Thank Snowden: Internet Industry Now Considers The Intelligence Community An Adversary, Not A Partner

from the a-useful-level-of-distrust dept

We already wrote about the information sharing efforts coming out of the White House cybersecurity summit at Stanford today. That's supposedly the focus of the event. However, there's a much bigger issue happening as well: and it's the growing distrust between the tech industry and the intelligence community. As Bloomberg notes, the CEOs of Google, Yahoo and Facebook were all invited to join President Obama at the summit and all three declined. Apple's CEO Tim Cook will be there, but he appears to be delivering a message to the intelligence and law enforcement communities, if they think they're going to get him to drop the plan to encrypt iOS devices by default:
In an interview last month, Timothy D. Cook, Apple’s chief executive, said the N.S.A. “would have to cart us out in a box” before the company would provide the government a back door to its products. Apple recently began encrypting phones and tablets using a scheme that would force the government to go directly to the user for their information. And intelligence agencies are bracing for another wave of encryption.
In fact, it seems noteworthy that this whole issue of increasing encryption by the tech companies to keep everyone out has been left off the official summit schedule. As the NY Times notes (in the link above), Silicon Valley seems to be pretty much completely fed up with the intelligence community after multiple Snowden revelations revealed just how far the NSA had gone in trying to "collect it all" -- including hacking into the foreign data centers of Google and Yahoo. And, on top of that, the NSA's efforts to buy up zero day vulnerabilities before companies can find out and patch them:
“What has struck me is the enormous degree of hostility between Silicon Valley and the government,” said Herb Lin, who spent 20 years working on cyberissues at the National Academy of Sciences before moving to Stanford several months ago. “The relationship has been poisoned, and it’s not going to recover anytime soon.”
That Times article quotes White House cybersecurity boss Michael Daniel (the man who is proud of his own lacking of cybersecurity skills) trying to play down the "tensions" between Silicon Valley and Washington, followed by this anonymous quote from a Silicon Valley exec:
“A stupid approach,” is the assessment of one technology executive who will be seeing Mr. Obama on Friday, and who asked to speak anonymously.
Further, the article discusses how companies are trying to fight back against the NSA's abuse of zero days (another thing that Daniel has championed) by getting to them before the government does:
And while Silicon Valley executives have made a very public argument over encryption, they have been fuming quietly over the government’s use of zero-day flaws. Intelligence agencies are intent on finding or buying information about those flaws in widely used hardware and software, and information about the flaws often sells for hundreds of thousands of dollars on the black market. N.S.A. keeps a potent stockpile, without revealing the flaws to manufacturers.

Companies like Google, Facebook, Microsoft and Twitter are fighting back by paying “bug bounties” to friendly hackers who alert them to serious bugs in their systems so they can be fixed. And last July, Google took the effort to another level. That month, Mr. Grosse began recruiting some of the world’s best bug hunters to track down and neuter the very bugs that intelligence agencies and military contractors have been paying top dollar for to add to their arsenals.

They called the effort “Project Zero,” Mr. Grosse says, because the ultimate goal is to bring the number of bugs down to zero. He said that “Project Zero” would never get the number of bugs down to zero “but we’re going to get close.”
There's a lot more in the two stories ahead, but the angry feeling is real. In the past year, it's amazing how many conversations I've had with people around Silicon Valley who aren't just upset or disgusted over the intelligence community's actions, they're angry. And while the tech industry was never as buddy buddy with the government as some have tried to imply, things had undoubtedly become complacent in some circles, with little effort being made to make sure that information wasn't being misused or abused. But that's no longer the case. There are, of course, legal limits on what companies can do, but just as the NSA once explained how they play right up to the very edge of the limits that Congress puts around them (some of us believe they go beyond that...), the tech industry is rapidly learning that they, too, need to push back to the line that the law allows them to do so as well.

And, of course, none of that would likely have happened without Ed Snowden revealing to journalists the nature of the NSA's overreach.

Filed Under: cybersecurity, cybersecurity summit, ed snowden, government, surveillance, trust, white house, zero days
Companies: apple, facebook, google, yahoo

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. icon
    That One Guy (profile), 17 Feb 2015 @ 1:45am

    Re: Stop the whining and get off your...

    Amazing that the population does not complain about the extent of the data Google consumes and keeps in their private and public vaults. The NSA is the ugly junk yard dog when the real issue is the ones kicking it because it wants to seek out the violations by sniffing everyone that comes into the "internet" yard.

    Clearly you haven't been looking then, I've seen plenty of people on TD alone noting that Google scoops up more data than they are comfortable with. However, even if Google did grab more data than the NSA(unlikely), there's two big differences between the two:

    1. You can opt out of Google collecting info for you. It may not be easy, but it is possible. The same cannot be said of the NSA unless you cut yourself off completely from all things electronic.

    1.5 As an addendum to #1, if you try and hide your communications from Google, they'll just move on to someone else. If you try and do the same with the NSA, by say encrypting your communications, then they just use that against you and claim that you're trying to hide something nefarious/illegal, and the regular 'rules'(as much as those actually apply to the NSA) with regards to how long they are supposed to be able to hold on to communications are thrown out the window.

    2. Last I checked, Google doesn't use the data they gather to drop bombs on people, the NSA does.

    You all have choices, build better network appliances, build better software, and build better security.

    ... and then watch as the NSA does it's best to undermine and weaken all of the above. Security making the NSA's job harder? Throw in a back-door! Encryption annoying the NSA? Intentionally push encryption that you know is weak and has a glaring weakness!

    Snowden was unethical, unlawful, had no integrity, an sought fame over solutions.

    He saw something that was wrong, and did the best he could to fix it. I don't know where you're getting your definition of 'ethical', but that seems to match it pretty well.

    Unlawful... yeah, probably, but just because something may be illegal, doesn't automatically make it wrong.

    As for integrity, again, he saw a problem, knew that going the 'authorized' routes to solve it would do absolutely nothing, and did what he could to see it fixed, at great personal risk, and despite the fact that he could have just ignored it and continued on, business as usual.

    And finally, 'fame over solutions'. If the USG hadn't gone completely ape-shit over Snowden, to the point that they were willing to pull strings to have a presidential plane grounded because he might have been on board, if they had just owned up to what they had been doing for years instead of lying time and time again(and being caught out on their lies pretty much every single time), if they hadn't flipped out and made him out to be this monster in human form out to destroy all that is good in this world, Snowden would have been a footnote in the history books.

    His actions in bringing massive government abuse of power to light would have been noted, the changes caused by this would have been noted, but that would have been about it. You want to blame someone for Snowden's 'fame', look no farther than the USG.

    As for the second half, '... over solutions', history made it abundantly clear to him and everyone else, if he took the 'legal' path, and reported what he'd found to the 'proper' authorities, odds are he'd have lost his job, potentially faced jail time over some drummed up charges, and absolutely nothing would have been done regarding the problems and issues he was trying to solve.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.