NSA Revelations: Has The Planet Gone Mad?

It was intriguing to see the tech community’s response to the NSA information-gathering revelations last week. High drama was the order of the day after The Guardian broke the story of a National Security Agency contractor releasing some strategic, classified PowerPoint slides, then hightailing into the shadows of Hong Kong.

World dataDozens of NSA, spying and civil liberties stories dominated tech media outlet giants like YCombinator, ZDNet and GigaOM. As you’d expect, talk radio was abuzz with speculation and commentary. High-ranking, prominent politicians were demanding that somebody get to the bottom of it all. It’s the most excitement I’ve seen in tech media in years. In the immortal words of Gomez Addams, “Has the planet gone mad?”

And it’s definitely not over yet. We might see some fallout from the whole affair, when it comes to IT. Will it affect hiring? Will companies still push for new technologies?

InfoWorld pondered the chilling effects of the government agencies and others being able to access not only American citizens’ phone numbers and metadata, but also tons of business information that now resides in the cloud. How many CEOs, CIOs and corporate security officers are just a little bit more anxious about exactly who might be accessing their systems, given the tremendous responsibility (and legal liabilities) they have to protect their customer’s data? This creeping uncertainty is bound to negatively affect IT, particularly cloud computing and mobile technologies, since both are highly dependent on real-time network access.

But wait… On June 13, ZDNet explored how your office will be in the cloud in the next decade. Based on Gartner estimates, the site says that a major shift toward cloud office systems will start in the first half of 2015, with two thirds of workers being on cloud-based productivity packages within 10 years. I’m sure data security people are very happy about that now.

What should we make of the story? ZDNet’s story makes no mention of the NSA spectacle. Could it be that the NSA has something on the writer? Was he asked to scrub mention of the incident from the copy? Sorry, conspiracy theorists, but probably not. In all likelihood, the story was filed a while back and some content management system simply posted it on the scheduled day. For a multitude of reasons, it might not have been edited or updated to reflect current conditions on the ground. Such is the busy newsroom, right?

We might be able to take some comfort in knowing that bureaucracies, such as the big government agencies, are notoriously inefficient, full of endless turf wars and rife with cost-ineffective solutions. Will the NSA or FBI or CIA really get that much out of the 10,000 messages my kids send over their cell phones each month? Maybe a few of these organizations will run out of money before everything gets really spun up. I expect to see shake ups within these organizations as people try to hold onto their jobs, claw their way up the ladder, change alliances and develop new agendas.

In an absurd epiphany, Slashdot’s recent story on NSA hiring and my post on “All The NSA Cares About Is How Well You Know Tech” suggested the possibility of slipping into the cloak and dagger world of spy agencies and top secret organizations.

Maybe the planet isn’t mad, after all. Maybe it’s just me.

Care to comment? Share your thoughts below.

Comments

  1. BY R. Emmett O'Ryan says:

    What I find interesting is that on the one hand, these stories imply that companies are providing cooperative access to data in their environments to the US Government but yet on the other hand, there are public statements that they this is NOT true but that these companies (like Yahoo, Google, Facebook, Microsoft, and Apple) get thousands of requests for access to data.

    What to believe and who to believe? First, if the US Government is accessing all the data that they say they are including metadata, whether they are doing so with the complicity of these companies or if they are cracking these companies’ servers and storage, the end result is the same: when it comes to data in the Cloud, any semblance of security is an illusion.

    For those of us who have technical expertise in Information Management, Cloud Computing, Security, and Big Data, this is NOT something new. It’s only now that the word is out that the public is shocked by this revelation.

    Look, the Cloud has and is convenient. If you want to store data there then great but do not expect any privacy or security to that data. It is NOT going to happen. Does the average user have to worry about the NSA mining their data that is in the Cloud? Not really. What is it going to tell them, your kid’s soccer practice schedule? The data is just NOT that interesting to the US Government.

    However, what the average user does need to consider is this: if the US Government is able to crack and data mine information that does not belong to them in the Cloud, who is to say that folks with criminal intent are not doing the same thing. If the average user has his vacation schedule on Google Calendar, this is a perfect opportunity for a burglar to know when a house is unoccupied. Or if financial data and personal data is in the Cloud, these are opportunities for identity thieves to data mine a great deal of information about many individuals.

