The results of a recent contest by Internet security company CloudFlare Inc would certainly added to the growing concern of the exposure of personal information online. The results of a competition launched by Internet security company CloudFlare Inc revealed that the widely used form of encryption, OpenSSL, could be bypassed by people who have introductory knowledge of encryption.
Bloomberg explains that in encryption, private keys equate to one's house keys, which are normally guarded by the owner. Public keys are what house owners publish for other people to use when the latter wishes to communicate with them. The two encryption keys are usually paired, the news agency said.
The Heartbleed bug is the outcome of a simple programming error that could be used by anyone who wishes to obtain sensitive information like passwords and bank data. New Haven Register said this, and other computer hacking tools are making its way to law enforcement agencies around the world in the hopes of catching bad guys. On the other hand, a Yale University panel believes that the courts nor Congress are not ready to handle the consequences of using such security holes.
According to Georgetown University Law Center professor Laura Donahue, who is one of the panelists, federal agencies such as the Federal Bureau of Investigation, the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF), aside from the National Security Agency, are also employing computer hacking tools to pursue their cases. Bloomberg noted that the NSA was aware of the Heartbleed bug two years before its discovery by researchers, and have used it to their advantage to develop their own hacking tools.
Former national security prosecutor Stephanie Pell, another panelist, added, "These law enforcement techniques are stretching the bounds of statutory language and Congressional oversight. When government is accessing information directly, it is doing it invisibly."
Texas magistrate Judge Steve Smith expressed his need for authoritative guidance on how to go about handling computer hacking requests from law enforcement that most of the time raise Fourth Amendment concerns.
