Halvar Flake gave a thought-provoking keynote
at SOURCE Dublin this year. His premise is thus: in the past, shipping by sea was woefully insecure. Nations decided to create formal navies, recognizing that safe shipping was good for commerce.
Cue analogies to the new NSA Data Center in Utah, as well as projects like Perfect Citizen
. Of course all physical analogies break down a bit once the term 'cyber' rears its ugly head, but in a way this all makes sense. Sure, utilities, banks, and other 'critical infrastructure' can never be physically moved to a handful of highly secure ports, but logically perhaps they could be.
If we take the thought exercise to its conclusion it starts to get a bit
scary, of course: in order for .gov to monitor our virtual 'shipping
lanes,' they need to first be able to decrypt our VPN traffic on (as
well as SSL, etc) either on-the-fly or on-demand as their storage fills
up in order to detect quite a lot of exploitation. Another downside is
that, assuming the Utah Datacenter represents Flake's New Navy, then it
isn't very much of a show-of-force. In order for a Navy to be effective
as a deterrent, it has to be seen. Covert surveillance hardly fits the
Still a very interesting talk...one that has me wondering if I didn't make a mistake going from .GOV hacker to privateer.