    So why does the US Government have and want access to this extensive amount of information? Now there is a question you should be asking your elected officials. The standard argument is that they need this for national security and to prevent bad things from happening to the US and US interests.

    Could it be more a matter of power and control? If you have access to all the data that is part of a person’s life, how does this benefit the government? I now wonder if perhaps this data is being made available to all agencies of the US Government – but then that is the paranoia in me.

    There is a very interesting and unforeseen result of what this revelation on US Government snooping on the Internet has done. It has increased interest and sales in companies that provide data encryption solutions. Have you purchased your encrypted hard drive yet and installed encryption software on your Mac or PC? I know I have.

    So what this public revelation has shown the public is this: the Cloud is insecure and that data that is in the Cloud is available and accessible – and not just to the data’s owner.

    Consider a quote from Andy Grove, “Only the paranoid survive.”

    Oh and Rob, you are not mad. I suspect that this snooping by the US Government is a control and power issue.

  2. BY Rob Reilly says:

    R.

    Great points that readers should certainly consider.

    Most readers have probably gathered that I’m a Conservative and so am naturally suspicious of the current administration, their agendas, and motives. My opinion is my own and everyone else is free to have their views, as well.

    I think it’s unfortunate that many in tech choose to ignore politics…at their work, in their business relationships, in our government, and internationally. It’s certainly more fun to focus on the code or the next product, than to duke it out in the seeming irrational, emotion-charged, wheeler-dealer arena of politics. Politics is definitely a contact sport, metaphorically speaking. It can have far reaching physical World effects. I cringe every time I see the logical thinkers, engineers, and scientific-types get routinely blind-sided by the smooth talking, broad-smiling, glad-handers.

    With the recent revelations, perhaps it’s time for the tech community to take a hard look at how the political game is played and learn the skills needed to gain an edge. It’s quite a challenge and I suspect that most people will continue to have little interest. It doesn’t have to be that way.

    We COULD have some great discussions, here, on learning about the wonders of politics, particularly as it relates to tech. Naturally, we should keep it clean and above all, keep it civil.

    Anybody want to speak up?

    Rob Reilly
    Dice Linux and Mobile Development Community Guide

  3. BY Plinko says:

    Could… yes could.
    Problem is, posts randomly get deleted in these comments without rhyme or reason.
    Can’t say who the mod is doing it but I’ve seen many deleted and experienced it myself.
    It was worst on the H1B discussions.
    You can’t ask for open discussion when you (the site) have a history of destroying it.
    Dice articles are for reading, less for commenting, you asked for it yourself by over moderating with a hairpin trigger. I think people are learning that after posting and seeing deletions so that’s why your comment sections are more bare than other sites. Just in case you were wondering why the liveliness isn’t here.

  4. BY Rob Reilly says:

    Plinko,

    Thank you for bringing up that point and taking the time to comment.

    As a Dice community guide, I typically don’t delete posts for just any old reason.

    I specifically have not joined in the H1B discussions because it’s out of my area of expertise and interest. Everyone on these boards have the option of participating…or not.

    Just so everybody knows…the thread will be moderated if people get abusive, use bad language, or personally attack others. We don’t ask for much, just that everyone have some class and be professional. Dice readers are smart, articulate, and witty, after all. These boards are meant to be constructive, not destructive.

    As a matter of fact, maybe we should start by seeing if we can draw any distinction between being professional and being political? Are they mutually exclusive? Should they be? Is it even possible to be professional and political at the same time? Can you name anybody who is both? What are their characteristics? Good points? Not so good points? What could they do to improve?

    We certainly can have thoughtful, civilized discussions, even if our opinions differ.

    One other thing. In my day job, I’m a consultant. So, there may be a bit of time lag between my comments. Other participants have similar work/life responsibilities and I don’t think anyone should always expect immediate turn-around on commentary. Just comment when you can, stay on topic, and keep it interesting.

