Snowden isn’t just about Surveillance. It is much, Much, MUCH worse…

Posted on September 30, 2013

4


A colleague points out that Internet Governance Caucus (IGC) server is suddenly running extremely slowly just as the Caucus is attempting to reach consensus on an endorsement of the Brazil President’s denunciation of the NSA’s spying on herself and her countrymen.

A central figure working through p2p alternatives to global neo-liberalism finds that his email has been systematically filtered and misdirected over the space of two years causing himself and his activities irreparable and unknowable harm.

Another colleague who runs a small NGO in a somewhat volatile Less Developed Country finds that a key proposal of his for funding inexplicably went missing between his computer and the anticipated funder without his knowing until long after the deadline has closed.

Gremlins in the bit factory, bad key strokes by people who should know better, or… or…

We know many things from Snowden. Much of this confirm things which have been suspected for a very long time. Others have shocked civil libertarians, others have shocked US allies and including their heads of state and still others have tossed the entire technology community into a tizzy at having been betrayed and subverted at the very core of the design of the Internet (and worse since no one seems to have any idea of what can be done about this).

Overall, and not surprising given the most visible mission of the NSA, most of the attention arising from Snowden’s revelations to date has been focused on the flow of information from the world to the NSA and its entourage and into their filters and processors via various clandestine means and agencies, fair and foul.

And of course, these are shocking enough to transfix very many of us including the media, civil society and even some of the governments and agencies we have democratically chosen to represent us.

However, it should be remembered that Snowden’s revelations refer to networked information flows. And data/information of course, flows into the NSA’s computers and storage devices from (potentially) all the networks and networked computers in the world.

But this information flow TO the NSA of course, has a counterpart networked digitized information flow FROM the NSA (potentially) to all the very same computers and servers and routers around the world that they have been accessing (remembering that “tapping” data/information flows in digital form is a rather different, easier, cheaper, less visible and much much less intrusive process than doing so in analogue i.e. traditional “telephone line” tapping (a la G. Edgar Hoover) mode which appears to be the mental model of most of those discussing the Snowden revelations).

This information flow from the NSA into the global data streams of course, could take many forms–self destructing computer codes, software instructions for mechanical failures, falsified messages, delayed processes, phoney (or all too real) transactions, deleted emails, misdirected contracts, dummied up medical diagnoses and prescriptions, altered transcripts, and so on and so on and so on–all the dirty tricks we know of from various spy novels and movies and tales of hacker exploits but now available it appears (and virtually undetectable once performed) to any of the 800,000 or so of those with a suitable security classification at the punch of a few computer keys or from a drop down menu.

That is, everything that is open to intervention/surveillance through networked digital means, which in the context of the modern world means almost everything is equally open to input, interference, modification,, damage, destruction simply by inserting a few digits into the bit stream.

We know about Stuxnet, the set of commands as code (digital `worm`) introduced into the digital management of Iranian centrifuges as part of its (secret) nuclear program and ultimately activated for successful destruction. Evidently the technical community was astounded at the technical virtuosity that this caper revealed about its perpetrators.

How difficult would it be for the same team or one’s operating under their guidance or using their play book to do any of the things noted above in my first few paragraphs? Probably, as Snowden suggests, these would be something that a reasonably well trained techie could do from his/her workstation in a matter of a few key strokes or even from one drop down menu or another as a matter of on-going routine.

Of course, they probably wouldn’t target the IGC server (although it is not inconceivable that thwarting the development of a head of steam behind the efforts of the Brazilians to develop a global means of reigning in the NSA could have a fairly high priority); and perhaps they didn’t target my friend who thinks deeply about p2p production models (but maybe one of the young turks in the NSA is smart enough to realize the threat to US corporate interests that that might ultimately be presented if these strategies were to be widely accepted); but who knows what interests (personal or “security”) are being pursued by all those folks with “top secret” access to the NSA’s (two way?) “surveillance” technologies (could they by this time perhaps more appropriately be called “read/write” machines).

Let’s see, if only half of those 800,000 folks with Top Secret clearance are actually accessing their NSA read/write machines and if each of these 400,000 has been assigned say 100 files to surveille (about two files a working day) that’s roughly 4,000,000 people who should be watching their backs, their bank accounts, their academic transcripts, their automated credit reports, their health diagnoses and prescriptions and treatment assignments, their travel reservations and who knows what else…. And the kicker is, apart from the 1000 or so Al Qaeda folks who seem to be still lurking around somewhere we have no real idea of who those other 3,999,000 people being “surveilled” might be…

And then of course, there are the unauthorized transfers into bank accounts, improbable coups on the stock market, extremely (and of course, unaccountably) insightful bids for various types of contracts, and all the infinite numbers of transactions and activities which make the financial systems of the world operate with such efficiency (and lack of effective oversight…). And Snowden’s revelations of the plans to compromise smart phones only indicates that these activities will accelerate and expand enormously in the near future.

Fun isn’t it?

Did the NSA or some other clandestine agency, or one of their contractors, or their contractors’ contractors, or someone else of the 800,000 people in the US alone with an appropriate security clearance interfere with the operation of the Internet Governance Caucus listserv? Probably not, just a passing glitch or a misconfiguration somewhere along the line. Did some similar agency cause the diversion of my p2p friend’s emails, probably not–he accepts the “lone gunman” theory as do I. And as for my other friends lost e-proposal, well that sort of thing happens to the best of us, (and no 9/11 wasn’t “an inside job…

But the point isn’t whether this or that e-failure is the result of some willed action or just gremlins in the system, in most instances we will never know. The point is that we now know from Snowden that technically, morally, and by revealed intention and disposition these and all the other much, Much, MUCH worse interventions into the digital flow could have happened effortlessly and presumably without trace and certainly without oversight let alone formal authorization

And in the absence of some form of globally sanctioned oversight, transparency and accountability these things will start happening if not now then soon, and it will happen globally, more or less invisibly and in industrial quantity, and as they do happen, so the Surveillance Society will become baked in as the outer dome within which our individual and global democracies are framed and degraded and subverted, probably irreparably and irredeemably.

Postscript: Wired Magazine has now documented some of the ways in which even the simple eavesdropping processes being used can become “weapons” of mass disruption.