In Science essay, professor says FBI approach to investigations puts security at risk

In science essay, WPI professor says FBI approach to investigations puts security at risk
Susan Landau, professor of cybersecurity policy at Worcester Polytechnic Institute (WPI) Credit: Worcester Polytechnic Institute

In an essay to be published on June 17, 2016 in Science magazine Susan Landau, professor of cybersecurity policy at Worcester Polytechnic Institute (WPI), argues that the FBI's recent and widely publicized efforts to compel Apple Computer to write software to unlock an iPhone used by a terrorist in California reflects an outdated approach to law enforcement that threatens to weaken the security of all smartphones, potentially putting the private information of millions of smartphone users at risk and undermining the growing use of smartphones as trusted authenticators for accessing online information.

The Science essay grew out of testimony Landau delivered in March before a hearing of the U.S. House Judiciary Committee [Landau's testimony begins at 3:35:44]. In that forum, Landau countered the argument of FBI director James Comey that encrypted devices (which Comey has characterized as "warrant-proof spaces") hinder the agency's ability to investigate crimes. Landau says the FBI is looking at smartphones through a 20th century lens, a perspective that is particularly troubling given the potential for smartphones to either replace or augment static passwords as authenticators for logging into computers or accessing online accounts.

Login credentials are a favored target of hackers, Landau says, since they can provide access to valuable data and leave computer systems open to attack. More and more, companies like Facebook and Google and even some high-level are using smartphones as authenticators to make online resources significantly more difficult to breach. But for authentication to be effective, smartphones, themselves, must be secure.

Landau says the FBI's efforts to weaken smartphone reflect its outdated approach to investigating crime and its inadequate resources for conducting modern cyber investigations. Landau argues that the agency needs to invest in building up its own "21st century investigative savvy," including creating "an investigative center with agents with deep technical understanding of modern communications technologies and computer science."

With the ability to develop new surveillance approaches and tools matched to the latest advances in , the agency will no longer need to seek to weaken the devices that people, corporations, and government agencies worldwide depend on to securely communicate, transact business, and transmit sensitive information.


Explore further

FBI director warns against cellphone encryption

More information: "The real security issues of the iPhone case," Science, science.sciencemag.org/cgi/doi … 1126/science.aaf7708
Journal information: Science

Citation: In Science essay, professor says FBI approach to investigations puts security at risk (2016, June 16) retrieved 31 March 2020 from https://phys.org/news/2016-06-science-essay-professor-fbi-approach.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
22 shares

Feedback to editors

User comments