    So, Plinko, what’s on your mind about politics in tech, the NSA situation, or how all these things will affect IT?

    Rob Reilly
    Dice Linux And Mobile Development Community Guide

  5. BY Plinko says:

    Let’s do it.

    I think I fit the persona you mention of someone who avoids politics in general. Usually it’s the same thing being said by all candidates and the only times I gain interest in someone is when they make a hard stance on big topics like abortion and immigration, things that might affect my own circles. Greedy American, si senor but we elect officials to do the grind work we don’t want to do. Because of all the things we follow in tech to consume us, the only time I hear about things like this are when they become national news.

    I think that in general, people have always been suspicious about data gathering. Back when Google started asking for phone numbers to verify things I stepped back and said woah, that’s too much information to offer up for an email. I was using a fake name (like most) and all of a sudden it would become associated to me. If you work behind the curtain and see how much data could be gathered you start imagining the possibilities. The only reason I used Gmail back then was because hotmail and yahoo were giving your IP address in the headers, Gmail was using theirs so I took an invite. I think people have been watching privacy for a long time.

    On the topic of the data being collected.
    I’ve even said before any government that hasn’t at least pondered tapping the internet isn’t trying to be thorough. Here’s where I see the problems and it’s in associations. Maybe people online that are befriended in social networks are only – kind of friends. What concerns me about the linking is that unless you know what those people are up to in their real lives you could get hemmed up in something that you have nothing to do with. That’s where the fear sets in. Do I know all these virtual people. What “circle” will I get put into connecting us just for internet popularity. The people that didn’t think that way are now regretting some of their choices and freaking out deleting accounts but like they say, the internet is forever. Wayback Machine taught us that. These people are reacting too late but I hope that reading about information gathering does make them more hesitant to plot each point in their lives online.

    Not sure if you remember when data from cameras was being embedded in images and the people who freaked out then scrubbing all their images to the point that now some of the image uploaders remove it by default because of the outcry. So yes, your 10k inane messages mean nothing but your 10k inane messages combined with the 50 people you might associate yourself with draw a trend of like minds. I always compare it to drug users. So many people “smoke” and are open about it that even if you don’t but are their friend online all of a sudden you might become caught up in their shenanigans. I’ve had my house watched for drugs once, it wasn’t a fun experience, they were in an apartment across from me taking video of all movement and following the car every once in awhile. This was because of an incident with a real life friend at the time. Want to mow your yard knowing people are staring? Hearing clicks on the phone and wondering if ‘it’s them’? Not fun stuff at all to be under suspicion. Eventually it stopped but this internet stuff has no reason to stop if controls aren’t maintained.

    The impact on jobs is partly going to hit employers who enjoy researching us just like we research them online. If people take it to heart and stop sharing as much online, ads will get less data to identify people with. The internet will seem less profitable to advertise on and those companies may put some energy back into radio.

    I’ve noticed that a lot of this stuff is IP based that they talked about instead of MAC addresses. It makes me wonder if people won’t return to dial-up occasionally just to be sure their IP changes frequently. There would be a block range but it would make things harder to be centralized if an entire neighborhood agreed to work with one company. Our service providers are partly chosen by us at least for dial-up. Broadbands seem to own chunks of cities now and keep a near monopoly. As an example my ISP is not my local cable company but everything I do must route through them first since they own the lines. Oddly enough, I think there is a chance people might get dial-up again. Doing that would impact the web big time for design, all the media would have to be toned down.

    An alternative is a privacy network like a VPN if people don’t want to work with their neighbors to get a little obfuscation.

    I think that companies are going to have to be very transparent in what they collect about users because people are starting to learn that their information is being sold or given if they aren’t charged a price. I have lots of ads and analytics companies altered in my host file to keep people from tracking me as often through Javascript and this week my brother wants me to do it to his computer. So, the non nerds are reaching out and asking how can I make it better. If they don’t have a local nerd, they’ll probably find info online. Articles on privacy will be big online for awhile. All my family already use alternative search engines to the largest ones so that’s covered.

