Thank Snowden: Internet Industry Now Considers The Intelligence Community An Adversary, Not A Partner
from the a-useful-level-of-distrust dept
We already wrote about the information sharing efforts coming out of the White House cybersecurity summit at Stanford today. That’s supposedly the focus of the event. However, there’s a much bigger issue happening as well: and it’s the growing distrust between the tech industry and the intelligence community. As Bloomberg notes, the CEOs of Google, Yahoo and Facebook were all invited to join President Obama at the summit and all three declined. Apple’s CEO Tim Cook will be there, but he appears to be delivering a message to the intelligence and law enforcement communities, if they think they’re going to get him to drop the plan to encrypt iOS devices by default:
In an interview last month, Timothy D. Cook, Apple?s chief executive, said the N.S.A. ?would have to cart us out in a box? before the company would provide the government a back door to its products. Apple recently began encrypting phones and tablets using a scheme that would force the government to go directly to the user for their information. And intelligence agencies are bracing for another wave of encryption.
In fact, it seems noteworthy that this whole issue of increasing encryption by the tech companies to keep everyone out has been left off the official summit schedule. As the NY Times notes (in the link above), Silicon Valley seems to be pretty much completely fed up with the intelligence community after multiple Snowden revelations revealed just how far the NSA had gone in trying to “collect it all” — including hacking into the foreign data centers of Google and Yahoo. And, on top of that, the NSA’s efforts to buy up zero day vulnerabilities before companies can find out and patch them:
?What has struck me is the enormous degree of hostility between Silicon Valley and the government,? said Herb Lin, who spent 20 years working on cyberissues at the National Academy of Sciences before moving to Stanford several months ago. ?The relationship has been poisoned, and it?s not going to recover anytime soon.?
That Times article quotes White House cybersecurity boss Michael Daniel (the man who is proud of his own lacking of cybersecurity skills) trying to play down the “tensions” between Silicon Valley and Washington, followed by this anonymous quote from a Silicon Valley exec:
?A stupid approach,? is the assessment of one technology executive who will be seeing Mr. Obama on Friday, and who asked to speak anonymously.
Further, the article discusses how companies are trying to fight back against the NSA’s abuse of zero days (another thing that Daniel has championed) by getting to them before the government does:
And while Silicon Valley executives have made a very public argument over encryption, they have been fuming quietly over the government?s use of zero-day flaws. Intelligence agencies are intent on finding or buying information about those flaws in widely used hardware and software, and information about the flaws often sells for hundreds of thousands of dollars on the black market. N.S.A. keeps a potent stockpile, without revealing the flaws to manufacturers.
Companies like Google, Facebook, Microsoft and Twitter are fighting back by paying ?bug bounties? to friendly hackers who alert them to serious bugs in their systems so they can be fixed. And last July, Google took the effort to another level. That month, Mr. Grosse began recruiting some of the world?s best bug hunters to track down and neuter the very bugs that intelligence agencies and military contractors have been paying top dollar for to add to their arsenals.
They called the effort ?Project Zero,? Mr. Grosse says, because the ultimate goal is to bring the number of bugs down to zero. He said that ?Project Zero? would never get the number of bugs down to zero ?but we?re going to get close.?
There’s a lot more in the two stories ahead, but the angry feeling is real. In the past year, it’s amazing how many conversations I’ve had with people around Silicon Valley who aren’t just upset or disgusted over the intelligence community’s actions, they’re angry. And while the tech industry was never as buddy buddy with the government as some have tried to imply, things had undoubtedly become complacent in some circles, with little effort being made to make sure that information wasn’t being misused or abused. But that’s no longer the case. There are, of course, legal limits on what companies can do, but just as the NSA once explained how they play right up to the very edge of the limits that Congress puts around them (some of us believe they go beyond that…), the tech industry is rapidly learning that they, too, need to push back to the line that the law allows them to do so as well.
And, of course, none of that would likely have happened without Ed Snowden revealing to journalists the nature of the NSA’s overreach.
