We are entering unchartered territory when it comes to surveillance because of information broadcast from our smartphones even when they're off. Right now, it's the NSA collecting this data, but as computing power gets ever cheaper, it could be your local police or even the store you just entered.
If the NSA can break internet encryption, chances are so can someone else
Another day, another NSA revelation courtesy of our favorite whistleblower, Edward Snowden. This one suggests that no internet encryption method is safe, that some technology companies that created these security protocols have actually worked with the agency to provide "back doors" into these encryption schemes. Virtual private networks (VPNs), which companies use to give employees secure remote access to their internal networks, are among the encryption schemes that the NSA has reportedly been working on breaking.
Wonderful. At this point every CIO in America must be wondering what he or she has to do provide secure communications, because in the face of these revelations it seems close to impossible.
What's really concerning: If the NSA has a backdoor, some other organization -- whether organized crime, a well-funded rival, or another country looking for an edge for its industry -- might have the ability to take advantage of these exploits as well.
That's the problem with the NSA's approach. Ostensibly, they are there to protect the security of the US, but in the name of securing us, they have made our ability to conduct business far less secure. The flaw in building a way around any security protocol is that no matter how altruistic those reasons may be, once there is a flaw, anyone can exploit it.
That means you have zero chance of protecting your most secret communications, whether that's your next product release, a merger or acquisition, a layoff, a key hire, or anything else. There's a good chance somebody can break the security protocol you've used to protect those communications and someone with nefarious goals can exploit that information to make money, embarrass you, gain a competitive advantage, or whatever else.
It's gotten me thinking that perhaps, Woodward and Bernstein had it right when they met their primary Watergate source "Deep Throat" in the corners of dark parking garages. When I pointed this out to some journalist friends recently, one pointed out that today, someone armed with an infrared camera and a distance mike could record the conversation.
In reality, there is no longer any secure way to send your communications. As a journalist this is particularly frightening. Cultivating secret sources becomes a huge challenge when your communications channels are being monitored by the government.
So what can you do besides throwing up your hands in frustration and disgust? Security guru Bruce Schneier writing in The Guardian outlined some ways you could possibly protect your company from NSA snooping, including turning to open-source encryption software, which is less likely to have back doors. None of the methods described in the article are foolproof. They are more meant to give you a fighting chance to stay off the snoops' radar.
Another idea, not mentioned in that article, is to lobby the government to stop spying on its citizens. This is not only a civil liberties argument -- it's also an economic imperative.
You could argue that most businesses have nothing to worry about, and in truth they probably don't, but if the government can pressure the technology companies to help them with their backdoor schemes, your company might be next -- for whatever reason. That would seem worth a call to your government officials for a chat. Heck, they'll be listening anyway.
It turns out that most IT departments no longer want to buy, install, and run software on their own servers, and the ancillary benefits of the cloud -- like easier mobile access for workforces that combine full-time employees and contractors -- seal the deal.
Adding to a string of announcements aimed at making its service more appealing to businesses, Dropbox this morning said that Dell will start selling the service to its customers.
The battle over which platform delivers the best location and context services to mobile users is already underway with Google in the lead, but Apple's purchase of mapping startups and social analytics firm Topsy, combined with its Bluetooth-based iBeacons could give Apple a strong chance.
Box is experiencing some good times these days with new features, new funding and a high profile CEO, but Box has to be careful as it grows to say true to its root and not fall into the trap becoming just another enterprise software company.