    Speaking of search engines, I think new ones will come to ride this tail of privacy, perhaps offering a fee to use their proxy visiting. People already view sites with a mock proxy by viewing the cache instead of visiting the site if they are not interested in making a server call. Once a subscription based search engine comes into play, they have no reason to collect anything for ad display and can use less servers for storage. Smaller footprint, more anonymity, apply credits with a card purchased in cash from a retailer, it’s bound to happen and this could be the springboard.

    The cloud itself was always a concern for security over privacy but the two are intertwined when you talk about shared environments. I don’t think much was outed there, same old things we knew.

    From all this rambling I think what I foresee is that people are aware their conversations aren’t secure, it’s not just conspiracy theories. They will not trust the companies accused and will always keep the thought in their heads now that they are threatening. Because of that they will seek out alternatives. Sadly, I think this all just hurts the idea of a universal internet ID that really needs to be at place at some point so that you can login anywhere with a universal account. People will be more hesitant than they ever were to try that because there are already providers for that – not facebook lol.

    I’m convinced that the government will do anything it can to gather data from all networks. I would like to know about it and for it to be only constitutionally allowed but I’m not gullible enough to believe the government always follows rules, I just want them to because they want me to follow the rules too. I will say that my opinion of the president reduced when his response wasn’t disgust and something along the lines of – we collect what is needed. The whole threat of terrorism doesn’t scare me. There are plenty of criminals in my own city in search of a victim so all their talk of what they stopped doesn’t counter the point that they didn’t stop all the crime going on locally. I’m reminded of people who get items stolen and put pictures of the theives online using their stolen devices and the police are slow to respond to that even with the evidence. What I’m getting at is – what does NSA do FOR me now that I have been told what it does AGAINST me. If there is no balance then it’s not in the public interest.

  6. BY Fred Bosick says:

    Anything Cloud bla-bla-bla is overrated. Maybe this brouhaha will make people and companies think again about control and ownership of their own data. Every company, old and new, offers cloud products. I can’t help but think they see dollars for offering me-too and insecure services.

    As far as H-1B discussion censorship goes, I think Dice and other job boards make good money running repeat ads which are not designed to be filled. Just look at the disparate skillsets asked for in some of them! Dice doesn’t want to antagonize those who pay the bills.

  7. BY Rob Reilly says:

    Wow, a lot of great insight into some of the technical effects of the NSA’s activities.

    Can you go a little deeper into your thinking about going back to dial-up. I’m curious and don’t see the benefits of that approach.

    Rob Reilly
    Dice Linux and Mobile Development Community Guide

  8. BY Plinko says:

    It’s just because dial-up changes your IP most of the time on every new connection versus a broadband line that can stay active for months or years. You can manually try to change broadband with ipconfig but it depends on the company if it will change. There was a time when my ex had 5 ethernet cards and would change them around to get different IP addresses when they wouldn’t change it. It’s not unheard of to change cards or computers if you are nerdy nerdy bo birdy.

    The dynamic nature of dial-up was a benefit in the old days when you were banned from something, you just reconnected and got right back inside.

    People are hesitant to ban entire block ranges of IPs. If an entire neighborhood were to all use dial-up, they would become scattered noise and the onus would be on the dial-up provider to then keep records of which account holder was using which IP when the action occurred. Since the data they are talking about reviewing may have been stored for a long time, what are the odds that ISP keeps their records for as long as the government would like them to. Things like user account as far as I know don’t get passed in packets on the net so they would require research to track back and you would be working in unison with a group to force them to track back since the range of IP addresses could be from anyone using that dial-up service.

    You could in unison use a browser that didn’t load media or images called a text based browser, if you are bothered by the speed of the dial-up itself by narrowing down what the browser downloads and make it just the text.

    I don’t think people would use it constantly (dial-up) but they might keep it as a back up to surf weird places or do odd searches that they thought someone could construe something about them lurking around.

  9. BY Rob Reilly says:

    Plinko,

    I’ve used lynx on Linux boxes for years. Certainly am visually driven, so it’s not usually my first choice for browsing.

    I’ll have to look into the changing IP thing, because I know mine doesn’t change for months or years on end.

    Any other political “how-to” issues, you might be wondering about, that we could discuss here?

