To avoid wiretapping every communication, NSA will need to build massive automatic surveillance capabilities into telephone switches. Here things get tricky: Once such infrastructure is in place, others could use it to intercept communications.I don't know how seriously to take Landau's concerns. On the technical issues, only someone with very specialized knowledge is qualified to have an opinion. But it certainly seems worth talking about. You don't have to know very much about the particulars of communications software to know that big, complex systems always have vulnerabilities you don't expect. That's especially true when you rush the systems to completion and allow no outside oversight of them. NSA's programmers and system designers are probably smart guys, but there are a lot of smart guys in the world.
Grant the NSA what it wants, and within 10 years the United States will be vulnerable to attacks from hackers across the globe, as well as the militaries of China, Russia and other nations.
....Such threats are not theoretical....U.S. communications technology is fragile and easily penetrated. While advanced, it is not decades ahead of that of our friends or our rivals. Compounding the issue is a key facet of modern systems design: Intercept capabilities are likely to be managed remotely, and vulnerabilities are as likely to be global as local. In simplifying wiretapping for U.S. intelligence, we provide a target for foreign intelligence agencies and possibly rogue hackers. Break into one service, and you get broad access to U.S. communications.
....In its effort to provide policymakers with immediate intelligence, the NSA forgot the critical information security aspect of its mission: protecting U.S. communications against foreign interception. So did Congress.
HACKERS....Via Bruce Schneier, Susan Landau, an engineer at Sun Microsystems, points to a little-discussed technical problem with NSA's newly broadened eavesdropping capabilities. NSA is allowed to tap only communications between foreigners, but this requirement requires the construction and widespread deployment of software that can discriminate between different kinds of calls: