Forgotten in all the hubbub about OBL is something the Electronic Frontier Foundation reported a few days ago.
When fixing computers for people, most of what I do is remove spyware, followed numerically by a handful of viruses. The biggest single source of spyware is game downloads followed by social media. Facebook is a primary source of trouble, with several spyware infestations already famously coming from there.
But some of that Facebook spyware could have been planted by the US government. That makes it actual spy-ware.
I seriously doubt my work has interfered with any ongoing investigations. In the past, the anti-malware and anti-virus companies have tended toward not playing well with governments on this issue, but given what I know about my clients, I doubt any of them are much of a threat to anyone, except perhaps themselves. However, given the whole thing turns on the willingness of their investigative targets to do silly things like wasting time on Facebook, I’m confident they have no trouble re-infecting target machines someone accidentally sanitized. I’ve not convinced a single client to get rid of their Facebook account.
There are a couple of interesting things we can take from this, aside from the very plain thrust of the EFF article — that the FBI and others were willing to plant this spyware without proper accountability.
With this and the revelations from the HB Gary fiasco, it shows us there are still numerous security flaws in Windows and off-the-shelf commonly used software. There is a big industry in unreported vulnerabilities, and keeping them unpatched is critical to both government and crime (which is which?). We can’t be sure Microsoft isn’t playing along with this industry by pretending they don’t know about some of the vulnerabilities, and we have no reason to believe them when they deny they granted the NSA a backdoor in Windows 2000, at least, if not every version of Windows before or since then. Do you trust them? I don’t.
But even what is advertised as the most secure popular OS — OpenBSD — is alleged to have had for some time now a back door sponsored by the government. We may never get to the bottom of that one. And should we trust the NSA to be honest about their work in helping secure Linux via SELinux? Can we believe them when they say there is nothing hidden in anything the US government, or others government spook outfits, have not touched, even in the land of Open Source?
When it comes down to it, I don’t trust anything I didn’t create with my own hands, and I don’t trust my own hands that much. It doesn’t matter if you have nothing to hide. At the very least, the first time I raised my right hand and took the oath of enlistment in 1979, whatever privacy I may have once had was long gone. I am fully compromised, lacking only the next new invasion of privacy in the form of mandatory chipping of my body for easy tracking. I keep wondering when the VA medical system will announce they can no longer treat anyone without such a chip, so get it now.
I don’t pretend by running Linux on my laptop I have frustrated any snooping, except by the relatively minor threat from questionable marketing trackers. Even on Windows we can defeat most of that. As far as I am concerned, my privacy was compromised long ago. Whatever it is I hope to do in the future had better not depend on privacy and secrecy of that sort. We find Orwell’s nightmare visions credible because we know people will do some of the awfullest things to each other for the stupidest of reasons. The only limits on government immorality is a lack of creativity. Psychopaths are forced to rely on the pool of talent which gravitates to the suffocating inhumanity of government service. Government is riddled with incredible incompetence, but the real problem is simply how large it is, and how wide the net is cast for relatively silly things it tries to control.
What I was hoping to put before you today, dear reader, is the silliness of the whole thing. The government’s Keystone Cops level of incompetence works because too many people are silly enough to put their lives on Facebook. The two sides of this equation deserve each other. Never mind my mad chatter about Christian Mysticism and being a prophet of God; any secular intelligence can see this is silly on a purely human level. Are we reduced to the point the government efforts at law enforcement are going after the kind of people who suffer such a common grade of vanity? Think about that for a moment. Why do we still call this “civilization”?
