RSA 2016

RSA president slams crypto backdoors as useful only against petty criminals

Calls on RSA Conference 2016 attendees to loudly oppose weakening encryption

amit yoran
亚历克斯·黄/盖蒂图像

RSA总裁阿米特·约兰(Amit Yoran)表示,使端到端加密可破坏的想法“如此误导以使思想陷入困境”。

He says it will “catastrophically weaken” security for those using it for legitimate purposes without accomplishing the goals for which it is sought – catching terrorists and the worst criminals. “It is solely for the ease and convenience of law enforcement when pursuing petty criminals,” he says, while the toughest adversaries would be unaffected.

他说:“任何恐怖分子或民族国家都不会有意使用这种技术。”除了利用后门利用无辜的用户外,他说。他说,只有没有技术成熟的小演员才会被抓住。最终结果对于试图捍卫其数字环境的所有行业的企业都将是不利的。

He urged the 40,000 in attendance at the conference to deliver the message against backdoors to the government officials speaking at the conference, including FBI Director James Comey, who is the prime campaigner in favor of vendors and service providers being able to read encrypted communications if ordered to do so by a court.

+ NOT AT THE SHOW?See all the news as it happens+

Other government officials at the conference include Attorney General Loretta Lynch, Secretary of Defense Ash Carter and NSA Director Adm. Mike Rogers.

“We need to be respectful but we need to be sure our voices are heard loud and clear,” he says.

Yoran还谈到了需要更多,更好的培训的安全专业人员来应对攻击者,他们不断提出攻击网络,数据和身份的更多创新方法。

Security professionals should nurture the kind of outside-the-box thinking adversaries use to create attacks in order to stop them and track down attackers, he says. “If you don’t have hunters, grow them,” he says, “or at least don’t stand in their way.”

He says businesses should provide the automated tools that lift a lot of the necessary security drudge work so analysts can focus on what machines can’t. “Technology to reduce the mundane is good,” he says.

With the proper support, security pros can become master analysts within six months while on the job, he says, but it’s a big job that may take changing how they think about their work. They need to be free thinkers and curious. They should not focus on compliance check lists, but rather on solving problems.

“The private sector can’t do this alone,” he says. It needs government to make incentives that encourage cybersecurity education and to set policies that make better cybersecurity possible.

He cited the Department of Justice’s push for encryption backdoors as one of the government efforts that is not helping.

Join the Network World communities onFacebookandLinkedInto comment on topics that are top of mind.

Copyright © 2016足球竞彩网下载

IT工资调查2021:The results are in