SlideShare a Scribd company logo

Software Backdoors, Chiaravalle

A
Adam Chiaravalle

Software backdoors and ethics

Technology
1 of 30
Download to read offline
Software Backdoors and their Ethical Implications Adam Chiaravalle CPSC 3610, Dr. Claire McCullough
Outline 1. What is a backdoor? 2. Why should we care? 3. Who wants what? 4. The case for backdoors 5. The case against backdoors 6. Ethical viewpoints
What is a backdoor? 4 Placed intentionally by developer or by malware2 4 An intentional security flaw to allow certain groups unauthorized access to data 4 A way to bypass encryption or authentication3 4 Backdoors into consumer technology 4 Backdoors into major tech servers 3 https://cdt.org/insight/issue-brief-a-backdoor-to-encryption-for- government-surveillance/ 2 https://www.youtube.com/watch?v=T3VfcH0GpLg
"...refers to a secret portal that hackers and intelligence agencies use to gain illicit access." -Wired26 26 https://www.wired.com/2014/12/hacker-lexicon-backdoor/
Like a TSA lock that allows agents to open your suitcase and replace the lock without notice. They hold a set of keys that work for all TSA-approved locks.4 4 https://freedom-to-tinker.com/2016/02/22/ an-analogy-to-understand-the-fbis-request- of-apple/ Image: https://www.pexels.com/photo/close-up- of-keys-333837/
Why should we care? 3 Examples
Clipper Chip 4 US Government introduced "Clipper chip" in 1993 and discontinued in 1996 4 For encrypting voice communication, but with a crypto key in government hands 4 Troubling because would allow government to listen in on secure calls7 7 (Content and Image): http:// www.cryptomuseum.com/crypto/usa/ clipper.htm
San Bernardino Case 4 Crucial information on locked iPhone 4 FBI asked Apple to make unsecured OS 4 FBI could connect and brute force exploit backdoor 4 Troubling because huge precedent if created8 4 Apple very publicly declined11 11 http://www.npr.org/sections/thetwo-way/ 2016/02/24/468016377/apple-ceo-tim-cook- back-door-to-iphones-would-be-software- equivalent-of-cancer 8 https://www.washingtonpost.com/world/ national-security/us-wants-apple-to-help- unlock-iphone-used-by-san-bernardino- shooter/2016/02/16/69b903ee- d4d9-11e5-9823-02b905009f99_story.html
"...Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control." - Tim Cook 12 12 http://www.apple.com/customer-letter/
"...We build secure products to keep your information safe... But that’s wholly different than requiring companies to enable hacking of customer devices & data. Could be a troubling precedent" - Sundar Pichai13 13 https://twitter.com/sundarpichai/status/700104383762026496, https:// twitter.com/sundarpichai/status/700104433183502336
Precedent "...no smartphone lies beyond the reach of a judicial search warrant.".4,6 -Cyrus Vance Jr. 6 http://www.nytimes.com/roomfordebate/2016/02/18/crimes-iphones-and- encryption/no-smartphone-lies-beyond-the-reach-of-a-judicial-search- warrant 4 https://freedom-to-tinker.com/2016/02/22/an-analogy-to-understand-the- fbis-request-of-apple/ Image: https://www.pexels.com/photo/close-up-of-keys-333837/
NSA Backdoors & PRISM 4 Documents released by Snowden in 2013 4 Allows mass, indiscriminate internet data collection in cooperation with Facebook, Google, Apple, Microsoft, more 4 Collects VoIP calls, cloud files, emails, more 4 Troubling because data of innocent individuals gathered9 Image Source10 Next slide image source9 9 http://www.theverge.com/2013/7/17/4517480/ nsa-spying-prism-surveillance-cheat-sheet 10 https://www.youtube.com/watch? v=V9_PjdU3Mpo
Who is against government backdoors?
4 EFF27 4 CDT3 4 Google13 4 Apple12 Image source11 11 http://www.npr.org/sections/thetwo-way/2016/02/24/468016377/apple-ceo- tim-cook-back-door-to-iphones-would-be-software-equivalent-of-cancer 12 http://www.apple.com/customer-letter/ 13 https://twitter.com/sundarpichai/status/700104383762026496, https:// twitter.com/sundarpichai/status/700104433183502336 3 https://cdt.org/insight/issue-brief-a-backdoor-to-encryption-for- government-surveillance/ 27 https://www.eff.org/deeplinks/2016/02/eff-support-apple-encryption-battle
Case For
It is an easy way to gather data 4 One of the easiest ways to gather information on terrorist or other criminal organizations is through backdoors or data monitoring29 "'I, sitting at my desk,' said Snowden, could 'wiretap anyone, from you or your accountant, to a federal judge to even the president, if I had a personal email.'”29 - The Intercept, Edward Snowden 29 https://theintercept.com/2015/07/01/nsas-google-worlds-private- communications/
