<div dir="ltr"><div>The list of toxic effects of the (global) intelligence community's meddling in the (global) IT industry affairs goes on ad nauseum. To Thomas' list we can also add the actual weakening of the security of technology products & services, the gagging of technology & telecom businesses w/r/t compulsive cooperation with LE & intelligence agencies in any number of jurisdictions, and all of the concomitant damage done the their businesses and brands. (This is all never minding the litany of wrongs which may or may not have actually been done customers.)<br></div><div><br></div><div>Yeah, sure, spies gonna spy, but that doesn't mean global tech has to feel okay about picking up the tab. Global tech is just pavement for the (global) intelligence community, and it knows it. Compounding the injury, tech markets are bakanizing in response to IC misbehavior.</div><div><br></div><div>At this point I'm just waiting to see the first reports of the global tech industry making serious moves to organize in support of a few broad-stroke technology goals, namely -<br></div><div><br></div><div>* Take stock of global critical technology infrastructure, identify world's most security-critical protocols, standards, and implementations</div><div><br></div><div>* Serious research in hardware verifiability</div><div><br></div><div>* Serious research in deterministic bulids and broader subject of software verifiability</div><div><br></div><div>* Increase pressure on the 0-day market with large-scale contributions to vulnerability research, discovery, disclosure, and repair (thinking along the lines of a global-scale Project Zero)</div><div><br></div><div>* Move itself and its infrastructure out of the intelligence gathering loop. Device encryption by default, end-to-end secure channels by default, no escrow.<br></div><div><br></div><div>* Renewed commitment to open standards, ejecting the toxic players from the process.<br></div><div><br></div><div>$0.02,</div><div><br></div><div>pty</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Oct 22, 2014 at 5:27 PM, Thomas Quinlan <span dir="ltr"><<a href="mailto:tom@thomasquinlan.com" target="_blank">tom@thomasquinlan.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">It's late & I'm scratching this out on my phone, but the problem may actually be four-fold. My last two points, plus:<br>
<br>
3 - Parallel Reconstruction. This is quite scary. It undermines basic legal tenets that we've had for hundreds of years. Additionally, people aren't even doing it well. A leaky captcha? Please, anyone with a modicum of understanding about how things work saw right through that.<br>
<br>
4 - Targeting journalists. Show from the corporate owned media problem, NSA/government do themselves no favors detaining &/or targeting journalists. It happened again this morning in New Zealand. "Oh, this has nothing to do with that expose you just did on us & is totally related to something else you may be tangentially involved in from five years ago but we'll take all your things. And your daughter's. You know. Just to be safe."<span class=""><br>
<br>
<br>
On 22 October 2014 22:43:39 Andreas Lindh <<a href="mailto:andreas.lindh@isecure.se" target="_blank">andreas.lindh@isecure.se</a>> wrote:<br>
<br>
</span><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5">
Dave,<br>
<br>
I read that piece and thought it was quite well written. I also think that<br>
you¹re wrong on several accounts.<br>
<br>
First of all, the US is not the Internet. Saying that it¹s a good thing<br>
that the US has "the most sophisticated cyber arsenal of any other country<br>
on the planet² is just irrelevant in this context. You are addressing the<br>
claim that the US is the biggest threat to the Internet, not to other<br>
countries who happen to have a presence on the Internet. This is an<br>
Internet issue, not some military dick waving contest. Also, considering<br>
the US habit of starting wars, I¹d wager that large parts of the world<br>
actually think it would be an even better thing if the US did not have<br>
such an awesome arsenal at all.<br>
<br>
Second, you claim that the US is not hacking for competitive advantages. I<br>
get that you¹ve been a part of this machinery and probably knows what<br>
you¹re talking about, but still. Should we just take your word for it? And<br>
if so, why should your word carry more weight than when China says the<br>
exact same thing?<br>
<br>
Third, using ³but everyone else is doing it too² as an excuse is just<br>
childish.<br>
<br>
This is not a US military issue, this is about privacy for _everyone_.<br>
<br>
Andreas<br>
<br>
<br>
Read more:<br>
<a href="http://www.businessinsider.com/expert-here-are-4-things-edward-snowden-gets" target="_blank">http://www.businessinsider.<u></u>com/expert-here-are-4-things-<u></u>edward-snowden-gets</a><br>
-wildly-wrong-about-the-nsa-<u></u>2014-10#ixzz3GuB8jeC4<br>
<br>
On 2014-10-22 19:37, "Dave Aitel" <<a href="mailto:dave@immunityinc.com" target="_blank">dave@immunityinc.com</a>> wrote:<br>
<br>
>Article that dropped today. I have learned from the comments that I am<br>
>the reason we cannot have nice things:<br>
><a href="http://www.businessinsider.com/expert-here-are-4-things-edward-snowden-get" target="_blank">http://www.businessinsider.<u></u>com/expert-here-are-4-things-<u></u>edward-snowden-get</a><br>
>s-wildly-wrong-about-the-nsa-<u></u>2014-10<br>
><br>
>Prepub Review Document:<br>
><a href="https://pbs.twimg.com/media/B0jFP8bCQAA_jxQ.jpg:large" target="_blank">https://pbs.twimg.com/media/<u></u>B0jFP8bCQAA_jxQ.jpg:large</a><br>
><br>
>Next week I'm going to give a talk here, available for beers/heckling!<br>
><a href="http://www.eventbrite.com/e/georgia-tech-cyber-security-summit-2014-ticket" target="_blank">http://www.eventbrite.com/e/<u></u>georgia-tech-cyber-security-<u></u>summit-2014-ticket</a><br>
>s-11887603141<br>
><br>
>-dave<br>
><br>
><br>
<br>
<br>
<br></div></div><span class="">
----------<br>
______________________________<u></u>_________________<br>
Dailydave mailing list<br>
<a href="mailto:Dailydave@lists.immunityinc.com" target="_blank">Dailydave@lists.immunityinc.<u></u>com</a><br>
<a href="https://lists.immunityinc.com/mailman/listinfo/dailydave" target="_blank">https://lists.immunityinc.com/<u></u>mailman/listinfo/dailydave</a><br>
<br>
</span></blockquote><div class="HOEnZb"><div class="h5">
<br>
<br>
______________________________<u></u>_________________<br>
Dailydave mailing list<br>
<a href="mailto:Dailydave@lists.immunityinc.com" target="_blank">Dailydave@lists.immunityinc.<u></u>com</a><br>
<a href="https://lists.immunityinc.com/mailman/listinfo/dailydave" target="_blank">https://lists.immunityinc.com/<u></u>mailman/listinfo/dailydave</a><br>
</div></div></blockquote></div><br></div>