Risking Communications Security: Potential Hazards of the Protect America Act
@article{Bellovin2008RiskingCS, title={Risking Communications Security: Potential Hazards of the Protect America Act}, author={Steven M. Bellovin and Matt Blaze and Whitfield Diffie and Susan Landau and Peter G. Neumann and Jennifer Rexford}, journal={IEEE Security \& Privacy}, year={2008}, volume={6} }
A new US law allows warrantless wiretapping whenever one end of the communication is believed to be outside national borders. This creates serious security risks: danger of exploitation of the system by unauthorized users, danger of criminal misuse by trusted insiders, and danger of misuse by government agents.
39 Citations
Can they hear me now?: a security analysis of law enforcement wiretaps
- Computer ScienceCCS
- 2009
It is demonstrated that the standard CALEA interfaces are vulnerable to a range of unilateral attacks by the intercept target, and stop-gap mitigation strategies are identified that partially mitigate some of the identified attacks.
The Hidden Difficulties of Watching and Rebuilding Networks
- Computer ScienceIEEE Security & Privacy
- 2008
This installment of secure systems focuses on two areas of network defense that are particularly troublesome to manage: network intrusion recovery and ubiquitous network monitoring.
Security Threats in Cloud Computing
- Computer Science
- 2016
This chapter discusses the most common threats in cloud computing, including data breaches and data loss, and the dangers of account and service hijacking in addition to the use of insecure APIs.
The Legality of the Data Retention Directive in Light of the Fundamental Rights to Privacy and Data Protection
- Computer Science, LawEur. J. Law Technol.
- 2010
The suitability, necessity, and proportionality of the interference with the fundamental rights to privacy and data protection as guaranteed by the Charter of Fundamental Rights of the European Union are examined.
Securitizing Critical Infrastructure, Blurring Organizational Boundaries: The U.S. Einstein Program
- Political Science
- 2013
Objective: The objective of this research is to understand how organizations and policies were altered by a new information security technology, namely intrusion detection and intrusion prevention…
Towards an ethical code for information security?
- Computer ScienceNSPW '08
- 2008
A group of experts with different viewpoints on this subject were assembled for a New Security Paradigms Workshop panel, and the charge of considering the mere notion of a specialized code of ethics for the field of cybersecurity was given.
Einstein on the Breach: Surveillance Technology, Cybersecurity and Organizational Change
- Computer Science
- 2013
It is found that DPI implementations led to significant organizational changes in government agencies and threatened to blur the boundary between cybersecurity efforts confined to U.S government agenciesand private sector ISPs, defense contractors and ISPs.
Security threats in cloud computing
- Computer ScienceInternational Conference on Computing, Communication & Automation
- 2015
This paper reports a detailed analysis and categorization of various security threats in a cloud computing environment along with a brief taxonomy of intrusion detection system. The security attacks…
Security and service assurance issues in Cloud environment
- Computer ScienceInt. J. Syst. Assur. Eng. Manag.
- 2018
The paper reports a meticulous review in the field of Cloud computing with a focus on the security risk assessment and service assurance.
Making Sense from Snowden: What's Significant in the NSA Surveillance Revelations
- ArtIEEE Security & Privacy
- 2013
This article seeks to put the Snowden revelations in context, explaining what's new, why it matters, and what might happen next.
References
SHOWING 1-10 OF 40 REFERENCES
Trust in Cyberspace
- Computer Science
- 1998
An assessment of the current state of the art for building trustworthy networked information systems and proposes directions for research in computer and network security, software technology, and system architecture.
National Security on the Line
- Computer ScienceJ. Telecommun. High Technol. Law
- 2006
In this paper, wiretapping, the Internet, communications security, and national-security needs in this communications environment are discussed.
Security Implications of Applying the Communications Assistance to Law Enforcement Act to Voice over IP
- Computer Science
- 2006
VoIP makes perfect sense that anything that can be done with the telephone system — such as E911 and the graceful accommodation of wiretapping — should be able to be done readily with VoIP as well.
Privacy on the Line: The Politics of Wiretapping and Encryption, Updated and Expanded Edition
- Computer Science
- 1998
This updated and expanded edition revises their original -- and prescient -- discussions of both policy and technology in light of recent controversies over NSA spying and other government threats to communications privacy.
Introducing Traffic Analysis Attacks , Defences and Public Policy Issues . . . ( Invited Talk )
- Computer Science
- 2005
This talk will present an overview of traffic analysis techniques, and how they can be used to extract data from ‘secure’ systems.
Anonymity and traceability in cyberspace
- Computer Science
- 2005
It is shown that, in a world of high profit margins and insecure end-user machines, it is impossible to find a payment level that stops the spam without affecting legitimate usage of email, and considers an oft-proposed approach using computational " proof-of-work " that is elegant and anonymity preserving.
Protocol failure in the escrowed encryption standard
- Computer ScienceCCS '94
- 1994
This paper outlines various techniques that enable cryptographic communication among EES processors without transmission of the valid LEAF, and identifies two classes of techniques that allow communication only between pairs of “rogue” parties.
The Athens Affair
- Political ScienceIEEE Spectrum
- 2007
How some extremely smart hackers pulled off the most audacious cell-network break-in ever. On 9 march 2005, a 38-year-old Greek electrical engineer named Costas Tsalikidis was found hanged in his…
Privacy on the Line: The Politics of Wiretapping and Encryption, Updated and Expanded Edition
- Computer ScienceComput. J.
- 2008
Information Privacy Law
- Computer Science
- 2003
The Second Edition addresses numerous rapidly developing areas of privacy law, including: - identity theft, government data mining, and electronic surveillance law - RFID tags, GPS, spyware, web bugs - airline passenger screening.