from the this-isn't-looking-good dept
"The more I have learned about the system, the worse it has gotten," Appelbaum said. "Even if they turn Haystack off, if people try to use it, it still presents a risk.... It would be possible for an adversary to specifically pinpoint individual users of Haystack."Giving the increasing levels of criticism, Heap has announced that the program has been shut down, but others have noted that, not only is it still available, but people are using it without Heap realizing it -- which could be quite dangerous if people think it's safe. The more you read, the more this project sounds like pure hype from the beginning and a total mess in reality. Just take the following resignation letter from the program's chief developer who, according to Wired, had recently taken a "hiatus" over questions about the way the program was being developed and pushed:
I would like to stress that I am not resigning in shame over the much-maligned test program. It is as bad as Appelbaum makes it out to be. But I maintain that it was a diagnostic tool never intended for dissemination, never mind hype. I did have a solid, reasonable design, and described it in our brief overture of transparency. _That_ is what Haystack would have been. It would have worked!The whole thing is a complete mess, and it sounds like a situation where some folks were more interested in getting press attention for a very early prototype, which they then pretended was a complete and legitimate product. If you're making a random blogging tool or some web 2.0 service, that's fine. When you're trying to make something that people will rely on so that their government doesn't lock them up and throw away the key, it's not.
What I am resigning over is the inability of my organization to operate effectively, maturely, and responsibly. We have been disgraced. I am resigning over dismissing pointed criticism as nonsense. I am resigning over hype trumping security. I am resigning over being misled, and over others being misled in my name.
There is, of course, plenty of blame to go around here, for the lack of more detailed scrutiny from the press and others, but the really stunning part, of course, is that the US State Department specifically endorsed this product. As Evgeny Morozov notes in his blog post (first link above), that's the true head scratcher:
Just to make it clear: Haystack is not at fault here; the State Department -- I am not so sure. Austin Heap can make whatever statements he likes; the government, however, is supposed to treat such statements with due skepticism and think through the political implications of their endorsement of any technologies. All this fast-tracking stuff would surely reflect bad on the State Department if after an independent security review it does turn out that Haystack has severe security flaws, which its testers -- or other Iranian uses -- may not have been aware of.
And why did Clinton choose to speak about Haystack and not say Tor or any other tool? Also, not very clear. Were the diplomats charmed by all the buzz around Haystack in the media? Possibly. That said, it would be very good to know whether the State Department did ANY analysis/testing of Haystack's claimed capabilities, thought through how well it could scale in Iran, and whether they may be hurting its users in Iran -- current and future ones -- by lining up behind them. Were these questions asked and answered?