National Insecurity Agency: How the NSA Undermines Internet Security

On the heels of the latest NSA disclosures from The Washington Post, the Open Technology Institute hosted an event on Monday about how the agency’s programs undermine the basic security of the Internet. The panel examined NSA conduct that makes all online activity less secure: from secretly undermining essential encryption tools and standards, to inserting backdoors into widely-used computer hardware and software products, stockpiling vulnerabilities in commercial software, and building a vast network of spyware inserted onto computers and routers around the world.

Representatives Zoe Lofgren and Alan Grayson gave opening remarks that highlighted recent developments in surveillance reform. Lofgren and Graysen are vocal critics of the NSA programs and sponsored two amendments that passed the House with overwhelming support in June to defund the NSA’s attempts to undermine encryption standards and to insert surveillance backdoors into communications technologies.

The panel discussion covered a wide range of ways that the NSA’s actions threaten Internet security as well as potential solutions. Bruce Schneier, an Internet security expert who has written extensively on NSA issues including vulnerability stockpiling and the agency’s two conflicting mandates, explained a number of the technical aspects of the NSA’s cyber operations. Joseph Hall, the Center for Democracy & Technology’s Chief Technologist, who has worked with a team of preeminent security experts to demonstrate how backdoors fundamentally threaten Internet security, highlighted the technological implications of the NSA’s programs and ways that individuals can increase their security online.

Panelists also discussed policy reforms that are needed to address the risks posed by the NSA's cyber operations. Amie Stepanovich, Access’s Senior Policy Counsel, discussed her organization’s campaign to promote encryption and civil society efforts to restore trust in the standards-setting process at the National Institute for Standards and Technology. Google’s Privacy Policy Counsel, David Lieber, offered the industry perspective. He explained the goals and role of the Reform Government Surveillance Coalition in the surveillance reform debate, as well as Google’s efforts to increase transparency and improve their products. Finally, we discussed OTI’s research on the topic, including our forthcoming paper on how NSA surveillance impacts the economy, U.S. foreign policy, and Internet security.

This event builds off of a discussion that OTI hostedin February on the economic, foreign policy, and security costs of NSA spying. For archived footage of Monday’s discussion, see the videos embedded in this post or visit the event page. For more on how the NSA undermines Internet security, read our fact sheet pdf and stay tuned for our upcoming paper, “Surveillance Costs: How NSA Spying Undermines the Economy, Information Security, and Internet Freedom.”