
The NSA's Cyber-King Goes Corporate - uptown
http://www.foreignpolicy.com/articles/2014/07/29/the_crypto_king_of_the_NSA_goes_corporate_keith_alexander_patents
======
incision
_> 'What insights or expertise about cybersecurity could possibly justify such
a sky-high fee, some wondered, even for a man as well-connected in the
military-industrial complex as the former head of the nation's largest
intelligence agency?'_

The same sort of insights and expertise that athletes put into stuff sold by
Nike, Adidas or Gatorade.

It's an endorsement deal.

~~~
JTon
I think it's a little more than an endorsement deal. He knows deep inside
information into what surveillance programs the NSA operates. I read it as
follows: "we guarantee your company's IT infrastructure will no longer be seen
as a low hanging fruit to the NSA"

~~~
rayiner
He's not a clueless career bureaucrat. He's been in the cybersecurity business
for a very long time (from his Wiki page):

> Alexander worked on signals intelligence at a number of secret National
> Security Agency bases in the United States and Germany. He earned an MS in
> business administration in 1978 from Boston University, an MS in systems
> technology (electronic warfare) and an MS in physics in 1983 from the Naval
> Postgraduate School, and an MS in national security strategy from the
> National Defense University.

While the government is often woefully behind the private sector, it's also
sometimes several steps ahead.[1] You might not like his views about the right
balance between security and privacy, but I wouldn't underestimate the kind of
insight Alexander can bring to the table, for reasons that have nothing to do
with his political pull with the NSA.

[1] Anecdote: I worked on a DARPA project about a decade ago. Commercial
implementation of similar technology is probably another decade out. And that
was pretty run of the mill stuff, nothing classified. I can only imagine the
type of shit you run into at the NSA. The military often just hits a
particular pressure point before the private sector does, and they have the
money to throw experts at the problem.

~~~
616c
I remember watching as a kid a History Channel documentary on the NSA, or
maybe encryption in general, with the name or theme at least "The Code
Breakers and the Code Makers." Essentially, it ended with the observation that
the NSA was in trouble: as advantage by the end of the 20th centry shifted
from code breaker to code marker, and non-commerical and free encryption tools
of higher quality than ever made government-sponsored code breaking many
orders of magnitude harder than before.

As a budding nerd, I was thankful for this. HC painted the NSA as being
painted into a corner, and even then I wondered for a moment what this would
mean for them. Little did I know a decade later how angry the result would
make me, and perhaps the exposure of the Clipper Chip was just some ironic
leak so they could laugh at later successes.

------
rubiquity
Pretty amazing that the former director of the NSA can start a company in his
former employer's space without being sued and yet as programmers we can't get
a job anywhere without signing huge stacks of papers that make doing the same
nearly impossible, or scary enough to where we don't even bother.

~~~
rayiner
The NSA's job isn't private cyber security. Also, non-competes are evil.

~~~
droopyEyelids
The point is there seems to be different rules governing people who come from
different positions or social classes in our society.

~~~
tptacek
That doesn't sound right at all. CEOs are more likely to be bound by
noncompetes than line employees. Equally importantly, the noncompete of a CEO
is _much_ more likely to be enforceable. Contractual restrictions on
competition probably become more onerous as economic status increases.

------
616c
> Alexander is believed to be the first ex-director of the NSA to file patents
> on technology that's directly related to the job he had in government.

I wish purely out of spite this schmuck could be the source of a whole class
of new lawsuit by which certain government employees, like projects they work
on, are legally required to do public domain work only. Like, their employment
at a company becomes caustic so people who works at orgs like the NSA who have
access to state secrets dedicate themselves to the cause for life and there is
no chance for profit.

In short, this is disgusting and I dislike him more than even before.

------
drblast
Government agencies about to be inundated with sales pitches from General
Alexander's company in 3...2...1...

Same thing happened when Admiral Fallon retired and suddenly discovered his
long hidden cyber security talent at NeuralIQ.

This is a way for these guys to use influence to sell things to agencies they
used to run.

~~~
dublinben
How can we forget Chertoff, and his lobbying/fear mongering on behalf of body
scanner manufacturers. He very transparently used his credentials as former
Secretary of Homeland Security to get his client's devices installed in every
airport in the country.

~~~
samstave
And Tom Ridge, who joined the board of Savi Technologies/Lockheed Martin to
push the use of RFID tracking on military shipments and port security.

------
bradleyjg
I wouldn't hire a security company run by the former head of the NSA. Is there
any question in anyone's mind that if he was approached by the government to
put a backdoor in your company's product or infrastructure, he wouldn't
hesitate for a second to say yes?

~~~
dllthomas
The government never paid him a million dollars.

~~~
uptown
How would you know? The US intelligence budget clocks in around $52 billion.
You don't think a few million could be allocated if it was the most-expedient
way of making something happen?

~~~
dllthomas
If you mean that the government could offer him a million _now_ to expose a
client's network, sure, but they could offer that to anyone.

------
jemfinch
"Alexander said that if he determines that he needs to use technology or
methods that the NSA has patented, he will pay for a license".

Why can the NSA patent anything at all, preventing the public from using the
technology it generated with taxpayers' money?

~~~
res0nat0r
Why not? It is just like many other companies that invent technologies that
might happen to also be funded by the public. See DARPA.

[https://en.wikipedia.org/wiki/DARPA](https://en.wikipedia.org/wiki/DARPA)

~~~
Alupis
Can I call up the NSA and obtain a license for say... XKeyScore? Probably
not... so this is egregious.

