Snowden revelations raise questions over security vendors

The latest revelations from whistle blower Edward Snowden allege security vendors have been working with US secret services to get round encryption

Security vendors have become embroiled in the ongoing spying scandal with the latest revelations from whistle blower Edward Snowden indicating that not only are the US and UK governments getting round encryption but some industry players might be helping them.

According to Snowden the US National Security Agency (NSA) and GCHQ in the UK are hacking encryption protocols to gain access to sensitive data and are spending millions a year funding the programme.

Details published in The Guardian, New York Times and ProPublica also contained the allegation that the NSA had worked with unnamed vendors to encourage them to put 'back doors' in their software to make it easier for the secret services to access information before it gets encrypted.

No vendor has been named as specifically as working with the NSA but according to documents supplied to the papers by Snowden there is a project with the aim of influencing product design to male it possible to collect data.

"The SIGINT Enabling Project actively engages the US and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs. These design changes make the systems in question exploitable through SIGINT collection (eg Endpoint, Midpoint, etc) with foreknowledge of the modification. To the consumer and other adversaries, however the systems' security remains intact," the documents stated.

Since revealing that the US and UK governments have been trying to get access to sensitive data Snowden has had to flee America and seek sanctuary in Russia and is seen by some as a traitor and others as a defender of free speech.



Find more MicroScope+ content and other member only offers, here.

Read more on Data Protection Services

1 comment


Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: