Snowden revelations raise questions over security vendors

News

Snowden revelations raise questions over security vendors

Simon Quicke

Security vendors have become embroiled in the ongoing spying scandal with the latest revelations from whistle blower Edward Snowden indicating that not only are the US and UK governments getting round encryption but some industry players might be helping them.

According to Snowden the US National Security Agency (NSA) and GCHQ in the UK are hacking encryption protocols to gain access to sensitive data and are spending millions a year funding the programme.

Details published in The Guardian, New York Times and ProPublica also contained the allegation that the NSA had worked with unnamed vendors to encourage them to put 'back doors' in their software to make it easier for the secret services to access information before it gets encrypted.

No vendor has been named as specifically as working with the NSA but according to documents supplied to the papers by Snowden there is a project with the aim of influencing product design to male it possible to collect data.

"The SIGINT Enabling Project actively engages the US and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs. These design changes make the systems in question exploitable through SIGINT collection (eg Endpoint, Midpoint, etc) with foreknowledge of the modification. To the consumer and other adversaries, however the systems' security remains intact," the documents stated.

Since revealing that the US and UK governments have been trying to get access to sensitive data Snowden has had to flee America and seek sanctuary in Russia and is seen by some as a traitor and others as a defender of free speech.


Join the conversation Comment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.