~~~
res0nat0r
Not everything developed by the government is automatically supposed to be
available to the public so I guess I don't understand your point.

~~~
Alupis
The point is how is it acceptable that a previously-public-servant can have
insider knowledge about "secret" government patents and he can obtain a
license to use the technology but I cannot? That's absurd and an abuse of
power and privilege.

~~~
ObviousScience
Did it say he was going to use secret patents?

Or just that he was going to use NSA patents?

Because the NSA maintains a list of patented technologies that they offer to
the public on various terms:
[http://www.nsa.gov/research/_files/tech_transfers/nsa_techno...](http://www.nsa.gov/research/_files/tech_transfers/nsa_technology_transfer_program.pdf)

~~~
Alupis
Even if he uses knowledge, methods, practices, routines, guidelines, etc from
his time serving at the NSA -- I would expect a NDA to prevent him from using
_any_ of that knowledge -- my company made me sign one, and so do most.

------
geetee
_Wiper is a cousin of the notorious Stuxnet virus, which was built by the NSA
-- while Alexander was in charge -- in cooperation with Israeli intelligence._
Have the Stuxnet creators actually been proven to be the US and Israel? I
thought it was still speculation (but almost certainly true).

~~~
DCKing
There was a lot of circumstantial evidence pointing to this fact already, and
Snowden finally confirmed this last year in an interview with Der Spiegel [1].

[1]: [http://cryptome.org/2013/07/snowden-
spiegel-13-0707-en.htm](http://cryptome.org/2013/07/snowden-
spiegel-13-0707-en.htm)

~~~
geetee
Ah thanks. I had read about a lot of evidence pointing in the USA's direction,
but didn't realize Snowden also confirmed it. Arguably still hearsay, but
certainly adds more weight to it.

~~~
DCKing
In addition to the Snowden confirmation, there were some press leaks in 2012
that appear to have confirmed it earlier [1]. Apparently there's still some
investigations going on within the U.S. government about who leaked it.

I'd say it's a pretty clear-cut case who was behind Stuxnet.

[1] [http://www.wired.com/2013/06/general-keith-alexander-
cyberwa...](http://www.wired.com/2013/06/general-keith-alexander-
cyberwar/all/)

------
angersock
_Asked why he didn 't share this new approach with the federal government when
he was in charge of protecting its most important computer systems, Alexander
said the key insight about using behavior models came from one of his business
partners, whom he also declined to name, and that it takes an approach that
the government hadn't considered. It's these methods that Alexander said he
will seek to patent._

Quite the patriot--and one wonders why Millenials have no faith in the senior
.gov folks.

------
higherpurpose
He's most likely using inside information from the NSA. This warrants an
investigation and constant monitoring by DOJ (not that they'd actually do
anything about it if they saw Alexander _selling_ secret NSA information to
companies).

As someone else was saying on Twitter - at least Snowden gave back the
information to tax-payers for _free_. Keith Alexander is just trying to profit
from it, and only giving it to a few elites.

------
kelvin0
I'm tempted to make an analogy with 'protection' money paid by some small
businesses to the mafia in order to be able to operate without being 'hassled'
... Of course, it's just subjective image that popped into mind as I read
this.

------
AdmiralAsshat
>"It was those kinds of hackers who Alexander, when he was running the NSA,
said were responsible for "the greatest transfer of wealth in American
history" because they were routinely stealing trade secrets and competitive
information from U.S. companies and giving it to their competitors, often in
China."

Oh, and here I thought the greatest transfer of wealth in American history was
the massive rise in disparity over the last thirty years between the nation's
top 0.1% and everyone else.

~~~
ihsw
That's _consolidation_ of wealth -- transfer (in this context) implies it
leaves sphere of American influence.

~~~
rhizome
No, the analogy holds. One is across national borders, the other across
economic strata. Here is an article from Forbes describing welfare as wealth
transfer:

[http://www.forbes.com/sites/greatspeculations/2011/07/15/mak...](http://www.forbes.com/sites/greatspeculations/2011/07/15/makers-
takers-and-wealth-transfer-in-the-modern-welfare-state/)

------
kabdib
Buy security from a company run by someone who lied to Congress? Um... yeah.

~~~
samstave
Looking forward to the terrorist hacker false flag that will scare banks into
paying this racket.

------
pasbesoin
Ok, I didn't read it. But I am of the strong opinion that what is for sale is
political expertise and connections, not any particular technical expertise.

Perhaps toss in some particular narrow-band legal and program (as a human
endeavor, not a technical skill) knowledge.

Most "revolving door" activity in DC centers around these areas of expertise
and influence (politics, connections, legalese), as far as I have observed
from my distant perch.

------
TheMagicHorsey
Whenever a company starts off by talking about patents, I suspect they are
going to claim some trivial shit and troll everyone.

------
gcb4
i just read several paragraphs of absolutely nothing.

really. how this person considers himself a journalist? or even a blogger?

the central argument appears to be patents, yet not even the titles are
mentioned.

------
nanomage
I can't wait for the patent paperwork to come out. I see it just showing up in
open-source security distros.

------
droopybuns
$600k-$1m a month apparently gets you a cyber security company with no
website.

~~~
nodata
It's very secure.

~~~
easytiger
They will fax you the details.

~~~
contingencies
[http://goo.gl/GZ4P8m](http://goo.gl/GZ4P8m)

------
MisterWebz
I'm sure he'd charge them even more if it weren't for Snowden devaluing some
of the information he knows.

~~~
easytiger
Without Snowden no one would take him seriously Id venture to say.

