1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

US Senators seek investigation into VPN use among government workers

By Bubbajim · 15 replies
Feb 9, 2019
Post New Reply
  1. With ongoing investigations into Russian meddling during the 2016 presidential campaign, and the recent rumors of an executive order to ban Chinese hardware from new communications infrastructure, it’s clear that the United States is taking its cybersecurity seriously. Alongside these wide-ranging efforts to tighten security, Senators Marco Rubio (Republican) and Ron Wyden (Democrat) have asked the Department of Homeland Security to investigate governmental employees’ use of VPNs.

    The Senators’ concern is that many VPNs make use of foreign servers to redirect traffic, and they are worried that two countries in particular may be on the receiving end of US data – China and Russia.

    It’s perhaps no surprise that China and Russia are the two countries being singled out by Rubio and Wyden, given the current uneasy relationship the US has with each nation.

    Writing to Christopher Krebs, Director of DHS’s Cybersecurity and Infrastructure Security Agency, the Senators noted, “If U.S. intelligence experts believe Beijing and Moscow are leveraging Chinese and Russian-made technology to surveil Americans, surely DHS should also be concerned about Americans sending their web browsing data directly to China and Russia.”

    The ‘if’ at the start of the quote is important as the Senators aren’t singling out any specific products. Instead, they are asking DHS to ‘conduct a threat assessment on the national security risks’, and if appropriate, issue a Binding Operational Directive to prohibit the use of any software deemed a threat.

    These Directives have been used before, such as in 2017 when DHS issued one to ban the use of Kaspersky-branded products from federal IT systems.

    Permalink to story.

     
  2. Evernessince

    Evernessince TS Evangelist Posts: 4,181   +3,791

    The only reason some Americans decide to use VPNs is due to the fact that their ISP can legally gather and sell their information, the government can gag order and secure the release of private information, and private companies track and sell their information.

    The Chinese and the Russians don't need to go such lengths to get private citizen information. They can likely buy it directly from your ISP or equifax. Not like it's illegal to sell that information to them so why not. If of course it hasn't been leaked already...
     
    Reachable, PEnnn and captaincranky like this.
  3. captaincranky

    captaincranky TechSpot Addict Posts: 15,183   +4,127

    @Bubbajim said: "The Senators’ concern is that many VPNs make use of foreign servers to redirect traffic, and they are worried that two countries in particular may be on the receiving end of US data – China and Russia".

    AFAIK, PIA has shut down any servers within those two countries borders. (Or had then shut down for them).

    https://arstechnica.com/tech-policy...-internet-access-exits-russia-due-to-spy-law/

    Other than that, I can picture an a**hole like Ted Cruz, might try and leverage this to outlaw VPNs altogether.

    But the overarching issue here is, the US needs to attack cyber vulnerabilities worldwide with its allies, while not having Cruz meddling too deeply into Internet affairs, wedging this issue into stumping for votes in his next bid for president.

    And trust me, there's a lot of tinder here to ignite right wing Republican nationalism. I say turn the issue over to where it belongs, the FBI, CIA and NSA. They can likely do something about it, instead of politicians running their yaps about it.
     
    Last edited: Feb 9, 2019
    PEnnn and Evernessince like this.
  4. seeprime

    seeprime TS Guru Posts: 405   +432

    Why would people believe the story that government employee use of VPN's might allow foreign countries to see the data? VPN's are encrypted. The odds are that our own government currently can't see what the employees are doing when they check. I suspect the real reason is that the US can't spy on its VPN using employees right now, not that other countries might do so later. https://computer.howstuffworks.com/vpn7.htm
     
    Last edited: Feb 9, 2019
    Knot Schure likes this.
  5. QuantumPhysics

    QuantumPhysics TS Evangelist Posts: 1,631   +1,230

    I never believed in VPN or encryption.

    I REFUSE to believe that "the almighty government" is going to be upstaged by a bad guy who uses encryption or a "private server".

    I bet it's really a way to lure people into a false sense of security.

    Let's consider Jeff Bezos. I absolutely believe that the government itself hacked Bezos at Trump's behest. How many references in history do we have of the NSA, CIA or FBI doing illegal wire taps with all types of ridiculous pretexts???

    And they really think I'm stupid enough to buy a $25 Google home speaker and put those things throughout my house?

    I might as well just let the CIA plant a voice recorder on my person.
     
    erickmendes and Dimitrios like this.
  6. Evernessince

    Evernessince TS Evangelist Posts: 4,181   +3,791

    This is true for the most part. Any large organization like the US government will most likely crack or find ways around VPNs. The snowden revelations made that clear. At the very least though, VPNs should be able to protect against snooping ISPs and wanabe hackers.

    And yeah, completely agree on the smart speakers.
     
    erickmendes likes this.
  7. captaincranky

    captaincranky TechSpot Addict Posts: 15,183   +4,127

    @QuantumPhysics @Evernessince C'mon guys, at the very least VPNs can make your data more trouble than it's worth to hack. While your conspiracy theory about Trump authorizing a hack on Bezos is plausible, what in all reality do any of us commoners have, that would make it worthwhile for Trump to have us hacked? IMO next to nothing.

    What really baffles me in all of this, is how incredibly stupid a bit of fluff can make a man. And in this day and age of massive data breeches, why would anybody in the world be dumb enough to keep compromising private photos of themselves on a cell phone?

