

Lawful Hacking: Using Existing Vulnerabilities for Wiretapping on the Internet - psibi
http://talks.cam.ac.uk/talk/index/49410

======
bostik
Let's see if I understood this correctly. Building snooping capabilities into
networking gear is so inherently insecure that it would be better to just
allow wiretapping to happen by exploiting known vulnerabilities?

The law of unintended consequences will cause that to backfire in spectacular
way. In order for LEOs to maintain their wiretap capabilities, they would very
likely start to issue gag orders on vendors and to prevent them from fixing
some of their more "valuable" vulnerabilities. Hell, why not flat out require
certain classes of bugs to be present at all times?

In effect, there would be no practical difference between a built-in backdoor
and a critical security bug.

------
Nemant
Is the speaker going to practically show how to snoop the network/phone calls?
From the description I'm imagining a very vague talk :/