Filed Under: cybersecurity, cybersecurity summit, ed snowden, government, surveillance, trust, white house, zero days
Companies: apple, facebook, google, yahoo
Comments on “Thank Snowden: Internet Industry Now Considers The Intelligence Community An Adversary, Not A Partner”
About freakin' time
The NSA has been doing everything it can to screw over the tech companies for years now, it’s about time they realize it and start fighting back. They may not be able to completely stop the indiscriminate spying, but they can, and should, at least work to make it as difficult for the NSA and similar agencies as they can.
And, of course, none of that would likely have happened without Ed Snowden revealing to journalists the nature of the NSA’s overreach.
Not so, Snowden may have gotten the ball rolling by exposing the parasitic relationship that the NSA has with tech companies, but ultimately the blame for their increased push towards bug-hunting and encrypting/securing their products lies at the feet of the NSA, police, and others like them who just couldn’t restrain themselves and adopted a ‘Grab everything‘ mindset when it came to data.
The NSA and others have shown that they cannot be trusted, and if the tech companies are going to protect their services, profits, and customers, it’s up to them to do so.
Re: About freakin' time
You seem to be doing the opposite of shooting the messenger. Of course the blame lies with the NSA, but it was Snowden’s whistleblowing that got Google engineers swearing.
Re: About freakin' time
Of course it’s true, he DID get the ball rolling. No one had any clue of what the NSA was doing. The stuff they were doing was the stuff of tin foil hat conspiracy theories. If you saw some random person saying the things Snowden exposed a week later you would have said “Yea, whatever. Did you skip your meds again?”
How did they not see this coming?
I just want to know…how did literally nobody in the intelligence community see this backlash coming?
They really think stepping all over their toes wouldn’t have consequences?
Re: How did they not see this coming?
The answer is stupidity.
There are two ways to solve a given problem: Application of intelligence or application of force. Force is easier, so if you have power, you apply force and neglect intelligence. If you have no power, all you have is your intelligence, so you use that.
As weak people use their intelligence, they acquire power and the ability to use force, which is so much easier to use. This explains why dictators seem so smart on their rise to power, but so stupid once at the top.
In a very real sense, power seems to destroy brain cells. Those in the so-called “intelligence” coummunity are at the top of their game and have stopped using intelligence a while ago. Of course, they THINK (are CERTAIN) that they are the SmartestGuysInTheRoom, so they are blind to the self-destructive consequences of their policies.
Re: How did they not see this coming?
Because, we’re the Good Guys! Trust us! The US government has never done anything wrong.
Re: Re: How did they not see this coming?
Re: Re: Re: How did they not see this coming?
“Nobody every thinks of themselves as a bad guy.”
This can’t be overstated. For potent examples, look at nearly every evil tyrant in history. Almost every single one of them thought they were the “good guy”.
Re: Re: Re:2 How did they not see this coming?
Hitler: Just hours before committing suicide, referred to himself as the “Savior of Europe” and stated that the German people did not deserve one as good as he.
Pol Pot: Determined to create a socialist Utopia. The slaughter of millions of Cambodians was a sacrifice he was willing to make for the greater good.
NSA/CIA/FBI: Willing to shred the Constitution and their oaths in order to preserve the safety of Americans. Convinced that they will never use the blackmail possibilities they have gathered for anything other than “noble” means as they see it. They are the good guys.
This is why it never matters what you THINK of yourself, it only matters what you DO. This is why we have rules; because the good intentions of men can never be trusted.
Re: Re: Re:3 How did they not see this coming?
Exactly!
Re: Re: Re:2 How did they not see this coming?
What’s the moral equivalent of the Dunning-Kruger effect? I honestly think the best way to find people who should hold positions of authority is to advertise open interviews. Everyone who shows up should immediately be eliminated from consideration.
Re: Re: Re: How did they not see this coming?
They may think they are the “good guys”, but they took an LAWFULLY required binding Oath as to what qualifies in THIS nation as “good” to qualify as a “Good Guy”, and it IS a felony to break that Oath (all – hired, contracted, elected, etc are REQUIRED to take and keep that Oath).
