Vulnerabilities Found in Law Enforcement Surveillance System
SEC Consult has published an advisory warning people not to use a government eavesdropping product called Recording eXpress, sold by the Israeli company Nice Systems. Basically, attackers can completely compromise the system. There are good stories on this by Brian Krebs and Dan Goodin.
KnottWhittingley • May 29, 2014 3:04 PM
It seems bizarre to me that anyone would expect Israeli software, especially security or law enforcement software, not to have backdoors for Mossad et al.
I’m not slamming the Israelis by saying that. (“Some of my best friends” and all that.)
I’m just acknowledging that of all the countries in the world, Israel is perhaps the most threatened—there are lots of people lots of places, including many of their neighbors, who want to see them destroyed.
You don’t have to be for or against Israel to see that they’re under a special degree of pressure to gather what intelligence the can in various countries, adversaries and allies alike. They face a constant existential threat from several sides, with inconstant allies.
Given that, you have to wonder why they’re allowed to sell their software to law enforcement agencies in the US. What deal has been struck?
You also have to wonder why they’re allowed to sell software in the US that has such easily detectable back doors and other vulnerabilities.
Seriously, NSA? Seriously? Couldn’t you at least insist that they obfuscate those things a bit more, such that maybe our adversaries and theirs won’t find and use them too? Do you think that China and Russia can’t find such easily-findable back doors and security holes, or do you just not care very much, so long as you can use them?