After Snowden, what?

Posted on by

This morning’s Observer column.

Many moons ago, shortly after Edward Snowden’s revelations about the NSA first appeared, I wrote a column which began, “Repeat after me: Edward Snowden is not the story”. I was infuriated by the way the mainstream media was focusing not on the import of what he had revealed, but on the trivia: Snowden’s personality, facial hair (or absence thereof), whereabouts, family background, girlfriend, etc. The usual crap, in other words. It was like having a chap tell us that the government was poisoning the water supply and concentrating instead on whom he had friended on Facebook.

Mercifully, we have moved on a bit since then. The important thing now, it seems to me, is to consider a new question: given what we now know, what should we do about it? What could we realistically do? Will we, in fact, do anything? And if the latter, where are we heading as democracies?

I tried to put some of these questions to Snowden at the Observer Ideas festival last Sunday via a Skype link that proved comically dysfunctional. The comedy in using a technology to which the NSA has a backdoor was not lost on the (large) audience — or on Snowden, who coped gracefully with it. But it was a bit like trying to have a philosophical discussion using smoke signals. So let’s have another go.

First, what could we do to curb comprehensive surveillance of the net?

Read on…

Value for money in the surveillance business

Posted on by

Has anyone in government done a cost-benefit analysis on bulk surveillance? I mean to say, we’re spending fortunes on this stuff (in the US something like $100B a year ). Does anyone have any idea of whether it’s really worth it? Could we be spending all that dosh more wisely and getting better anti-terrorist results?

Which is why I found this exchange between a questioner and William Binney, the former Technical Director of the NSA fascinating.

Question: Other than making money off of like these NSA contracts, what capabilities do these companies [i.e. defence contractors like Booz Allen Hamilton — Snowden’s employers] *have, what other value are they generating for themselves?

William Binney: Nobody does return on investment at NSA. They don’t.

I mean, if they did return on investment, they would throw away everything except TRAFFICTHIEF and maybe some graphing programs out of MAINWAY– they’d throw all of this away. They wouldn’t have built Bluffdale [Utah], that $2.3B or whatever it is– facility to store data. This is all the data from PINWALE and MARINA and all that stuff is going out there, being stored. So they wouldn’t have to buy that at all. They’d be more effective, because they wouldn’t be buried. So at any rate, that’s what they’re doing.

The exchange comes from an absolutely riveting report of a presentation that Binney gave in which he explained some of the Snowden material.

Old cryptopanic in new iBottles

Posted on by

Repeat after me:

A ‘backdoor’ for law enforcement is a deliberately introduced security vulnerability, a form of architected breach.

Or, if you’d like the more sophisticated version

It requires a system to be designed to permit access to a user’s data against the user’s wishes, and such a system is necessarily less secure than one designed without such a feature. As computer scientist Matthew Green explains in a recent Slate column (and, with several eminent colleagues, in a longer 2013 paper) it is damn near impossible to create a security vulnerability that can only be exploited by “the good guys.” Activist Eva Galperin puts the point pithily: “Once you build a back door, you rarely get to decide who walks through it.” Even if your noble intention is only to make criminals more vulnerable to police, the unavoidable cost of doing so in practice is making the overwhelming majority of law-abiding users more vulnerable to criminals.

Bruce Schneier’s next book

Posted on by

Title: Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

Publisher: WW Norton

Publication date: March 9, 2015

Table of Contents

Part 1: The World We’re Creating
Chapter 1: Data as a By-Product of Computing
Chapter 2: Data as Surveillance
Chapter 3: Analyzing our Data
Chapter 4: The Business of Surveillance
Chapter 5: Government Surveillance and Control
Chapter 6: Consolidation of Institutional Surveillance

Part 2: What’s at Stake
Chapter 7: Political Liberty and Justice
Chapter 8: Commercial Fairness and Equality
Chapter 9: Business Competitiveness
Chapter 10: Privacy
Chapter 11: Security

Part 3: What to Do About It
Chapter 12: Principles
Chapter 13: Solutions for Government
Chapter 14: Solutions for Corporations
Chapter 15: Solutions for the Rest of Us
Chapter 16: Social Norms and the Big Data Trade-Off

Something to be pre-ordered, methinks.

Joe Nye: the Empire ain’t dead yet

Posted on by

Slightly rosy view by the author of the theory of ‘soft’ power.

Over the last several decades, public confidence in many influential institutions has plummeted. From 1964-1997, the share of Americans who trusted universities fell from 61% to 30%, while trust in major companies fell from 55% to 21%. Trust in medical institutions dropped from 73% to 29%, and in journalism from 29% to 14%. Over the last decade, confidence in educational institutions and the military has recovered, but trust in Wall Street and large corporations has continued to fall.

But these ostensibly alarming figures can be misleading. In fact, 82% of Americans still consider the US to be the world’s best place to live, and 90% like their democratic system of government. Americans may not be entirely satisfied with their leaders, but the country is certainly not on the brink of an Arab Spring-style revolution.

Meg Whitman: following the (male) herd

Posted on by

The herd instincts of major corporate executives continues to amaze me. These are people to whom the concept of evidence-based decision making is clearly alien. And, as Jean-Louis Gassée points out, the herd is still alive and well.

As reported in last week’s Monday Note, eBay’s John Donahoe no longer believes that eBay and PayPal “make sense together”, that splitting the companies “gives the kind of strategic focus and flexibility that we think will be necessary in the coming period”. This week, Symantec announced that it will spin off its storage division née Veritas so that “the businesses would be able to focus better on growth opportunities including M&A”.And now Meg Whitman tells us that HP will be “a lot more nimble, a lot more focused” as two independent companies: HP Inc. for PCs and printers, Hewlett Packard Enterprises for everything else.Spinning off the PC and printer business made sense three years ago when Léo Apotheker lost his CEO job for suggesting it, and it still makes sense today, but this doesn’t mean that an independent HP PC company will stay forever independent…

Celebrating Dave Winer

Posted on by

This morning’s Observer column:

Twenty years ago this week, a software developer in California ushered in a new era in how we communicate. His name is Dave Winer and on 7 October 1994 he published his first blog post. He called it Davenet then, and he’s been writing it most days since then. In the process, he has become one of the internet’s elders, as eminent in his way as Vint Cerf, Dave Clark, Doc Searls, Lawrence Lessig, Dave Weinberger or even Tim Berners-Lee.

When you read his blog, Scripting News – as I have been doing for 20 years – you’ll understand why, because he’s such a rare combination of talents and virtues. He’s technically a very gifted software developer, for example. Many years ago he wrote one of the smartest programs that ever ran on the Apple II, the IBM PC and the first Apple Mac – an outliner called ThinkTank, which changed the way many of us thought about the process of writing. After that, Winer wrote the first proper blogging software, invented podcasting and was one of the developers of RSS, the automated syndication system that constitutes the hidden wiring of the blogosphere. And he’s still innovating, still pushing the envelope, still writing great software.

Technical virtuosity is not what makes Winer one of the world’s great bloggers, however. Equally important is that he is a clear thinker and writer, someone who is politically engaged, holds strong opinions and believes in engaging in discussion with those who disagree with him. And yet the strange thing is that this opinionated, smart guy is also sensitive: he gets hurt when people write disparagingly about him, but he also expresses that hurt in a philosophical way…

Read on