Recently leaked Edward Snowden documents reveal the U.S. National Security Agency, in its quest to vacuum as much digital data as possible, has been compelling communications companies to build secret vulnerabilities into their systems, otherwise known as “back doors.” These special methods of bypassing normal authentication procedures to secretly access encrypted communications are known only to the companies that build them and the NSA agents that have access to them. Not surprisingly they prefer to keep such dalliances hidden in the dark.
Given Canada’s special relationship with our cousins south of the border, it should come as no surprise that our own security agencies also prefer the back door. According to The Globe and Mail, “for nearly two decades, Ottawa officials have told telecommunications companies that one of the conditions of obtaining a licence to use wireless spectrum is to provide government with the capability to bug the devices that use the spectrum.” Documents obtained by The Globe also reveal that as part of these requirements, Ottawa has demanded companies scramble encryption so that it can be accessed by Canada’s law enforcement agencies – encryption that protects our intimate conversations, banking transactions, transmission of health and financial records, and so on. Remarkably, Ottawa deems such requirements too sensitive to be shared with the public.
The back door approach is intuitively attractive, and not just because of the shroud of secrecy around it that shields it from public debate. Bad guys encrypt their communications. Having a back door designed by telcos provides a shortcut to those communications, one much more efficient than the more labour-intensive and time consuming alternatives. But like most shortcuts in life, it’s dangerously short-sighted.
At the most fundamental level, back doors are bad engineering. By creating vulnerabilities-by-design, back doors are left open that can be exploited not just by the good guys, but by criminals and other adversaries as well. Such a scheme is like building a house with a permanently unlocked door and then hoping that only those who have built the house and have the plans will know about it. Meanwhile, the Internet is full of automated tools that allow even unsophisticated users to do the equivalent of automatically checking millions of door handles across thousands of neighborhoods in a split second to see which are locked, and which are not.
In 2013, a team of twenty computer security researchers issued a report published by the U.S.-based Center for Democracy and Technology that echoed these concerns, arguing that “mandating wiretap capabilities in endpoints poses serious security risks,” and that building “intercept functionality into … products is unwise and will be ineffective, with the result being serious consequences for the economic well-being and national security of the United States.”
Think those concerns are theoretical? Think again. In my book, Black Code: Inside the Battle for Cyberspace, I recount a 2008 episode in which Citizen Lab researchers discovered that the Chinese version of the popular VOIP product, Skype (called TOM-Skype) had been coded with a special back door surveillance system that was triggered whenever specific keywords were typed into the chat client. The back door sent data to a server in mainland China (presumably to share with China’s security services). Upon further investigation, our researchers discovered that the server onto which the chat messages were stored was not password protected, allowing us to download millions of personal chats, many of which included credit card numbers, business transactions, and other private information.
Naturally, we did the right thing with the data by destroying it and reporting on the vulnerability. Not everyone will be so ethical. Several years ago, political scandals in Greece and Italy, in which prominent officials and business people had their phones tapped and the information used for purposes of blackmail and slander, were enabled by poorly designed back doors on cellphone infrastructures.
Beyond bad engineering, the back door approach’s most insidious impact may be on the way it encourages a race to the bottom internationally. The Tom-Skype example may look amateur in comparison to programs like the NSA’s, but it is a local variation on a common theme – one that may come back to hit Canadians in the pocketbook.
For example, quietly and largely unnoticed here in Canada, India’s intelligence agencies have been building their own back door mobile data program, targeted at the much-vaunted BlackBerry encryption system. It’s the price of doing business in India, one that BlackBerry is willing to pay. The deal reached between India and BlackBerry not only funnels BlackBerry consumer data to India’s security services, it also involves BlackBerry training Indian technicians how to maintain the back doors in Waterloo, Ontario. Several other countries – UAE, Saudi Arabia, and Indonesia among them – have made the same type of requests, though neither BlackBerry nor the governments will confirm details.
Although BlackBerry waves away the deals with carefully crafted statements meant to reassure users that they only apply to its consumer-level device, can anyone really be sure? Which exec will not think twice before using a BlackBerry to send confidential business plans from the Gulf or Asia? Can anyone deny systematically weakening BlackBerry’s encrypted architecture in this way also undermines the integrity and financial well-being of the company? Then again, who are we to object to such schemes abroad when we require the same of companies operating here in Canada?
The back door approach is symptomatic of a larger trend, and a particular approach to securing cyberspace prominent today that privileges intelligence and security agencies over other stakeholders, designs security through obscurity, and undermines checks and balances around government.
Law enforcement and intelligence agencies are necessary and important to liberal democracy, but there is more than one way for them to go about their missions. In the world of Big Data, in which so much personal information is readily available, new methods of “connecting the dots” must be explored other than those that drill holes into our communications infrastructure from the inside out and leave users dependent on the digital equivalent of Swiss cheese. Government surveillance needs re-thinking today, beginning with a loud and clear call to “shut the back door!”
Ron Deibert is director of the Citizen Lab and Canada Centre for Global Security Studies at the Munk School of Global Affairs. He is the author of Black Code: Inside the Battle for Cyberspace (McLelland & Stewart, 2013)