When they no longer understand what qualifies as a “Good Guy” in our nation they no longer are a part of the “good guys”.
Re: How did they not see this coming?
Pride? They feel they are all powerful so everybody should bow to their whim and that no one would learn about it.
Re: Re: How did they not see this coming?
They certainly exhibit pride by the ton. Which just makes me angrier because they should be exhibiting shame.
Re: Re: Re: How did they not see this coming?
Only sociopaths like to hold positions of power, and this takes shame off the table. Nobody with the capacity for empathy would ever rise high enough in the intelligence communities’ ranks to guide policy. Hell, it looks like you can’t even make it from contractor to regular employee if you have a conscience. Instead, you go from contractor to a small apartment in Russia.
Re: How did they not see this coming?
Some of them DID see this coming. Some of them tried using the internal whistleblowing protocols, only to find themselves out of a job. Others saw it coming and started refusing access to information, because doing so would help the terrorists (by damaging the relationship between the intelligence community and pretty much everyone else). I think the intelligence community was banking on the “too big to fail” logic that works for banks and movie studios.
Re: How did they not see this coming?
Secrecy
Re: How did they not see this coming?
They got complacent when working with the BIG telcos who just happily went along with the siphoning of data at their NAPs — not to mention the $$$ they were and still are being paid – Money for nothin’….
It seems very odd that the head of any corporation would snub the president. Virtually all big corporations are government ass-kissers who are always giving favors in order to get favors. It’s always nice to see that the usual symbiotic (and often incestuous) relationship between government and private industry can on rare occasions break down.
Now let’s just sit back and watch if Google, Yahoo and Facebook soon start getting some lucrative government contracts in order to change their attitude about “big brother.”
Re: Re:
Google has a product that may be interesting to the Feds. We actually got a presentation on a “google box” that would install on your local network and parse through documents and build a search index. It was out of our price range unfortunately but was a really fun idea, essentially google for your local intranet.
But for Yahoo and Facebook….what exactly would the government “hire” them to do?
I’m waiting for the government to:
1. Decide not to give tax breaks to those corporations not willing to play ball…
2. Use any and all anti-trust laws to bury them in legal bullshit forever…
3. Just use eminent domain laws to yank the businesses out from under them…
Re: (I'm waiting for the government to:)
(Not counting labor laws, which do need to be stronger. But that’s another story.)
I get the feeling this was a situation of the old guard treating this new thing as everything else they deem to treat without fully comprehending this new thing……..not fully comprehending this degree of oposition when their secret implementations were found out by programmers programing programs not intended to operate into what the old guard turned their programs into
“Companies like Google, Facebook, Microsoft and Twitter are fighting back by paying “bug bounties” to friendly hackers who alert them to serious bugs in their systems so they can be fixed. “
THIS!!!
Is the kinda of thing i EXPECT to see in a cybersecurity bill……….
“He said that “Project Zero” would never get the number of bugs down to zero “but we’re going to get close.”
An attempt
Recognition
Forsight
This (the quote) is all we ask
Not nothing
To those that try thankyou for giving a damn
NSA put an asteRISK next to every US IT product.
* This product contains malware/spyware implanted by the US Govt.
Who needs TPP/TTIP/… when NSA singlehandedly kills our IT exports?
“There are, of course, legal limits on what companies can do,”
Fair enough, i wouldnt want an idividual put their neck on the line unless they chose to…..but to put things simply, legal limits doesnt seem to stop a listfull of governments………they need to get their act together, before to many people realise this and still expect an expectation of people to follow the laws, at least the laws that can be argued NOT to benefit humanity, and hopefully more investigatory scrutiny in how such laws came about
and about time too! what is still needed is for Congress etc to realise that what the intelligence community is doing is writing it’s own versions of it’s own laws, just to be able to prosecute who they want, wherever they may be! and dont forget how these same security forces have been playing at internet censorship, not because of what was happening, not because of what it was happening to, but because of who it was happening to! they have become the Entertainment industries private army, but an army so strong that they cannot now be reined in, not by anyone!!