Backdoors are inexpensive comparatively 4 Marc Thiessen says in a column for Washington Post that there are 3 ways to get information on potential terrorism suspects. 16 1. Interrogation (EO 13491)15 2. Infiltration (expensive) 3. Digital Surveillance16 Image Source14 14 www.nsa.gov 16 http://www.theblaze.com/news/2013/06/10/ here-is-the-pro-nsa-surveillance-argument/ 15 http://www.presidency.ucsb.edu/ws/ index.php?pid=85669
Some polls show that Americans find some NSA surveillance acceptable 4 In 2013 poll, 62% of Americans said more important to investigate threats than preventing intrusions of privacy25 Image source25 25 https://www.washingtonpost.com/politics/ public-reaction-to-nsa-monitoring/ 2013/06/10/90dd1e60-d207-11e2- a73e-826d299ff459_graphic.html
Case Against
Encryption does not necessitate surveillance or indicate guilt 4 Encryption is used to secure social media, financial applications, medical records and much more. If there is a backdoor to our systems, we lose privacy to these as well3 4 Founding fathers were huge proponents of encryption and even created cyphers to hide messages from the British17 17 http://www.realcleartechnology.com/articles/2016/01/13/ encryptionvitaltothefoundingfathersvitaltomodernamerica1270-2.html 3 https://cdt.org/insight/issue-brief-a-backdoor-to-encryption-for- government-surveillance/
The backdoors could be used by malicious groups18 4 Backdoor security flaws may actually enable crime 4 Puts businesses at risk 4 Puts our country at risk of exploit from other foreign countries3 3 https://cdt.org/insight/issue-brief-a-backdoor-to-encryption-for- government-surveillance/ 18 https://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show- the-risk-of-government-backdoors/
Backdoor requirements may stifle new entrepreneurship 4 Barrier to entry is too high, discourages encryption to begin with3 3 https://cdt.org/insight/issue-brief-a-backdoor-to-encryption-for- government-surveillance/
Not significant evidence that NSA backdoors have stopped attacks19 "...the utter lack of evidence that a terrorist attack has ever been prevented because searching the NSA database was faster than other investigative tactics - I have serious doubts about the efficacy of the metadata collection program..." -Richard J. Leon, Senior Judge US District Court for DC 4 NSA director Keith Alexander at a security conference in 2013 stated in a presentation “54 ATTACKS THWARTED” 4 He later agreed that not all were plots and only 13 were connected to the United States20 20 https://www.propublica.org/article/claim-on-attacks-thwarted-by-nsa- spreads-despite-lack-of-evidence 19 https://www.propublica.org/documents/item/902454-judge-leon- ruling#document/p62
Tools that exist will be used, maybe against you 4 Just because it's not being used against you right now, that doesn't mean it can't be used in new unimagined ways against you in the future 4 Foreign countries without free speech could monitor citizens10 4 US has funded projects to allow activists to communicate securely 4 IoT devices with backdoors21 21 https://www.aclu.org/blog/speak-freely/7-reasons-government-backdoor- iphone-would-be-catastrophic 10 https://www.youtube.com/watch?v=V9_PjdU3Mpo
Ethical Viewpoints
Ethical Egoism 4 From the consumer perspective: Keep as much information private as possible. Preference towards no back doors to keep data out of the wrong hands. Image source24 4 From the tech company perspective: They want to keep as many customers as possible in the long term, so they should do their best to comply with the consumer long term. 4 From the government perspective: Law enforcement's long term goal is to keep citizens safe, but they see backdoors as a gateway to this 24 http://www.pewresearch.org/fact-tank/ 2015/05/29/what-americans-think-about-nsa- surveillance-national-security-and-privacy/
Kantianism Under the second categorical imperative foundation, we must not use others as means to an end. Extenuating circumstances don't make a difference. We must not deceive; it is a perfect duty. 22 The NSA gathers mass data on groups of people that have no suspected link of criminal activity.9 9 http://www.theverge.com/2013/7/17/4517480/nsa-spying-prism-surveillance- cheat-sheet 22 Lecture 2.2.2017, Dr. Claire McCullough
My Ethical Viewpoint 4 Just because it's not being used against you right now, that doesn't mean it can't be used in new unimagined ways against you in the future 4 French authorities placed activists planning to participate in a peaceful rally under house arrest. They cited new anti-terror laws.10,23 23 https://www.theguardian.com/environment/2015/nov/27/paris-climate- activists-put-under-house-arrest-using-emergency-laws 10 https://www.youtube.com/watch?v=V9_PjdU3Mpo
Thank You! Software Backdoors and their Ethical Implications Adam Chiaravalle CPSC 3610, Dr. Claire McCullough

