Barr Humbug

 In ITC's Threat of the Week

Unfortunately we will not be talking about the legendary A.G.Barr, Scottish manufacturer of the insanely popular Irn Bru, which until 2009 at least was ‘Made in Scotland from Girders’.

No, we will be talking about a distinctly less sweet member of the Barr diaspora, although almost certainly also made from girders, William Barr.

For those of you unfamiliar with Barr’s work that cannot be bothered to read the Wiki, he has had a stellar career in both the CIA and multiple Government departments. He is currently the 85th USA Attorney General in the Trump administration and is clearly a very busy man.

This week, Mr Barr has ordered the death penalty to be reinstated (for the first time in two years), scheduling the execution of five long-term death row inmates.

This has caused much outrage, wailing and gnashing of teeth not least because the executions are set to use a singe drug (Pentobarbital), which the manufacturer and licenced producers will not sell to The Government, leading to obfuscation of the supply chain and associated constitutional and legal issues.

‘What has this go to do with cyber security?’ we hear you mutter. Good question. Not much, but it does help to establish Barr’s position on the left/right swingometer, as if being Attorney General for Mr. Trump wasn’t enough.

This week, (told you he was busy), Mr Barr also demanded that eavesdropping technology (for the purposes of legitimate and legal law enforcement, obvs) must (no ifs, no buts) be inserted into consumer software and devices. If tech businesses don’t do this, then the US Government will pass a law enforcing it growls he.

Needless to say this has caused a massive storm from industry, academia and even from current and former US uber spooks. The Director of the FBI Christopher Wray seemed to deny this was the way the Government was going, although if you read his full speech it is more than a little confusing.

The proposal was even more firmly rebutted by none other than former NSA Director Michael Hayden, who thankfully has recovered from a big stroke. He said plain and simply that backdoors should not be accepted by Americans.

Without straying (too much) into political debate, we are concerned about any backdoors in any software or hardware platform, for any reason. One person’s law enforcement tool is another’s attack vector.

This is exacerbated by the seemingly endless hacking and leaking of nation state tools and techniques. Just this week, the outfit that jacked Russian security services last week published 750Mb of the data. Purporting to be Russian freedom of privacy fighters, one can only be slightly suspicious that somewhere in a different government’s underground bunker, some GovGeeks(TM) might be slapping each other on the back.

Of course some governments give fewer foxtrots than others, in fact the field in which they grow their foxtrots (if you can find it) is barren. We all know the Chinese are all over this (and of course, ahem, The NSA of old), however they are all lightweights compared with the government of Kazakhstan, which is now intercepting the whole nation’s HTTPS traffic via the enforced installation of Government Root Certificates.  Is this the shape of things to come or just a flashback to the work of the Stasi? Time will tell.

We can guarantee that this subject will run and run. Remember the Clipper chip? If you would like to discuss the subject, tell us your overall paranoia level and we will arrange for an appropriate specialist to take you through the issues for your business.

Contact us at: [email protected] or call 020 7517 3900.

Author: Kevin Whelan

Recent Posts

Leave a Comment

Tel:
+44 (0) 20 7517 3900