Everyone's Spying on You


After explaining the workings and eventual decryption of the Enigma code in his terrific book, The Code Book, Simon Singh pointed out that the British kept the fact a secret even after World War II. Why? To keep tabs on countries who still used the Enigma code, says this Wikipedia article. In fact, they went a step further than just tapping into countries that happened to use the Enigma code:
“After the end of World War II, the Allies sold captured Enigma machines, still widely considered secure, to developing countries.”

Were you appalled by that? Fast forward to present day, says security expert, Bruce Schneier, and things are actually lot worse:
1)      The Pentagon recently stopped selling phones made by Chinese manufacturers like ZTE and Huawei on military bases. Why? Because they might be spying on their users.
2)     In 2012, the US was worried about Chinese made Internet routers for the same reason.
3)     Both China and the US banned use of Kaspersky’s anti-virus products because it was a Russian company and there were worries that the Russian government had a “backdoor” into computers world over via the software.
4)     In 2017, India identified 42 smartphone apps that China subverted and asked its military to stop using those apps.
5)     Back in 1997, there were rumours that the Israeli company Check Point had put in backdoors into its software for the Israeli government.
The common theme in all these examples?
“If a country doesn't trust another country, then it can't trust that country's computer products.”

With smartphones, things get even more murkier. It’s possible to add backdoors even at the computer chip level. And most chips are made in China, Taiwan, Malaysia or Indonesia, so where does that leave us? And then there are all those apps. Or how about the software written by the big companies?
“Think of how many countries' citizens are writing software for Apple or Microsoft or Google.”

As Schneier says:
“Supply-chain security is an incredibly complex problem… We can't trust anyone, yet we have no choice but to trust everyone. Our phones, computers, software and cloud systems are touched by citizens of dozens of different countries, any one of whom could subvert them at the demand of their government.”
 So what’s the solution? Schneier doesn’t have an answer; governments don’t either. But not using smartphones isn’t an option either because that genie came out of the bottle long back and it ain’t going back…

Comments

  1. Ramiah KumarMay 18, 2018 at 11:37 AM

    Lovely blog. The point has been presented with sharpness and clarity.
    ---
    By the way, when I read "We can't trust anyone...", I was reminded of what Oppenheimer said, in response to a question about "with atom bombs in our midst, there doesn't seem safety for anyone? What defense we need to develop now, that would be adequate?".

    Oppenheimer paused, smiled and replied, "Foolproof Defense? Everyone totally believing in Peace".

    It may all be Utopia, so let us try for individual peace, amidst pervasive and non-stop socio-political aggression and turmoil.

    ReplyDelete

Post a Comment

Popular posts from this blog

Student of the Year

Image
As a toddler, my daughter loved Alia Bhatt’s songs, esp. the ones from Student of the Year . (That movie did have many good songs and well-choreographed dances). Fast forward to present day, when she is 12 yo. She rarely watches Hindi movies now, but one of the few ones she likes of late, Raja aur Rani ki Prem Kahani has, yes, Alia Bhatt.   If I had any hopes that there was anything to be read in the name of her toddler-time favorite ( Student of the Year ), they have been dashed. Our conversations come exam time are perfectly captured by this photo and its caption: In fact, the pic below captures how she and I look at her answer sheets – me intently, she with an expression of “It’s over, so why are you even looking at it?”   Of late, we pull her leg and tell her that she isn’t showing any signs of academic prowess, she’d better find a rich guy to marry. Some time later, she showed us this meme on the Internet: “Me No Study, Me No Care Me Go Marry Millionaire If He Die
Read more

Why we Deceive Ourselves

In their book, The Elephant in the Brain , the authors describe this weird aspect of deception that we practice: deceiving ourselves! That is so weird: “If our minds contain maps of our worlds, what good comes from having an inaccurate version of these maps?” The Sigmund Freud school of thought treats self-deception as a defense mechanism, “a way for the ego to protect itself”. The mind seeks to protect itself from anxiety and other negative emotions. Many object to this reasoning: since accurate information is so critical to our survival, surely distorting information would be dangerous. Wouldn’t the goal of protecting our self-esteem have been better achieved by making the brain’s self-esteem mechanism stronger instead? The new school of thought explains self-deception as “primarily outward-facing, manipulative, and ultimately self-serving”. This is based on Thomas Schelling’s work on game theory: “In a variety of scenarios, limiting or sabotaging yourself is the winn
Read more

Handling of the Satyam Scam

The Satyam scam. How does that fit into Montek Singh Ahluwalia’s book on reforms in India, Backstage ? The reason is that, as both NASSCOM and the government of India felt: “(Satyam’s) collapse would create a great deal of disruption for clients worldwide and seriously damage India’s reputation as a reliable source of software services.”   Therefore, the government decided to work with the private sector to “organize a quick takeover by a reputable new buyer, who would quickly restart the company”. But that could not be done overnight. In the meantime, the new board would have to reach out to Satyam’s clients and “reassure them that the company would survive”.   For the new board to have credibility when it made that statement, it had to be staffed with people who understood the private sector, the IT sector in particular, and commanded respect and trust. Deepak Parikh from HDFC was made chairman, and other members of the board included a former NASSCOM chairman, CII member,
Read more