    My feeling is, that while the new girlfriend might be looking at sharing only half of Bezos' wealth, a hundred grand or so is plenty for anybody close to them, or in their family, to sell them out

    As far as "Smart speakers" go, I've been railing about and against that sh!t literally since the 70's.

    I used to pose the question, (under circumstances conducive to group paranoia), "if you don't know how the electronics work, how can you be certain the TV isn't watching you, while you're watching it"?

    Well guess what, here we are 50 years later, and just about every electronic communication device you own, most likely is. Smart speakers in particular, since that's exactly what they're designed to do.
     
    Last edited: Feb 10, 2019
    JaredTheDragon likes this.
  8. QuantumPhysics

    QuantumPhysics TS Evangelist Posts: 1,631   +1,230


    My premise is that the US government - as well as Russia or China, would NEVER let the public have a device they didn't have the keys too - and to believe any less is to be lured into a false sense of security.

    They wouldn't even let us have PS2 when it first launched because it was technologically superior to some military computers.
     
  9. JaredTheDragon

    JaredTheDragon TS Guru Posts: 637   +411

    Do you have a smartphone?

    Guess what, you already PAID to let Langley plant a voice recorder on your person. Wake up.
     
  10. lexster

    lexster TS Guru Posts: 624   +303

    The CIA laughs every time someone says something like this. The CIA is not chartered for domestic operations. You're thinking of the FBI, DHS or the NSA who are all chartered for domestic ops in different ways. And being an Android dev I can tell that, no, you phone is not listening to you unless you allow it. And if you knew anything about how the software interacts with the hardware in a phone, you would know that.

    Pull off the tin hat people. The government can't "spy" on you without due process and/or probable cause relating to terrorism.
     
    Last edited: Feb 10, 2019
    QuantumPhysics likes this.
  11. Reachable

    Reachable TS Evangelist Posts: 369   +183

    Those nasty Russians and Chinese are out to get us!

    But, gee, whatever happened to the Iron Curtain, the Bamboo Curtain? Everything I own was made in China. And friendly Russians dance the foxtrot for us on television and they didn't even have to defect.

    I hate to be sarcastic, but this is all nonsense. And it's getting out of hand. And I don't know where it's going but it's incredibly dangerous.

    As somebody said lately: The first Cold War was a tragedy; the second Cold War is a farce.
     
  12. Knot Schure

    Knot Schure TS Addict Posts: 286   +122

    There are many types of VPN-types. Not just the commercial offerings any layman knows about, you can setup VPNs privately, with your own equipment, and dial-in, bridge, etc, as you please.

    Should you make good choices with your ciphers, hashing, authentication etc, you have a connection that you can absolutely trust (assuming said equipment is not already compromised).

    As somebody said above - maybe it is the fact they can't see what their employees are doing, that is the real issue here.
     
  13. treetops

    treetops TS Evangelist Posts: 2,647   +616

    I believe it would be more accurate to say. They are more worried about government officials who use VPNS and select China or Russia as their server. Not that they are using VPN's to communicate or exchange data with China or Russia.
     
  14. captaincranky

    captaincranky TechSpot Addict Posts: 15,183   +4,127

    That may be the case with the Russian and Chinese people, but their respective governments are likely a far different story.

    Putin has gone on record as saying it was a tragedy that the Soviet Union had broken up, and is on a quest to reassemble it. His actions in The Ukraine should make that blatantly evident, even to someone who in my day and age, would have been labeled a "peacenik".

    You're confusing cultural exchange with government intent. Dance, theater, and student exchange programs have always been in force, even during the cold war. Their missions have always been to take overarching governmental policies out of direct individual and group contact with peoples of different cultures.

    Bear in mind ("Russian bear pun intended"), that the US didn't build the Berlin Wall, the Russians did. (*) Also keep in mind, the Chinese have constantly been stealing our intellectual property, along with building their own nuclear arsenal uncontested. As recently as a few months ago, China wanted to launch a "killer satellite", under the auspices of "clearing space junk". It should be patently obvious that such an alleged "space trash truck", could easily be redirected to downing military satellites as well.

    Nuclear chicken is always a dangerous and possibly world ending game. Despite that fact, it really needs to be played. Did the first cold war end? I think not, it just wasn't publicized as widely.

    There's something you have overlooked which could lead to "your" downfall, simply because someone shakes your hand, you'll never know what they're thinking.

    I might add, sometimes an extra firm grip could indicate aspirations to control you, to intimidate you, and let you know how much resolve they have, and how much power they believe they possess.

    Keep in mind, I'm from the "love, peace, and understanding generation", and looking back, I realize how naive we really were..

    (*) As a matter of potential interest, they (the Russians), also introduced or enhanced a special breed of dog to patrol it.

    Known as the "Caucasian Shepard", or, "Ovcharka", it's a long haired breed similar to a German Shepard, but twice the size, ranging up to 200 pounds for the males

    [​IMG]

    And if you're curious, that surely ain't no cuddly, face licking St. Bernard.
     
    Last edited: Feb 10, 2019
  15. ferrellsl

    ferrellsl TS Enthusiast Posts: 29   +29

    I think many of you are missing the other reasons why US senators would be investigating the use of VPN's on government systems. There are many government employees who use VPN's to surf porn, shop online, and conduct other unauthorized activities while at the office.
     
    lexster likes this.
  16. lexster

    lexster TS Guru Posts: 624   +303

    Exactly this. You would be shocked what government emplyees dow ith and keep on their GOVERNMENT PC's. Morons..
     

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...