Don Davis <[EMAIL PROTECTED]> writes: >with similar import, here's cringely's article on insecure CALEA >workstations:
A friend of mine who used to work for a large telco ended up being delegated to attend some of the CALEA meetings. He reports that the FBI were totally unable to comprehend that if they built a system full of easily-accessible backdoors (pushbutton access to anything anytime), anyone with the necessary know-how could also use those backdoors, and since the CALEA monitoring system didn't appear to have been designed with security in mind (and as Cringely's article points out, that obviously got carried through to the final design), it would be possible to watch the watchers. Sort of like assuming that when you shoot at the bad guys they go down, but when they shoot back the bullets bounce off. (I think this was a manifestation of a generic problem with nontechnical decision-makers, the FBI has very clueful technical people, but the ones who got sent to the CALEA meetings were nontechnical people armed with wish- lists rather than techies armed with clues). Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
