Looking back I'm amazed we all seemed so surprised."
Recently , a colleague of mine on the Google security team, said (after the usual disclaimers about being personal opinions and not speaking for the firm which I repeat here) - "fuck these guys":
I now join him in issuing a giant Fuck You to the people who made these slides. I am not American, I am a Brit, but it's no different - GCHQ turns out to be even worse than the NSA.
We designed this system to keep criminals out. There's no ambiguity here. The warrant system with skeptical judges, paths for appeal, and rules of evidence was built from centuries of hard won experience. When it works, it represents as good a balance as we've got between the need to restrain the state and the need to keep crime in check. Bypassing that system is illegal for a good reason.
Unfortunately we live in a world where all too often, laws are for the little people. Nobody at GCHQ or the NSA will ever stand before a judge and answer for this industrial-scale subversion of the judicial process. In the absence of working law enforcement, we therefore do what internet engineers have always done - build more secure software. The traffic shown in the slides below is now all encrypted and the work the NSA/GCHQ staff did on understanding it, ruined.
Thank you Edward Snowden. For me personally, this is the most interesting revelation all summer.
I'm just going to post my thoughts on this. Standard disclaimer: They are my own thoughts, and not those of my employer.
Fuck these guys.
I've spent the last ten years of my life trying to keep Google's users safe and secure from the many diverse threats Google faces.
I've seen armies of machines DOS-ing Google. I've seen worms DOS'ing Google to find vulnerabilities in other people's software. I've seen criminal gangs figure out malware. I've seen spyware masquerading as toolbars so thick it breaks computers because it interferes with the other spyware.
I've even seen oppressive governments use state sponsored hacking to target dissidents.
But even though we suspected this was happening, it still makes me terribly sad. It makes me sad because I believe in America.
Not in that flag-waving bullshit we've-got-our-big-trucks-and-bigger-tanks sort of way, but in the way that you can looked a good friend who has a lot of flaws, but every time you meet him, you think, "That guy still has some good ideas going on".
But after spending all that time helping in my tiny way to protect Google -- one of the greatest things to arise from the internet -- seeing this, well, it's just a little like coming home from War with Sauron, destroying the One Ring, only to discover the NSA is on the front porch of the Shire chopping down the Party Tree and outsourcing all the hobbit farmers with half-orcs and whips.
The US has to be better than this; but I guess in the interim, that security job is looking a lot more like a Sisyphus thing than ever.
Also of note, this article from September may call some recent technical decisions into relief:
- U of IdahoComputer Science
- Crook County HSGeneral Studies
- Redmond HSGeneral Studies
- North Salem HSGeneral Studies
- Blue Nile, Inc.DevOps Engineer, 2013 - presentResponsible for planning, developing, and maintaining the build and release process for all software at Blue Nile, including the website. Defining standards and processes in software configuration management, environment standardization, and release technologies with the team to help software devs, DBAs, WebOps and QA move towards continuous integration & deployment.
- Blue Nile, Inc.IT Systems Engineer, 2006 - 2013Responsible for the design, administration, and deployment of large-scale Linux systems within a complex and redundant architecture including web servers, application servers, monitoring tools and Oracle database systems.
- Les SchwabSystems Administrator, 2001 - 2003iSeries Systems Admin for 400 Les Schwab store locations
Why Comcast and other cable ISPs aren’t selling you gigabit Internet
Cable tech could hit a gigabit today, but why bother when customers lack choice?
7 steps to a beautiful and useful agile dashboard - Atlassian Blogs
Your agile dashboard: Inform to win! Hey agile ninjas! One of the questions I get from time to time is how to configure JIRA’s dashboards to
Accidentally Revealed Document Shows TSA Doesn't Think Terrorists Are Pl...
Jonathan Corbett, a long-time vocal critic of TSA body scanners, has been engaged in a lawsuit against the government concerning the constit
NSA “Is Harvesting Hundreds Of Millions Of Contact Lists,” Reports WaPo ...
The National Security Agency has been secretly "harvesting hundreds of millions of contact lists from personal e-mail and instant messaging
To Conquer This Punishing Puzzle, Curb Your Arrogance | Game|Life | Wire...
868-HACK is a solvable puzzle, but only the meek will inherit the highest scores.
Study: Claiming That Games And Violence Are Linked Now Linked To Violenc...
You know how this usually works when we talk about major media and their comments on violent video games. One of the mindless talking heads
Redefining English: Senator Feinstein Says The Press Needs To Stop Calli...
It's no secret that the intelligence community tries to give the "least untruthful" answers by basically redefining the English language. In
No Upper Bound On Phone Record Collection, Says NSA - Slashdot
PCWorld reports that "[a] U.S. surveillance court has given the National Security Agency no limit on the number of U.S. telephone records it
Judge Takes On Patent Troll With 'Sham Employee'; Forces Troll To Defend...
One of the best "scenes" in This American Life's awesome "When Patents Attack" episode from a couple of years ago, was when the reporters we
House Republicans Want To Kill Net Neutrality As Part Of Their Debt Ceil...
TechCrunch is a leading technology media property, dedicated to obsessively profiling startups, reviewing new Internet products, and breakin
Republicans consider “blocking net neutrality” among debt ceiling demands
Longstanding issue rears its ugly head in a surprising place.
12 True Tales of Creepy NSA Cyberstalking | Threat Level | Wired.com
The NSA has released some details of 12 incidents in which analysts used their access to America's high-tech surveillance infrastructure to
Another Reason The NSA Needs To Go: It's Been Doing What It Explicitly W...
One of the key things that people quickly realized after last week's revelation about the NSA putting backdoors into encryption, was that th
Fire Sale: TSA Now Offering You Your Civil Liberties For A Fee! | Techdirt
You've likely heard the phrase "freedom isn't free" before, probably in the context of honoring our service men and women, paying taxes, vot
Wouldn't It Be Something If We Had A President Who Believed In Liberty? ...
Dan Gillmor has an absolutely fantastic "wishful thinking" speech he'd love to see from a future Presidential candidate, one in which libert
Google reacts to PRISM-induced heebie jeebies; the week in cloud
Summary: Google acknowledges new data encryption plan to mitigate PRISM-provoked privacy fears; Aaron Levie sounds off and more in the week