Re: Re:
“… write their own laws…”
Yet, they are under the executive branch which is forbidden to write laws, regulations, etc by the word “All” by the supreme LAW of our nation that all must be in Pursuance thereof to be lawful here within the USA. US Constitution, Article 1, Section 1:
“All legislative Powers herein granted shall be vested in a Congress of the United States, which shall consist of a Senate and House of Representatives.”
Yes, that does mean that “executive orders” are NOT lawful and it matters not over how many decades they have been used, time does NOT make them lawful, just that those who all served within our governments and allowed them to be used on the people and not just those who are in Washington DC criminals.
US corporations are discovering they have a choice. They can snuggle up to the government and depend on the handouts to be their source of income. It won’t be enough for them but if they continue to co-operate with the government, no one else will want their products and services.
Made in the US for electronic products and software no longer stands for quality. It stands instead for built in security flaws guaranteed. Having the corporate headquarters in the US stands for “we can’t trust you nor what you can or can not say”.
No one wants to pay for that deal when buying products and services.
“Thank Snowden”
Damn straight
And the truth will make you free, and that is a good start.
It is to laugh.
If companies like this had not spent most of the last 20 years attacking and criminalizing those who pointed out their security flaws and churning out piss-poor code and hardware, completely ignoring actual security for much of that time, they would not so much have that problem now, would they? It is merely trendy or convenient for them to be at odds with the insane overreach of the national security apparatus these days. They certainly don’t mind the same behaviors when they are doing it.
maybe thats why the govt (local or fed) hasnt done shit about the port closures in cali…
Apple playing shady?
Curiously, Apple seems to have two faces, compared with Google. To the US and other Western governments, Apple is stern and steadfast. But to China, they’re willing to accept a more submissive role to garner more market favor. Even when it was very clear that the Chinese government was behind a “man-in-the-middle” attack on iCloud, Tim Cook bent over and grabbed his ankles for China.
http://www.aljazeera.com/indepth/features/2015/02/china-code-war-attacks-internet-titans-150211084717111.html
“Apple, like other Western internet titans that aim to ride China’s rise as an economic superpower, is likely under tremendous pressure to tolerate these “organized network attacks” as part of the price of remaining in the Chinese market, he added… The only American internet giant to publicly renounce cooperating with China’s censors so far has been Google, which also identified “the Chinese government or its agents” as being the masterminds of a sophisticated attack on Google’s central servers.”
“Governments keep their promises only when they are forced, or when it is to their advantage to do so.” Napoleon Bonaparte.
Stop the whining and get off your...
Amazing that the population does not complain about the extent of the data Google consumes and keeps in their private and public vaults. The NSA is the ugly junk yard dog when the real issue is the ones kicking it because it wants to seek out the violations by sniffing everyone that comes into the “internet” yard.
You all have choices, build better network appliances, build better software, and build better security. Snowden was unethical, unlawful, had no integrity, an sought fame over solutions. He stole as much data as you claim the NSA is doing and Google is taking more from you everyday.
Get in the game, cheer for what is right, but stop whining.
Re: Stop the whining and get off your...
This isn’t consistent enough to be “not even wrong.”
Re: Stop the whining and get off your...
Amazing that the population does not complain about the extent of the data Google consumes and keeps in their private and public vaults. The NSA is the ugly junk yard dog when the real issue is the ones kicking it because it wants to seek out the violations by sniffing everyone that comes into the “internet” yard.
Clearly you haven’t been looking then, I’ve seen plenty of people on TD alone noting that Google scoops up more data than they are comfortable with. However, even if Google did grab more data than the NSA(unlikely), there’s two big differences between the two:
1. You can opt out of Google collecting info for you. It may not be easy, but it is possible. The same cannot be said of the NSA unless you cut yourself off completely from all things electronic.
