As Edward Snowden awaited the papers that will grant him a year of asylum in Russia, The NSA’s General Keith Alexander gave a talk at the annual Black Hat conference in Las Vegas. The Black Hat conference, which we mentioned earlier this week, is the annual get-together for hackers, many of whom are in fact ‘white hats’, or security contractors hired by corporations and governments to test and secure their digital assets.With Snowden’s sweeping revelations at the forefront of everyone’s mind, the crowd was not exactly predisposed to hear what General Alexander had to say. Some in the audience jeered and shouted profanities. One yelled out, “We don’t trust you!” Nevertheless, to hear the Washington Post tell it, General Alexander made a generally positive impression on the crowd:
In Alexander’s view, much of the anger is based on a misunderstanding of the facts. In his address here, he noted claims that the NSA and its analysts can and regularly do tap into the communications records of ordinary Americans.“Nothing could be further from the truth,” he said. “We can audit the actions of our people, 100 percent, and we do that.”He said the system used to collect e-mail and other digital records from Internet companies has “100 percent auditability,” but did not explain how or why that system failed to prevent Snowden from spiriting highly classified records out of the agency and sharing them with journalists.Despite the skepticism, a significant proportion of the hackers who attended Alexander’s presentation said they approved of it. They admired the fact that he kept cool in the face of criticism. They even applauded his message about balancing security and privacy, or at least the risk he took in standing before them.“It was a very solid presentation,” said a security engineer who identified himself in an interview—and on his Black Hat badge—only as Jeremy J.
The plural of anecdote is not data, and we assume that the NSA has a lot more damage control and bridge-building left to do, especially with those who are most expert in this narrow domain, which is so critical to the future of cyber-war. As General Michael Hayden remarked in a recent interview, America’s hackers are a valuable asset, and they have to be reached out to.As we wrote yesterday, this post-9/11 world is maddeningly complex and all too capable of throwing up surprises that could wrong-foot us. But more than a decade on, it’s time to start codifying in law some of our currently extralegal practices. Providing a level of transparency to what the US can and will do in order to protect itself should go a long way toward convincing all sorts of people that the United States government is not the enemy.