Recommended

Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Grant Barker
 
Data Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples StoryData Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples StoryInternational Institute for Learning
 
Security News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet BangaloreSecurity News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet BangaloreInMobi Technology
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trumpMAXfocus
 
Cybersecurity: Connectivity, Collaboration and Security Controls
Cybersecurity: Connectivity, Collaboration and Security ControlsCybersecurity: Connectivity, Collaboration and Security Controls
Cybersecurity: Connectivity, Collaboration and Security ControlsKristian Alisasis Pura
 
Insecure mag-33
Insecure mag-33Insecure mag-33
Insecure mag-33cheinyeanlim
 
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"CloudCamp Chicago
 
2008 Trends
2008 Trends2008 Trends
2008 TrendsTBledsoe
 

Recommended

Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Grant Barker
 
Data Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples StoryData Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples StoryInternational Institute for Learning
 
Security News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet BangaloreSecurity News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet BangaloreInMobi Technology
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trumpMAXfocus
 
Cybersecurity: Connectivity, Collaboration and Security Controls
Cybersecurity: Connectivity, Collaboration and Security ControlsCybersecurity: Connectivity, Collaboration and Security Controls
Cybersecurity: Connectivity, Collaboration and Security ControlsKristian Alisasis Pura
 
Insecure mag-33
Insecure mag-33Insecure mag-33
Insecure mag-33cheinyeanlim
 
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"CloudCamp Chicago
 
2008 Trends
2008 Trends2008 Trends
2008 TrendsTBledsoe
 
Paranoia or risk management 2013
Paranoia or risk management 2013Paranoia or risk management 2013
Paranoia or risk management 2013Henrik Kramshøj
 
Who is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattssonWho is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattssonUlf Mattsson
 
Merit Event - Closing the Back Door in Your Systems
Merit Event - Closing the Back Door in Your SystemsMerit Event - Closing the Back Door in Your Systems
Merit Event - Closing the Back Door in Your Systemsmeritnorthwest
 
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...Cyber Insecurity --The battle to protect data rages on as hackers find new wa...
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...InnovatioNews
 
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiAddressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiKnowledge Group
 
Safe use of cloud - alternative cloud
Safe use of cloud - alternative cloudSafe use of cloud - alternative cloud
Safe use of cloud - alternative cloudTomppa Järvinen
 
A Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCA Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCMicrosoft Asia
 
How to safe your company from having a security breach
How to safe your company from having a security breachHow to safe your company from having a security breach
How to safe your company from having a security breachBaltimax
 
Data Breaches. Are you next? What does the data say?
Data Breaches. Are you next? What does the data say? Data Breaches. Are you next? What does the data say?
Data Breaches. Are you next? What does the data say? Phil Agcaoili
 
Ce hv8 module 19 cryptography
Ce hv8 module 19 cryptographyCe hv8 module 19 cryptography
Ce hv8 module 19 cryptographyMehrdad Jingoism
 
Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...
Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...
Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...ERPScan
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual ReportLabris Networks
 
Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Andrew Manoske
 
Target data breach presentation
Target data breach presentationTarget data breach presentation
Target data breach presentationSreejith Nair
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Roen Branham
 
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron ShrabergCODE BLUE
 
Ransomware Gang Masquerades as Real Company to Recruit Tech Talent
Ransomware Gang Masquerades as Real Company to Recruit Tech TalentRansomware Gang Masquerades as Real Company to Recruit Tech Talent
Ransomware Gang Masquerades as Real Company to Recruit Tech TalentLUMINATIVE MEDIA/PROJECT COUNSEL MEDIA GROUP
 
Fall2015SecurityShow
Fall2015SecurityShowFall2015SecurityShow
Fall2015SecurityShowAdam Heller
 
SucessfulInsiderThreat
SucessfulInsiderThreatSucessfulInsiderThreat
SucessfulInsiderThreatHammerNJ
 
Iot privacy vs convenience
Iot privacy vs convenienceIot privacy vs convenience
Iot privacy vs convenienceDon Lovett
 
StuartMillar_13616005_PIA
StuartMillar_13616005_PIAStuartMillar_13616005_PIA
StuartMillar_13616005_PIAStuart Millar
 

More Related Content

What's hot

Paranoia or risk management 2013
Paranoia or risk management 2013Paranoia or risk management 2013
Paranoia or risk management 2013Henrik Kramshøj
 
Who is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattssonWho is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattssonUlf Mattsson
 
Merit Event - Closing the Back Door in Your Systems
Merit Event - Closing the Back Door in Your SystemsMerit Event - Closing the Back Door in Your Systems
Merit Event - Closing the Back Door in Your Systemsmeritnorthwest
 
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...Cyber Insecurity --The battle to protect data rages on as hackers find new wa...
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...InnovatioNews
 
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiAddressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiKnowledge Group
 
Safe use of cloud - alternative cloud
Safe use of cloud - alternative cloudSafe use of cloud - alternative cloud
Safe use of cloud - alternative cloudTomppa Järvinen
 
A Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCA Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCMicrosoft Asia
 
How to safe your company from having a security breach
How to safe your company from having a security breachHow to safe your company from having a security breach
How to safe your company from having a security breachBaltimax
 
Data Breaches. Are you next? What does the data say?
Data Breaches. Are you next? What does the data say? Data Breaches. Are you next? What does the data say?
Data Breaches. Are you next? What does the data say? Phil Agcaoili
 
Ce hv8 module 19 cryptography
Ce hv8 module 19 cryptographyCe hv8 module 19 cryptography
Ce hv8 module 19 cryptographyMehrdad Jingoism
 
Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...
Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...
Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...ERPScan
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual ReportLabris Networks
 
Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Andrew Manoske
 
Target data breach presentation
Target data breach presentationTarget data breach presentation
Target data breach presentationSreejith Nair
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Roen Branham
 
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron ShrabergCODE BLUE
 
Fall2015SecurityShow
Fall2015SecurityShowFall2015SecurityShow
Fall2015SecurityShowAdam Heller
 
SucessfulInsiderThreat
SucessfulInsiderThreatSucessfulInsiderThreat
SucessfulInsiderThreatHammerNJ
 

What's hot (20)

Paranoia or risk management 2013
Paranoia or risk management 2013Paranoia or risk management 2013
Paranoia or risk management 2013
 
Who is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattssonWho is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattsson
 
Merit Event - Closing the Back Door in Your Systems
Merit Event - Closing the Back Door in Your SystemsMerit Event - Closing the Back Door in Your Systems
Merit Event - Closing the Back Door in Your Systems
 
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...Cyber Insecurity --The battle to protect data rages on as hackers find new wa...
Cyber Insecurity --The battle to protect data rages on as hackers find new wa...
 
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiAddressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
 
Safe use of cloud - alternative cloud
Safe use of cloud - alternative cloudSafe use of cloud - alternative cloud
Safe use of cloud - alternative cloud
 
A Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCA Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDC
 
How to safe your company from having a security breach
How to safe your company from having a security breachHow to safe your company from having a security breach
How to safe your company from having a security breach
 
Data Breaches. Are you next? What does the data say?
Data Breaches. Are you next? What does the data say? Data Breaches. Are you next? What does the data say?
Data Breaches. Are you next? What does the data say?
 