1.5 As an addendum to #1, if you try and hide your communications from Google, they’ll just move on to someone else. If you try and do the same with the NSA, by say encrypting your communications, then they just use that against you and claim that you’re trying to hide something nefarious/illegal, and the regular ‘rules'(as much as those actually apply to the NSA) with regards to how long they are supposed to be able to hold on to communications are thrown out the window.
2. Last I checked, Google doesn’t use the data they gather to drop bombs on people, the NSA does.
You all have choices, build better network appliances, build better software, and build better security.
… and then watch as the NSA does it’s best to undermine and weaken all of the above. Security making the NSA’s job harder? Throw in a back-door! Encryption annoying the NSA? Intentionally push encryption that you know is weak and has a glaring weakness!
Snowden was unethical, unlawful, had no integrity, an sought fame over solutions.
He saw something that was wrong, and did the best he could to fix it. I don’t know where you’re getting your definition of ‘ethical’, but that seems to match it pretty well.
Unlawful… yeah, probably, but just because something may be illegal, doesn’t automatically make it wrong.
As for integrity, again, he saw a problem, knew that going the ‘authorized’ routes to solve it would do absolutely nothing, and did what he could to see it fixed, at great personal risk, and despite the fact that he could have just ignored it and continued on, business as usual.
And finally, ‘fame over solutions’. If the USG hadn’t gone completely ape-shit over Snowden, to the point that they were willing to pull strings to have a presidential plane grounded because he might have been on board, if they had just owned up to what they had been doing for years instead of lying time and time again(and being caught out on their lies pretty much every single time), if they hadn’t flipped out and made him out to be this monster in human form out to destroy all that is good in this world, Snowden would have been a footnote in the history books.
His actions in bringing massive government abuse of power to light would have been noted, the changes caused by this would have been noted, but that would have been about it. You want to blame someone for Snowden’s ‘fame’, look no farther than the USG.
As for the second half, ‘… over solutions’, history made it abundantly clear to him and everyone else, if he took the ‘legal’ path, and reported what he’d found to the ‘proper’ authorities, odds are he’d have lost his job, potentially faced jail time over some drummed up charges, and absolutely nothing would have been done regarding the problems and issues he was trying to solve.
Re: Re: Stop the whining and get off your...That one guy
Deep caves like Georgia’s Krubera Cave, which reaches 5,610 feet (1,710m) underground, for one, would likely be devoid of service to avoid the NSA> and yes if your a bad actor they will send drones on my behalf. Ethics, sometimes known as moral philosophy, is a branch of philosophy that involves systematizing, defending and recommending concepts of right and wrong conduct. Snowden took what did not belong to him and no unless you have a firewall or a proxy, google takes what they want.
Re: Re: Re: "Snowden took what did not belong to him"
Stealing medicine so that your tween daughter might live for another week?
Lying to the gestapo to protect the Jews in your attic?
Dealing drugs on the street because legitimate jobs that pay a living wage are not available to people of your color?
I’m pretty sure the real world is no place for deontological ethics.
What we want
Is for everyone to consider all attacks, whether phishing or MITM or DDOS or cookie tracking to be open hostility, no matter whether it comes from a “friendly” government, a foreign government, a corporation or an unidentified stranger.
In biology, everything foreign is considered hostile until proven otherwise (e.g. scanned, filtered and digested). The Internet has a lot of similarities to an ecosystem, and those who survive this era of surveillance and data leaks will emerge immune in the next era in which these kinds of attacks are regarded as trivial and quaint.
transparency as promised
snowden’s dangerous nsa leaks were most likely part of obama’s promise for transparency which is exactly why he’ll never be tried as the most treasonous dickhead in the history of the usa
Re: Treasonous dickheads
I think are the ones that endorse blanket surveillance, or torture, or tough-on-crime policies that get our convictions (and our prison population) to over 50% innocent are probably more treasonous and dickheaded than Snowden for revealing to the public what some of the treasonous dickheads are doing.
The US is now a torture state and a surveillance state and a corporate police state. Treason towards such a state is, as Jefferson’s seal suggests, obedience to God.