Avoid Stupidity

I’ve always wondered why we need warning labels such as:

“Do not shower with toaster”
“Do not hold wrong end of chain saw”
“Product may contain eggs (on a box of eggs)”
“Do not put people in washer (on a washing machine)”
“Safety goggles recommended (on an envelope opener)”
“Do not iron clothes on body”,

And one of my personal favourites on a Superman costume: “Costume does not enable flight nor increase strength”

But then, I look at some of our current World leaders and completely understand why.

What a time to be alive!

“If you want to keep a secret, you must also hide it from yourself.” (and your TV, your microwave, and quite possibly your car)

This week Wikileaks released the largest ever collection of intelligence documents reported to be leaked directly from the CIA. Documents that reveal information about the tools and procedures used by the CIA.

According to Wikileaks, its source didn’t do this to highlight concerns in relation to invasion of privacy but wanted a public debate on whether the CIA’s hacking and cyber surveillance capabilities have exceeded the or mandated powers. (In short, has the CIA gone too far?)

The first thing that stood out about these leaks was where they physically came from. Not so much the CIA but the type of network it originated from. These documents weren’t downloaded over the internet, someone didn’t brute force their way into a network. They were taken directly from an “isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virginia.”

In my career (my real job, not my writing) I’ve had the chance to work on a lot of high-end server environments and air-gapped networks. Networks and computers that have never touched the internet. Computers and networks that are isolated whether it be for maintaining the security of intellectual property, for testing code, or for research and development purposes. These types of environments are usually set-up behind multiple layers of both physical and biometric security, the physical devices storing information cannot physically be touched, you can’t run executables on the operating system, you can’t communicate with any WiFi or Bluetooth devices and you can’t print from them. You basically have a secured keyboard and mouse and a screen. That’s it.

I can only imagine the type of biometrics in use by the CIA n the dark basement levels of Langley. I dare say they wouldn’t be standard industry biometrics. We’d be talking military grade, top secret, cutting edge biometrics on multiple layers. Well, I would like to think that places like the CIA and NSA have more security than my house.

So this begs the question. How did the information get out? Undoubtedly there are probably a few very tired security personnel combing through hundreds of hours of security footage whilst cyber security specialists look through thousands of lines of code and log files trying to find out the answer to that question. I suspect that we, the public, will never know and I’m kinda OK with that.

The second thing that stood out is how cool CIA project and codenames have become. Weeping Angel, Fine Dining, RoidRage, and Magical Mutt just to name a few. My last few projects were Emerald and Phoenix… boring!

Now I’m not going to talk about the who, the why or the how too much. I’m sure all these questions will make for a great movie one day much like ‘Snowden’.

The questions I want to ask is: Why is everyone surprised and Why do we care?

I’m a pretty normal, every-day, law-abiding citizen. I work, I pay my mortgage, I pay my taxes and all my bills, and I try my hardest not to break the law.

I have nothing to hide.

So this begs my question: Why do we care that the CIA has these advanced surveillance capabilities and why are we surprised?

These tools and techniques and surveillance programs weren’t created for me and you. The CIA and NSA doesn’t care about every day people, they don’t want to turn your television into a microphone and listen to you talk about how boring your day was or what you’re going to cook for dinner tomorrow night.

They aren’t going to hack into your phone and read your messages, or listen to your calls and they don’t care what you do on Facebook.

You know why? Because these tools and techniques were made to protect people like me and you. Protect us from the people who want to cause us harm, people who want to disrupt our government and our way of life.

One of the reasons the CIA was created was to consolidate and coordinate intelligence efforts after the bombing of Pearl Harbour.

We shouldn’t be surprised about all the fancy tools they’ve built, and all the new ways they have created to spy on people over the years.

The mission of the CIA, as written on their website, is: “Preempt threats and further US national security objectives by collecting intelligence that matters, producing objective all-source analysis, conducting effective covert action as directed by the President, and safeguarding the secrets that help keep our Nation safe.”

“Preempt threats and further US national security objectives by collecting intelligence that matters, producing objective all-source analysis, conducting effective covert action as directed by the President, and safeguarding the secrets that help keep our Nation safe.”

After 9/11, the CIA was criticised for not doing enough to stop the terrorist attacks. Since then their workforce and budget has doubled.

The only way you can stop attacks is by proactively gathering intelligence and the only way you can do that is by being smarter than your enemy, and by exploiting the every day technology that they use.

Today the CIA’s budget is roughly $14.7 billion. What did you think they’re were doing with that money?

I look at it this way, if you are being spied on by our government or one of their intelligence agencies there is probably a pretty good reason for it.

So, if you don’t want them to Weeping Angel the shit out of your television, don’t be – in the words of Donald Trump – a bad hombre.

It’s also worth noting that whilst the CIA and NSA are undoubtedly, and aggressively, gathering and analysing all communications such as mobiles, facebook, landlines etc. (here’s a hot tip – whilst the majority of people at Pine Gap are employed as ‘Landscapers’, they aren’t sitting around playing with plants) they need probable cause, actionable evidence, and all surveillance needs to be signed off by the associated departments (FISA courts, DoJ etc). It’s not a simple process to simply start surveilling someone.

Surveillance is a necessity in this day and age. Does it get abused? Yes. Is there a risk that someone can access information illegally and misuse that information for personal gain? Absolutely.

In the words of Edward Snowden:

“No system of mass surveillance has existed in any society that we know of to this point that has not been abused.”

I think we need to look at this very simply. Yes, the intelligence community have built a system of mass surveillance whereby they have the ability to exploit common household and personal devices. Yes, they collect information about everyone all around the world. Yes, they collect information on innocent people, and they are by no means perfect.

Would you prefer they stop?

In my opinion, if there is a risk of my privacy being invaded in order to keep me safe, I think that’s a pretty good compromise.

Just do what I do… wrap your TV in foil. Problem solved.