After reading this very well written article on how to protect yourself against government (and other malicious parties’) evesdropping on your electronic communications, it struck me that it’s amazing how the world has changed in the past 30 years when it comes to these things:
when I started programming computers some 30 years ago, computer “viruses” did in fact exist, but they were not known to anyone outside of the computer labs of those days, and their purpose was not to be “malware”, instead, these ancient seminal viruses were a programming technique for expoiting the von Neumann architecture and particularly the limited amount of memory and processing power available in the machines of those days. Thus basically, these seminal viruses were a smart programming trick to overcome the very limited resources available in the computers of those days, and they did not impact anything or anyone outside of that particular computer lab. Today, this type of computer “viruses” might be called “genetic algorithms”, i.e. self modifying programs.
The real outburst of “malware” did not occur until the general public got to use the internet, sometimes in the early 90-ies: public access to the internet, particularly when combined with the dominance of the Windows operating system. For sure, there had been well known malware attacks before that, e.g. those by Kevin Mitnick, but to a large extent, the general public was not the target of any attacks until the proliferation of internet access, Windows OS, and particularly, the WWW in the mid-90ies.
With general public access to the Internet and the WWW, things changed quickly: “hackers” became (in)famous, and companies developing anti-virus-programs became rich. People eventually got used to that some level of care had to be taken when “clicking” all those links now available on the web, lots of users found their personal computers becoming sluggish over time, and crashing frequently.
Some of these problems were caused by bad programming in otherwise benign applications, but some of them were caused by malware of various types having found their way into your computer.
Until recently, most people had reason to believe that the source of this malware was evil teenage “hackers” in basements just enjoying themselves by making your computing experince miserable, thereby making themselves a name in the “dark hacking” circles. An other source of malware attacks was from people with criminal intentions, i.e. those who are looking for e.g. your credit card info, your bank account numbers etc, all in an attempt to make a financial gain by stealing your money.
But recently, as been revealed in the NSA-debacle, the vast majority of “malware” in our global interconnected world of computers and telecommunications seems to be coming not from teenage hackers looking for fame, nor from criminals looking for your creditcard number, but from government officials attempting to monitor your entire life, by evesdropping into all your communications, your private and personal matters, your social networks, your thoughts, opinions and relationships. No longer is the world of malware dominated by misfit individuals with a desire to make themselves a name or a buck, but by government agencies and commercial companies, running in a tight leash, blindly obeying the orders of their Masters (who are these masters, btw…?)
Before, at least I felt that I could trust government as well as well established commercial companies a lot more than I would trust an anonymous website offering me some cool application just by clicking an obscure link, but now, after Snowden’s revelations about the massive government surveillance of anything and everything, I’m not so sure anymore….
On the business side, the damage to future business for all Western companies, particularly in Telecom and Computing, will be massive. Who will be able to trust any ISP’s such as Facebook, Google or Yahoo, who will be able to trust telecom operators such as ATT, Vodaphone or Verizon, who will be able to trust computer companies like Microsoft, IBM, Cisco, Apple, HP, … ? Who will trust any Cloud provider…?
As an example: yesterday Apple launched the new iPhone 5s, which includes fingerprint technology. Would you trust Apple’s statements that the scanned fingerprint will not leave your phone, that it will not be transmitted to the Cloud…?
I don’t. Since the US government can enforce all US-based companies to comply with their demands on access to any data, I don’t see how Apple (or anyone else) could resist when the request for customer fingerprint data comes, and trust me, it will come (if it hasn’t already come!) as soon as iPhone 5s hits the stores. If you don’t believe me, have a look at this.