Ce hv8 module 19 cryptography
Ce hv8 module 19 cryptographyCe hv8 module 19 cryptography
Ce hv8 module 19 cryptography
 
Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...
Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...
Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
 
2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual Report
 
Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)
 
Target data breach presentation
Target data breach presentationTarget data breach presentation
Target data breach presentation
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021
 
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
 
Ransomware Gang Masquerades as Real Company to Recruit Tech Talent
Ransomware Gang Masquerades as Real Company to Recruit Tech TalentRansomware Gang Masquerades as Real Company to Recruit Tech Talent
Ransomware Gang Masquerades as Real Company to Recruit Tech Talent
 
Fall2015SecurityShow
Fall2015SecurityShowFall2015SecurityShow
Fall2015SecurityShow
 
SucessfulInsiderThreat
SucessfulInsiderThreatSucessfulInsiderThreat
SucessfulInsiderThreat
 

Similar to Software Backdoors, Chiaravalle

Iot privacy vs convenience
Iot privacy vs convenienceIot privacy vs convenience
Iot privacy vs convenienceDon Lovett
 
StuartMillar_13616005_PIA
StuartMillar_13616005_PIAStuartMillar_13616005_PIA
StuartMillar_13616005_PIAStuart Millar
 
Group 4 why smart object maybe a dumb idea
Group 4 why smart object maybe a dumb ideaGroup 4 why smart object maybe a dumb idea
Group 4 why smart object maybe a dumb ideaBluepie1
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
 
How to protect privacy sensitive data that is collected to control the corona...
How to protect privacy sensitive data that is collected to control the corona...How to protect privacy sensitive data that is collected to control the corona...
How to protect privacy sensitive data that is collected to control the corona...Ulf Mattsson
 
Computer Forensics And Investigating Corporate Espionage
Computer Forensics And Investigating Corporate EspionageComputer Forensics And Investigating Corporate Espionage
Computer Forensics And Investigating Corporate EspionageIRJET Journal
 
Anonos FTC Comment Letter Big Data: A Tool for Inclusion or Exclusion
Anonos FTC Comment Letter Big Data: A Tool for Inclusion or ExclusionAnonos FTC Comment Letter Big Data: A Tool for Inclusion or Exclusion
Anonos FTC Comment Letter Big Data: A Tool for Inclusion or ExclusionTed Myerson
 
Security In an IoT World
Security In an IoT WorldSecurity In an IoT World
Security In an IoT Worldsyrinxtech
 
INSECURE Magazine - 33
INSECURE Magazine - 33INSECURE Magazine - 33
INSECURE Magazine - 33Felipe Prado
 
An Unmanned Aircraft System ( Uas )
An Unmanned Aircraft System ( Uas )An Unmanned Aircraft System ( Uas )
An Unmanned Aircraft System ( Uas )Megan Espinoza
 
Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...
Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...
Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...Black Duck by Synopsys
 
The Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesThe Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesGFI Software
 
9 Alarming developments in the fight for digital privacy
9 Alarming developments in the fight for digital privacy9 Alarming developments in the fight for digital privacy
9 Alarming developments in the fight for digital privacyEntefy
 
November 2017: Part 6
November 2017: Part 6November 2017: Part 6
November 2017: Part 6seadeloitte
 
White Paper - Nuix Cybersecurity - US Localized
White Paper - Nuix Cybersecurity - US LocalizedWhite Paper - Nuix Cybersecurity - US Localized
White Paper - Nuix Cybersecurity - US LocalizedStuart Clarke
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 
The Crisis of Self Sovereignty in The Age of Surveillance Capitalism
The Crisis of Self Sovereignty in The Age of Surveillance CapitalismThe Crisis of Self Sovereignty in The Age of Surveillance Capitalism
The Crisis of Self Sovereignty in The Age of Surveillance CapitalismJongseung Kim
 

Similar to Software Backdoors, Chiaravalle (20)

Iot privacy vs convenience
Iot privacy vs convenienceIot privacy vs convenience
Iot privacy vs convenience
 
