[Dailydave] I am the reason we cannot have nice things on the Internet.

Michal Zalewski lcamtuf at coredump.cx
Wed Oct 22 19:08:12 EDT 2014

> http://www.businessinsider.com/expert-here-are-4-things-edward-snowden-gets-wildly-wrong-about-the-nsa-2014-10

Oh boy!

So... I'm decidedly ambivalent toward Edward Snowden. I found some of
his disclosures troubling;  but I also felt that many more of them
were reported in a misguided way, ultimately unsurprising, and
probably deeply harmful to the US.

I am also an unabashed westerner. Having grown up in a culturally
western country turned into a Soviet satellite state, I am very
pragmatic in seeing the US as a force for good - and compared to the
alternatives, I'm quite happy with my current country of residence
having the upper hand in the world's affairs.

But I also think that the article misses the point a bit. Some of
Snowden's revelations are unsettling to many people because they
expose a fearsome piece of secret machinery that, in principle, could
be used to cause tremendous harm to political enemies. It's best to
assume good intentions, but with the Cold War era checkered by
developments such as the Watergate affair, the House Un-American
Activities Committee, or any number of questionable assassination
attempts, coups, and sometimes secret proxy wars orchestrated by the
United States, it's not hard to see where the concerns are coming

Such worries obviously can't be addressed by insiders - Dave included
- coming forth and assuring the public that everything is in order,
based on their own knowledge of classified policies or the degree of
oversight provided by secret courts. If anything, it seems like a sure
way to anger the critics =)

Now, I think that most of the post-Snowden criticisms of the
intelligence community do run into a fundamental problem: it is not
particularly clear what are the alternatives; in the world of
international affairs, there are very few real rules, and very little
to be gained by taking a principled stand.

>From a very pragmatic perspective of a guy working in the private
sector, I don't like two things about where we are right now:

1) I don't enjoy having to look at the NSA as a very unique adversary
who will not necessarily stop at attacking or undermining the security
of the systems I'm working on to get to their target.

2) I think that the specific practice of stockpiling 0-days is
ultimately harmful to the Internet, especially since there is probably
no deterrence effect to having a greater number of unfixed bugs.


More information about the Dailydave mailing list