a "back door" will place our security secrets in Israeli hands. The Sourcefire controversy, in turn, led me to wonder if someone could have put a similar back door into Zone Alarm.
Now, you'd think a story like that would press all sorts of paranoia buttons. But those buttons went un-pressed.
For those of you saying "But Israel is our ally!", recall that Jonathan Pollard's data was relayed by Israel to the Soviets, in exchange for easing the exit path for many Russian Jews. As Xymphora reminds us, Israel has also passed American military tech secrets to China.
All foreign nations have agendas which differ from ours.
Sourcefire produces an intrusion prevention application called Snort, which sees some usage in military systems. This may seem worrisome at first -- what if Mossad reconfigures Snort to learn all our secrets? -- but, as one of Xymphora's readers reminds us, Snort is open source.
Does that mean we can trust it without question? I'll leave that question for the specialists to answer. Personally, I find it hard to imagine how anyone could place a back door into code open to examination and modification. (But what do I know? The last time I tried my hand at non-HTML programming was when I put together a small BASIC routine in 1984.)
I'm reminded of a similar controversy which has arisen over Tor, a program which allows users to use the internet anonymously. (See here, scroll down to number 9.) Tor was developed by the Navy, which has used it for intelligence gathering purposes.
That history set off all sorts of alarm bells: What if the intelligence community made this thing available to the world, placed a back door into it, and thus had a bird's-eye view of everyone who was trying to escape cyber-scrutiny? (Dan Bown's entertaining Digital Fortress is based on a very similar scenario.)
By way of illustration: Banks use the postal service, not armored cars, to ship worn-out folding money. Armored cars simply tell the bad guys where the money is. Similarly, anyone using Tor or another proxy service is shouting to the world that he has something to hide. Instead of trying to spy on all the net, our intelligence professionals would no doubt prefer to narrow their scrutiny to the users of proxies.
But Tor, too, is open source. And that means we can trust it. Just as we can trust Snort.
Even so...I wonder...
5 comments:
joe, wasn't there some stink two or three years ago about china's intent to take over the security databank at the dod? cannot find that stuff, and i realize i have no idea whatever happened with that, but seems like it was around the time we were beating the war drums.
anyone out there have a clue?
my reason for bringing this up is that these guys are such whores it's not even funny. richard perle was implicated in that story i mention, and of course sy hersh exposed his dealings with the saudis for glorified gun running, prompting the prince of darkness to call sy a terrorist!
creepier and creepier....
For more on securitiy risks and
software, look into the Ptech
software company. One of the
original financiers of this outfit
was Yassir al Qadi, who was
identified as a suspected terrorist
financier after 9/11, and had been
under investigation as such by FBI
agent Robert Wright when the
investigation was ordered shut down
by the Bush Administration in 1/01.
PTech's software made
interoperability between different
systems possible, and its clients
included the Army, the Air Force,
the Naval Air Command, the Congress,
the Department of Energy, the FAA,
the IRS, NATO, the FBI, the Secret
Service and even the White House.
Mike Ruppert's group at FromThe
Wilderness believe that PTech was
tapped into the computers of the FAA
on 9/11, and were thus able to
inject false blips in FAA radar
screens to help disrupt the air
defense.
I am a fourth year student in a computer networking program. I imagine that most of the backgrounds around here are political science, journalism, ect. The key here is not who is making the writing the code for systems like this, it’s who can see the code. The arguments for the use of open source code by the US gov’t hold a lot of weight in instances like this. If everyone can see the code then it would be almost, if not impossible, to slip in a private “back door”.
I’m not an open source zealot who thinks all code should be open source, think what someone could find out about our radar guidance systems from just looking at the code that control such systems, but it has its places. In military matters all code should be either open to the world or open to a full and complete audit by the US military. I would like to think that this would be obvious measure for gov’t agencies, but I think the Diebold voting system debacle proves this can’t be taken for granted.
Given well thought out policies like code audits, as a network security guy, I don’t care where the code comes from. Israel, Russia, Iraq, wherever.
I wouldn't worry too much about ZoneAlarm. If there were a backdoor, it would be to steal bank logins and passwords, the only conceivable use of such a subterfuge on a mass-market basis.
And that wouldn't last long -- the thing would be outed very quickly.
What if the purpose of the back door
is not, as 8:58 suggests, the harvest of mass data, but rather the harvest of data from a few selected targets in a wide vulnerable field?
Post a Comment