No, we’re not trying to get backdoors in smart homes, cars, says Germany

The German government wants to be able to go to connected-car and smart-home systems makers with a court order, and order them to withhold the notification of an opened door at a preordained time.
BMW
Interior ministers of Germany’s states are discussing whether authorities should be able to bypass the security mechanisms in smart homes and connected cars — but not, the federal interior ministry says, by installing backdoors in those mechanisms.
The proposal before the ministers, who are meeting at a conference in Leipzig this week, comes from Thomas de Maizière, the acting federal interior minister, as first reported late last week by RedaktionsNetzwerks Deutschland (RND).
However, the interior ministry has disputed key aspects of RND’s report of the proposal, in particular the suggestion that it wants to mandate backdoors in all sorts of internet-connected devices, including tablets, computers and smart TVs. Some local outlets even extrapolated the notion of the government tapping into connected sex toys.
To counter the uproar that followed the initial report, the government on Monday tweeted a video explaining what it was actually hoping to achieve.
The core issue is that, while investigators have long been able to plant bugs in cars and houses when investigating or trying to prevent a crime, that’s becoming increasingly difficult. When home and car doors are connected to the internet, they will often alert their owners as soon as they detect any signs of intrusions.

According to the interior ministry, de Maizière’s plan has nothing to do with tapping into connected devices.
The government only wants to be able to go to the manufacturer of a smart home or connected car system, with a court order, and order them to withhold the notification of an opened door at a preordained time.
“The goal is that the operators of such alarms and security devices are involved so that the use of appropriate tools is possible without the person concerned becoming aware of it,” ministry spokesman Johannes Dimroth said at a Friday press conference.
He said investigators had been stymied by such technology in 25 cases over the past two years.
部署技术系统容易,关键要有合法的理由以及合规的流程,一般来讲,信息系统和数据都属于公司,它们应该被用于工作,公司拥有监控基于网络系统的工作情况和过滤不利于工作的内容的权限。
The timing of the proposal was certainly awkward. Because de Maizière’s party, Angela Merkel’s Christian Democratic Union, has so far failed to find a coalition partner following September’s elections, the ministers from her previous administration remain in place for now.
But at the moment, the CDU’s only hope for avoiding a minority government or fresh elections lies with the Social Democratic Party (SPD), the second-largest party in Germany and Merkel’s main coalition partners in her last administration. And the SPD is not very keen on what de Maizière is reportedly proposing.
“The federal interior minister has apparently lost all political decency,” SPD interior expert Uli Grötsch told Der Spiegel. “More access and surveillance does not automatically mean more security.”
The Greens have also turned their noses up at the reported proposal, with deputy leader Konstantin von Notz describing it as an “Orwellian nightmare” and raising comparisons with state surveillance under the Nazi and East German dictatorships.
It probably goes without saying that the Chaos Computer Club, Germany’s venerable hacker organization, is also not a fan. “Access to the technology in a modern car means danger for life and limb: a literal kill switch,” spokesman Frank Rieger told Netzpolitik.
安全文化宣传之互联网搜索公司专利保护及信息安全意识
Even the German Bar Association has weighed in, with association president Ulrich Schellenberg saying a backdoor regime would be inherently disproportionate, while also making citizens more vulnerable to attack by third parties.
The interior ministry says all this reaction is overblown. However, even if de Maizière really is only proposing that security system manufacturers withhold notifications, that still doesn’t clear up the technical hurdles that investigators would face when trying to bug a connected car or smart home.
The doors to these things don’t just notify the owner of intrusions. They also tend to lock and unlock by electronic means, leaving serious questions about how investigators might be able to open them without weakening their security.
The German government has already been accused of promoting weak cyber-defenses by earlier this year passing a law that drastically expands the ability of the authorities to hack into people’s computing equipment in the investigation of a variety of offences.
The precise details of what is being discussed this week may only come out after the state interior ministers’ conference wraps up on Friday. A press conference is likely to take place on Friday morning.
If the interior ministers want to move ahead with the plan, they will need to discuss it with other ministers in areas such as justice, and then come up with a law that goes before the Bundestag.
There was another notable aspect to the reported proposal: that the authorities get, as a last resort, the ability to remotely shut down servers that are being used in a massive cyberattack.
That conversation has been going on for a while though, the interior ministry said, and whether or not it goes ahead will really be up to the next government.Previous and related coveragePolice get broad phone and computer hacking powers in GermanyThe German parliament has waved through a massive expansion of police hacking powers.Windows 10 picked as ‘initial’ OS for Germany’s new government client Despite EU issues with Microsoft’s personal data use, Germany is working on a Windows 10 client for federal staff.Germany’s new hate speech law goes live: So who’s in its sights? The NetzDG or ‘Facebook law’ is now in force with big implications for social networks.
Related Topics:
EU
Security TV
Data Management
打错地址很容易导致电子邮件泄露,用户的粗心大意不是很容易被改变的,不过仍然很值得信息安全管理人员深思。

猜您喜欢

华东理工大学信息办设备采购项目(包件1:数据中心防火墙,机柜,…
浅谈信息安全测试系统
网络安全法宣传片 002 国家网络安全的现状与重要性概述
金球奖与FIFA最佳的博弈 难改C罗通杀结局?
KLUB-BIOSFERA WHEELCHAIRPHOTOGRAPHY
做安全就要得罪人么?