Susan Landau’s Listening In is an encyclopedia of cyber security, but misses out on the opportunity to set the stage for policy dialogue.
After the San Bernadino terrorist shootings of 2015, the FBI recovered an iPhone belonging to one of the attackers. FBI and Apple Inc came to loggerheads when Apple declined the FBI’s request to create software that would unlock the security protection on the iPhone. FBI wanted “exceptional access” to be built into the encryption systems on Apple’s iPhone, using the pretext of national security. However, Apple argued that in an age of cyber attacks, weakening of security should be the last thing to do, even if that means that the data of terrorists and criminals remain hidden from law enforcement. The basis of Apple’s argument was that security loopholes would be eventually found and exploited by hackers, presumably causing more harm to national security.
Using the above case as the background for her book Listening In Cyber Security in an Insecure Age, Susan Landau, a cryptography and cybersecurity expert, studies the clash between the individual’s need for privacy and the law enforcement agencies’ need for access to information. Landau unequivocally bats for not weakening security standards, even if that makes government investigations difficult. She sets the stage for her argument for stronger encryption standards by narrating one example after another of cyber espionage, exploits and attacks, and how these have been getting more sophisticated over time. She traces the first cyber espionage to 1986. With the involvement of the CIA, KGB, and a student in Germany hacking into systems at an energy research lab at Berkeley, this story makes for a fascinating read.