Berto Jongman: Humans, Data, & Spies — What Manner, What Value, Integrity?

Architecture, Cloud, Crowd-Sourcing, Governance, P2P / Panarchy
Berto Jongman
Berto Jongman

Data, meet spies: The unfinished state of Web crypto

Many large Web companies have failed to adopt a decades-old encryption technology to safeguard confidential user communications. Google is a rare exception, and Facebook is about to follow suit.

June 26, 2013

Revelations about the National Security Agency’s surveillance abilities have highlighted shortcomings in many Internet companies’ security practices that can expose users’ confidential communications to government eavesdroppers.

Secret government files leaked by Edward Snowden outline a U.S. and U.K. surveillance apparatus that’s able to vacuum up domestic and international data flows by the exabyte. One classified document describes “collection of communications on fiber cables and infrastructure as data flows past,” and another refers to the NSA’s network-based surveillance of Microsoft’s Hotmail servers.

Most Internet companies, however, do not use an privacy-protective encryption technique that has existed for over 20 years — it’s called forward secrecy — that cleverly encodes Web browsing and Web e-mail in a way that frustrates fiber taps by national governments.

Lack of adoption by Apple, Twitter, Microsoft, Yahoo, AOL and others is probably due to “performance concerns and not valuing forward secrecy enough,” says Ivan Ristic, director of engineering at the cloud security firm Qualys. Google, by contrast, adopted it two years ago.

Read full article with additional links.

Phi Beta Iota:  Forward secrecy is neither new nor the first idea.  Eric Hughes in the early 1990’s conceptualized end-user controlled encryption for banking data.  The bottom line is that encryption is irrelevant if human integrity is lacking, and we have certainly seen that human integrity is lacking at both Google and Facebook.  The human factor is central to both protecting information, and exploiting information in context.  Technology is a sideshow.  The main event is human, and that is what governments and other institutions have failed to develop to its fullest potential of intelligence and of integrity.

See Also:

2013 Robert Steele Reflections on Alternative Command & Control (AltC2) — Five Questions and a Game Plan 1.1

2013 Robert Steele — Alternative Command & Control and Four Transformation Forcing Concepts

2012 Robert Steele: The Human Factor & The Human Environment: Concepts & Doctrine? Implications for Human & Open Source Intelligence 2.0

2012 Robert Steele: The Human Factor & The Human Environment: Concepts & Doctrine? Implications for Human & Open Source Intelligence

2012 Integrity, Reflexivity, & Open Everything

2002 The New Craft of Intelligence–What Should the T Be Doing to the I in IT?

2000 ONE WORLD, READY OR NOT: From National Capabilities to Global Coverage Through a Virtual Intelligence Community Coordinated by NATO/PfP

Graphic: Jim Bamford on the Human Brain