U.S. enables Chinese hacking of Google
Bruce Schneier. Emphasis mine.
… China’s hackers subverted the access system Google put in place to comply with U.S. intercept orders. Why does anyone think criminals won’t be able to use the same system to steal bank account and credit card information, use it to launch other attacks or turn it into a massive spam-sending network? Why does anyone think that only authorized law enforcement can mine collected Internet data or eavesdrop on phone and IM conversations?
These risks are not merely theoretical. After September 11, the NSA built a surveillance infrastructure to eavesdrop on telephone calls and e-mails within the U.S. Although procedural rules stated that only non-Americans and international phone calls were to be listened to, actual practice didn’t match those rules. NSA analysts collected more data than they were authorized to and used the system to spy on wives, girlfriends and notables such as President Clinton.
And surveillance infrastructure can be exported, which also aids totalitarianism around the world. Western companies like Siemens and Nokia built Iran’s surveillance. U.S. companies helped build China’s electronic police state. Just last year, Twitter’s anonymity saved the lives of Iranian dissidents, anonymity that many governments want to eliminate.
In the aftermath of Google’s announcement, some members of Congress are reviving a bill banning U.S. tech companies from working with governments that digitally spy on their citizens. Presumably, those legislators don’t understand that their own government is on the list. …