Saturday, November 9, 2013

Google security engineer on the NSA spying

"Fuck these guys":
But after spending all that time helping in my tiny way to protect Google -- one of the greatest things to arise from the internet -- seeing this, well, it's just a little like coming home from War with Sauron, destroying the One Ring, only to discover the NSA is on the front porch of the Shire chopping down the Party Tree and outsourcing all the hobbit farmers with half-orcs and whips. 
He's joined by a colleague who writes about seeing his systems mentioned in the NSA Powerpoint slides:
The packet capture shown in these new NSA slides shows internal database replication traffic for the anti-hacking system I worked on for over two years. Specifically, it shows a database recording a user login as part of this system:


We designed this system to keep criminals out . There's no ambiguity here. The warrant system with skeptical judges, paths for appeal, and rules of evidence was built from centuries of hard won experience. When it works, it represents as good a balance as we've got between the need to restrain the state and the need to keep crime in check. Bypassing that system is illegal for a good reason .
What we see here in both of these posts is very bad news for NSA.  What we see is the passion so frequently seen in long-time Internet Security people.  I can confirm that one of the motivators for choosing this line of work is a sense that you're fighting the Good Fight.  That while you're making a good living, you're also making the world a better place.

Just about all of the long-time security guys I know (and I know a lot, having been in this field for going on 30 years) feel this way.  Certainly all of the best feel this way.

That's what the NSA has violated.  In a sense, the best security guys will now look at the NSA with feelings similar to what they'd have looking at a rapist.  Actually, it's worse than this: the NSA is supposed to be one of the guardians of security (I'm looking at you, National Computer Security Center).  They're supposed to be protectors, and instead have violated those who were in their care.

Now that you understand the emotions, think on the consequences.  As long as people thought that the NSA was also fighting the Good security Fight, there was quite a lot of good will and common ground.  Sure, they were the Federales, and a big bureaucracy, but they were the Good Guys.  Lots of us were willing to help out.  I've posted here about some of the programs they have (no, I'm not linking to the posts).

Now, it's different.  I don't know that I go quite as far as Google's Brandon Downey, but I sure know where he's coming from.  And I sympathize with his outrage.  And I'm not the only one.

Sure, NSA will be able to buy some talent, but they'll never get the best.  What they used to get for free now will have a price tag.

And the best talent will now be thinking on ways to make the NSA's job harder.  I think that this is the biggest cost of the whole PRISM program, one that will in the long run make us less safe in all sorts of ways.  That's a damn shame, because the program seems to be pretty much ineffective:

I remember when the NSA was pretty effective.  That was a while ago.


Dave H said...

I'm sure the NSA will be getting a lot of dumb looks from the security guys going forward, but that only goes so far when the people who sign their paychecks are ordering them to cooperate.

A big corporation is especially tender where its share price is concerned, and all it takes is for an attorney general to announce an investigation to knock 5 or 10% off of that. Andrew Cuomo and Eliot Spitzer both made good use of that particular form of extortion, and it helped them both get elected Governor. (spit) Announcements that the corp is failing to cooperate with the investigation (i.e. refusing to install back doors) does additional damage, so there's always a credible threat to keep them in line.

Borepatch said...

Dave, I'm hard pressed to think of a single significant security advancement that came from a big company. Perhaps that's because it's startups (rather than big companies) that select for passion.

SiGraybeard said...

That's what the NSA has violated. In a sense, the best security guys will now look at the NSA with feelings similar to what they'd have looking at a rapist. Actually, it's worse than this: the NSA is supposed to be one of the guardians of security (I'm looking at you, National Computer Security Center). They're supposed to be protectors, and instead have violated those who were in their care.

So what you're saying is that they're like the security guy who rapes his client - or his client's daughter - instead of protecting her. Or the bank guard who helps himself to the contents of safe deposit boxes.

The absolute worst kind of violation of trust.

Dave H said...

No doubt, BP. But I'm skeptical that Google et al. will implement those advancements unadulterated while Big Brother is holding their stock certificates over a shredder.

I'd suggest that a number of advancements, not just in security but in comms in general, came out of Bell Labs even while it was part of AT&T. But that's because Ma Bell had the prescience to run the Labs like a startup. (Although actually they had an advantage over startups, in the form of a steady cash flow.)

Borepatch said...

Graybeard, yes. That's exactly what I'm saying.

Dave, good tech came out of Xerox PARC. Didn't get productized as much, and none was security.

Actually I did think of one security tech that came from a big business. DES was IBM's Project Lucifer. But that's the only one I can think of.

Alan said...

The security advancements that are necessary to prevent the NSA from collecting your data will also kill Google's business model.

I don't expect Google to change anything that matters. They'll blow some smoke and do a little dance but in the end, nothing will change.

The change will come from individuals and small businesses.

Alan said...

Also, "I remember when the NSA was pretty effective. "

Effective at what?

Borepatch said...

Alan, word is that they improved DES because they understood differential cryptanalysis and the IBM cryptographers didn't. DES did a lot of good, for a while.

The Redactor said...

I went to preschool - part of high school with Brandon Downey. I don't really know him anymore as he took a pretty hard left turn philosophically. That being said, he is one of the smartest people I've ever known. I wouldn't want to be the one he's angry with.

Paul Bonneau said...

I wrote an article somewhat along the same lines, here:

It of course applies to subcontractors as well.

Matt W said...

"Effective at what?" That's what happens when you use very smart cryptoanalysts to break into others' security instead of focusing on how to create new strong algorithms.