StuartMillar_13616005_PIA
StuartMillar_13616005_PIAStuartMillar_13616005_PIA
StuartMillar_13616005_PIA
 
Group 4 why smart object maybe a dumb idea
Group 4 why smart object maybe a dumb ideaGroup 4 why smart object maybe a dumb idea
Group 4 why smart object maybe a dumb idea
 
Take Down
Take DownTake Down
Take Down
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and Encryption
 
How to protect privacy sensitive data that is collected to control the corona...
How to protect privacy sensitive data that is collected to control the corona...How to protect privacy sensitive data that is collected to control the corona...
How to protect privacy sensitive data that is collected to control the corona...
 
Computer Forensics And Investigating Corporate Espionage
Computer Forensics And Investigating Corporate EspionageComputer Forensics And Investigating Corporate Espionage
Computer Forensics And Investigating Corporate Espionage
 
Anonos FTC Comment Letter Big Data: A Tool for Inclusion or Exclusion
Anonos FTC Comment Letter Big Data: A Tool for Inclusion or ExclusionAnonos FTC Comment Letter Big Data: A Tool for Inclusion or Exclusion
Anonos FTC Comment Letter Big Data: A Tool for Inclusion or Exclusion
 
Security In an IoT World
Security In an IoT WorldSecurity In an IoT World
Security In an IoT World
 
INSECURE Magazine - 33
INSECURE Magazine - 33INSECURE Magazine - 33
INSECURE Magazine - 33
 
ISIS Cyber Terrorism Analysis
ISIS Cyber Terrorism AnalysisISIS Cyber Terrorism Analysis
ISIS Cyber Terrorism Analysis
 
An Unmanned Aircraft System ( Uas )
An Unmanned Aircraft System ( Uas )An Unmanned Aircraft System ( Uas )
An Unmanned Aircraft System ( Uas )
 
Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...
Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...
Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...
 
The Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesThe Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage Devices
 
9 Alarming developments in the fight for digital privacy
9 Alarming developments in the fight for digital privacy9 Alarming developments in the fight for digital privacy
9 Alarming developments in the fight for digital privacy
 
November 2017: Part 6
November 2017: Part 6November 2017: Part 6
November 2017: Part 6
 
White Paper - Nuix Cybersecurity - US Localized
White Paper - Nuix Cybersecurity - US LocalizedWhite Paper - Nuix Cybersecurity - US Localized
White Paper - Nuix Cybersecurity - US Localized
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDF
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-Force
 
The Crisis of Self Sovereignty in The Age of Surveillance Capitalism
The Crisis of Self Sovereignty in The Age of Surveillance CapitalismThe Crisis of Self Sovereignty in The Age of Surveillance Capitalism
The Crisis of Self Sovereignty in The Age of Surveillance Capitalism
 

Recently uploaded

Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 

Recently uploaded (20)

Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 

Software Backdoors, Chiaravalle

  • 1. Software Backdoors and their Ethical Implications Adam Chiaravalle CPSC 3610, Dr. Claire McCullough
  • 2. Outline 1. What is a backdoor? 2. Why should we care? 3. Who wants what? 4. The case for backdoors 5. The case against backdoors 6. Ethical viewpoints
  • 3. What is a backdoor? 4 Placed intentionally by developer or by malware2 4 An intentional security flaw to allow certain groups unauthorized access to data 4 A way to bypass encryption or authentication3 4 Backdoors into consumer technology 4 Backdoors into major tech servers 3 https://cdt.org/insight/issue-brief-a-backdoor-to-encryption-for- government-surveillance/ 2 https://www.youtube.com/watch?v=T3VfcH0GpLg
  • 4. "...refers to a secret portal that hackers and intelligence agencies use to gain illicit access." -Wired26 26 https://www.wired.com/2014/12/hacker-lexicon-backdoor/
  • 5. Like a TSA lock that allows agents to open your suitcase and replace the lock without notice. They hold a set of keys that work for all TSA-approved locks.4 4 https://freedom-to-tinker.com/2016/02/22/ an-analogy-to-understand-the-fbis-request- of-apple/ Image: https://www.pexels.com/photo/close-up- of-keys-333837/
  • 6. Why should we care? 3 Examples
  • 7. Clipper Chip 4 US Government introduced "Clipper chip" in 1993 and discontinued in 1996 4 For encrypting voice communication, but with a crypto key in government hands 4 Troubling because would allow government to listen in on secure calls7 7 (Content and Image): http:// www.cryptomuseum.com/crypto/usa/ clipper.htm
  • 8. San Bernardino Case 4 Crucial information on locked iPhone 4 FBI asked Apple to make unsecured OS 4 FBI could connect and brute force exploit backdoor 4 Troubling because huge precedent if created8 4 Apple very publicly declined11 11 http://www.npr.org/sections/thetwo-way/ 2016/02/24/468016377/apple-ceo-tim-cook- back-door-to-iphones-would-be-software- equivalent-of-cancer 8 https://www.washingtonpost.com/world/ national-security/us-wants-apple-to-help- unlock-iphone-used-by-san-bernardino- shooter/2016/02/16/69b903ee- d4d9-11e5-9823-02b905009f99_story.html
  • 9. "...Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control." - Tim Cook 12 12 http://www.apple.com/customer-letter/
  • 10. "...We build secure products to keep your information safe... But that’s wholly different than requiring companies to enable hacking of customer devices & data. Could be a troubling precedent" - Sundar Pichai13 13 https://twitter.com/sundarpichai/status/700104383762026496, https:// twitter.com/sundarpichai/status/700104433183502336
  • 11. Precedent "...no smartphone lies beyond the reach of a judicial search warrant.".4,6 -Cyrus Vance Jr. 6 http://www.nytimes.com/roomfordebate/2016/02/18/crimes-iphones-and- encryption/no-smartphone-lies-beyond-the-reach-of-a-judicial-search- warrant 4 https://freedom-to-tinker.com/2016/02/22/an-analogy-to-understand-the- fbis-request-of-apple/ Image: https://www.pexels.com/photo/close-up-of-keys-333837/
  • 12. NSA Backdoors & PRISM 4 Documents released by Snowden in 2013 4 Allows mass, indiscriminate internet data collection in cooperation with Facebook, Google, Apple, Microsoft, more 4 Collects VoIP calls, cloud files, emails, more 4 Troubling because data of innocent individuals gathered9 Image Source10 Next slide image source9 9 http://www.theverge.com/2013/7/17/4517480/ nsa-spying-prism-surveillance-cheat-sheet 10 https://www.youtube.com/watch? v=V9_PjdU3Mpo
  • 13.
  • 14. Who is against government backdoors?
  • 15. 4 EFF27 4 CDT3 4 Google13 4 Apple12 Image source11 11 http://www.npr.org/sections/thetwo-way/2016/02/24/468016377/apple-ceo- tim-cook-back-door-to-iphones-would-be-software-equivalent-of-cancer 12 http://www.apple.com/customer-letter/ 13 https://twitter.com/sundarpichai/status/700104383762026496, https:// twitter.com/sundarpichai/status/700104433183502336 3 https://cdt.org/insight/issue-brief-a-backdoor-to-encryption-for- government-surveillance/ 27 https://www.eff.org/deeplinks/2016/02/eff-support-apple-encryption-battle
  • 17. It is an easy way to gather data 4 One of the easiest ways to gather information on terrorist or other criminal organizations is through backdoors or data monitoring29 "'I, sitting at my desk,' said Snowden, could 'wiretap anyone, from you or your accountant, to a federal judge to even the president, if I had a personal email.'”29 - The Intercept, Edward Snowden 29 https://theintercept.com/2015/07/01/nsas-google-worlds-private- communications/
