WaPo: Chinese firewall & US surveillance both weaken Internet security

That is the takeaway from a new piece in the Washington Post. After discussing how Chinese Internet stipulations, including insisting on access to source code in products such as iPhones, Yahoo and LinkedIn personal data, threaten security and privacy (an easy call), the piece continues by observing that:

To be fair, the Chinese is not the only government your browser probably trusts. Despite reports that the U.S. National Security Administration is engaged in a similarly massive effort to spy on its own citizens’ communications, certificates issued by the U.S. Department of Defense are also widely trusted.

What that means, according to Kevin Bocek, vice president of security strategy and threat intelligence at the cyber security firm Venafi in San Francisco,is that the Internet’s own immune system is capable of being turned against users anywhere in the world, giving governments the ability to “take control of our browsers and our smartphones.”

The metaphor of the Internet being “infected” by a virus, back-door or malware is often-used. But here it’s being used as push-back against the cited need for back-doors or weakened encryption, not just in China but as a cyberwarfare retaliation to China. “Browser trust” (or certificate trust) as the new frontier in cyberwar.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s