CS Colloquium - Christopher Soghoian, Ph.D.
Title: Our phone calls are insecure, and no one is doing anything about it.
Host: Bryan Ford
Abstract: Some of the most widely used encryption algorithms that protect our cellular phone calls were designed in the 1980s and broken in the 1990s. In the decades since, computer security researchers have refined these attacks, ultimately demonstrating that phone calls and text messages can be intercepted with a few hundred dollars worth of off-the-shelf hardware and some open source software. Yet, in spite of the many research papers published and demonstrations at high-profile security conferences, little has been done. The phone companies, in the US and elsewhere, continue to operate networks that use weak crypto. These companies and government regulators that are responsible for communications networks have neither warned the public about the insecurity of traditional phone calls, nor advised them about the ways in which they can more securely communicate. Moreover, efforts by activists to obtain documents showing how these flaws are being exploited for surveillance by law enforcement and intelligence agencies have largely been blocked, as agencies claim that publishing that information will reveal classified information.
This talk, in part, is about the sorry state of our cellular communications networks. But it is also about the total failure of the computer security community to influence public policy, particularly when opposed by law enforcement and intelligence agencies, who want nothing to change and the public to be kept in the dark.
Bio: Dubbed the “Ralph Nader for the Internet Age” by Wired and “the most prominent of a new breed of activist technology researchers” by the Economist, Christopher Soghoian works at the intersection of technology, law, and policy. A leading expert on privacy, surveillance, and information security, Soghoian is currently the Principal Technologist at the American Civil Liberties Union.
A TED Senior Fellow, Soghoian has been named a top innovator under 35 by the MIT Technology Review, an Engineering Hero by IEEE Spectrum, and a Tech Titan by Washingtonian magazine. Soghoian completed his Ph.D. at Indiana University in 2012, which focused on the role that Internet and telephone companies play in enabling government surveillance of their customers.
In order to gather data, he has made extensive use of the Freedom of Information Act and sued the Department of Justice pro se. His research has appeared in publications including the Berkeley Technology Law Journal and the Harvard Journal of Law & Technology, and has been cited by several federal and state courts, including including the 9th Circuit Court of Appeals and the New Jersey and Massachusetts Supreme Courts.