mead cohen berger shevtsova garfinkle michta grygiel blankenhorn
Finding the Via Media Online after the NSA Leaks

The latest Snowden revelations out from the New York Times and the Guardian make for compelling reading; at the same time, they’re not the least bit surprising.

They’re compelling insofar as they outline just how successful the NSA and Britain’s GCHQ have been in compromising and circumventing the cryptographic standards behind most of the Internet. By a mix of computing power, legalistic coercion, and old-fashioned infiltration, they have manage either to get access to trusted certificates that unlock encrypted communications or to work backdoors into the key algorithms and hardware underpinning secure communications online, from email to financial transactions. Whether this will be bad for the future of the internet, broadly speaking, is an interesting question for debate. Will legitimate international businesses start to avoid American and British telecom hardware manufacturers and software vendors? Maybe, or maybe not; we’ll probably soon find out.

But this news shouldn’t have been surprising to anybody who has been paying attention. Via Meadia has always wondered why so many people were so smug about encryption; we always assumed that people, and especially governments, would try very hard to do something about it. After all, to encrypt something is to flag it as at least potentially worth knowing. Savvier internet users have always treated internet traffic the same way they have treated the post: Always assume it isn’t secure.

This story has elicited gnashing of teeth and rending of garments among some of the more idealistic members of the tech community about the betrayal of a certain kind of ideal that the internet represented. Some people seem to have thought cyberspace was a virtual Garden of Eden, evidently oblivious to the fact that the same forces that are shaping the rest of human social life are at work on the web (if anything, they’re working even faster on the web). These people failed to understand that technology doesn’t so much change human nature as empower it, for both good and evil. For those who are genuinely shocked, shocked that there is gambling at Rick’s, or that states do in cyberspace what they have always done in meatspace, this story should serve as a wake up call. Being an Internet denizen doesn’t mean you’ve got a magic pass that lets you escape from the logic of history.

All that said, we’re not smugly calling for everyone to passively accept the status quo, that this is the way things have to be. In a way, naive Internet utopian thought has given states opportunities and incentives to pursue surveillance and infiltration techniques with even less restraint than they would have otherwise. But now there’s no excuse for ignorance anymore (not that there ever was much to begin with). It’s clear that American society needs to move much more intentionally and creatively to extend our basic approach to life onto the internet. That concept is “ordered liberty.” The internet can’t be a jungle, where anything goes, but we don’t want it to be a police state either. We have 200 plus years of historical experience of balancing the demands of liberty and the demands of order. That’s the experience we must now draw on to ensure that the internet continues to be something that expands rather than limits the realm of human freedom.

Features Icon
show comments
  • Andrew Allison

    Oh dear, not a good day for VM analysis. NSA’s remit is FOREIGN intelligence, and while monitoring the telephone or Internet communication of a foreigner visiting the US is OK, vacuuming up everything produced by US citizens is not! It is, in fact, a blatant violation of our First, Fourth and Fifth Amendment rights. FWIW, I’ve appended the following signature to my email correspondence:
    “Ask not for whom the NSA trolls, it trolls for thee!
    (my make-work treat for the surveillance State)”

  • jeburke

    I see a really big irony here: the people most exercised about the potential to encroach on somebody’s internet privacy include that loose association of hackers (!) around Wikileaks who make it their business to hack into anyone else’s stuff and then crow about it; self-appointed snoops who steal other people’s internet communications; and editors and reporters who are always ready to publish those stolen communications as long as it furthers some cause or grinds some axe they favor.

    But let’s not sit idly by and allow NSA to figure out out to read al Qaeda’s mail, encrypted and protected free of charge by Google. Can’t have that.

  • Corlyss

    “But now there’s no excuse for ignorance anymore (not that there ever was much to begin with).”
    Agreed. I’m still waiting for someone to explain to me why this is considered “news” when most of these facts were known or or about 2006 when the NYT et al. broke the story of the phone companies’ cooperation with the feds on access to the phone cos.’ records, which just happened to consist of everything that travelled over their infrastructure. Why this is a surprise to anyone is still a mystery to me. Now with Google saying categorically that gmail emails are their property and not secure, well, that’s icing on the snooping cake. The lesson from this is people have no more expectation of privacy in their emails than they do to something spray painted on the sides of their houses or said in public to an audience. Will that change the behavior that has evolved over the last 30 years of email acclimatization? I doubt it. People who don’t care about sexting and posting minute by minute reports on their whereabouts and their activities on Facebook shouldn’t get their shorts in a twist over other people reading their email.

  • bpuharic

    Actually this is pretty old news.”Scientific American” has had news several years ago about cryptographic techniques that are unbreakable, and how the NSA has worked with manufacturers to ensure they’ll always have access.

  • mgoodfel

    What NSA is doing is very short-sighted. Yes, we all knew they tried to break codes. What we didn’t know is that they deliberately subverted the standards and co-opted the carriers to make sure that codes were easier to break. And there will be obvious repercussions.

    First, terrorists will just meet face to face and not use the net. I doubt we’re doing to be able to infiltrate those groups, so they are going to go completely dark.

    Second, other governments, knowing these holes have been built into our security, will try and find their way into the NSA-built back doors.

    Third, the techies will work on really good end to end encryption that has not had any government involvement in standard setting. NSA has now lost the trust of a big chunk of the security community, and made itself enemy #1 for a lot of hackers.

    In other words, the situation could end up far worse for national security than if they’d stuck to their legal mission.

© The American Interest LLC 2005-2016 About Us Masthead Submissions Advertise Customer Service