Musings about PRISM and the Like, or an Appeal to Reasoning
Spying and Distrust are not new, Full Stop.
We are old enough to have witnessed many large spying programs in “real time”, starting in the 90ies and continuing until now. Everybody spies on everybody else, everybody tries to use every resource available to gain any kind of intelligence useful for the very own benefit. Alliances, treaties and promises (or vows if you take it more seriously) only have secondary value when it’s about the own advantage. This is true for most aspects of our life, be it private, business or international political affairs.
Spouses (sometimes) distrust each other. Business partners (sometimes) negotiate with most detailed contracts to leave as little room as possible to deviate from the expectations, trusting in legal frameworks, lawyers and neutral judges to enforce the expectations. In international affairs (sometimes) we can observe the broadest range of negotiations, interpretations, contracts, agreements etc., and still everybody likes to know if the other side is lying, keeping things to themselves or simply tries to fleece one.
How about Evolution, Theory of Games and Sociology?
We do see a little resemblance to evolution theory, theory of games and sociology. Two names pop up in my mind: Richard Dawkins (The Selfish Gene) and John Maynard Smith (Evolution and the Theory of Games) but there are many more publications and scientists in these fields. While not being scholars in these topics, we understood some of the most important concepts:
- Systems which have the capability to pass information or strategies to the following generations and allow for changes (mutations) will evolve to maximize their own benefit (Evolution Theory).
- Systems or individuals interacting with each other in an environment of limited resources have to find a balance to ensure that everyone can survive. The altruistic-tit-for-tat strategy works out best in most cases. Choosing other strategies will in most cases cause heavy impairments to everything (Game Theory).
- The individual -or phenotype- is influenced by the genotype and environment. One individual (person, system, society etc.) with all its capabilities and possibilities will evolve different under other circumstances, regardless of the starting conditions. Life is simply not fair (Sociology).
Please understand that nothing is personal, it all boils down to mathematics. Politics is applied sociology, sociology is applied bio-chemistry, bio-chemistry is applied chemistry, chemistry is applied mathematics (we stole this concept shamelessly from xkcd.com).
How do we handle this?
We believe that the most important thing to understand is the theory and the mechanics behind a situation, and find a way to make the best out of it. That’s what the current hacker cultures are about: understand how everything works, think about it for a while and make something out of it which is cool, which fullfills its purpose and is for the benefit of all (maybe allow for a little slant into your own direction without affecting others too much because that could affect you in turn). This is the main driving force of most of the people we’ve met in the last seven years of DeepSec and the last 20 years of our infosec career, regardless of affiliation, background, nationality, gender, race or anything else which can be used to distinguish individuals. Just two examples: We don’t believe that Microsoft, which is named on the published PRISM partner list, is an organization which is through and through evil, it can’t be. The risk is too high for Microsoft to lose its customer base. Additionally hiring a researcher like George Danezis, a highly reputed privacy researcher, speaks another language. Same for Google, who hired Morgan Marquises Boire, a well known activist in the privacy scene.
Terre brûlée is so 1900
We don’t see any argument now to burn down bridges, break alliances or call for war or revolution. Bloodshed, revolution and so on is not necessary in a society which claims to be humanistic and enlightened. We should know better now. If we understand what is going on and how to protect ourselves and understand the demands of others and respect them, then we need not go war again, neither kinetically nor in cyber space (gosh, we wrote „cyber space“; Cyber cyber cyber…)
Influence on DeepSec and DeepINTEL
We are neutral, we stick to our principles: If a topic is interesting and important we will consider a submission for our conferences. We will not lock out individuals or organizations from submitting a talk or attending our conferences and we hope, that potential visitors share our stance and posture. Let’s create neutral ground where we can freely talk about ideas and points of view. We want to encourage individuals, organizations and countries to meet and exchange, to improve overall security and trust.
Lynx and MiKa.