Trusted Computing Bonfire

NSA scandals echo through computing ecosystems

We thought we were mostly okay. Systems get hacked once in a while, and we’ve joked for years that the NSA was listening. Unfortunately, what we thought was solid turns out to be full of holes.

It’s not just that we cannot trust our communications to be secure from the NSA. Worse, their efforts to weaken cryptographic standards and build back doors into software mean that we cannot simply trust standards or tools because those doors and weaknesses are open to more visitors than the NSA. Even the standards for testing random number generation may be faulty.

The contamination goes well beyond the NSA. American companies have clearly played along. Apparently vague threats about treason accusations are effective. Even while Americans were avoiding Huawei because we feared it was a tool of the Chinese government, it seems that American companies have created their own compromises. The rest of the world is looking at America much the same way we have been looking at China.

At the same time, the NSA (and it is far from alone) has learned that it cannot trust its own people. While security clearances may work in the vast majority of cases, a few drastic failures are all it takes to tarnish the system. In an age where organizations show little loyalty to their employees, many organizations are starting to realize that their employees return the favor.

The NSA leaks may also have demonstrated the dangers of a layered security model, in which key people – system administrators – have access to a much wider variety of information than everyone else, across a number of systems. So far, none of the leaks have included things like personal data or cryptographic keys that the NSA collected, but suddenly the NSA itself seems much less secure.

After weeks of continuing revelation, people outside of the charmed circles of paranoia are realizing what happened. The New York Times devoted a Sunday editorial to the problem:

These back doors and special access routes are a terrible idea, another example of the intelligence community’s overreach. Companies and individuals are increasingly putting their most confidential data on cloud storage services, and need to rely on assurances their data will be secure. Knowing that encryption has been deliberately weakened will undermine confidence in these systems and interfere with commerce.

Asking the NSA to close these doors, even hoping for passage of a law that would require it, seems unlikely at present to have much long-term result. Transparency is not a virtue for the NSA – indeed, it seems pretty clear that their mission is incompatible with the kind of transparency it would take to restore trust.

We need to start planning for a computing world with minimal trust.

Related

Sign up for the O'Reilly Programming Newsletter to get weekly insight from industry insiders.
topic: Programming