  • 18. Backdoors are inexpensive comparatively 4 Marc Thiessen says in a column for Washington Post that there are 3 ways to get information on potential terrorism suspects. 16 1. Interrogation (EO 13491)15 2. Infiltration (expensive) 3. Digital Surveillance16 Image Source14 14 www.nsa.gov 16 http://www.theblaze.com/news/2013/06/10/ here-is-the-pro-nsa-surveillance-argument/ 15 http://www.presidency.ucsb.edu/ws/ index.php?pid=85669
  • 19. Some polls show that Americans find some NSA surveillance acceptable 4 In 2013 poll, 62% of Americans said more important to investigate threats than preventing intrusions of privacy25 Image source25 25 https://www.washingtonpost.com/politics/ public-reaction-to-nsa-monitoring/ 2013/06/10/90dd1e60-d207-11e2- a73e-826d299ff459_graphic.html
  • 21. Encryption does not necessitate surveillance or indicate guilt 4 Encryption is used to secure social media, financial applications, medical records and much more. If there is a backdoor to our systems, we lose privacy to these as well3 4 Founding fathers were huge proponents of encryption and even created cyphers to hide messages from the British17 17 http://www.realcleartechnology.com/articles/2016/01/13/ encryptionvitaltothefoundingfathersvitaltomodernamerica1270-2.html 3 https://cdt.org/insight/issue-brief-a-backdoor-to-encryption-for- government-surveillance/
  • 22. The backdoors could be used by malicious groups18 4 Backdoor security flaws may actually enable crime 4 Puts businesses at risk 4 Puts our country at risk of exploit from other foreign countries3 3 https://cdt.org/insight/issue-brief-a-backdoor-to-encryption-for- government-surveillance/ 18 https://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show- the-risk-of-government-backdoors/
  • 23. Backdoor requirements may stifle new entrepreneurship 4 Barrier to entry is too high, discourages encryption to begin with3 3 https://cdt.org/insight/issue-brief-a-backdoor-to-encryption-for- government-surveillance/
  • 24. Not significant evidence that NSA backdoors have stopped attacks19 "...the utter lack of evidence that a terrorist attack has ever been prevented because searching the NSA database was faster than other investigative tactics - I have serious doubts about the efficacy of the metadata collection program..." -Richard J. Leon, Senior Judge US District Court for DC 4 NSA director Keith Alexander at a security conference in 2013 stated in a presentation “54 ATTACKS THWARTED” 4 He later agreed that not all were plots and only 13 were connected to the United States20 20 https://www.propublica.org/article/claim-on-attacks-thwarted-by-nsa- spreads-despite-lack-of-evidence 19 https://www.propublica.org/documents/item/902454-judge-leon- ruling#document/p62
  • 25. Tools that exist will be used, maybe against you 4 Just because it's not being used against you right now, that doesn't mean it can't be used in new unimagined ways against you in the future 4 Foreign countries without free speech could monitor citizens10 4 US has funded projects to allow activists to communicate securely 4 IoT devices with backdoors21 21 https://www.aclu.org/blog/speak-freely/7-reasons-government-backdoor- iphone-would-be-catastrophic 10 https://www.youtube.com/watch?v=V9_PjdU3Mpo
  • 27. Ethical Egoism 4 From the consumer perspective: Keep as much information private as possible. Preference towards no back doors to keep data out of the wrong hands. Image source24 4 From the tech company perspective: They want to keep as many customers as possible in the long term, so they should do their best to comply with the consumer long term. 4 From the government perspective: Law enforcement's long term goal is to keep citizens safe, but they see backdoors as a gateway to this 24 http://www.pewresearch.org/fact-tank/ 2015/05/29/what-americans-think-about-nsa- surveillance-national-security-and-privacy/
  • 28. Kantianism Under the second categorical imperative foundation, we must not use others as means to an end. Extenuating circumstances don't make a difference. We must not deceive; it is a perfect duty. 22 The NSA gathers mass data on groups of people that have no suspected link of criminal activity.9 9 http://www.theverge.com/2013/7/17/4517480/nsa-spying-prism-surveillance- cheat-sheet 22 Lecture 2.2.2017, Dr. Claire McCullough
  • 29. My Ethical Viewpoint 4 Just because it's not being used against you right now, that doesn't mean it can't be used in new unimagined ways against you in the future 4 French authorities placed activists planning to participate in a peaceful rally under house arrest. They cited new anti-terror laws.10,23 23 https://www.theguardian.com/environment/2015/nov/27/paris-climate- activists-put-under-house-arrest-using-emergency-laws 10 https://www.youtube.com/watch?v=V9_PjdU3Mpo
  • 30. Thank You! Software Backdoors and their Ethical Implications Adam Chiaravalle CPSC 3610, Dr. Claire McCullough