It seems we have been living with the Snowden revelations forever. But in truth, he has only been a household name since mid-2013. There was so much news released that it quickly became information overload. There was too much information to fully process any one piece of it. The takeaways from the information dumps can be summed up in the following manner:
- The government is spying on its own people
- Everything you do on your cell phone is being monitored in some way
- Private businesses are colluding with the government to erode your civil liberties
Everyone kind of suspected the government was spying on them. And they knew that cellphone data could be monitored. But they were surprised and offended that the companies with which they were doing business were actively selling them out.
The level to which the government has subverted private industry is still news. The more we learn about what the government is doing in the name of security, the less security we feel like we have. Here are two examples:
The Government Compromises Your Protection
Never mind China and Russia. One of the biggest malware threats U.S. citizens face is from the U.S. government. For years, we’ve known that various governmental agencies attend black hat conferences. We also know that they hire some of the best hackers. Now we know what they are doing with all of that black hat talent. They are making and releasing malware. While we know about some of the malware offensives against other governments, there is no reason to believe that some of that malware isn’t used against U.S. citizens.
For these reasons, the government wants your computer to be as insecure as possible. Spiking the security punch your computer is drinking is one of the ways they can lull you into believing that you are secure when you really are not.
When your system is breached, sometimes the only thing you can do is wipe all the data and make a clean start. Before you can do that, you need to be sure to have a secure backup of your data. That means you will have to have some type of data loss prevention plan for such an eventuality. A plan is necessary due to risk factors such as:
- Rapidly evolving compliance regulations and mandates
- Continued growth of workforce mobility
- Employees using their own mobile devices and consumer apps for work
- Rising frequency of advanced persistent threats (APTs) and data breach incidents
The Government Causes Businesses to Compromise Core Values
Blackberry is in the news again, and it is not good for Blackberry fans. Blackberry CEO, John Chen, speaks on the great encryption debate and where BlackBerry stands on it all. What he is saying is proving worrisome to many longtime Blackberry fans.
Blackberry still has a lot of government contracts. And Blackberry’s only stronghold is mobile security. The conflict of interest becomes apparent when one hears what every branch of the government in almost every country is saying. Right now, especially in the U.S., there is a war on strong encryption on consumer devices. The government is demanding backdoors, and wants access to consumer communications upon request.
For his part, Apple’s Tim Cook has drawn a hard line when it comes to cooperating with such requests. He has publicly stated that Apple cannot comply with such requests because they have engineered its solutions so that Apple holds no keys, and cannot comply with such requests. They are in the business of privacy.
On the other hand, Blackberry’s John Chen is promising cooperation. He is not promising a backdoor. But he is taking a pro-government stance which seems geared toward protecting existing ties with government entities. Blackberry is not necessarily doing anything wrong. But it is a strange day when a consumer company defies the government in the name of security, while the security company defies security in the name of the government.
We have seen some disturbing examples of how the government is becoming more emboldened when it comes to pressuring businesses to serve as an unofficial branch of the state. As a consumer, your best protection is to use products that have a proven track record of consumer protection and strong encryption, and keep a good set of backups just in case.