Hacker News new | past | comments | ask | show | jobs | submit login

Honestly, it seems like the only way the US could get credibility on this "front" is to create an open, well-funded agency whose only purpose would be to enhance world Internet security. Give it a mandate to be entirely separate from any would-be signal intelligence exploiters and let it loose. Yes, I'm sure something akin to this exists but if this had 10% of the US intelligence budget, it would be an eye-opener.

Prior to the NSA leak, "cyber warfare" was quite the buzzword. China, Iran, and other countries threatened the all US infrastructure from abroad. There was even debate as to if a foreign "cyber attack" could justify an armed military strike. The solution allegedly was the US government spending all kinds of money on these "cyber defenses."

Snowden's leak suddenly left people wondering if the United States itself posed the greatest threat to the US's own "cyber security." There is little doubt that the revelations did severe and lasting damage to US companies who want foreign customers.

Today the problems are, someone might have been able to access your Yahoo mail in the past two years. As computing and bandwidth expands and blends in to the background, future exploits will be things like, every moment, visual and audio, of the past two years of your life, was recorded and is available to playback in full detail. For better or worse, of course the government will get heavily involved.

The Snowden leak told no one who was capable of any amount of critical thinking anything they didn't already realize.

It was base-level obvious that the US, EU and every other nation had cyber-warfare programs because there was no technical reason they couldn't, and the risks were the same as they were to China and others: its an invisible, zero-casualty engagement, indistinguishable from the actions of lone individuals or groups.

Moreover, it should always have been apparent that things inside the US could be arbitrarily subjected to search and seizure. This is not a problem companies are unfamiliar with - mining companies are big on sovereign risk, but moreover, it's not like Microsoft stores it's technical data on Google cloud services for exactly the same reasons.

The most surprising thing which has been disclosed nowhere by the Snowden leaks is any evidence of the NSA passing stolen technical schematics or plans off to US companies for competitive advantage. I'm sure a lot of people will insist this totally happened, but no one has come up with hard evidence that it has.

I note that Department of Homeland Security funded Coverity Scan service for 3 years to find bugs in open source software using static analysis, resulting in more than 6000 bugs fixed.

(Coverity Scan contract expired in 2009, but Coverify found out finding bugs in open source software is a great marketing campaign anyway, and continued the service.)

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact