Did the U.S. Facilitate Chinese Hacking?

Censorship isn't the only worry in the Google-China standoff--another is security. How did the hacking attack that started the whole donnybrook happen, anyway? Security expert Bruce Schneier tells a troubling story: Chinese hackers used the very architecture the U.S. government demanded for surveillance. "In order to comply with government search warrants on user data," Schneier explains, "Google created a backdoor access system into Gmail accounts. This feature is what the Chinese hackers exploited to gain access." This raises an interesting question: are government security systems, ironically, creating a security weakness? And is overzealous government surveillance the least of our worries?

While privacy is often the major concern, Schneier argues that the "unofficial uses" of surveillance systems are perhaps the bigger risk:

Any surveillance and control system must itself be secured. An infrastructure conducive to surveillance and control invites surveillance and control, both by the people you expect and by the people you don't.

China's hackers subverted the access system Google put in place to comply with U.S. intercept orders. Why does anyone think criminals won't be able to use the same system to steal bank account and credit card information, use it to launch other attacks or turn it into a massive spam-sending network? Why does anyone think that only authorized law enforcement can mine collected Internet data or eavesdrop on phone and IM conversations?

Are surveillance systems more trouble than they're worth?

Related Content