To supplement and amend what I said: These are the KINDS of things we want the NSA to do; however, the institutional oversight necessary to make sure it's Constitutional, warranted, and kept "in bounds" is woefully lacking (if any exists at all). Even FISA is unsatisfactory.
At any rate, I agree that the current disposition of the NSA (or, at least, what's been leaking the last few months) is simply unacceptable and cannot be allowed. I say that last part from the perspective of a US citizen, though I'd imagine most people of other nationalities would agree with me, but probably for different reasons. On Mon, Dec 30, 2013 at 11:08 PM, Jimmy Hess <mysi...@gmail.com> wrote: > On Mon, Dec 30, 2013 at 10:41 PM, Blair Trosper > <blair.tros...@gmail.com>wrote: > >> I'm torn on this. On one hand, it seems sinister. On the other, it's not >> only what the NSA is tasked with doing, but it's what you'd EXPECT them to >> be doing in the role as the NSA. >> > [snip] > > The NSA's role is not supposed to include subterfuge and undermining the > integrity or security of domestic enterprise infrastructure > > With any luck, we'll hopefully find absolutely nothing, or that it was > "targetted" backdooring against specific targets only. > > And people have a need to know that the security agencies haven't left a > trail of artificially inserted bugs and backdoors in common IT equipment > providing critical infrastructures services, and that the agencies haven't > prepared a collection of instant-root 0days, that are no more protected > then the agencies' other poorly guarded "secrets". > > There would be a risk that any 'backdoors' are ready to be exploited by > other unintended nefarious actors! > Because the NSA are apparently great at prepping the flammables and > setting fires, but totally incapable of keeping the fires contained, > once they (or someone else) lights it. > > > It is not the least bit necessary for the NSA itself to be a nefarious > actor exploiting things or even complicit; for the mere presence of any > backdoor or surreptitious code to eventually have the potential for serious > damage. > > It could well be a rogue ex-employee of the NSA, such as Snowden, or > others, that happened to be aware of technical details, hackers, or > members of a foreign nation state, who will just happen to have the time > and energy to track down open doors waiting for the taking, AND figure > out how to abuse them for evil purposes. > > > There are enough potential 0day risks, without intentional ones, waiting > for bad guys to co-opt! > > -- > -JH >