    I understand if people are uncomfortable discussing such things, it’s a messy subject.

  10. BY Plinko says:

    Well when it comes to political criminals. I don’t think they use systems in the way one might expect. Can’t remember where I read about it but there was something many moons ago about a group passing messages in an email account by leaving the messages as drafts. That meant that they were never sent across the network at all, instead that drafting section acted like a note taking session and they all shared the login information to go read the drafts. That isn’t traditional behavior using email. I don’t have multiple drafts waiting, do you.

    I think that people trying to hide something are going to – well try to hide it and in that way the traditional searching for what everyone is doing wouldn’t work to find them so what’s the point in gathering all the inane things unless it’s to piece together some connections after a naughty person is apprehended.

    Isn’t there some Kevin Bacon thing that talks about us all having 6 degrees of separation… ahh this is it http://en.wikipedia.org/wiki/Six_degrees_of_separation
    So I’m only 6 people away (at maximum) of being a friend of a baddie and so are you lol

    The only thing political I would ask you is. Is your opinion of writing a congressman or senator going to put you on a bad list or a good list. I’m reminded of the guy who wrote a lot of letters that they didn’t like the tone of then they suspected him of sending ricin (glazed the news blurbs, feel free to give info if I’m shortening it too much and missing details).

    I don’t know about you but I think of people who talk about things as not being necessarily people who act on things. When a fist fight is about to break out, there is always someone reasoning and someone sucker punching. Does the sucker punch person write a letter or act because the person trying to break things up or prolong the fight entry phase sounds like the orator willing to work it out verbally.

    When I think of letter writing I think of it as a non-threatening way to communicate and oration albeit distant instead of someone looking for a confrontation. Do you think politicians see it that way, or our government or does writing a letter portend a potentially bad citizen? Would you suggest that expression to the government about dislike of these things is in our interest or not so much lol

    • BY Rob Reilly says:

      Not sure I’m the best guy to ask about the “am I or will I be on a list” question. My track record of writing and posting on the Internet is long. I’m sure I’ve said a few things that would upset some set of politicians. Hey, I’m an independent writer, speaker, and consultant. My opinions are my own and I stand by them. In my mind, the chips will fall where they may and I’m comfortable with that stance. In other words, lists, schmists…First Amendment baby, I’m proceeding ahead at full speed.

      The NSA revelations brought that category of questions to the public’s consciousness.

      Sadly, you’ll notice that general media focus has now seemingly shifted to immigration reform. I am not going to discuss that topic, here.

      Keeping with my theme of learning about “political skills”, I’d like to expressly call out that commonly used political tactic.

      The NSA scandal brought a spotlight to a previously dark and politically volatile area of interest. Many politicians were uncomfortable with that spotlight and incorporated any number of techniques to downplay it’s importance, spin it’s benefits, or simply say that there was nothing here to see.

      So here we have the tried and true tactic of focusing on a new topic…not the NSA, spying, or any of that other stuff. We’re on to more important things now…namely immigration reform.

      The political skills take-away, is that when a topic gets too hot or isn’t benefiting “the agenda”, a good political way to go is to make every effort to switch the focus to another hot-button issue. The problem may or may not get fixed.

      The “shift focus” tactic works great, in government, business, and with teen-aged children.

      BTW, if the problem doesn’t somehow magically get fixed, there’s a good chance that it can be reshuffled back into the deck of “focus issues” for reuse, later on.

      The tech community tends to want to solve problems, so is it any wonder why techies tune out, when the old problem doesn’t get solved, interest (and perhaps funding) dries up, then everything switches to the new (possibly more fun to solve) problem. In the mean time, the politically savvy go merrily along doing what they do.

      I’ll throw it out to readers on recommendations on how to counter this tactic? Are there even any ways to counter?

      Rob Reilly
      Dice Mobile Development and Linux Community Guide

  11. BY Richard Morgan says:

    Put two and two together: The government (IRS) has already hassled organizations associated with the Tea Party. Now the NSA has your phone records and emails. If you call the Tea Party or Republican Party or email them, expect the IRS to put you on their audit list or otherwise hassle you.

Post a Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>