Saturday, January 8, 2011

WSJ: "FBI's Mueller asks SV to build SW back doors?"

Stop the presses Wall Street Journal! It's not that I don't believe the story you ran yesterday, but I'm absolutely flabbergasted that it came out at all. What kind of complete moron lets the world know he's asking American software companies to build in back doors?
But just a few weeks before Mr. Putin publicly endorsed open-source software, FBI Director Robert Mueller toured Silicon Valley's leading companies to ask their CEOs to build back doors into their software, making it easier for American law enforcement and intelligence gathering agencies to eavesdrop on online conversations. The very possibility of such talks is likely to force foreign governments to reconsider their dependence on American technology. Whatever the outcome of Washington's engagement with the Internet, Silicon Valley will be the one to bear the costs.
Sure, I proposed in point #4 of my discussion on The Perfect Virus (principle #14 on Stealth), that compromising the Source Code Management System of major software vendors would be a priority. But my topic was STEALTH for crying out loud! You don't announce to the world that you're asking your country's bread-and-butter industry to build in back doors! Hell, technology is one of our few money crops for export. Nice shot in the foot for our trade deficit. Holy Mother of Pearl! A back door without STEALTH is just a lost sale for American software, whether or not they even considered complying with the request.

"So, Satan walks into a bar…" began Liam Nesson in The A-Team. Somewhere in the punch line of whatever joke you want to make will be the story of our telegraphed punches. If this whole story weren't so ludicrous it would be funny. Well, enough of the bad news. Now for the real punch line on Putin and Iran and all the others so justifiably offended at our public stupidity. The fact is, back doors and trap doors and dead-man switches can be hidden in plain sight, in legitimate source code that performs an indispensable function in any program. Heck, I've done it myself.

Back in 1978, I ran for the US Congress in the state of Washington (obviously, I lost). My home computer was a PDP 11/34 that took up a whole room in my house and needed both special power and special air conditioning. I had 16 dial-in phone lines coming into the system, and it really ran my whole campaign. I wanted to make sure that I could ALWAYS get into my system, no matter where I happened to be, so I built a back door into it. In otherwise critical source code, I slipped in kind of a combination lock, where three conditions had to be met at various points in the system in order for my back door to open and give me super user privileges. Without any one of those conditions being met, nothing unusual would happen. But when all three were met, "Zowie!" I'm telling you, nobody would EVER find that code or be suspicious of it, even if they had access to the source code. One wizard did look at my code, and I had to smirk when he didn't have a clue about its real purpose. So the joke is on Mahmoud Ahmadinejad and Vladimir Putin. Go for open source stuff. Please! With luck, the CIA won't be so forthcoming in their efforts to influence the open source movement. Hats off to Jack Bauer, wherever he is.

"So, Satan walks into a bar and bellows: 'Who broke into my servers?' Linius Torvalds throws a drink in his face and says…" You can finish the joke. I had some real fun in 1999 promoting Linus Torvalds for President of the United States (politics is never far from my mind) in the Wall Street Journal (yeah, I always pay close attention the good old WSJ). Here's the ad:
I have Linus's signature on a copy of the ad I tore out of the WSJ. He was greatly entertained. Which is more that I can say for myself when I read yesterday's WSJ story. Of course, The New York Times kind of carried the story on November 16, 2010. My advice to politicians who might think you're hot stuff— and want to go out and press the flesh with people who you think will be awed in your august presence—is: "Stifle that notion." I rather suspect guys like Larry Ellison and Steve Jobs are not awed by you or your self importance. In fact, they're probably laughing at you. They're busy changing the world in spite of your efforts, not because of them. Larry Ellison once hired a Clinton press secretary. The poor schmuck didn't last long after Larry discovered how high (and this is my opinion only about the individual and the event) some truly stupid people can rise in government.

No comments:

Post a Comment

Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?