Why NSA's Betrayal Of Internet Security Is Akin To A Massive Public Health Disaster
from the infectious-ideas dept
One of the most shocking of Snowden's revelations was that the NSA and GCHQ are deliberately weakening the Internet's security -- either by undermining standards, or by using zero-day vulnerabilities to break into systems. More recent news about the huge scale of attempts to infect computers with malware only compounds that outrage. It's hard to convey to ordinary Internet users the seriousness of what the NSA and GCHQ have done here, but in a brilliant new column in the Guardian, it looks like Cory Doctorow has done just that:I think there's a good case to be made for security as an exercise in public health. It sounds weird at first, but the parallels are fascinating and deep and instructive.Here's the basic insight:
If you discovered that your government was hoarding information about water-borne parasites instead of trying to eradicate them; if you discovered that they were more interested in weaponising typhus than they were in curing it, you would demand that your government treat your water-supply with the gravitas and seriousness that it is due.Because that is precisely what the spying agencies are doing: they are intentionally withholding vital information about threats to your digital health -- the fact that programs you use are vulnerable to infections with malware, or that key security technologies you depend upon have backdoors -- regardless of the serious consequences this might have for you. If you try to imagine doctors doing the same in the case of equivalent threats to your health, you begin to get an idea of the depth of betrayal felt by computer professionals here. Doctorow goes on to point out that this is not just a matter of personal harm; the NSA and GCHQ are degrading the basic digital infrastructure of modern life:
This is the most alarming part of the Snowden revelations: not just that spies are spying on all of us -- that they are actively sabotaging all of our technical infrastructure to ensure that they can continue to spy on us.Doctorow is right on both counts: we can't allow the NSA and GCHQ to withhold vital information that endangers the digital fabric of society, and the way to stop them is to use this public health metaphor to get that message across to politicians and the general public.
There is no way to weaken security in a way that makes it possible to spy on "bad guys" without making all of us vulnerable to bad guys, too. The goal of national security is totally incompatible with the tactic of weakening the nation's information security.
"Virus" has been a term of art in the security world for decades, and with good reason. It's a term that resonates with people, even people with only a cursory grasp of technology. As we strive to make the public and our elected representatives understand what's at stake, let's expand that pathogen/epidemiology metaphor. We'd never allow MI5 to suppress information on curing typhus so they could attack terrorists by infecting them with it. We need to stop allowing the NSA and GCHQ to suppress information on fixing bugs in our computers, phones, cars, houses, planes, and bodies.
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cory doctorow, cybersecurity, gchq, hacking, nsa, public health, surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
Which points us to the sad fact that while everybody would be up in arms seeking blood of the Govt if it was about health nobody seems to grasp how critical the problem is when it moves to the digital realm. You know, when "on the Internet" is added and everything becomes black magic.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
It's never fucking lupus/the NSA...
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re: Calling NSA GCHQ etc... AIDS
Spread through digital communication
Variety of attack vectors undermining natural defences
Weakens or mimics natural immune responses (encryption)
Exposes the host to other opportunistic diseases
Inevitably fatal if not controlled
[ link to this | view in chronology ]
Another possible metaphor
The NSA has 'intimate knowledge' of our Telco infrastructure by tapping cables and through backdoors
Think of this infrastructure as a body...anybody get the hint???
[ link to this | view in chronology ]
the applicable term for what they have done
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Stupidity
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re:
These people have forgotten who it is they actually work for.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Works as designed.
Job security and jobs for friends. For ever. And ever.
[ link to this | view in chronology ]
The more I look at it...
[ link to this | view in chronology ]
Re: The more I look at it...
Two peas in a pod.
[ link to this | view in chronology ]
Re: Re: The more I look at it...
[ link to this | view in chronology ]
Illegality
The answer is obvious. We are no longer a law-governed democracy. Government can do whatever it wishes - assassinate citizens and foreign persons (far from any battlefield), torture, incarcerate with no due process for as long as government wishes, spy on Americans, and infect hundreds of thousands of computers (with more intended) with malware. These are all symptoms of an authoritarian state, which is rule by fiat, not rule of law. And citizens 'have no standing' to challenge government's illegal actions.
This is a sad day in America.
[ link to this | view in chronology ]
Re: Illegality
More to come.
You'll be going to participate in another undeclared war again real soon.
Happy Politician Day is here again!!
[ link to this | view in chronology ]